@raishin/vanguard-frontier-agentic 2.2.0 → 2.5.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (765) hide show
  1. package/.claude-plugin/marketplace.json +1 -1
  2. package/.claude-plugin/plugin.json +41 -1
  3. package/.cursor-plugin/plugin.json +41 -1
  4. package/.github/plugin/marketplace.json +1 -1
  5. package/README.md +48 -28
  6. package/agents/dotnet/README.md +57 -0
  7. package/agents/dotnet/dotnet-aspire-cloud-native-review-agent/AGENT.md +57 -0
  8. package/agents/dotnet/dotnet-aspire-cloud-native-review-agent/harnesses/claude-code.agent.md +41 -0
  9. package/agents/dotnet/dotnet-aspire-cloud-native-review-agent/harnesses/codex.toml +40 -0
  10. package/agents/dotnet/dotnet-aspire-cloud-native-review-agent/harnesses/copilot.agent.md +41 -0
  11. package/agents/dotnet/dotnet-aspire-cloud-native-review-agent/harnesses/cursor.agent.md +41 -0
  12. package/agents/dotnet/dotnet-aspire-cloud-native-review-agent/harnesses/gemini.agent.md +41 -0
  13. package/agents/dotnet/dotnet-aspire-cloud-native-review-agent/harnesses/kiro-cli.agent.json +5 -0
  14. package/agents/dotnet/dotnet-aspire-cloud-native-review-agent/harnesses/kiro-ide.agent.md +41 -0
  15. package/agents/dotnet/dotnet-aspire-cloud-native-review-agent/metadata.json +41 -0
  16. package/agents/dotnet/dotnet-aspnetcore-api-review-agent/AGENT.md +56 -0
  17. package/agents/dotnet/dotnet-aspnetcore-api-review-agent/harnesses/claude-code.agent.md +40 -0
  18. package/agents/dotnet/dotnet-aspnetcore-api-review-agent/harnesses/codex.toml +38 -0
  19. package/agents/dotnet/dotnet-aspnetcore-api-review-agent/harnesses/copilot.agent.md +40 -0
  20. package/agents/dotnet/dotnet-aspnetcore-api-review-agent/harnesses/cursor.agent.md +40 -0
  21. package/agents/dotnet/dotnet-aspnetcore-api-review-agent/harnesses/gemini.agent.md +40 -0
  22. package/agents/dotnet/dotnet-aspnetcore-api-review-agent/harnesses/kiro-cli.agent.json +5 -0
  23. package/agents/dotnet/dotnet-aspnetcore-api-review-agent/harnesses/kiro-ide.agent.md +40 -0
  24. package/agents/dotnet/dotnet-aspnetcore-api-review-agent/metadata.json +42 -0
  25. package/agents/dotnet/dotnet-aspnetcore-identity-authz-review-agent/AGENT.md +56 -0
  26. package/agents/dotnet/dotnet-aspnetcore-identity-authz-review-agent/harnesses/claude-code.agent.md +40 -0
  27. package/agents/dotnet/dotnet-aspnetcore-identity-authz-review-agent/harnesses/codex.toml +38 -0
  28. package/agents/dotnet/dotnet-aspnetcore-identity-authz-review-agent/harnesses/copilot.agent.md +40 -0
  29. package/agents/dotnet/dotnet-aspnetcore-identity-authz-review-agent/harnesses/cursor.agent.md +40 -0
  30. package/agents/dotnet/dotnet-aspnetcore-identity-authz-review-agent/harnesses/gemini.agent.md +40 -0
  31. package/agents/dotnet/dotnet-aspnetcore-identity-authz-review-agent/harnesses/kiro-cli.agent.json +5 -0
  32. package/agents/dotnet/dotnet-aspnetcore-identity-authz-review-agent/harnesses/kiro-ide.agent.md +40 -0
  33. package/agents/dotnet/dotnet-aspnetcore-identity-authz-review-agent/metadata.json +42 -0
  34. package/agents/dotnet/dotnet-csharp-runtime-review-agent/AGENT.md +56 -0
  35. package/agents/dotnet/dotnet-csharp-runtime-review-agent/harnesses/claude-code.agent.md +39 -0
  36. package/agents/dotnet/dotnet-csharp-runtime-review-agent/harnesses/codex.toml +39 -0
  37. package/agents/dotnet/dotnet-csharp-runtime-review-agent/harnesses/copilot.agent.md +39 -0
  38. package/agents/dotnet/dotnet-csharp-runtime-review-agent/harnesses/cursor.agent.md +39 -0
  39. package/agents/dotnet/dotnet-csharp-runtime-review-agent/harnesses/gemini.agent.md +39 -0
  40. package/agents/dotnet/dotnet-csharp-runtime-review-agent/harnesses/kiro-cli.agent.json +5 -0
  41. package/agents/dotnet/dotnet-csharp-runtime-review-agent/harnesses/kiro-ide.agent.md +39 -0
  42. package/agents/dotnet/dotnet-csharp-runtime-review-agent/metadata.json +42 -0
  43. package/agents/dotnet/dotnet-efcore-data-access-review-agent/AGENT.md +58 -0
  44. package/agents/dotnet/dotnet-efcore-data-access-review-agent/harnesses/claude-code.agent.md +42 -0
  45. package/agents/dotnet/dotnet-efcore-data-access-review-agent/harnesses/codex.toml +41 -0
  46. package/agents/dotnet/dotnet-efcore-data-access-review-agent/harnesses/copilot.agent.md +42 -0
  47. package/agents/dotnet/dotnet-efcore-data-access-review-agent/harnesses/cursor.agent.md +42 -0
  48. package/agents/dotnet/dotnet-efcore-data-access-review-agent/harnesses/gemini.agent.md +42 -0
  49. package/agents/dotnet/dotnet-efcore-data-access-review-agent/harnesses/kiro-cli.agent.json +5 -0
  50. package/agents/dotnet/dotnet-efcore-data-access-review-agent/harnesses/kiro-ide.agent.md +42 -0
  51. package/agents/dotnet/dotnet-efcore-data-access-review-agent/metadata.json +42 -0
  52. package/agents/dotnet/dotnet-maestro-agent/AGENT.md +53 -0
  53. package/agents/dotnet/dotnet-maestro-agent/harnesses/claude-code.agent.md +36 -0
  54. package/agents/dotnet/dotnet-maestro-agent/harnesses/codex.toml +40 -0
  55. package/agents/dotnet/dotnet-maestro-agent/harnesses/copilot.agent.md +36 -0
  56. package/agents/dotnet/dotnet-maestro-agent/harnesses/cursor.agent.md +36 -0
  57. package/agents/dotnet/dotnet-maestro-agent/harnesses/gemini.agent.md +36 -0
  58. package/agents/dotnet/dotnet-maestro-agent/harnesses/kiro-cli.agent.json +5 -0
  59. package/agents/dotnet/dotnet-maestro-agent/harnesses/kiro-ide.agent.md +36 -0
  60. package/agents/dotnet/dotnet-maestro-agent/metadata.json +40 -0
  61. package/agents/dotnet/dotnet-observability-otel-review-agent/AGENT.md +57 -0
  62. package/agents/dotnet/dotnet-observability-otel-review-agent/harnesses/claude-code.agent.md +41 -0
  63. package/agents/dotnet/dotnet-observability-otel-review-agent/harnesses/codex.toml +40 -0
  64. package/agents/dotnet/dotnet-observability-otel-review-agent/harnesses/copilot.agent.md +41 -0
  65. package/agents/dotnet/dotnet-observability-otel-review-agent/harnesses/cursor.agent.md +41 -0
  66. package/agents/dotnet/dotnet-observability-otel-review-agent/harnesses/gemini.agent.md +41 -0
  67. package/agents/dotnet/dotnet-observability-otel-review-agent/harnesses/kiro-cli.agent.json +5 -0
  68. package/agents/dotnet/dotnet-observability-otel-review-agent/harnesses/kiro-ide.agent.md +41 -0
  69. package/agents/dotnet/dotnet-observability-otel-review-agent/metadata.json +41 -0
  70. package/agents/dotnet/dotnet-performance-aot-review-agent/AGENT.md +56 -0
  71. package/agents/dotnet/dotnet-performance-aot-review-agent/harnesses/claude-code.agent.md +40 -0
  72. package/agents/dotnet/dotnet-performance-aot-review-agent/harnesses/codex.toml +39 -0
  73. package/agents/dotnet/dotnet-performance-aot-review-agent/harnesses/copilot.agent.md +40 -0
  74. package/agents/dotnet/dotnet-performance-aot-review-agent/harnesses/cursor.agent.md +40 -0
  75. package/agents/dotnet/dotnet-performance-aot-review-agent/harnesses/gemini.agent.md +40 -0
  76. package/agents/dotnet/dotnet-performance-aot-review-agent/harnesses/kiro-cli.agent.json +5 -0
  77. package/agents/dotnet/dotnet-performance-aot-review-agent/harnesses/kiro-ide.agent.md +40 -0
  78. package/agents/dotnet/dotnet-performance-aot-review-agent/metadata.json +41 -0
  79. package/agents/dotnet/dotnet-supply-chain-review-agent/AGENT.md +57 -0
  80. package/agents/dotnet/dotnet-supply-chain-review-agent/harnesses/claude-code.agent.md +41 -0
  81. package/agents/dotnet/dotnet-supply-chain-review-agent/harnesses/codex.toml +40 -0
  82. package/agents/dotnet/dotnet-supply-chain-review-agent/harnesses/copilot.agent.md +41 -0
  83. package/agents/dotnet/dotnet-supply-chain-review-agent/harnesses/cursor.agent.md +41 -0
  84. package/agents/dotnet/dotnet-supply-chain-review-agent/harnesses/gemini.agent.md +41 -0
  85. package/agents/dotnet/dotnet-supply-chain-review-agent/harnesses/kiro-cli.agent.json +5 -0
  86. package/agents/dotnet/dotnet-supply-chain-review-agent/harnesses/kiro-ide.agent.md +41 -0
  87. package/agents/dotnet/dotnet-supply-chain-review-agent/metadata.json +42 -0
  88. package/agents/dotnet/dotnet-testing-quality-review-agent/AGENT.md +56 -0
  89. package/agents/dotnet/dotnet-testing-quality-review-agent/harnesses/claude-code.agent.md +40 -0
  90. package/agents/dotnet/dotnet-testing-quality-review-agent/harnesses/codex.toml +39 -0
  91. package/agents/dotnet/dotnet-testing-quality-review-agent/harnesses/copilot.agent.md +40 -0
  92. package/agents/dotnet/dotnet-testing-quality-review-agent/harnesses/cursor.agent.md +40 -0
  93. package/agents/dotnet/dotnet-testing-quality-review-agent/harnesses/gemini.agent.md +40 -0
  94. package/agents/dotnet/dotnet-testing-quality-review-agent/harnesses/kiro-cli.agent.json +5 -0
  95. package/agents/dotnet/dotnet-testing-quality-review-agent/harnesses/kiro-ide.agent.md +40 -0
  96. package/agents/dotnet/dotnet-testing-quality-review-agent/metadata.json +41 -0
  97. package/agents/hetzner/README.md +1 -1
  98. package/agents/hr/hr-analytics-people-data-agent/metadata.json +3 -7
  99. package/agents/hr/hr-benefits-payroll-agent/metadata.json +3 -7
  100. package/agents/hr/hr-compensation-equity-agent/metadata.json +3 -7
  101. package/agents/hr/hr-culture-dei-agent/metadata.json +3 -7
  102. package/agents/hr/hr-employee-relations-agent/metadata.json +3 -7
  103. package/agents/hr/hr-hris-process-controls-agent/metadata.json +3 -7
  104. package/agents/hr/hr-learning-policy-agent/metadata.json +3 -7
  105. package/agents/hr/hr-leave-accommodation-agent/metadata.json +3 -7
  106. package/agents/hr/hr-maestro-agent/metadata.json +4 -8
  107. package/agents/hr/hr-performance-management-agent/metadata.json +3 -7
  108. package/agents/hr/hr-recruiting-selection-agent/metadata.json +3 -7
  109. package/agents/hr/hr-risk-triage-review-agent/metadata.json +3 -3
  110. package/agents/hr/hr-termination-readiness-agent/metadata.json +3 -7
  111. package/agents/hr/hr-workforce-planning-rif-agent/metadata.json +3 -7
  112. package/agents/hr/hr-workplace-investigations-agent/metadata.json +3 -7
  113. package/agents/legal/legal-contract-review-agent/metadata.json +3 -7
  114. package/agents/legal/legal-counsel-review-agent/metadata.json +3 -3
  115. package/agents/legal/legal-employment-law-risk-agent/metadata.json +4 -8
  116. package/agents/legal/legal-ethics-investigations-agent/metadata.json +3 -7
  117. package/agents/legal/legal-ip-open-source-agent/metadata.json +3 -7
  118. package/agents/legal/legal-knowledge-management-agent/metadata.json +3 -7
  119. package/agents/legal/legal-litigation-discovery-hold-agent/metadata.json +3 -7
  120. package/agents/legal/legal-maestro-agent/metadata.json +4 -8
  121. package/agents/legal/legal-policy-governance-agent/metadata.json +3 -7
  122. package/agents/legal/legal-privacy-data-protection-agent/metadata.json +3 -7
  123. package/agents/legal/legal-public-disclosure-agent/metadata.json +3 -7
  124. package/agents/legal/legal-regulatory-compliance-agent/metadata.json +3 -7
  125. package/agents/legal/legal-vendor-procurement-risk-agent/metadata.json +3 -7
  126. package/agents/oci/oci-devops-container-platform-engineer-agent/AGENT.md +1 -1
  127. package/agents/oci/oci-exadata-platform-architect-agent/AGENT.md +1 -1
  128. package/agents/oci/oci-multi-cloud-architect-agent/AGENT.md +1 -1
  129. package/agents/prometheus/README.md +1 -1
  130. package/agents/qa/playwright-e2e-suite-review-agent/AGENT.md +3 -3
  131. package/agents/qa/playwright-e2e-suite-review-agent/harnesses/claude-code.agent.md +3 -3
  132. package/agents/qa/playwright-e2e-suite-review-agent/harnesses/copilot.agent.md +3 -3
  133. package/agents/qa/playwright-e2e-suite-review-agent/harnesses/cursor.agent.md +3 -3
  134. package/agents/qa/playwright-e2e-suite-review-agent/harnesses/gemini.agent.md +3 -3
  135. package/agents/qa/playwright-e2e-suite-review-agent/harnesses/kiro-ide.agent.md +3 -3
  136. package/agents/salesforce/AGENTS.md +31 -0
  137. package/agents/salesforce/README.md +135 -0
  138. package/agents/salesforce/salesforce-adaptive-access-agent/AGENT.md +117 -0
  139. package/agents/salesforce/salesforce-adaptive-access-agent/LEAST-PRIVILEGES.md +91 -0
  140. package/agents/salesforce/salesforce-adaptive-access-agent/harnesses/claude-code.agent.md +69 -0
  141. package/agents/salesforce/salesforce-adaptive-access-agent/harnesses/codex.toml +30 -0
  142. package/agents/salesforce/salesforce-adaptive-access-agent/harnesses/copilot.agent.md +69 -0
  143. package/agents/salesforce/salesforce-adaptive-access-agent/harnesses/cursor.agent.md +69 -0
