@raishin/vanguard-frontier-agentic 2.3.0 → 2.6.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (633) hide show
  1. package/.agents/tasks/task-dynamic-kiro-powers/2025-01-24-120000-review.md +92 -0
  2. package/.agents/tasks/task-dynamic-kiro-powers/context.json +22 -0
  3. package/.agents/tasks/task-dynamic-kiro-powers/features/FEAT-001.json +34 -0
  4. package/.agents/tasks/task-dynamic-kiro-powers/task.json +14 -0
  5. package/.claude-plugin/marketplace.json +1 -1
  6. package/.claude-plugin/plugin.json +31 -1
  7. package/.cursor-plugin/plugin.json +31 -1
  8. package/.github/plugin/marketplace.json +1 -1
  9. package/README.md +17 -12
  10. package/agents/dotnet/dotnet-aspnetcore-api-review-agent/AGENT.md +1 -1
  11. package/agents/dotnet/dotnet-aspnetcore-api-review-agent/harnesses/claude-code.agent.md +1 -1
  12. package/agents/dotnet/dotnet-aspnetcore-api-review-agent/harnesses/copilot.agent.md +1 -1
  13. package/agents/dotnet/dotnet-aspnetcore-api-review-agent/harnesses/cursor.agent.md +1 -1
  14. package/agents/dotnet/dotnet-aspnetcore-api-review-agent/harnesses/gemini.agent.md +1 -1
  15. package/agents/dotnet/dotnet-aspnetcore-api-review-agent/harnesses/kiro-ide.agent.md +1 -1
  16. package/agents/dotnet/dotnet-csharp-runtime-review-agent/AGENT.md +2 -2
  17. package/agents/dotnet/dotnet-csharp-runtime-review-agent/harnesses/claude-code.agent.md +2 -2
  18. package/agents/dotnet/dotnet-csharp-runtime-review-agent/harnesses/copilot.agent.md +2 -2
  19. package/agents/dotnet/dotnet-csharp-runtime-review-agent/harnesses/cursor.agent.md +2 -2
  20. package/agents/dotnet/dotnet-csharp-runtime-review-agent/harnesses/gemini.agent.md +2 -2
  21. package/agents/dotnet/dotnet-csharp-runtime-review-agent/harnesses/kiro-ide.agent.md +2 -2
  22. package/agents/dotnet/dotnet-efcore-data-access-review-agent/AGENT.md +3 -3
  23. package/agents/dotnet/dotnet-efcore-data-access-review-agent/harnesses/claude-code.agent.md +3 -3
  24. package/agents/dotnet/dotnet-efcore-data-access-review-agent/harnesses/copilot.agent.md +3 -3
  25. package/agents/dotnet/dotnet-efcore-data-access-review-agent/harnesses/cursor.agent.md +3 -3
  26. package/agents/dotnet/dotnet-efcore-data-access-review-agent/harnesses/gemini.agent.md +3 -3
  27. package/agents/dotnet/dotnet-efcore-data-access-review-agent/harnesses/kiro-ide.agent.md +3 -3
  28. package/agents/hetzner/README.md +1 -1
  29. package/agents/oci/oci-devops-container-platform-engineer-agent/AGENT.md +1 -1
  30. package/agents/oci/oci-exadata-platform-architect-agent/AGENT.md +1 -1
  31. package/agents/oci/oci-multi-cloud-architect-agent/AGENT.md +1 -1
  32. package/agents/prometheus/README.md +1 -1
  33. package/agents/qa/playwright-e2e-suite-review-agent/AGENT.md +3 -3
  34. package/agents/qa/playwright-e2e-suite-review-agent/harnesses/claude-code.agent.md +3 -3
  35. package/agents/qa/playwright-e2e-suite-review-agent/harnesses/copilot.agent.md +3 -3
  36. package/agents/qa/playwright-e2e-suite-review-agent/harnesses/cursor.agent.md +3 -3
  37. package/agents/qa/playwright-e2e-suite-review-agent/harnesses/gemini.agent.md +3 -3
  38. package/agents/qa/playwright-e2e-suite-review-agent/harnesses/kiro-ide.agent.md +3 -3
  39. package/agents/salesforce/AGENTS.md +31 -0
  40. package/agents/salesforce/README.md +135 -0
  41. package/agents/salesforce/salesforce-adaptive-access-agent/AGENT.md +117 -0
  42. package/agents/salesforce/salesforce-adaptive-access-agent/LEAST-PRIVILEGES.md +91 -0
  43. package/agents/salesforce/salesforce-adaptive-access-agent/harnesses/claude-code.agent.md +69 -0
  44. package/agents/salesforce/salesforce-adaptive-access-agent/harnesses/codex.toml +30 -0
  45. package/agents/salesforce/salesforce-adaptive-access-agent/harnesses/copilot.agent.md +69 -0
  46. package/agents/salesforce/salesforce-adaptive-access-agent/harnesses/cursor.agent.md +69 -0
  47. package/agents/salesforce/salesforce-adaptive-access-agent/harnesses/gemini.agent.md +69 -0