  144. package/agents/salesforce/salesforce-adaptive-access-agent/harnesses/gemini.agent.md +69 -0
  145. package/agents/salesforce/salesforce-adaptive-access-agent/harnesses/kiro-cli.agent.json +5 -0
  146. package/agents/salesforce/salesforce-adaptive-access-agent/harnesses/kiro-ide.agent.md +69 -0
  147. package/agents/salesforce/salesforce-adaptive-access-agent/metadata.json +30 -0
  148. package/agents/salesforce/salesforce-agentforce-ai-agent/AGENT.md +126 -0
  149. package/agents/salesforce/salesforce-agentforce-ai-agent/LEAST-PRIVILEGES.md +92 -0
  150. package/agents/salesforce/salesforce-agentforce-ai-agent/harnesses/claude-code.agent.md +81 -0
  151. package/agents/salesforce/salesforce-agentforce-ai-agent/harnesses/codex.toml +36 -0
  152. package/agents/salesforce/salesforce-agentforce-ai-agent/harnesses/copilot.agent.md +81 -0
  153. package/agents/salesforce/salesforce-agentforce-ai-agent/harnesses/cursor.agent.md +81 -0
  154. package/agents/salesforce/salesforce-agentforce-ai-agent/harnesses/gemini.agent.md +81 -0
  155. package/agents/salesforce/salesforce-agentforce-ai-agent/harnesses/kiro-cli.agent.json +5 -0
  156. package/agents/salesforce/salesforce-agentforce-ai-agent/harnesses/kiro-ide.agent.md +49 -0
  157. package/agents/salesforce/salesforce-agentforce-ai-agent/metadata.json +41 -0
  158. package/agents/salesforce/salesforce-analytics-tableau-agent/AGENT.md +119 -0
  159. package/agents/salesforce/salesforce-analytics-tableau-agent/LEAST-PRIVILEGES.md +81 -0
  160. package/agents/salesforce/salesforce-analytics-tableau-agent/harnesses/claude-code.agent.md +75 -0
  161. package/agents/salesforce/salesforce-analytics-tableau-agent/harnesses/codex.toml +35 -0
  162. package/agents/salesforce/salesforce-analytics-tableau-agent/harnesses/copilot.agent.md +75 -0
  163. package/agents/salesforce/salesforce-analytics-tableau-agent/harnesses/cursor.agent.md +75 -0
  164. package/agents/salesforce/salesforce-analytics-tableau-agent/harnesses/gemini.agent.md +75 -0
  165. package/agents/salesforce/salesforce-analytics-tableau-agent/harnesses/kiro-cli.agent.json +5 -0
  166. package/agents/salesforce/salesforce-analytics-tableau-agent/harnesses/kiro-ide.agent.md +45 -0
  167. package/agents/salesforce/salesforce-analytics-tableau-agent/metadata.json +41 -0
  168. package/agents/salesforce/salesforce-app-builder-automation-agent/AGENT.md +112 -0
  169. package/agents/salesforce/salesforce-app-builder-automation-agent/LEAST-PRIVILEGES.md +86 -0
  170. package/agents/salesforce/salesforce-app-builder-automation-agent/harnesses/claude-code.agent.md +50 -0
  171. package/agents/salesforce/salesforce-app-builder-automation-agent/harnesses/codex.toml +35 -0
  172. package/agents/salesforce/salesforce-app-builder-automation-agent/harnesses/copilot.agent.md +50 -0
  173. package/agents/salesforce/salesforce-app-builder-automation-agent/harnesses/cursor.agent.md +50 -0
  174. package/agents/salesforce/salesforce-app-builder-automation-agent/harnesses/gemini.agent.md +50 -0
  175. package/agents/salesforce/salesforce-app-builder-automation-agent/harnesses/kiro-cli.agent.json +5 -0
  176. package/agents/salesforce/salesforce-app-builder-automation-agent/harnesses/kiro-ide.agent.md +50 -0
  177. package/agents/salesforce/salesforce-app-builder-automation-agent/metadata.json +40 -0
  178. package/agents/salesforce/salesforce-business-analyst-agent/AGENT.md +110 -0
  179. package/agents/salesforce/salesforce-business-analyst-agent/LEAST-PRIVILEGES.md +89 -0
  180. package/agents/salesforce/salesforce-business-analyst-agent/harnesses/claude-code.agent.md +48 -0
  181. package/agents/salesforce/salesforce-business-analyst-agent/harnesses/codex.toml +35 -0
  182. package/agents/salesforce/salesforce-business-analyst-agent/harnesses/copilot.agent.md +48 -0
  183. package/agents/salesforce/salesforce-business-analyst-agent/harnesses/cursor.agent.md +48 -0
  184. package/agents/salesforce/salesforce-business-analyst-agent/harnesses/gemini.agent.md +48 -0
  185. package/agents/salesforce/salesforce-business-analyst-agent/harnesses/kiro-cli.agent.json +5 -0
  186. package/agents/salesforce/salesforce-business-analyst-agent/harnesses/kiro-ide.agent.md +48 -0
  187. package/agents/salesforce/salesforce-business-analyst-agent/metadata.json +40 -0
  188. package/agents/salesforce/salesforce-certificate-lifecycle-agent/AGENT.md +112 -0
  189. package/agents/salesforce/salesforce-certificate-lifecycle-agent/LEAST-PRIVILEGES.md +81 -0
  190. package/agents/salesforce/salesforce-certificate-lifecycle-agent/harnesses/claude-code.agent.md +66 -0
  191. package/agents/salesforce/salesforce-certificate-lifecycle-agent/harnesses/codex.toml +30 -0
  192. package/agents/salesforce/salesforce-certificate-lifecycle-agent/harnesses/copilot.agent.md +66 -0
  193. package/agents/salesforce/salesforce-certificate-lifecycle-agent/harnesses/cursor.agent.md +66 -0
  194. package/agents/salesforce/salesforce-certificate-lifecycle-agent/harnesses/gemini.agent.md +66 -0
  195. package/agents/salesforce/salesforce-certificate-lifecycle-agent/harnesses/kiro-cli.agent.json +5 -0
  196. package/agents/salesforce/salesforce-certificate-lifecycle-agent/harnesses/kiro-ide.agent.md +66 -0
  197. package/agents/salesforce/salesforce-certificate-lifecycle-agent/metadata.json +30 -0
  198. package/agents/salesforce/salesforce-change-impact-analyst-agent/AGENT.md +121 -0
  199. package/agents/salesforce/salesforce-change-impact-analyst-agent/LEAST-PRIVILEGES.md +87 -0
  200. package/agents/salesforce/salesforce-change-impact-analyst-agent/harnesses/claude-code.agent.md +74 -0
  201. package/agents/salesforce/salesforce-change-impact-analyst-agent/harnesses/codex.toml +30 -0
  202. package/agents/salesforce/salesforce-change-impact-analyst-agent/harnesses/copilot.agent.md +74 -0
  203. package/agents/salesforce/salesforce-change-impact-analyst-agent/harnesses/cursor.agent.md +74 -0
  204. package/agents/salesforce/salesforce-change-impact-analyst-agent/harnesses/gemini.agent.md +74 -0
  205. package/agents/salesforce/salesforce-change-impact-analyst-agent/harnesses/kiro-cli.agent.json +5 -0
  206. package/agents/salesforce/salesforce-change-impact-analyst-agent/harnesses/kiro-ide.agent.md +74 -0
  207. package/agents/salesforce/salesforce-change-impact-analyst-agent/metadata.json +30 -0
  208. package/agents/salesforce/salesforce-code-analyzer-orchestrator-agent/AGENT.md +119 -0
  209. package/agents/salesforce/salesforce-code-analyzer-orchestrator-agent/LEAST-PRIVILEGES.md +88 -0
  210. package/agents/salesforce/salesforce-code-analyzer-orchestrator-agent/harnesses/claude-code.agent.md +67 -0
  211. package/agents/salesforce/salesforce-code-analyzer-orchestrator-agent/harnesses/codex.toml +30 -0
  212. package/agents/salesforce/salesforce-code-analyzer-orchestrator-agent/harnesses/copilot.agent.md +67 -0
  213. package/agents/salesforce/salesforce-code-analyzer-orchestrator-agent/harnesses/cursor.agent.md +67 -0
  214. package/agents/salesforce/salesforce-code-analyzer-orchestrator-agent/harnesses/gemini.agent.md +67 -0
  215. package/agents/salesforce/salesforce-code-analyzer-orchestrator-agent/harnesses/kiro-cli.agent.json +5 -0
  216. package/agents/salesforce/salesforce-code-analyzer-orchestrator-agent/harnesses/kiro-ide.agent.md +67 -0
  217. package/agents/salesforce/salesforce-code-analyzer-orchestrator-agent/metadata.json +31 -0
  218. package/agents/salesforce/salesforce-compliance-privacy-agent/AGENT.md +130 -0
  219. package/agents/salesforce/salesforce-compliance-privacy-agent/LEAST-PRIVILEGES.md +85 -0
  220. package/agents/salesforce/salesforce-compliance-privacy-agent/harnesses/claude-code.agent.md +84 -0
  221. package/agents/salesforce/salesforce-compliance-privacy-agent/harnesses/codex.toml +36 -0
  222. package/agents/salesforce/salesforce-compliance-privacy-agent/harnesses/copilot.agent.md +84 -0
  223. package/agents/salesforce/salesforce-compliance-privacy-agent/harnesses/cursor.agent.md +84 -0
  224. package/agents/salesforce/salesforce-compliance-privacy-agent/harnesses/gemini.agent.md +84 -0
  225. package/agents/salesforce/salesforce-compliance-privacy-agent/harnesses/kiro-cli.agent.json +5 -0
  226. package/agents/salesforce/salesforce-compliance-privacy-agent/harnesses/kiro-ide.agent.md +49 -0
  227. package/agents/salesforce/salesforce-compliance-privacy-agent/metadata.json +41 -0
  228. package/agents/salesforce/salesforce-continuous-verification-agent/AGENT.md +113 -0
  229. package/agents/salesforce/salesforce-continuous-verification-agent/LEAST-PRIVILEGES.md +90 -0
  230. package/agents/salesforce/salesforce-continuous-verification-agent/harnesses/claude-code.agent.md +64 -0
  231. package/agents/salesforce/salesforce-continuous-verification-agent/harnesses/codex.toml +30 -0
  232. package/agents/salesforce/salesforce-continuous-verification-agent/harnesses/copilot.agent.md +64 -0
  233. package/agents/salesforce/salesforce-continuous-verification-agent/harnesses/cursor.agent.md +64 -0
  234. package/agents/salesforce/salesforce-continuous-verification-agent/harnesses/gemini.agent.md +64 -0
  235. package/agents/salesforce/salesforce-continuous-verification-agent/harnesses/kiro-cli.agent.json +5 -0
  236. package/agents/salesforce/salesforce-continuous-verification-agent/harnesses/kiro-ide.agent.md +64 -0
  237. package/agents/salesforce/salesforce-continuous-verification-agent/metadata.json +31 -0
  238. package/agents/salesforce/salesforce-data-architecture-agent/AGENT.md +113 -0
  239. package/agents/salesforce/salesforce-data-architecture-agent/LEAST-PRIVILEGES.md +92 -0
  240. package/agents/salesforce/salesforce-data-architecture-agent/harnesses/claude-code.agent.md +49 -0
  241. package/agents/salesforce/salesforce-data-architecture-agent/harnesses/codex.toml +35 -0
  242. package/agents/salesforce/salesforce-data-architecture-agent/harnesses/copilot.agent.md +49 -0
  243. package/agents/salesforce/salesforce-data-architecture-agent/harnesses/cursor.agent.md +49 -0
  244. package/agents/salesforce/salesforce-data-architecture-agent/harnesses/gemini.agent.md +49 -0
  245. package/agents/salesforce/salesforce-data-architecture-agent/harnesses/kiro-cli.agent.json +5 -0
  246. package/agents/salesforce/salesforce-data-architecture-agent/harnesses/kiro-ide.agent.md +49 -0
  247. package/agents/salesforce/salesforce-data-architecture-agent/metadata.json +40 -0
  248. package/agents/salesforce/salesforce-development-agent/AGENT.md +114 -0
  249. package/agents/salesforce/salesforce-development-agent/LEAST-PRIVILEGES.md +89 -0
  250. package/agents/salesforce/salesforce-development-agent/harnesses/claude-code.agent.md +50 -0
  251. package/agents/salesforce/salesforce-development-agent/harnesses/codex.toml +36 -0
  252. package/agents/salesforce/salesforce-development-agent/harnesses/copilot.agent.md +50 -0
  253. package/agents/salesforce/salesforce-development-agent/harnesses/cursor.agent.md +50 -0
  254. package/agents/salesforce/salesforce-development-agent/harnesses/gemini.agent.md +50 -0
  255. package/agents/salesforce/salesforce-development-agent/harnesses/kiro-cli.agent.json +5 -0
  256. package/agents/salesforce/salesforce-development-agent/harnesses/kiro-ide.agent.md +50 -0
  257. package/agents/salesforce/salesforce-development-agent/metadata.json +40 -0
  258. package/agents/salesforce/salesforce-devops-release-agent/AGENT.md +115 -0
  259. package/agents/salesforce/salesforce-devops-release-agent/LEAST-PRIVILEGES.md +90 -0
  260. package/agents/salesforce/salesforce-devops-release-agent/harnesses/claude-code.agent.md +51 -0
  261. package/agents/salesforce/salesforce-devops-release-agent/harnesses/codex.toml +35 -0
  262. package/agents/salesforce/salesforce-devops-release-agent/harnesses/copilot.agent.md +51 -0
  263. package/agents/salesforce/salesforce-devops-release-agent/harnesses/cursor.agent.md +51 -0
  264. package/agents/salesforce/salesforce-devops-release-agent/harnesses/gemini.agent.md +51 -0
  265. package/agents/salesforce/salesforce-devops-release-agent/harnesses/kiro-cli.agent.json +5 -0
  266. package/agents/salesforce/salesforce-devops-release-agent/harnesses/kiro-ide.agent.md +51 -0
  267. package/agents/salesforce/salesforce-devops-release-agent/metadata.json +40 -0
  268. package/agents/salesforce/salesforce-enterprise-architect-agent/AGENT.md +128 -0
  269. package/agents/salesforce/salesforce-enterprise-architect-agent/LEAST-PRIVILEGES.md +92 -0