  48. package/agents/salesforce/salesforce-adaptive-access-agent/harnesses/kiro-cli.agent.json +5 -0
  49. package/agents/salesforce/salesforce-adaptive-access-agent/harnesses/kiro-ide.agent.md +69 -0
  50. package/agents/salesforce/salesforce-adaptive-access-agent/metadata.json +30 -0
  51. package/agents/salesforce/salesforce-agentforce-ai-agent/AGENT.md +126 -0
  52. package/agents/salesforce/salesforce-agentforce-ai-agent/LEAST-PRIVILEGES.md +92 -0
  53. package/agents/salesforce/salesforce-agentforce-ai-agent/harnesses/claude-code.agent.md +81 -0
  54. package/agents/salesforce/salesforce-agentforce-ai-agent/harnesses/codex.toml +36 -0
  55. package/agents/salesforce/salesforce-agentforce-ai-agent/harnesses/copilot.agent.md +81 -0
  56. package/agents/salesforce/salesforce-agentforce-ai-agent/harnesses/cursor.agent.md +81 -0
  57. package/agents/salesforce/salesforce-agentforce-ai-agent/harnesses/gemini.agent.md +81 -0
  58. package/agents/salesforce/salesforce-agentforce-ai-agent/harnesses/kiro-cli.agent.json +5 -0
  59. package/agents/salesforce/salesforce-agentforce-ai-agent/harnesses/kiro-ide.agent.md +49 -0
  60. package/agents/salesforce/salesforce-agentforce-ai-agent/metadata.json +41 -0
  61. package/agents/salesforce/salesforce-analytics-tableau-agent/AGENT.md +119 -0
  62. package/agents/salesforce/salesforce-analytics-tableau-agent/LEAST-PRIVILEGES.md +81 -0
  63. package/agents/salesforce/salesforce-analytics-tableau-agent/harnesses/claude-code.agent.md +75 -0
  64. package/agents/salesforce/salesforce-analytics-tableau-agent/harnesses/codex.toml +35 -0
  65. package/agents/salesforce/salesforce-analytics-tableau-agent/harnesses/copilot.agent.md +75 -0
  66. package/agents/salesforce/salesforce-analytics-tableau-agent/harnesses/cursor.agent.md +75 -0
  67. package/agents/salesforce/salesforce-analytics-tableau-agent/harnesses/gemini.agent.md +75 -0
  68. package/agents/salesforce/salesforce-analytics-tableau-agent/harnesses/kiro-cli.agent.json +5 -0
  69. package/agents/salesforce/salesforce-analytics-tableau-agent/harnesses/kiro-ide.agent.md +45 -0
  70. package/agents/salesforce/salesforce-analytics-tableau-agent/metadata.json +41 -0
  71. package/agents/salesforce/salesforce-app-builder-automation-agent/AGENT.md +112 -0
  72. package/agents/salesforce/salesforce-app-builder-automation-agent/LEAST-PRIVILEGES.md +86 -0
  73. package/agents/salesforce/salesforce-app-builder-automation-agent/harnesses/claude-code.agent.md +50 -0
  74. package/agents/salesforce/salesforce-app-builder-automation-agent/harnesses/codex.toml +35 -0
  75. package/agents/salesforce/salesforce-app-builder-automation-agent/harnesses/copilot.agent.md +50 -0
  76. package/agents/salesforce/salesforce-app-builder-automation-agent/harnesses/cursor.agent.md +50 -0
  77. package/agents/salesforce/salesforce-app-builder-automation-agent/harnesses/gemini.agent.md +50 -0
  78. package/agents/salesforce/salesforce-app-builder-automation-agent/harnesses/kiro-cli.agent.json +5 -0
  79. package/agents/salesforce/salesforce-app-builder-automation-agent/harnesses/kiro-ide.agent.md +50 -0
  80. package/agents/salesforce/salesforce-app-builder-automation-agent/metadata.json +40 -0
  81. package/agents/salesforce/salesforce-business-analyst-agent/AGENT.md +110 -0
  82. package/agents/salesforce/salesforce-business-analyst-agent/LEAST-PRIVILEGES.md +89 -0
  83. package/agents/salesforce/salesforce-business-analyst-agent/harnesses/claude-code.agent.md +48 -0
  84. package/agents/salesforce/salesforce-business-analyst-agent/harnesses/codex.toml +35 -0
  85. package/agents/salesforce/salesforce-business-analyst-agent/harnesses/copilot.agent.md +48 -0
  86. package/agents/salesforce/salesforce-business-analyst-agent/harnesses/cursor.agent.md +48 -0
  87. package/agents/salesforce/salesforce-business-analyst-agent/harnesses/gemini.agent.md +48 -0
  88. package/agents/salesforce/salesforce-business-analyst-agent/harnesses/kiro-cli.agent.json +5 -0
  89. package/agents/salesforce/salesforce-business-analyst-agent/harnesses/kiro-ide.agent.md +48 -0
  90. package/agents/salesforce/salesforce-business-analyst-agent/metadata.json +40 -0
  91. package/agents/salesforce/salesforce-certificate-lifecycle-agent/AGENT.md +112 -0
  92. package/agents/salesforce/salesforce-certificate-lifecycle-agent/LEAST-PRIVILEGES.md +81 -0
  93. package/agents/salesforce/salesforce-certificate-lifecycle-agent/harnesses/claude-code.agent.md +66 -0
  94. package/agents/salesforce/salesforce-certificate-lifecycle-agent/harnesses/codex.toml +30 -0
  95. package/agents/salesforce/salesforce-certificate-lifecycle-agent/harnesses/copilot.agent.md +66 -0
  96. package/agents/salesforce/salesforce-certificate-lifecycle-agent/harnesses/cursor.agent.md +66 -0
  97. package/agents/salesforce/salesforce-certificate-lifecycle-agent/harnesses/gemini.agent.md +66 -0
  98. package/agents/salesforce/salesforce-certificate-lifecycle-agent/harnesses/kiro-cli.agent.json +5 -0
  99. package/agents/salesforce/salesforce-certificate-lifecycle-agent/harnesses/kiro-ide.agent.md +66 -0
  100. package/agents/salesforce/salesforce-certificate-lifecycle-agent/metadata.json +30 -0
  101. package/agents/salesforce/salesforce-change-impact-analyst-agent/AGENT.md +121 -0
  102. package/agents/salesforce/salesforce-change-impact-analyst-agent/LEAST-PRIVILEGES.md +87 -0
  103. package/agents/salesforce/salesforce-change-impact-analyst-agent/harnesses/claude-code.agent.md +74 -0
  104. package/agents/salesforce/salesforce-change-impact-analyst-agent/harnesses/codex.toml +30 -0
  105. package/agents/salesforce/salesforce-change-impact-analyst-agent/harnesses/copilot.agent.md +74 -0
  106. package/agents/salesforce/salesforce-change-impact-analyst-agent/harnesses/cursor.agent.md +74 -0
  107. package/agents/salesforce/salesforce-change-impact-analyst-agent/harnesses/gemini.agent.md +74 -0
  108. package/agents/salesforce/salesforce-change-impact-analyst-agent/harnesses/kiro-cli.agent.json +5 -0
  109. package/agents/salesforce/salesforce-change-impact-analyst-agent/harnesses/kiro-ide.agent.md +74 -0
  110. package/agents/salesforce/salesforce-change-impact-analyst-agent/metadata.json +30 -0
  111. package/agents/salesforce/salesforce-code-analyzer-orchestrator-agent/AGENT.md +119 -0
  112. package/agents/salesforce/salesforce-code-analyzer-orchestrator-agent/LEAST-PRIVILEGES.md +88 -0
  113. package/agents/salesforce/salesforce-code-analyzer-orchestrator-agent/harnesses/claude-code.agent.md +67 -0
  114. package/agents/salesforce/salesforce-code-analyzer-orchestrator-agent/harnesses/codex.toml +30 -0
  115. package/agents/salesforce/salesforce-code-analyzer-orchestrator-agent/harnesses/copilot.agent.md +67 -0
  116. package/agents/salesforce/salesforce-code-analyzer-orchestrator-agent/harnesses/cursor.agent.md +67 -0
  117. package/agents/salesforce/salesforce-code-analyzer-orchestrator-agent/harnesses/gemini.agent.md +67 -0
  118. package/agents/salesforce/salesforce-code-analyzer-orchestrator-agent/harnesses/kiro-cli.agent.json +5 -0
  119. package/agents/salesforce/salesforce-code-analyzer-orchestrator-agent/harnesses/kiro-ide.agent.md +67 -0
  120. package/agents/salesforce/salesforce-code-analyzer-orchestrator-agent/metadata.json +31 -0
  121. package/agents/salesforce/salesforce-compliance-privacy-agent/AGENT.md +130 -0
  122. package/agents/salesforce/salesforce-compliance-privacy-agent/LEAST-PRIVILEGES.md +85 -0
  123. package/agents/salesforce/salesforce-compliance-privacy-agent/harnesses/claude-code.agent.md +84 -0
  124. package/agents/salesforce/salesforce-compliance-privacy-agent/harnesses/codex.toml +36 -0
  125. package/agents/salesforce/salesforce-compliance-privacy-agent/harnesses/copilot.agent.md +84 -0
  126. package/agents/salesforce/salesforce-compliance-privacy-agent/harnesses/cursor.agent.md +84 -0