  270. package/agents/salesforce/salesforce-enterprise-architect-agent/harnesses/claude-code.agent.md +81 -0
  271. package/agents/salesforce/salesforce-enterprise-architect-agent/harnesses/codex.toml +36 -0
  272. package/agents/salesforce/salesforce-enterprise-architect-agent/harnesses/copilot.agent.md +81 -0
  273. package/agents/salesforce/salesforce-enterprise-architect-agent/harnesses/cursor.agent.md +81 -0
  274. package/agents/salesforce/salesforce-enterprise-architect-agent/harnesses/gemini.agent.md +81 -0
  275. package/agents/salesforce/salesforce-enterprise-architect-agent/harnesses/kiro-cli.agent.json +5 -0
  276. package/agents/salesforce/salesforce-enterprise-architect-agent/harnesses/kiro-ide.agent.md +49 -0
  277. package/agents/salesforce/salesforce-enterprise-architect-agent/metadata.json +41 -0
  278. package/agents/salesforce/salesforce-experience-cloud-agent/AGENT.md +124 -0
  279. package/agents/salesforce/salesforce-experience-cloud-agent/LEAST-PRIVILEGES.md +80 -0
  280. package/agents/salesforce/salesforce-experience-cloud-agent/harnesses/claude-code.agent.md +79 -0
  281. package/agents/salesforce/salesforce-experience-cloud-agent/harnesses/codex.toml +35 -0
  282. package/agents/salesforce/salesforce-experience-cloud-agent/harnesses/copilot.agent.md +79 -0
  283. package/agents/salesforce/salesforce-experience-cloud-agent/harnesses/cursor.agent.md +79 -0
  284. package/agents/salesforce/salesforce-experience-cloud-agent/harnesses/gemini.agent.md +79 -0
  285. package/agents/salesforce/salesforce-experience-cloud-agent/harnesses/kiro-cli.agent.json +5 -0
  286. package/agents/salesforce/salesforce-experience-cloud-agent/harnesses/kiro-ide.agent.md +59 -0
  287. package/agents/salesforce/salesforce-experience-cloud-agent/metadata.json +40 -0
  288. package/agents/salesforce/salesforce-hyperforce-security-agent/AGENT.md +113 -0
  289. package/agents/salesforce/salesforce-hyperforce-security-agent/LEAST-PRIVILEGES.md +80 -0
  290. package/agents/salesforce/salesforce-hyperforce-security-agent/harnesses/claude-code.agent.md +72 -0
  291. package/agents/salesforce/salesforce-hyperforce-security-agent/harnesses/codex.toml +28 -0
  292. package/agents/salesforce/salesforce-hyperforce-security-agent/harnesses/copilot.agent.md +72 -0
  293. package/agents/salesforce/salesforce-hyperforce-security-agent/harnesses/cursor.agent.md +72 -0
  294. package/agents/salesforce/salesforce-hyperforce-security-agent/harnesses/gemini.agent.md +72 -0
  295. package/agents/salesforce/salesforce-hyperforce-security-agent/harnesses/kiro-cli.agent.json +5 -0
  296. package/agents/salesforce/salesforce-hyperforce-security-agent/harnesses/kiro-ide.agent.md +72 -0
  297. package/agents/salesforce/salesforce-hyperforce-security-agent/metadata.json +30 -0
  298. package/agents/salesforce/salesforce-industry-cloud-agent/AGENT.md +125 -0
  299. package/agents/salesforce/salesforce-industry-cloud-agent/LEAST-PRIVILEGES.md +88 -0
  300. package/agents/salesforce/salesforce-industry-cloud-agent/harnesses/claude-code.agent.md +80 -0
  301. package/agents/salesforce/salesforce-industry-cloud-agent/harnesses/codex.toml +41 -0
  302. package/agents/salesforce/salesforce-industry-cloud-agent/harnesses/copilot.agent.md +80 -0
  303. package/agents/salesforce/salesforce-industry-cloud-agent/harnesses/cursor.agent.md +80 -0
  304. package/agents/salesforce/salesforce-industry-cloud-agent/harnesses/gemini.agent.md +80 -0
  305. package/agents/salesforce/salesforce-industry-cloud-agent/harnesses/kiro-cli.agent.json +5 -0
  306. package/agents/salesforce/salesforce-industry-cloud-agent/harnesses/kiro-ide.agent.md +48 -0
  307. package/agents/salesforce/salesforce-industry-cloud-agent/metadata.json +42 -0
  308. package/agents/salesforce/salesforce-integration-mulesoft-agent/AGENT.md +115 -0
  309. package/agents/salesforce/salesforce-integration-mulesoft-agent/LEAST-PRIVILEGES.md +91 -0
  310. package/agents/salesforce/salesforce-integration-mulesoft-agent/harnesses/claude-code.agent.md +50 -0
  311. package/agents/salesforce/salesforce-integration-mulesoft-agent/harnesses/codex.toml +35 -0
  312. package/agents/salesforce/salesforce-integration-mulesoft-agent/harnesses/copilot.agent.md +50 -0
  313. package/agents/salesforce/salesforce-integration-mulesoft-agent/harnesses/cursor.agent.md +50 -0
  314. package/agents/salesforce/salesforce-integration-mulesoft-agent/harnesses/gemini.agent.md +50 -0
  315. package/agents/salesforce/salesforce-integration-mulesoft-agent/harnesses/kiro-cli.agent.json +5 -0
  316. package/agents/salesforce/salesforce-integration-mulesoft-agent/harnesses/kiro-ide.agent.md +50 -0
  317. package/agents/salesforce/salesforce-integration-mulesoft-agent/metadata.json +40 -0
  318. package/agents/salesforce/salesforce-live-guard-agent/AGENT.md +126 -0
  319. package/agents/salesforce/salesforce-live-guard-agent/LEAST-PRIVILEGES.md +100 -0
  320. package/agents/salesforce/salesforce-live-guard-agent/harnesses/claude-code.agent.md +85 -0
  321. package/agents/salesforce/salesforce-live-guard-agent/harnesses/codex.toml +50 -0
  322. package/agents/salesforce/salesforce-live-guard-agent/harnesses/copilot.agent.md +85 -0
  323. package/agents/salesforce/salesforce-live-guard-agent/harnesses/cursor.agent.md +85 -0
  324. package/agents/salesforce/salesforce-live-guard-agent/harnesses/gemini.agent.md +85 -0
  325. package/agents/salesforce/salesforce-live-guard-agent/harnesses/kiro-cli.agent.json +5 -0
  326. package/agents/salesforce/salesforce-live-guard-agent/harnesses/kiro-ide.agent.md +58 -0
  327. package/agents/salesforce/salesforce-live-guard-agent/metadata.json +39 -0
  328. package/agents/salesforce/salesforce-maestro-agent/AGENT.md +77 -0
  329. package/agents/salesforce/salesforce-maestro-agent/LEAST-PRIVILEGES.md +93 -0
  330. package/agents/salesforce/salesforce-maestro-agent/README.md +593 -0
  331. package/agents/salesforce/salesforce-maestro-agent/harnesses/claude-code.agent.md +65 -0
  332. package/agents/salesforce/salesforce-maestro-agent/harnesses/codex.toml +66 -0
  333. package/agents/salesforce/salesforce-maestro-agent/harnesses/copilot.agent.md +65 -0
  334. package/agents/salesforce/salesforce-maestro-agent/harnesses/cursor.agent.md +65 -0
  335. package/agents/salesforce/salesforce-maestro-agent/harnesses/gemini.agent.md +65 -0
  336. package/agents/salesforce/salesforce-maestro-agent/harnesses/kiro-cli.agent.json +5 -0
  337. package/agents/salesforce/salesforce-maestro-agent/harnesses/kiro-ide.agent.md +65 -0
  338. package/agents/salesforce/salesforce-maestro-agent/metadata.json +38 -0
  339. package/agents/salesforce/salesforce-marketing-cloud-agent/AGENT.md +124 -0
  340. package/agents/salesforce/salesforce-marketing-cloud-agent/LEAST-PRIVILEGES.md +86 -0
  341. package/agents/salesforce/salesforce-marketing-cloud-agent/harnesses/claude-code.agent.md +78 -0
  342. package/agents/salesforce/salesforce-marketing-cloud-agent/harnesses/codex.toml +34 -0
  343. package/agents/salesforce/salesforce-marketing-cloud-agent/harnesses/copilot.agent.md +78 -0
  344. package/agents/salesforce/salesforce-marketing-cloud-agent/harnesses/cursor.agent.md +78 -0
  345. package/agents/salesforce/salesforce-marketing-cloud-agent/harnesses/gemini.agent.md +78 -0
  346. package/agents/salesforce/salesforce-marketing-cloud-agent/harnesses/kiro-cli.agent.json +5 -0
  347. package/agents/salesforce/salesforce-marketing-cloud-agent/harnesses/kiro-ide.agent.md +48 -0
  348. package/agents/salesforce/salesforce-marketing-cloud-agent/metadata.json +41 -0
  349. package/agents/salesforce/salesforce-network-policy-architect-agent/AGENT.md +113 -0
  350. package/agents/salesforce/salesforce-network-policy-architect-agent/LEAST-PRIVILEGES.md +87 -0
  351. package/agents/salesforce/salesforce-network-policy-architect-agent/harnesses/claude-code.agent.md +72 -0
  352. package/agents/salesforce/salesforce-network-policy-architect-agent/harnesses/codex.toml +28 -0
  353. package/agents/salesforce/salesforce-network-policy-architect-agent/harnesses/copilot.agent.md +72 -0
  354. package/agents/salesforce/salesforce-network-policy-architect-agent/harnesses/cursor.agent.md +72 -0
  355. package/agents/salesforce/salesforce-network-policy-architect-agent/harnesses/gemini.agent.md +72 -0
  356. package/agents/salesforce/salesforce-network-policy-architect-agent/harnesses/kiro-cli.agent.json +5 -0
  357. package/agents/salesforce/salesforce-network-policy-architect-agent/harnesses/kiro-ide.agent.md +72 -0
  358. package/agents/salesforce/salesforce-network-policy-architect-agent/metadata.json +31 -0
  359. package/agents/salesforce/salesforce-platform-admin-review-agent/AGENT.md +113 -0
  360. package/agents/salesforce/salesforce-platform-admin-review-agent/LEAST-PRIVILEGES.md +88 -0
  361. package/agents/salesforce/salesforce-platform-admin-review-agent/harnesses/claude-code.agent.md +49 -0
  362. package/agents/salesforce/salesforce-platform-admin-review-agent/harnesses/codex.toml +36 -0
  363. package/agents/salesforce/salesforce-platform-admin-review-agent/harnesses/copilot.agent.md +49 -0
  364. package/agents/salesforce/salesforce-platform-admin-review-agent/harnesses/cursor.agent.md +49 -0
  365. package/agents/salesforce/salesforce-platform-admin-review-agent/harnesses/gemini.agent.md +49 -0
  366. package/agents/salesforce/salesforce-platform-admin-review-agent/harnesses/kiro-cli.agent.json +5 -0
  367. package/agents/salesforce/salesforce-platform-admin-review-agent/harnesses/kiro-ide.agent.md +49 -0
  368. package/agents/salesforce/salesforce-platform-admin-review-agent/metadata.json +40 -0
  369. package/agents/salesforce/salesforce-sales-cloud-revenue-agent/AGENT.md +115 -0
  370. package/agents/salesforce/salesforce-sales-cloud-revenue-agent/LEAST-PRIVILEGES.md +83 -0
  371. package/agents/salesforce/salesforce-sales-cloud-revenue-agent/harnesses/claude-code.agent.md +50 -0
  372. package/agents/salesforce/salesforce-sales-cloud-revenue-agent/harnesses/codex.toml +35 -0
  373. package/agents/salesforce/salesforce-sales-cloud-revenue-agent/harnesses/copilot.agent.md +50 -0
  374. package/agents/salesforce/salesforce-sales-cloud-revenue-agent/harnesses/cursor.agent.md +50 -0
  375. package/agents/salesforce/salesforce-sales-cloud-revenue-agent/harnesses/gemini.agent.md +50 -0
  376. package/agents/salesforce/salesforce-sales-cloud-revenue-agent/harnesses/kiro-cli.agent.json +5 -0
  377. package/agents/salesforce/salesforce-sales-cloud-revenue-agent/harnesses/kiro-ide.agent.md +50 -0
  378. package/agents/salesforce/salesforce-sales-cloud-revenue-agent/metadata.json +40 -0
  379. package/agents/salesforce/salesforce-sandbox-governance-agent/AGENT.md +120 -0
  380. package/agents/salesforce/salesforce-sandbox-governance-agent/LEAST-PRIVILEGES.md +80 -0
  381. package/agents/salesforce/salesforce-sandbox-governance-agent/harnesses/claude-code.agent.md +72 -0
  382. package/agents/salesforce/salesforce-sandbox-governance-agent/harnesses/codex.toml +30 -0
  383. package/agents/salesforce/salesforce-sandbox-governance-agent/harnesses/copilot.agent.md +72 -0
  384. package/agents/salesforce/salesforce-sandbox-governance-agent/harnesses/cursor.agent.md +72 -0
  385. package/agents/salesforce/salesforce-sandbox-governance-agent/harnesses/gemini.agent.md +72 -0
  386. package/agents/salesforce/salesforce-sandbox-governance-agent/harnesses/kiro-cli.agent.json +5 -0
  387. package/agents/salesforce/salesforce-sandbox-governance-agent/harnesses/kiro-ide.agent.md +72 -0
  388. package/agents/salesforce/salesforce-sandbox-governance-agent/metadata.json +30 -0
  389. package/agents/salesforce/salesforce-sandbox-isolation-agent/AGENT.md +113 -0
  390. package/agents/salesforce/salesforce-sandbox-isolation-agent/LEAST-PRIVILEGES.md +90 -0
  391. package/agents/salesforce/salesforce-sandbox-isolation-agent/harnesses/claude-code.agent.md +71 -0
  392. package/agents/salesforce/salesforce-sandbox-isolation-agent/harnesses/codex.toml +28 -0
  393. package/agents/salesforce/salesforce-sandbox-isolation-agent/harnesses/copilot.agent.md +71 -0
  394. package/agents/salesforce/salesforce-sandbox-isolation-agent/harnesses/cursor.agent.md +71 -0
  395. package/agents/salesforce/salesforce-sandbox-isolation-agent/harnesses/gemini.agent.md +71 -0
  396. package/agents/salesforce/salesforce-sandbox-isolation-agent/harnesses/kiro-cli.agent.json +5 -0
  397. package/agents/salesforce/salesforce-sandbox-isolation-agent/harnesses/kiro-ide.agent.md +71 -0
  398. package/agents/salesforce/salesforce-sandbox-isolation-agent/metadata.json +30 -0
  399. package/agents/salesforce/salesforce-security-identity-access-agent/AGENT.md +118 -0
  400. package/agents/salesforce/salesforce-security-identity-access-agent/LEAST-PRIVILEGES.md +85 -0
  401. package/agents/salesforce/salesforce-security-identity-access-agent/harnesses/claude-code.agent.md +52 -0
  402. package/agents/salesforce/salesforce-security-identity-access-agent/harnesses/codex.toml +36 -0
  403. package/agents/salesforce/salesforce-security-identity-access-agent/harnesses/copilot.agent.md +52 -0
  404. package/agents/salesforce/salesforce-security-identity-access-agent/harnesses/cursor.agent.md +52 -0
  405. package/agents/salesforce/salesforce-security-identity-access-agent/harnesses/gemini.agent.md +52 -0
  406. package/agents/salesforce/salesforce-security-identity-access-agent/harnesses/kiro-cli.agent.json +5 -0
  407. package/agents/salesforce/salesforce-security-identity-access-agent/harnesses/kiro-ide.agent.md +52 -0
  408. package/agents/salesforce/salesforce-security-identity-access-agent/metadata.json +40 -0
  409. package/agents/salesforce/salesforce-service-field-service-agent/AGENT.md +115 -0
  410. package/agents/salesforce/salesforce-service-field-service-agent/LEAST-PRIVILEGES.md +82 -0
  411. package/agents/salesforce/salesforce-service-field-service-agent/harnesses/claude-code.agent.md +50 -0
  412. package/agents/salesforce/salesforce-service-field-service-agent/harnesses/codex.toml +35 -0
  413. package/agents/salesforce/salesforce-service-field-service-agent/harnesses/copilot.agent.md +50 -0
  414. package/agents/salesforce/salesforce-service-field-service-agent/harnesses/cursor.agent.md +50 -0
  415. package/agents/salesforce/salesforce-service-field-service-agent/harnesses/gemini.agent.md +50 -0
  416. package/agents/salesforce/salesforce-service-field-service-agent/harnesses/kiro-cli.agent.json +5 -0
  417. package/agents/salesforce/salesforce-service-field-service-agent/harnesses/kiro-ide.agent.md +50 -0
  418. package/agents/salesforce/salesforce-service-field-service-agent/metadata.json +40 -0
  419. package/agents/salesforce/salesforce-session-governance-agent/AGENT.md +116 -0
  420. package/agents/salesforce/salesforce-session-governance-agent/LEAST-PRIVILEGES.md +91 -0
  421. package/agents/salesforce/salesforce-session-governance-agent/harnesses/claude-code.agent.md +74 -0
  422. package/agents/salesforce/salesforce-session-governance-agent/harnesses/codex.toml +28 -0
  423. package/agents/salesforce/salesforce-session-governance-agent/harnesses/copilot.agent.md +74 -0
  424. package/agents/salesforce/salesforce-session-governance-agent/harnesses/cursor.agent.md +74 -0
  425. package/agents/salesforce/salesforce-session-governance-agent/harnesses/gemini.agent.md +74 -0
  426. package/agents/salesforce/salesforce-session-governance-agent/harnesses/kiro-cli.agent.json +5 -0
  427. package/agents/salesforce/salesforce-session-governance-agent/harnesses/kiro-ide.agent.md +74 -0
  428. package/agents/salesforce/salesforce-session-governance-agent/metadata.json +30 -0
  429. package/agents/salesforce/salesforce-slack-collaboration-agent/AGENT.md +123 -0
  430. package/agents/salesforce/salesforce-slack-collaboration-agent/LEAST-PRIVILEGES.md +86 -0
  431. package/agents/salesforce/salesforce-slack-collaboration-agent/harnesses/claude-code.agent.md +79 -0
  432. package/agents/salesforce/salesforce-slack-collaboration-agent/harnesses/codex.toml +35 -0
  433. package/agents/salesforce/salesforce-slack-collaboration-agent/harnesses/copilot.agent.md +79 -0
  434. package/agents/salesforce/salesforce-slack-collaboration-agent/harnesses/cursor.agent.md +79 -0
  435. package/agents/salesforce/salesforce-slack-collaboration-agent/harnesses/gemini.agent.md +79 -0
  436. package/agents/salesforce/salesforce-slack-collaboration-agent/harnesses/kiro-cli.agent.json +5 -0
  437. package/agents/salesforce/salesforce-slack-collaboration-agent/harnesses/kiro-ide.agent.md +48 -0
  438. package/agents/salesforce/salesforce-slack-collaboration-agent/metadata.json +41 -0
  439. package/assets/logos/cloud/salesforce/salesforce.svg +34 -0
  440. package/catalog/agents.json +1785 -353
  441. package/catalog/asset-integrity.json +2866 -411
  442. package/catalog/install-roles.json +96 -0
  443. package/catalog/skill-manifest.json +1238 -138
  444. package/catalog/skills.json +1587 -333
  445. package/package.json +3 -2
  446. package/plugins/vanguard-frontier-agentic/.codex-plugin/plugin.json +1 -1
  447. package/powers/vanguard-salesforce/POWER.md +42 -0
  448. package/schemas/agent.schema.json +5 -1
  449. package/schemas/skill.frontmatter.schema.json +33 -3
  450. package/schemas/skill.schema.json +5 -1
  451. package/scripts/export-marketplace-agents.mjs +30 -2
  452. package/scripts/generate-kiro-powers.mjs +12 -0
  453. package/scripts/release-prepare.mjs +35 -0
  454. package/skills/aws/aws-agentcore/references/official-sources.md +19 -19
  455. package/skills/aws/aws-generative-ai-developer/references/official-sources.md +10 -10
  456. package/skills/azure/azure-ai-foundry-ops-governor/references/workflow-and-output.md +2 -2
  457. package/skills/azure/azure-aks-platform-operator/references/workflow-and-output.md +1 -1
  458. package/skills/azure/azure-app-service-production-readiness/references/workflow-and-output.md +1 -1
  459. package/skills/azure/azure-cosmosdb-application-developer/references/official-sources.md +11 -11
  460. package/skills/azure/azure-cosmosdb-performance-investigator/references/official-sources.md +11 -11
  461. package/skills/azure/azure-cosmosdb-platform-operator/references/official-sources.md +10 -10
  462. package/skills/azure/azure-cost-estimation-review/references/workflow-and-output.md +1 -1
  463. package/skills/azure/azure-cost-optimization-governor/references/workflow-and-output.md +1 -1
  464. package/skills/azure/azure-entra-id-specialist/references/official-sources.md +28 -28
  465. package/skills/azure/azure-identity-governance-review/references/official-sources.md +11 -11
  466. package/skills/azure/azure-identity-governance-review/references/workflow-and-output.md +1 -1
  467. package/skills/azure/azure-key-vault-secret-lifecycle-auditor/references/workflow-and-output.md +1 -1
  468. package/skills/azure/azure-migrate-landing-zone-cutover/references/workflow-and-output.md +1 -1
  469. package/skills/azure/azure-platform-automation-devops/references/workflow-and-output.md +1 -1
  470. package/skills/azure/azure-private-endpoint-adoption-planner/references/workflow-and-output.md +1 -1
  471. package/skills/azure/azure-resource-health-incident-triage/references/workflow-and-output.md +6 -6
  472. package/skills/azure/azure-subscription-resource-organization/references/workflow-and-output.md +1 -1
  473. package/skills/cross-functional/salesforce-case-capsule/SKILL.md +164 -0
  474. package/skills/cross-functional/salesforce-case-capsule/metadata.json +19 -0
  475. package/skills/cross-functional/salesforce-data-exposure-escalation-protocol/SKILL.md +165 -0
  476. package/skills/cross-functional/salesforce-data-exposure-escalation-protocol/metadata.json +19 -0
  477. package/skills/cross-functional/salesforce-live-change-approval-protocol/SKILL.md +118 -0
  478. package/skills/cross-functional/salesforce-live-change-approval-protocol/metadata.json +19 -0
  479. package/skills/cross-functional/salesforce-risk-taxonomy/SKILL.md +162 -0
  480. package/skills/cross-functional/salesforce-risk-taxonomy/metadata.json +19 -0
  481. package/skills/cross-functional/salesforce-routing-protocol/SKILL.md +159 -0
  482. package/skills/cross-functional/salesforce-routing-protocol/metadata.json +19 -0
  483. package/skills/dotnet/dotnet-aspire-cloud-native-review/SKILL.md +53 -0
  484. package/skills/dotnet/dotnet-aspire-cloud-native-review/metadata.json +27 -0
  485. package/skills/dotnet/dotnet-aspire-cloud-native-review/references/workflow-and-output.md +115 -0
  486. package/skills/dotnet/dotnet-aspnetcore-api-review/SKILL.md +53 -0
  487. package/skills/dotnet/dotnet-aspnetcore-api-review/metadata.json +28 -0
  488. package/skills/dotnet/dotnet-aspnetcore-api-review/references/workflow-and-output.md +115 -0
  489. package/skills/dotnet/dotnet-aspnetcore-identity-authz-review/SKILL.md +48 -0
  490. package/skills/dotnet/dotnet-aspnetcore-identity-authz-review/metadata.json +28 -0
  491. package/skills/dotnet/dotnet-aspnetcore-identity-authz-review/references/workflow-and-output.md +125 -0
  492. package/skills/dotnet/dotnet-csharp-runtime-review/SKILL.md +56 -0
  493. package/skills/dotnet/dotnet-csharp-runtime-review/metadata.json +28 -0
  494. package/skills/dotnet/dotnet-csharp-runtime-review/references/workflow-and-output.md +141 -0
  495. package/skills/dotnet/dotnet-efcore-data-access-review/SKILL.md +57 -0
  496. package/skills/dotnet/dotnet-efcore-data-access-review/metadata.json +28 -0
  497. package/skills/dotnet/dotnet-efcore-data-access-review/references/workflow-and-output.md +140 -0
  498. package/skills/dotnet/dotnet-maestro/SKILL.md +106 -0
  499. package/skills/dotnet/dotnet-maestro/metadata.json +26 -0
  500. package/skills/dotnet/dotnet-observability-otel-review/SKILL.md +53 -0
  501. package/skills/dotnet/dotnet-observability-otel-review/metadata.json +27 -0
  502. package/skills/dotnet/dotnet-observability-otel-review/references/workflow-and-output.md +119 -0
  503. package/skills/dotnet/dotnet-performance-aot-review/SKILL.md +53 -0
  504. package/skills/dotnet/dotnet-performance-aot-review/metadata.json +27 -0
  505. package/skills/dotnet/dotnet-performance-aot-review/references/workflow-and-output.md +123 -0
  506. package/skills/dotnet/dotnet-supply-chain-review/SKILL.md +55 -0
  507. package/skills/dotnet/dotnet-supply-chain-review/metadata.json +28 -0
  508. package/skills/dotnet/dotnet-supply-chain-review/references/workflow-and-output.md +132 -0
  509. package/skills/dotnet/dotnet-testing-quality-review/SKILL.md +54 -0
  510. package/skills/dotnet/dotnet-testing-quality-review/metadata.json +27 -0
  511. package/skills/dotnet/dotnet-testing-quality-review/references/workflow-and-output.md +142 -0
  512. package/skills/finops/focus-spec-normalizer/references/focus-columns.md +2 -2
  513. package/skills/gcp/gcp-alloydb-ai-developer/SKILL.md +1 -1
  514. package/skills/gcp/gcp-gemini-api-developer/SKILL.md +2 -2
  515. package/skills/hr/hr-risk-triage-review/metadata.json +9 -2
  516. package/skills/legal/legal-counsel-review/metadata.json +9 -2
  517. package/skills/nvidia/nvidia-model-promotion-gatekeeper/SKILL.md +1 -1
  518. package/skills/nvidia/nvidia-model-promotion-gatekeeper/references/allowlist-commands.md +1 -1
  519. package/skills/oci/oci-compute-platform-operator/SKILL.md +0 -2
  520. package/skills/oci/oci-cost-finops-analyst/SKILL.md +0 -2
  521. package/skills/oci/oci-database-platform-dba/SKILL.md +0 -2
  522. package/skills/oci/oci-devops-container-platform-engineer/SKILL.md +0 -2
  523. package/skills/oci/oci-identity-access-governor/SKILL.md +0 -2
  524. package/skills/oci/oci-multi-cloud-architect/SKILL.md +0 -2
  525. package/skills/oci/oci-network-architect/SKILL.md +0 -2
  526. package/skills/oci/oci-observability-incident-responder/SKILL.md +0 -2
  527. package/skills/oci/oci-security-compliance-reviewer/SKILL.md +0 -2
  528. package/skills/oci/oci-solution-architect/SKILL.md +1 -3
  529. package/skills/oci/oci-storage-backup-steward/SKILL.md +0 -2
  530. package/skills/prometheus/prometheus-alerting-cardinality-review/SKILL.md +1 -1
  531. package/skills/prometheus/prometheus-alerting-cardinality-review/references/workflow-and-output.md +4 -4
  532. package/skills/qa/ci-test-pipeline-review/references/workflow-and-output.md +1 -1
  533. package/skills/qa/llm-ai-pipeline-test-review/references/workflow-and-output.md +1 -1
  534. package/skills/qa/playwright-e2e-suite-review/SKILL.md +4 -4
  535. package/skills/qa/playwright-e2e-suite-review/references/workflow-and-output.md +12 -12
  536. package/skills/qa/plc-control-logic-safety-review/references/workflow-and-output.md +2 -2
  537. package/skills/qa/test-coverage-quality-review/SKILL.md +1 -1
  538. package/skills/qa/test-coverage-quality-review/references/workflow-and-output.md +8 -8
  539. package/skills/qa/test-flakiness-triage/SKILL.md +1 -1
  540. package/skills/qa/test-flakiness-triage/references/workflow-and-output.md +1 -1
  541. package/skills/salesforce/README.md +117 -0
  542. package/skills/salesforce/salesforce-agentforce-risk-review-skill/SKILL.md +206 -0
  543. package/skills/salesforce/salesforce-agentforce-risk-review-skill/metadata.json +18 -0
  544. package/skills/salesforce/salesforce-agentforce-risk-review-skill/references/action-safety-matrix.md +160 -0
  545. package/skills/salesforce/salesforce-agentforce-risk-review-skill/references/agentforce-anti-patterns.md +193 -0
  546. package/skills/salesforce/salesforce-agentforce-risk-review-skill/references/grounding-source-evaluation.md +162 -0
  547. package/skills/salesforce/salesforce-agentforce-stdm-observer-skill/SKILL.md +557 -0
  548. package/skills/salesforce/salesforce-agentforce-stdm-observer-skill/metadata.json +41 -0
  549. package/skills/salesforce/salesforce-agentforce-stdm-observer-skill/references/observability-rubric.md +219 -0
  550. package/skills/salesforce/salesforce-agentforce-stdm-observer-skill/references/privacy-redaction.md +240 -0
  551. package/skills/salesforce/salesforce-agentforce-stdm-observer-skill/references/stdm-queries.md +436 -0
  552. package/skills/salesforce/salesforce-apex-generator-skill/SKILL.md +307 -0
  553. package/skills/salesforce/salesforce-apex-generator-skill/metadata.json +30 -0
  554. package/skills/salesforce/salesforce-apex-generator-skill/references/apex-patterns.md +224 -0
  555. package/skills/salesforce/salesforce-apex-generator-skill/references/governor-limits.md +175 -0
  556. package/skills/salesforce/salesforce-apex-generator-skill/references/security-defaults.md +155 -0
  557. package/skills/salesforce/salesforce-apex-log-analyzer-skill/SKILL.md +360 -0
  558. package/skills/salesforce/salesforce-apex-log-analyzer-skill/metadata.json +38 -0
  559. package/skills/salesforce/salesforce-apex-log-analyzer-skill/references/governor-limit-signatures.md +174 -0
  560. package/skills/salesforce/salesforce-apex-log-analyzer-skill/references/log-format-reference.md +154 -0
  561. package/skills/salesforce/salesforce-apex-log-analyzer-skill/references/redaction-rules.md +178 -0
  562. package/skills/salesforce/salesforce-apex-lwc-code-review-skill/SKILL.md +195 -0
  563. package/skills/salesforce/salesforce-apex-lwc-code-review-skill/metadata.json +18 -0
  564. package/skills/salesforce/salesforce-apex-lwc-code-review-skill/references/apex-anti-patterns.md +270 -0
  565. package/skills/salesforce/salesforce-apex-lwc-code-review-skill/references/governor-limits-reference.md +198 -0
  566. package/skills/salesforce/salesforce-apex-lwc-code-review-skill/references/lwc-security.md +206 -0
  567. package/skills/salesforce/salesforce-apex-test-generator-skill/SKILL.md +274 -0
  568. package/skills/salesforce/salesforce-apex-test-generator-skill/metadata.json +29 -0
  569. package/skills/salesforce/salesforce-apex-test-generator-skill/references/assertion-patterns.md +174 -0
  570. package/skills/salesforce/salesforce-apex-test-generator-skill/references/async-testing.md +217 -0
  571. package/skills/salesforce/salesforce-apex-test-generator-skill/references/test-data-factory.md +174 -0
  572. package/skills/salesforce/salesforce-apex-test-runner-skill/SKILL.md +344 -0
  573. package/skills/salesforce/salesforce-apex-test-runner-skill/metadata.json +37 -0
  574. package/skills/salesforce/salesforce-apex-test-runner-skill/references/cli-commands.md +162 -0
  575. package/skills/salesforce/salesforce-apex-test-runner-skill/references/coverage-analysis.md +107 -0
  576. package/skills/salesforce/salesforce-apex-test-runner-skill/references/failure-diagnosis.md +187 -0
  577. package/skills/salesforce/salesforce-bulk-data-ops-skill/SKILL.md +356 -0
  578. package/skills/salesforce/salesforce-bulk-data-ops-skill/metadata.json +29 -0
  579. package/skills/salesforce/salesforce-bulk-data-ops-skill/references/anonymous-apex-patterns.md +380 -0
  580. package/skills/salesforce/salesforce-bulk-data-ops-skill/references/data-loader-templates.md +209 -0
  581. package/skills/salesforce/salesforce-bulk-data-ops-skill/references/rollback-strategy.md +209 -0
  582. package/skills/salesforce/salesforce-deployment-validator-skill/SKILL.md +380 -0
  583. package/skills/salesforce/salesforce-deployment-validator-skill/metadata.json +37 -0
  584. package/skills/salesforce/salesforce-deployment-validator-skill/references/cli-commands.md +264 -0
  585. package/skills/salesforce/salesforce-deployment-validator-skill/references/production-refusal-rules.md +243 -0
  586. package/skills/salesforce/salesforce-deployment-validator-skill/references/test-selection-strategy.md +250 -0
  587. package/skills/salesforce/salesforce-devsecops-pipeline-skill/SKILL.md +195 -0
  588. package/skills/salesforce/salesforce-devsecops-pipeline-skill/metadata.json +19 -0
  589. package/skills/salesforce/salesforce-devsecops-pipeline-skill/references/change-impact-categories.md +216 -0
  590. package/skills/salesforce/salesforce-devsecops-pipeline-skill/references/sandbox-masking-strategy.md +193 -0
  591. package/skills/salesforce/salesforce-devsecops-pipeline-skill/references/sca-rule-catalog.md +226 -0
  592. package/skills/salesforce/salesforce-field-mapping-skill/SKILL.md +348 -0
  593. package/skills/salesforce/salesforce-field-mapping-skill/metadata.json +29 -0
  594. package/skills/salesforce/salesforce-field-mapping-skill/references/api-name-normalization.md +141 -0
  595. package/skills/salesforce/salesforce-field-mapping-skill/references/picklist-value-mapping.md +245 -0
  596. package/skills/salesforce/salesforce-field-mapping-skill/references/type-mismatch-detection.md +187 -0
  597. package/skills/salesforce/salesforce-flow-automation-review-skill/SKILL.md +163 -0
  598. package/skills/salesforce/salesforce-flow-automation-review-skill/metadata.json +18 -0
  599. package/skills/salesforce/salesforce-flow-automation-review-skill/references/automation-conflict-matrix.md +193 -0
  600. package/skills/salesforce/salesforce-flow-automation-review-skill/references/fault-path-design.md +189 -0
  601. package/skills/salesforce/salesforce-flow-automation-review-skill/references/flow-anti-patterns.md +211 -0
  602. package/skills/salesforce/salesforce-flow-debugger-skill/SKILL.md +355 -0
  603. package/skills/salesforce/salesforce-flow-debugger-skill/metadata.json +35 -0
  604. package/skills/salesforce/salesforce-flow-debugger-skill/references/fault-path-design.md +175 -0
  605. package/skills/salesforce/salesforce-flow-debugger-skill/references/flow-error-patterns.md +247 -0
  606. package/skills/salesforce/salesforce-flow-debugger-skill/references/interview-log-redaction.md +171 -0
  607. package/skills/salesforce/salesforce-infrastructure-audit-skill/SKILL.md +137 -0
  608. package/skills/salesforce/salesforce-infrastructure-audit-skill/metadata.json +19 -0
  609. package/skills/salesforce/salesforce-infrastructure-audit-skill/references/hyperforce-deployment-controls.md +181 -0
  610. package/skills/salesforce/salesforce-infrastructure-audit-skill/references/network-policy-reference.md +200 -0
  611. package/skills/salesforce/salesforce-infrastructure-audit-skill/references/session-policy-reference.md +219 -0
  612. package/skills/salesforce/salesforce-integration-review-skill/SKILL.md +186 -0
  613. package/skills/salesforce/salesforce-integration-review-skill/metadata.json +18 -0
  614. package/skills/salesforce/salesforce-integration-review-skill/references/integration-anti-patterns.md +280 -0
  615. package/skills/salesforce/salesforce-integration-review-skill/references/integration-pattern-reference.md +239 -0
  616. package/skills/salesforce/salesforce-integration-review-skill/references/named-credential-design.md +211 -0
  617. package/skills/salesforce/salesforce-marketing-consent-review-skill/SKILL.md +204 -0
  618. package/skills/salesforce/salesforce-marketing-consent-review-skill/metadata.json +18 -0
  619. package/skills/salesforce/salesforce-marketing-consent-review-skill/references/consent-anti-patterns.md +247 -0
  620. package/skills/salesforce/salesforce-marketing-consent-review-skill/references/consent-model-reference.md +205 -0
  621. package/skills/salesforce/salesforce-marketing-consent-review-skill/references/regulatory-mapping.md +192 -0
  622. package/skills/salesforce/salesforce-metadata-fetcher-skill/SKILL.md +418 -0
  623. package/skills/salesforce/salesforce-metadata-fetcher-skill/metadata.json +50 -0
  624. package/skills/salesforce/salesforce-metadata-fetcher-skill/references/cli-commands.md +347 -0
  625. package/skills/salesforce/salesforce-metadata-fetcher-skill/references/delegation-routing.md +416 -0
  626. package/skills/salesforce/salesforce-metadata-fetcher-skill/references/sanitization-rules.md +392 -0
  627. package/skills/salesforce/salesforce-metadata-review-skill/SKILL.md +148 -0
  628. package/skills/salesforce/salesforce-metadata-review-skill/metadata.json +18 -0
  629. package/skills/salesforce/salesforce-metadata-review-skill/references/deprecated-metadata.md +217 -0
  630. package/skills/salesforce/salesforce-metadata-review-skill/references/field-hygiene-rules.md +182 -0
  631. package/skills/salesforce/salesforce-metadata-review-skill/references/object-design-patterns.md +187 -0
  632. package/skills/salesforce/salesforce-org-assessment-skill/SKILL.md +137 -0
  633. package/skills/salesforce/salesforce-org-assessment-skill/metadata.json +18 -0
  634. package/skills/salesforce/salesforce-org-assessment-skill/references/assessment-rubric.md +228 -0
  635. package/skills/salesforce/salesforce-org-assessment-skill/references/risk-register-template.md +211 -0
  636. package/skills/salesforce/salesforce-org-assessment-skill/references/tech-debt-indicators.md +252 -0
  637. package/skills/salesforce/salesforce-permission-model-review-skill/SKILL.md +165 -0
  638. package/skills/salesforce/salesforce-permission-model-review-skill/metadata.json +18 -0
  639. package/skills/salesforce/salesforce-permission-model-review-skill/references/fls-review-patterns.md +235 -0
  640. package/skills/salesforce/salesforce-permission-model-review-skill/references/permission-set-strategy.md +203 -0
  641. package/skills/salesforce/salesforce-permission-model-review-skill/references/toxic-combinations.md +228 -0
  642. package/skills/salesforce/salesforce-release-readiness-skill/SKILL.md +185 -0
  643. package/skills/salesforce/salesforce-release-readiness-skill/metadata.json +18 -0
  644. package/skills/salesforce/salesforce-release-readiness-skill/references/release-checklist.md +191 -0
  645. package/skills/salesforce/salesforce-release-readiness-skill/references/rollback-strategy.md +234 -0
  646. package/skills/salesforce/salesforce-release-readiness-skill/references/test-coverage-strategy.md +314 -0
  647. package/skills/salesforce/salesforce-soql-explorer-skill/SKILL.md +391 -0
  648. package/skills/salesforce/salesforce-soql-explorer-skill/metadata.json +35 -0
  649. package/skills/salesforce/salesforce-soql-explorer-skill/references/cli-commands.md +266 -0
  650. package/skills/salesforce/salesforce-soql-explorer-skill/references/least-privilege-scope.md +224 -0
  651. package/skills/salesforce/salesforce-soql-explorer-skill/references/safe-query-patterns.md +317 -0
  652. package/skills/salesforce/salesforce-soql-generator-skill/SKILL.md +305 -0
  653. package/skills/salesforce/salesforce-soql-generator-skill/metadata.json +25 -0
  654. package/skills/salesforce/salesforce-soql-generator-skill/references/common-patterns.md +293 -0
  655. package/skills/salesforce/salesforce-soql-generator-skill/references/governor-limits.md +171 -0
  656. package/skills/salesforce/salesforce-soql-generator-skill/references/soql-syntax-quickref.md +255 -0
  657. package/skills/salesforce/salesforce-validation-rule-writer-skill/SKILL.md +329 -0
  658. package/skills/salesforce/salesforce-validation-rule-writer-skill/metadata.json +28 -0
  659. package/skills/salesforce/salesforce-validation-rule-writer-skill/references/error-message-style.md +132 -0
  660. package/skills/salesforce/salesforce-validation-rule-writer-skill/references/formula-syntax-quickref.md +182 -0
  661. package/skills/salesforce/salesforce-validation-rule-writer-skill/references/validation-patterns.md +214 -0
  662. package/skills/salesforce/salesforce-zero-trust-maturity-skill/SKILL.md +164 -0
  663. package/skills/salesforce/salesforce-zero-trust-maturity-skill/metadata.json +19 -0
  664. package/skills/salesforce/salesforce-zero-trust-maturity-skill/references/continuous-verification-patterns.md +209 -0
  665. package/skills/salesforce/salesforce-zero-trust-maturity-skill/references/maturity-scoring-rubric.md +179 -0
  666. package/skills/salesforce/salesforce-zero-trust-maturity-skill/references/nist-zta-pillars.md +194 -0
  667. package/tests/fixtures/dotnet-maestro-routing/expected/01-csharp-runtime.json +6 -0
  668. package/tests/fixtures/dotnet-maestro-routing/expected/02-aspnetcore-api.json +6 -0
  669. package/tests/fixtures/dotnet-maestro-routing/expected/03-identity-authz.json +6 -0
  670. package/tests/fixtures/dotnet-maestro-routing/expected/04-efcore-data.json +6 -0
  671. package/tests/fixtures/dotnet-maestro-routing/expected/05-testing-quality.json +6 -0
  672. package/tests/fixtures/dotnet-maestro-routing/expected/06-supply-chain.json +6 -0
  673. package/tests/fixtures/dotnet-maestro-routing/expected/07-performance-aot.json +6 -0
  674. package/tests/fixtures/dotnet-maestro-routing/expected/08-observability-otel.json +6 -0
  675. package/tests/fixtures/dotnet-maestro-routing/expected/09-aspire-cloud-native.json +6 -0
  676. package/tests/fixtures/dotnet-maestro-routing/expected/10-multi-domain.json +7 -0
  677. package/tests/fixtures/dotnet-maestro-routing/expected/11-ambiguous.json +4 -0
  678. package/tests/fixtures/dotnet-maestro-routing/expected/adv-ambiguous-near-miss.json +4 -0
  679. package/tests/fixtures/dotnet-maestro-routing/expected/adv-instruction-injection.json +6 -0
  680. package/tests/fixtures/dotnet-maestro-routing/expected/adv-live-guard-bypass.json +4 -0
  681. package/tests/fixtures/dotnet-maestro-routing/expected/adv-parallel-saturation.json +9 -0
  682. package/tests/fixtures/dotnet-maestro-routing/expected/adv-persona-replacement.json +6 -0
  683. package/tests/fixtures/dotnet-maestro-routing/expected/adv-secrets-bait.json +6 -0
  684. package/tests/fixtures/dotnet-maestro-routing/inputs/01-csharp-runtime.json +7 -0
  685. package/tests/fixtures/dotnet-maestro-routing/inputs/02-aspnetcore-api.json +7 -0
  686. package/tests/fixtures/dotnet-maestro-routing/inputs/03-identity-authz.json +7 -0
  687. package/tests/fixtures/dotnet-maestro-routing/inputs/04-efcore-data.json +7 -0
  688. package/tests/fixtures/dotnet-maestro-routing/inputs/05-testing-quality.json +7 -0
  689. package/tests/fixtures/dotnet-maestro-routing/inputs/06-supply-chain.json +7 -0
  690. package/tests/fixtures/dotnet-maestro-routing/inputs/07-performance-aot.json +7 -0
  691. package/tests/fixtures/dotnet-maestro-routing/inputs/08-observability-otel.json +7 -0
  692. package/tests/fixtures/dotnet-maestro-routing/inputs/09-aspire-cloud-native.json +7 -0
  693. package/tests/fixtures/dotnet-maestro-routing/inputs/10-multi-domain.json +7 -0
  694. package/tests/fixtures/dotnet-maestro-routing/inputs/11-ambiguous.json +7 -0
  695. package/tests/fixtures/dotnet-maestro-routing/inputs/adv-ambiguous-near-miss.json +7 -0
  696. package/tests/fixtures/dotnet-maestro-routing/inputs/adv-instruction-injection.json +7 -0
  697. package/tests/fixtures/dotnet-maestro-routing/inputs/adv-live-guard-bypass.json +7 -0
  698. package/tests/fixtures/dotnet-maestro-routing/inputs/adv-parallel-saturation.json +7 -0
  699. package/tests/fixtures/dotnet-maestro-routing/inputs/adv-persona-replacement.json +7 -0
  700. package/tests/fixtures/dotnet-maestro-routing/inputs/adv-secrets-bait.json +7 -0
  701. package/tests/fixtures/dotnet-maestro-routing/taxonomy.json +99 -0
  702. package/tests/fixtures/salesforce-maestro-routing/expected/001-happy-platform-admin-review.json +6 -0
  703. package/tests/fixtures/salesforce-maestro-routing/expected/002-happy-business-analyst.json +6 -0
  704. package/tests/fixtures/salesforce-maestro-routing/expected/003-happy-app-builder-automation.json +6 -0
  705. package/tests/fixtures/salesforce-maestro-routing/expected/004-happy-development.json +6 -0
  706. package/tests/fixtures/salesforce-maestro-routing/expected/005-happy-devops-release.json +6 -0
  707. package/tests/fixtures/salesforce-maestro-routing/expected/006-happy-security-identity-access.json +6 -0
  708. package/tests/fixtures/salesforce-maestro-routing/expected/007-happy-data-architecture.json +6 -0
  709. package/tests/fixtures/salesforce-maestro-routing/expected/008-happy-integration-mulesoft.json +6 -0
  710. package/tests/fixtures/salesforce-maestro-routing/expected/009-happy-sales-cloud-revenue.json +6 -0
  711. package/tests/fixtures/salesforce-maestro-routing/expected/010-happy-marketing-cloud.json +6 -0
  712. package/tests/fixtures/salesforce-maestro-routing/expected/011-happy-agentforce-ai.json +6 -0
  713. package/tests/fixtures/salesforce-maestro-routing/expected/012-happy-analytics-tableau.json +6 -0
  714. package/tests/fixtures/salesforce-maestro-routing/expected/013-happy-compliance-privacy.json +6 -0
  715. package/tests/fixtures/salesforce-maestro-routing/expected/014-happy-network-policy-architect.json +6 -0
  716. package/tests/fixtures/salesforce-maestro-routing/expected/015-happy-hyperforce-security.json +6 -0
  717. package/tests/fixtures/salesforce-maestro-routing/expected/016-happy-sandbox-isolation.json +6 -0
  718. package/tests/fixtures/salesforce-maestro-routing/expected/017-happy-session-governance.json +6 -0
  719. package/tests/fixtures/salesforce-maestro-routing/expected/018-happy-continuous-verification.json +6 -0
  720. package/tests/fixtures/salesforce-maestro-routing/expected/019-happy-certificate-lifecycle.json +6 -0
  721. package/tests/fixtures/salesforce-maestro-routing/expected/020-happy-adaptive-access.json +6 -0
  722. package/tests/fixtures/salesforce-maestro-routing/expected/021-happy-code-analyzer-orchestrator.json +6 -0
  723. package/tests/fixtures/salesforce-maestro-routing/expected/022-happy-sandbox-governance.json +6 -0
  724. package/tests/fixtures/salesforce-maestro-routing/expected/023-happy-change-impact-analyst.json +6 -0
  725. package/tests/fixtures/salesforce-maestro-routing/expected/adv-ambiguous.json +4 -0
  726. package/tests/fixtures/salesforce-maestro-routing/expected/adv-instruction-injection.json +6 -0
  727. package/tests/fixtures/salesforce-maestro-routing/expected/adv-liveguard-01-live-org-deploy-guard.json +6 -0
  728. package/tests/fixtures/salesforce-maestro-routing/expected/adv-liveguard-02-live-mass-delete-guard.json +6 -0
  729. package/tests/fixtures/salesforce-maestro-routing/expected/adv-liveguard-03-live-release-to-prod-guard.json +6 -0
  730. package/tests/fixtures/salesforce-maestro-routing/expected/adv-persona-replacement.json +6 -0
  731. package/tests/fixtures/salesforce-maestro-routing/expected/adv-secrets-bait.json +6 -0
  732. package/tests/fixtures/salesforce-maestro-routing/inputs/001-happy-platform-admin-review.json +7 -0
  733. package/tests/fixtures/salesforce-maestro-routing/inputs/002-happy-business-analyst.json +7 -0
  734. package/tests/fixtures/salesforce-maestro-routing/inputs/003-happy-app-builder-automation.json +7 -0
  735. package/tests/fixtures/salesforce-maestro-routing/inputs/004-happy-development.json +7 -0
  736. package/tests/fixtures/salesforce-maestro-routing/inputs/005-happy-devops-release.json +7 -0
  737. package/tests/fixtures/salesforce-maestro-routing/inputs/006-happy-security-identity-access.json +7 -0
  738. package/tests/fixtures/salesforce-maestro-routing/inputs/007-happy-data-architecture.json +7 -0
  739. package/tests/fixtures/salesforce-maestro-routing/inputs/008-happy-integration-mulesoft.json +7 -0
  740. package/tests/fixtures/salesforce-maestro-routing/inputs/009-happy-sales-cloud-revenue.json +7 -0
  741. package/tests/fixtures/salesforce-maestro-routing/inputs/010-happy-marketing-cloud.json +7 -0
  742. package/tests/fixtures/salesforce-maestro-routing/inputs/011-happy-agentforce-ai.json +7 -0
  743. package/tests/fixtures/salesforce-maestro-routing/inputs/012-happy-analytics-tableau.json +7 -0
  744. package/tests/fixtures/salesforce-maestro-routing/inputs/013-happy-compliance-privacy.json +7 -0
  745. package/tests/fixtures/salesforce-maestro-routing/inputs/014-happy-network-policy-architect.json +7 -0
  746. package/tests/fixtures/salesforce-maestro-routing/inputs/015-happy-hyperforce-security.json +7 -0
  747. package/tests/fixtures/salesforce-maestro-routing/inputs/016-happy-sandbox-isolation.json +7 -0
  748. package/tests/fixtures/salesforce-maestro-routing/inputs/017-happy-session-governance.json +7 -0
  749. package/tests/fixtures/salesforce-maestro-routing/inputs/018-happy-continuous-verification.json +7 -0
  750. package/tests/fixtures/salesforce-maestro-routing/inputs/019-happy-certificate-lifecycle.json +7 -0
  751. package/tests/fixtures/salesforce-maestro-routing/inputs/020-happy-adaptive-access.json +7 -0
  752. package/tests/fixtures/salesforce-maestro-routing/inputs/021-happy-code-analyzer-orchestrator.json +7 -0
  753. package/tests/fixtures/salesforce-maestro-routing/inputs/022-happy-sandbox-governance.json +7 -0
  754. package/tests/fixtures/salesforce-maestro-routing/inputs/023-happy-change-impact-analyst.json +7 -0
  755. package/tests/fixtures/salesforce-maestro-routing/inputs/adv-ambiguous.json +7 -0
  756. package/tests/fixtures/salesforce-maestro-routing/inputs/adv-instruction-injection.json +7 -0
  757. package/tests/fixtures/salesforce-maestro-routing/inputs/adv-liveguard-01-live-org-deploy-guard.json +7 -0
  758. package/tests/fixtures/salesforce-maestro-routing/inputs/adv-liveguard-02-live-mass-delete-guard.json +7 -0
  759. package/tests/fixtures/salesforce-maestro-routing/inputs/adv-liveguard-03-live-release-to-prod-guard.json +7 -0
  760. package/tests/fixtures/salesforce-maestro-routing/inputs/adv-persona-replacement.json +7 -0
  761. package/tests/fixtures/salesforce-maestro-routing/inputs/adv-secrets-bait.json +7 -0
  762. package/tests/fixtures/salesforce-maestro-routing/taxonomy.json +371 -0
  763. package/tests/test-vfa-export-coverage.test.mjs +29 -8
  764. package/tests/validate-catalog.py +15 -1
  765. package/tests/validate-plugin-manifest.py +11 -1
package/skills/salesforce/salesforce-integration-review-skill/references/integration-pattern-reference.md ADDED
@@ -0,0 +1,239 @@
1
+ # Integration Pattern Reference
2
+
3
+ Reference for Salesforce integration patterns covering REST, SOAP, Bulk API,
4
+ Platform Events, Change Data Capture, and OAuth flows.
5
+
6
+ ---
7
+
8
+ ## API Pattern Selection Matrix
9
+
10
+ | Use Case | Recommended API | Notes |
11
+ |----------|----------------|-------|
12
+ | Retrieve/update single or small record set | REST API | Low latency, JSON |
13
+ | Enterprise system integration, WSDLs | SOAP API | XML, strong typing |
14
+ | Bulk load/export (> 10,000 records) | Bulk API 2.0 | Async, CSV/JSON |
15
+ | Real-time event notification | Platform Events | Pub/Sub, async |
16
+ | Replicate CRM changes to external systems | Change Data Capture | Delta sync |
17
+ | User-facing OAuth flows | OAuth 2.0 Authorization Code | Browser-based |
18
+ | Server-to-server integration | OAuth 2.0 JWT Bearer | No user interaction |
19
+ | Legacy system callout from Apex | Named Credential + HttpRequest | Managed credentials |
20
+
21
+ ---
22
+
23
+ ## REST API
24
+
25
+ ### Endpoint Structure
26
+ ```
27
+ https://{instanceUrl}/services/data/v{apiVersion}/{resource}
28
+
29
+ Common resources:
30
+ /sobjects/{sObjectType}/ -- CRUD on objects
31
+ /sobjects/{sObjectType}/{Id} -- Specific record
32
+ /query/?q={SOQL} -- SOQL query
33
+ /composite/ -- Batch multiple requests
34
+ /composite/tree/ -- Create related records in one call
35
+ /composite/batch -- Up to 25 subrequests in one HTTP call
36
+ ```
37
+
38
+ ### Composite API (minimize round trips)
39
+ ```json
40
+ POST /services/data/v59.0/composite/batch
41
+ {
42
+ "haltOnError": false,
43
+ "batchRequests": [
44
+ {
45
+ "method": "GET",
46
+ "url": "/services/data/v59.0/sobjects/Account/001XXXXXXXXXXXX"
47
+ },
48
+ {
49
+ "method": "PATCH",
50
+ "url": "/services/data/v59.0/sobjects/Contact/003XXXXXXXXXXXX",
51
+ "richInput": { "Phone": "+1-555-0123" }
52
+ }
53
+ ]
54
+ }
55
+ ```
56
+
57
+ ### REST API Limits
58
+ - API requests per 24 hours: based on edition and user count.
59
+ - Concurrent API limits: 25 long-running requests per org.
60
+ - Composite batch: max 25 subrequests.
61
+ - Composite graph: max 500 nodes.
62
+ - SOQL: max 2,000 characters in query string via REST.
63
+
64
+ ---
65
+
66
+ ## SOAP API
67
+
68
+ ### WSDL Types
69
+ - **Enterprise WSDL:** Org-specific, strongly typed, regenerated when metadata changes.
70
+ - **Partner WSDL:** Generic, works across orgs, uses `sObject` generic type.
71
+
72
+ Use Partner WSDL for multi-org integrations; Enterprise WSDL for single-org
73
+ tightly coupled systems.
74
+
75
+ ### SOAP Session Management
76
+ ```xml
77
+ <!-- Login request to get session ID -->
78
+ <soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"
79
+ xmlns:urn="urn:partner.soap.sforce.com">
80
+ <soapenv:Body>
81
+ <urn:login>
82
+ <urn:username>user@example.com</urn:username>
83
+ <urn:password>passwordSECURITYTOKEN</urn:password>
84
+ </urn:login>
85
+ </soapenv:Body>
86
+ </soapenv:Envelope>
87
+ ```
88
+
89
+ **Security note:** SOAP login with username/password is deprecated in favor of
90
+ OAuth. Avoid using SOAP login in new integrations. If it exists, migrate to
91
+ OAuth JWT Bearer flow.
92
+
93
+ ---
94
+
95
+ ## Bulk API 2.0
96
+
97
+ ### Job Lifecycle
98
+ ```
99
+ 1. Create Job: POST /services/data/v59.0/jobs/ingest/
100
+ 2. Upload Data: PUT /services/data/v59.0/jobs/ingest/{jobId}/batches
101
+ 3. Close Job: PATCH /services/data/v59.0/jobs/ingest/{jobId} {"state":"UploadComplete"}
102
+ 4. Poll Status: GET /services/data/v59.0/jobs/ingest/{jobId}
103
+ 5. Get Results: GET /services/data/v59.0/jobs/ingest/{jobId}/successfulResults
104
+ GET /services/data/v59.0/jobs/ingest/{jobId}/failedResults
105
+ 6. Delete Job: DELETE /services/data/v59.0/jobs/ingest/{jobId}
106
+ ```
107
+
108
+ ### Bulk API 2.0 Limits
109
+ - Max records per job: 150 million (via multiple batches)
110
+ - Max file size: 100 MB per upload call
111
+ - Max parallel jobs: varies by edition
112
+ - Use `query` operation type for exports: `POST /services/data/v59.0/jobs/query/`
113
+
114
+ ### Bulk API vs SOQL for Exports
115
+
116
+ | Volume | Method |
117
+ |--------|--------|
118
+ | < 50,000 rows | REST API + SOQL with LIMIT/OFFSET |
119
+ | 50,000–10M rows | Bulk API 2.0 query job |
120
+ | > 10M rows | Bulk API 2.0 + PK chunking (for certain objects) |
121
+
122
+ ---
123
+
124
+ ## Platform Events
125
+
126
+ Platform Events provide a publish/subscribe messaging system within Salesforce.
127
+ They are defined as Salesforce objects with `__e` suffix.
128
+
129
+ ### Publishing from Apex
130
+ ```apex
131
+ // Publish a Platform Event
132
+ Shipment_Status__e event = new Shipment_Status__e(
133
+ OrderId__c = '1234',
134
+ Status__c = 'Delivered',
135
+ Timestamp__c = DateTime.now
136
+ );
137
+ Database.SaveResult result = EventBus.publish(event);
138
+ if (!result.isSuccess) {
139
+ System.debug('Event publish failed: ' + result.getErrors[0].getMessage);
140
+ }
141
+ ```
142
+
143
+ ### Subscribing (Trigger on Platform Event)
144
+ ```apex
145
+ trigger ShipmentStatusTrigger on Shipment_Status__e (after insert) {
146
+ for (Shipment_Status__e event : Trigger.new) {
147
+ // Process event
148
+ System.debug('Order ' + event.OrderId__c + ' status: ' + event.Status__c);
149
+ }
150
+ }
151
+ ```
152
+
153
+ ### Platform Event Limits
154
+ - Event delivery: at least once (idempotent subscribers required).
155
+ - Retention: 72 hours (standard events); 1 day to 90 days (high-volume events).
156
+ - Max event message size: 1 MB.
157
+ - Publishing limits: governed by API request limits.
158
+
159
+ ---
160
+
161
+ ## Change Data Capture (CDC)
162
+
163
+ CDC publishes change events when Salesforce records are created, updated,
164
+ deleted, or undeleted. External systems subscribe to receive delta changes.
165
+
166
+ ```
167
+ Supported objects: Standard and custom objects enabled for CDC.
168
+ Event type suffix: __ChangeEvent (e.g., AccountChangeEvent)
169
+ ```
170
+
171
+ ### Subscribing via CometD (External)
172
+ ```python
173
+ # Python example using salesforce-cometd-client
174
+ from salesforce.cometd import SalesforceCometDClient
175
+
176
+ client = SalesforceCometDClient(
177
+ login_url="https://login.salesforce.com",
178
+ client_id=CLIENT_ID,
179
+ client_secret=CLIENT_SECRET,
180
+ username=USERNAME,
181
+ password=PASSWORD + SECURITY_TOKEN
182
+ )
183
+ client.subscribe("/data/AccountChangeEvent", callback=handle_account_change)
184
+ client.start
185
+
186
+ def handle_account_change(event):
187
+ header = event['data']['schema']
188
+ body = event['data']['payload']
189
+ print(f"Change type: {body['ChangeEventHeader']['changeType']}")
190
+ print(f"Changed fields: {body['ChangeEventHeader']['changedFields']}")
191
+ ```
192
+
193
+ ---
194
+
195
+ ## OAuth Flows Reference
196
+
197
+ ### OAuth 2.0 Authorization Code Flow (User-Facing)
198
+ ```
199
+ 1. Redirect user to:
200
+ https://login.salesforce.com/services/oauth2/authorize?
201
+ response_type=code&
202
+ client_id={CLIENT_ID}&
203
+ redirect_uri={CALLBACK_URL}&
204
+ scope=api+refresh_token
205
+
206
+ 2. User logs in and approves.
207
+
208
+ 3. Salesforce redirects to CALLBACK_URL with ?code={AUTH_CODE}
209
+
210
+ 4. Exchange code for token:
211
+ POST https://login.salesforce.com/services/oauth2/token
212
+ Body: grant_type=authorization_code&code={AUTH_CODE}&
213
+ client_id={CLIENT_ID}&client_secret={CLIENT_SECRET}&
214
+ redirect_uri={CALLBACK_URL}
215
+
216
+ 5. Store access_token and refresh_token securely.
217
+ ```
218
+
219
+ ### OAuth 2.0 JWT Bearer Flow (Server-to-Server)
220
+ ```
221
+ 1. Generate JWT signed with your Connected App's private key:
222
+ Header: {"alg":"RS256","typ":"JWT"}
223
+ Payload: {
224
+ "iss": "{CLIENT_ID}",
225
+ "sub": "{SALESFORCE_USERNAME}",
226
+ "aud": "https://login.salesforce.com",
227
+ "exp": {current_epoch + 300}
228
+ }
229
+
230
+ 2. POST to token endpoint:
231
+ POST https://login.salesforce.com/services/oauth2/token
232
+ Body: grant_type=urn:ietf:params:oauth:grant-type:jwt-bearer&
233
+ assertion={SIGNED_JWT}
234
+
235
+ 3. Receive access_token (no refresh_token in JWT flow).
236
+ ```
237
+
238
+ JWT Bearer is the recommended server-to-server pattern. No user credentials
239
+ are transmitted; access is pre-authorized by admin.
package/skills/salesforce/salesforce-integration-review-skill/references/named-credential-design.md ADDED
@@ -0,0 +1,211 @@
1
+ # Named Credential Design Reference
2
+
3
+ Reference for designing secure Named Credentials and External Credentials
4
+ in Salesforce for API callout authentication management.
5
+
6
+ ---
7
+
8
+ ## Named Credential vs External Credential
9
+
10
+ Salesforce introduced a split between Named Credential and External Credential
11
+ in recent API versions. Understanding the distinction is
12
+ required for correct configuration.
13
+
14
+ | Concept | Purpose | Stores |
15
+ |---------|---------|--------|
16
+ | External Credential | Authentication method and credentials | Client ID, client secret, certificate, or OAuth token |
17
+ | Named Credential | URL and HTTP settings | Base URL, protocol, auth scheme reference |
18
+ | Principal | User or permission set mapped to External Credential | Per-user or per-permission-set auth |
19
+
20
+ In the legacy model (prior to split), a single Named Credential stored both
21
+ the URL and the credentials.
22
+
23
+ ### When to Use Each
24
+
25
+ - **Legacy Named Credential (URL + auth in one):** Acceptable for simple integrations.
26
+ Deprecated path; migrate to split model when possible.
27
+ - **External Credential + Named Credential (split):** Use for:
28
+ - Per-user authentication (each user's own credentials used for callouts).
29
+ - OAuth flows where token must be refreshed per user.
30
+ - Environments where multiple endpoints share the same auth scheme.
31
+
32
+ ---
33
+
34
+ ## Configuring OAuth External Credentials
35
+
36
+ ### OAuth 2.0 Client Credentials (Server-to-Server)
37
+ ```
38
+ External Credential:
39
+ Authentication Protocol: OAuth 2.0
40
+ Authentication Flow Type: Client Credentials
41
+ Client Id: {CLIENT_ID}
42
+ Client Secret: {CLIENT_SECRET} (stored encrypted, not visible after save)
43
+ Token URL: https://api.vendor.example.com/oauth/token
44
+ Scope: api:read api:write
45
+ ```
46
+
47
+ ### OAuth 2.0 JWT Bearer (Server-to-Server, Certificate-Based)
48
+ ```
49
+ External Credential:
50
+ Authentication Protocol: OAuth 2.0
51
+ Authentication Flow Type: JWT Bearer Token
52
+ Client Id: {CLIENT_ID}
53
+ Certificate: {CERT_UNIQUE_NAME} (Salesforce Certificate, not a file upload)
54
+ Token URL: https://login.salesforce.com/services/oauth2/token
55
+ Audience: https://login.salesforce.com
56
+ Subject: integration-user@myorg.salesforce.com
57
+ ```
58
+
59
+ ---
60
+
61
+ ## Named Credential URL Configuration
62
+
63
+ ```
64
+ Named Credential:
65
+ Label: Vendor API Production
66
+ URL: https://api.vendor.example.com/v2
67
+ External Credential: VendorAPI_ExternalCred
68
+ Generate Authorization Header: Enabled
69
+ Allow Formula Fields in HTTP Header: Disabled (unless needed)
70
+ Allow Merge Fields in HTTP Body: Disabled (unless needed)
71
+ ```
72
+
73
+ **Security note on Merge Fields:**
74
+ - `Allow Merge Fields in HTTP Body` and `Allow Merge Fields in HTTP Header`
75
+ let Apex inject field values from Salesforce records into callout requests.
76
+ - Enable only when strictly necessary. When enabled, ensure the injected values
77
+ are validated and bounded — arbitrary field injection can exfiltrate data.
78
+
79
+ ---
80
+
81
+ ## mTLS (Mutual TLS) Setup
82
+
83
+ For endpoints that require client certificate authentication:
84
+
85
+ ### Step 1: Generate or upload certificate
86
+ ```
87
+ Setup > Security > Certificate and Key Management
88
+ -> Generate Self-Signed Certificate (for testing)
89
+ -> Upload Signed Certificate (for production)
90
+ Note the Certificate Unique Name (e.g., VendorMTLSCert)
91
+ ```
92
+
93
+ ### Step 2: Configure External Credential with certificate
94
+ ```
95
+ External Credential:
96
+ Authentication Protocol: Custom Header
97
+ Custom Headers:
98
+ X-Client-Cert: {!$Credential.Certificate} (if vendor requires cert in header)
99
+ Certificate: VendorMTLSCert
100
+ ```
101
+
102
+ For true mTLS (TLS handshake-level):
103
+ ```
104
+ Named Credential:
105
+ Callout Options: Use Client Certificate
106
+ Certificate: VendorMTLSCert
107
+ ```
108
+
109
+ ### Step 3: Verify endpoint accepts Salesforce certificate
110
+ Share the public certificate (exported from Certificate and Key Management)
111
+ with the integration vendor for allowlisting on their server.
112
+
113
+ ---
114
+
115
+ ## Custom Header Injection
116
+
117
+ Named Credentials support injecting custom headers into every callout:
118
+
119
+ ```
120
+ Named Credential > Custom Headers:
121
+ Name: X-API-Key
122
+ Value: {!$Credential.Password} (references External Credential stored secret)
123
+
124
+ Name: X-Tenant-Id
125
+ Value: MyTenantId123 (static value; acceptable for non-secret metadata)
126
+
127
+ Name: X-Request-Id
128
+ Value: {!CASESAFEID($Api.Organization_Id)} (dynamic if merge fields enabled)
129
+ ```
130
+
131
+ **Security review checklist for custom headers:**
132
+ - [ ] No secret values stored as static strings (must reference `{!$Credential.X}`).
133
+ - [ ] No internal org IDs or user IDs exposed in headers to external systems
134
+ unless required by the vendor.
135
+ - [ ] Header names match vendor's documented API specification.
136
+
137
+ ---
138
+
139
+ ## Named Credential Security Review
140
+
141
+ ### Access Control
142
+
143
+ Named Credentials are accessible to any Apex code that references them.
144
+ Access is not restricted at the Named Credential level. Restrict access at
145
+ the Apex class level using `with sharing` and appropriate caller validation.
146
+
147
+ ```apex
148
+ // WHO can invoke this callout? Restrict at the class level.
149
+ public with sharing class VendorAPIClient {
150
+ private static final String NC_NAME = 'callout:VendorAPI_Prod';
151
+
152
+ @AuraEnabled
153
+ public static String fetchData(String resourcePath) {
154
+ // Validate resourcePath to prevent path traversal
155
+ if (!resourcePath.startsWith('/allowed/path/')) {
156
+ throw new AuraHandledException('Invalid resource path.');
157
+ }
158
+ HttpRequest req = new HttpRequest;
159
+ req.setEndpoint(NC_NAME + resourcePath);
160
+ req.setMethod('GET');
161
+ req.setTimeout(30000);
162
+ HttpResponse res = new Http.send(req);
163
+ if (res.getStatusCode != 200) {
164
+ throw new AuraHandledException('Callout failed: ' + res.getStatusCode);
165
+ }
166
+ return res.getBody;
167
+ }
168
+ }
169
+ ```
170
+
171
+ ### Listing All Named Credentials (SOQL)
172
+ ```sql
173
+ SELECT Id, DeveloperName, Endpoint, PrincipalType, AuthorizationStatus
174
+ FROM NamedCredential
175
+ ORDER BY DeveloperName
176
+ ```
177
+
178
+ ### Audit Questions
179
+
180
+ 1. Does every Named Credential point to an HTTPS endpoint? (`http://` endpoints
181
+ should not exist in production.)
182
+ 2. Does every Named Credential have a corresponding External Credential with
183
+ stored secrets — or is it using legacy merged fields with secrets?
184
+ 3. Are credentials scoped to a specific integration user/service account, not
185
+ a named human's credentials?
186
+ 4. Is there a rotation plan documented for credentials stored in External
187
+ Credentials?
188
+
189
+ ---
190
+
191
+ ## Credential Rotation Procedure
192
+
193
+ ```
194
+ 1. Obtain new credentials from the integration vendor.
195
+ 2. Navigate to: Setup > Named Credentials > External Credentials > [Credential]
196
+ 3. Update the Client Secret or Password field with the new value.
197
+ 4. Save.
198
+ 5. Test the Named Credential (Setup > Named Credentials > Test button if available,
199
+ or run a test Apex script in anonymous Apex window against the NC).
200
+ 6. Document rotation date in the integration runbook.
201
+ 7. Revoke the old credentials with the vendor within 24 hours of successful rotation.
202
+ ```
203
+
204
+ Rotation schedule guidance:
205
+
206
+ | Credential Type | Rotation Frequency |
207
+ |----------------|-------------------|
208
+ | API keys (long-lived) | 90 days |
209
+ | OAuth client secrets | 180 days |
210
+ | Certificates | Before expiry date; minimum annual |
211
+ | Username/password (if used) | 30 days |
package/skills/salesforce/salesforce-marketing-consent-review-skill/SKILL.md ADDED
@@ -0,0 +1,204 @@
1
+ ---
2
+ name: salesforce-marketing-consent-review-skill
3
+ description: Use this skill when marketing data flows must be reviewed for consent capture, lawful basis, purpose limitation, preference center coverage, suppression list integrity, subscriber-key collision risk, deliverability authentication (SPF, DKIM, DMARC), and unsubscribe link integrity. Covers Marketing Cloud, Account Engagement (formerly Pardot), Data Cloud, and related marketing orchestration tools. Trigger phrases: "review our marketing consent model", "check this Marketing Cloud data flow for consent", "is our preference center compliant", "review subscriber key design", "check SPF and DKIM for our sending domain". Do not use when the subject is a general Salesforce integration not involving marketing data (use salesforce-integration-review-skill), when a live Marketing Cloud change is being deployed (use salesforce-live-change-approval-protocol), or when a data exposure event has occurred (use salesforce-data-exposure-escalation-protocol). Works from sanitized design documents and configuration exports only; never requests live credentials or accesses marketing accounts.
4
+ allowed-tools: Read Grep Glob
5
+ metadata:
6
+ author: "github: Raishin"
7
+ version: "0.1.0"
8
+ updated: "2026-05-20"
9
+ category: compliance
10
+ lifecycle: experimental
11
+ ---
12
+
13
+ # Salesforce Marketing Consent Review Skill
14
+
15
+ ## Purpose
16
+ This skill reviews marketing data flows for consent capture, lawful basis,
17
+ purpose limitation, preference center coverage, suppression list integrity,
18
+ subscriber-key collision risk, deliverability authentication, and unsubscribe
19
+ link integrity. It exists because marketing data flows — particularly in
20
+ Marketing Cloud , Account Engagement
21
+ , and Data Cloud
22
+ — frequently cross jurisdictions and
23
+ involve regulated personal data subject to GDPR, CCPA, CASL, and other
24
+ consent-based frameworks. It does not access live marketing accounts or
25
+ authorize changes.
26
+
27
+ ## When to use
28
+ - A marketing data flow is being designed or reviewed for compliance.
29
+ - A consent model is being assessed for a new campaign or channel.
30
+ - A deliverability issue may be related to authentication configuration.
31
+ - A preference center redesign needs consent-model review.
32
+ - A subscriber-key migration or Data Cloud integration is planned.
33
+
34
+ ## When not to use
35
+ - General Salesforce integration (no marketing data) — use `salesforce-integration-review-skill`.
36
+ - Live Marketing Cloud change deployment — use `salesforce-live-change-approval-protocol`.
37
+ - Data exposure event response — use `salesforce-data-exposure-escalation-protocol`.
38
+ - Full org assessment — use `salesforce-org-assessment-skill`.
39
+
40
+ ## Minimum payload (required inputs)
41
+ - Description of the marketing data flow: source systems, destination (Marketing
42
+ Cloud, Account Engagement, Data Cloud), data categories involved.
43
+ - Jurisdiction(s) where subscribers are located (or note that it is unknown).
44
+ - Consent model description: how consent is captured, what lawful basis is claimed.
45
+ - Preference center description (or note that it is absent).
46
+ - Sending domain(s) (sanitized, no live API keys or credentials).
47
+
48
+ ## Workflow
49
+
50
+ ### 1. Consent capture review
51
+ - Identify where consent is captured: web form, API, import, point of sale.
52
+ - Flag: consent captured without a clear affirmative action (pre-ticked boxes,
53
+ bundled consent).
54
+ - Flag: consent captured without a timestamp and source record (not auditable).
55
+ - Flag: consent captured via a third-party list import without documented
56
+ lawful basis for the jurisdiction.
57
+ - Flag: re-permission campaigns not used when consent records are > configurable
58
+ age threshold.
59
+
60
+ ### 2. Lawful basis assessment
61
+ - Identify the claimed lawful basis per jurisdiction:
62
+ - GDPR (EU/EEA): consent, legitimate interest (with documented LIA),
63
+ contract, legal obligation.
64
+ - CCPA (California): right to opt-out of sale; identify whether the
65
+ flow constitutes a "sale" under CCPA.
66
+ - CASL (Canada): express vs implied consent; flag implied consent without
67
+ an expiry tracking mechanism.
68
+ - Other jurisdictions: flag if jurisdiction is identified but lawful basis
69
+ is not documented.
70
+ - Flag: single lawful basis asserted globally when multi-jurisdiction subscribers
71
+ require jurisdiction-specific bases.
72
+ - Flag: legitimate interest asserted without a documented Legitimate Interest
73
+ Assessment (LIA).
74
+
75
+ ### 3. Purpose limitation
76
+ - Verify that data collected for one purpose is not used for a materially
77
+ different marketing purpose without a separate consent.
78
+ - Flag: contact data collected in a Service Cloud context being synced to
79
+ Marketing Cloud for promotional campaigns without a separate consent capture.
80
+ - Flag: Data Cloud segments built
81
+ from data collected under a different purpose than marketing.
82
+
83
+ ### 4. Preference center coverage
84
+ - Verify that a preference center exists and covers all active channels
85
+ (email, SMS, push, direct mail).
86
+ - Flag: preference center that does not honor opt-outs within a documented
87
+ processing time (e.g., 10 business days).
88
+ - Flag: preference center that does not propagate suppression to all active
89
+ sending platforms (Marketing Cloud, Account Engagement, and any third-party
90
+ senders).
91
+ - Flag: preference center that requires an account login to opt out (barrier to
92
+ opt-out is a compliance risk).
93
+
94
+ ### 5. Suppression list integrity
95
+ - Verify that suppression lists (global unsubscribes, do-not-contact lists,
96
+ hard bounces) are applied across all sending platforms.
97
+ - Flag: suppression list sync with > configurable delay (stale suppression
98
+ can result in sending to opted-out subscribers).
99
+ - Flag: suppression list managed manually without automated sync to all platforms.
100
+ - Flag: hard bounces not suppressed (can damage sender reputation and may
101
+ violate CAN-SPAM/CASL).
102
+
103
+ ### 6. Subscriber-key design and collision risk
104
+ - Review the subscriber key design in Marketing Cloud
105
+ .
106
+ - Flag: subscriber keys using email addresses as the key (email changes cause
107
+ key collisions and duplicate subscriber records).
108
+ - Flag: subscriber key not synchronized with the CRM contact ID (leads to
109
+ orphaned subscriber records).
110
+ - Flag: subscriber key strategy not defined before Data Cloud integration
111
+ (can cause identity resolution failures).
112
+
113
+ ### 7. Deliverability authentication
114
+ - Review the sending domain configuration:
115
+ - SPF: verify that an SPF record exists for the sending domain and includes
116
+ Marketing Cloud sending IPs.
117
+ - DKIM: verify that DKIM signing is configured for the sending domain.
118
+ - DMARC: verify that a DMARC policy exists; flag if policy is `p=none`
119
+ (monitoring only, no enforcement).
120
+ - Flag: sending from a shared IP pool without dedicated IP warm-up plan.
121
+ - Flag: DMARC policy `p=reject` or `p=quarantine` without monitoring in place
122
+ (can result in false positives if misconfigured).
123
+
124
+ ### 8. Unsubscribe link integrity
125
+ - Verify that all email sends include a functional unsubscribe link.
126
+ - Flag: unsubscribe link that requires authentication or account creation.
127
+ - Flag: unsubscribe that routes to a preference center with a long opt-out
128
+ process (more than 2 clicks).
129
+ - Flag: transactional email templates where an unsubscribe link is absent but
130
+ the email contains promotional content.
131
+ - Flag: one-click unsubscribe not implemented where List-Unsubscribe header
132
+ is expected by receiving mail providers.
133
+
134
+ ## Evidence requirements
135
+ - Sanitized marketing data flow description; no credentials, API keys, or
136
+ customer data.
137
+ - Jurisdiction(s) identified or noted as unknown.
138
+ - Consent model description; if absent, flag as a high-risk unknown.
139
+
140
+ ## Output format
141
+ ```
142
+ marketing_consent_review_findings:
143
+ consent_capture:
144
+ - finding: [description]
145
+ severity: Critical | High | Medium | Low
146
+ jurisdiction: [applicable, or "all"]
147
+ recommendation: [brief]
148
+ lawful_basis: [same structure]
149
+ purpose_limitation: [same structure]
150
+ preference_center: [same structure]
151
+ suppression_list: [same structure]
152
+ subscriber_key_design: [same structure]
153
+ deliverability_authentication: [same structure]
154
+ unsubscribe_integrity: [same structure]
155
+
156
+ summary:
157
+ total_findings: [count]
158
+ critical_count: [count]
159
+ high_count: [count]
160
+ escalation_gates_fired: [from salesforce-risk-taxonomy, or "none"]
161
+ open_questions_for_counsel: [list — do not answer; require legal determination]
162
+ assumptions: [list]
163
+ missing_evidence: [what would improve the review]
164
+ ```
165
+
166
+ ## Redaction rules
167
+ - Never request secrets, credentials, OAuth tokens, refresh tokens, session IDs, MFA seeds, customer PII.
168
+ - Sanitize org IDs, user IDs (replace with placeholders) before sharing in outputs.
169
+ - Subscriber data, email addresses, and contact records must not appear in outputs.
170
+
171
+ ## Privilege / data handling rules
172
+ - This review may surface findings that have regulatory notification implications.
173
+ Flag and route to privacy counsel before any public statement.
174
+ - Lawful basis assessments are not legal conclusions; all findings require
175
+ verification by qualified privacy counsel.
176
+ - Regulated-data marketing flows (health, financial) escalate to compliance review.
177
+
178
+ ## Handoff rules
179
+ - Hands off to: salesforce-data-exposure-escalation-protocol (if consent violation
180
+ constitutes a data exposure event), salesforce-integration-review-skill (if
181
+ integration design gaps underlie consent failures), salesforce-case-capsule
182
+ (structured handoff for any Critical finding requiring escalation).
183
+ - Required handoff fields: matter_id, critical_count, escalation_gates_fired,
184
+ open_questions_for_counsel.
185
+
186
+ ## Audit log fields
187
+ - matter_id, skill_id, skill_version, invoked_by, input_hash, evidence_quality, output_verdict, escalation_fired, timestamp
188
+
189
+ ## Stop conditions
190
+ - Data flow involves regulated health or financial data sent for marketing purposes
191
+ without documented consent — fire production-data-exposure gate and escalate.
192
+ - Suppression list is confirmed as stale and sends are ongoing — Critical finding;
193
+ recommend immediate send pause for human review.
194
+ - Lawful basis is absent for GDPR-jurisdiction subscribers — Critical finding;
195
+ escalate to privacy counsel before any further sends.
196
+
197
+ ## Security notes
198
+ - Read-only static review; never accesses live Marketing Cloud accounts or APIs.
199
+ - Lawful basis findings are not legal conclusions; they require verification by
200
+ qualified privacy counsel.
201
+ - Unsubscribe failures are a regulatory risk in most jurisdictions; treat as High
202
+ even when severity appears low.
203
+ - SPF, DKIM, and DMARC findings should be verified against current DNS records
204
+ by the sending organization's technical team.
package/skills/salesforce/salesforce-marketing-consent-review-skill/metadata.json ADDED
@@ -0,0 +1,18 @@
1
+ {
2
+ "id": "salesforce-marketing-consent-review-skill",
3
+ "name": "Salesforce Marketing Consent Review Skill",
4
+ "type": "skill",
5
+ "provider": "salesforce",
6
+ "harnesses": ["codex", "claude-code", "cursor", "gemini", "kiro", "other"],
7
+ "summary": "Reviews Salesforce marketing data flows (Marketing Cloud, Account Engagement, Data Cloud) for consent capture, lawful basis, purpose limitation, preference center coverage, suppression list integrity, subscriber-key collision risk, deliverability authentication (SPF, DKIM, DMARC), and unsubscribe link integrity.",
8
+ "source_type": "original",
9
+ "official_docs": [
10
+ "https://help.salesforce.com/",
11
+ "https://developer.salesforce.com/docs"
12
+ ],
13
+ "security_notes": "Read-only static review; sanitized design documents only; never accesses live Marketing Cloud accounts or APIs. Lawful basis findings require verification by qualified privacy counsel. Regulated-data marketing flows escalated to compliance review.",
14
+ "last_verified": "2026-05-20",
15
+ "path": "skills/salesforce/salesforce-marketing-consent-review-skill",
16
+ "author": "github: Raishin",
17
+ "version": "0.1.0"
18
+ }