  127. package/agents/salesforce/salesforce-compliance-privacy-agent/harnesses/gemini.agent.md +84 -0
  128. package/agents/salesforce/salesforce-compliance-privacy-agent/harnesses/kiro-cli.agent.json +5 -0
  129. package/agents/salesforce/salesforce-compliance-privacy-agent/harnesses/kiro-ide.agent.md +49 -0
  130. package/agents/salesforce/salesforce-compliance-privacy-agent/metadata.json +41 -0
  131. package/agents/salesforce/salesforce-continuous-verification-agent/AGENT.md +113 -0
  132. package/agents/salesforce/salesforce-continuous-verification-agent/LEAST-PRIVILEGES.md +90 -0
  133. package/agents/salesforce/salesforce-continuous-verification-agent/harnesses/claude-code.agent.md +64 -0
  134. package/agents/salesforce/salesforce-continuous-verification-agent/harnesses/codex.toml +30 -0
  135. package/agents/salesforce/salesforce-continuous-verification-agent/harnesses/copilot.agent.md +64 -0
  136. package/agents/salesforce/salesforce-continuous-verification-agent/harnesses/cursor.agent.md +64 -0
  137. package/agents/salesforce/salesforce-continuous-verification-agent/harnesses/gemini.agent.md +64 -0
  138. package/agents/salesforce/salesforce-continuous-verification-agent/harnesses/kiro-cli.agent.json +5 -0
  139. package/agents/salesforce/salesforce-continuous-verification-agent/harnesses/kiro-ide.agent.md +64 -0
  140. package/agents/salesforce/salesforce-continuous-verification-agent/metadata.json +31 -0
  141. package/agents/salesforce/salesforce-data-architecture-agent/AGENT.md +113 -0
  142. package/agents/salesforce/salesforce-data-architecture-agent/LEAST-PRIVILEGES.md +92 -0
  143. package/agents/salesforce/salesforce-data-architecture-agent/harnesses/claude-code.agent.md +49 -0
  144. package/agents/salesforce/salesforce-data-architecture-agent/harnesses/codex.toml +35 -0
  145. package/agents/salesforce/salesforce-data-architecture-agent/harnesses/copilot.agent.md +49 -0
  146. package/agents/salesforce/salesforce-data-architecture-agent/harnesses/cursor.agent.md +49 -0
  147. package/agents/salesforce/salesforce-data-architecture-agent/harnesses/gemini.agent.md +49 -0
  148. package/agents/salesforce/salesforce-data-architecture-agent/harnesses/kiro-cli.agent.json +5 -0
  149. package/agents/salesforce/salesforce-data-architecture-agent/harnesses/kiro-ide.agent.md +49 -0
  150. package/agents/salesforce/salesforce-data-architecture-agent/metadata.json +40 -0
  151. package/agents/salesforce/salesforce-development-agent/AGENT.md +114 -0
  152. package/agents/salesforce/salesforce-development-agent/LEAST-PRIVILEGES.md +89 -0
  153. package/agents/salesforce/salesforce-development-agent/harnesses/claude-code.agent.md +50 -0
  154. package/agents/salesforce/salesforce-development-agent/harnesses/codex.toml +36 -0
  155. package/agents/salesforce/salesforce-development-agent/harnesses/copilot.agent.md +50 -0
  156. package/agents/salesforce/salesforce-development-agent/harnesses/cursor.agent.md +50 -0
  157. package/agents/salesforce/salesforce-development-agent/harnesses/gemini.agent.md +50 -0
  158. package/agents/salesforce/salesforce-development-agent/harnesses/kiro-cli.agent.json +5 -0
  159. package/agents/salesforce/salesforce-development-agent/harnesses/kiro-ide.agent.md +50 -0
  160. package/agents/salesforce/salesforce-development-agent/metadata.json +40 -0
  161. package/agents/salesforce/salesforce-devops-release-agent/AGENT.md +115 -0
  162. package/agents/salesforce/salesforce-devops-release-agent/LEAST-PRIVILEGES.md +90 -0
  163. package/agents/salesforce/salesforce-devops-release-agent/harnesses/claude-code.agent.md +51 -0
  164. package/agents/salesforce/salesforce-devops-release-agent/harnesses/codex.toml +35 -0
  165. package/agents/salesforce/salesforce-devops-release-agent/harnesses/copilot.agent.md +51 -0
  166. package/agents/salesforce/salesforce-devops-release-agent/harnesses/cursor.agent.md +51 -0
  167. package/agents/salesforce/salesforce-devops-release-agent/harnesses/gemini.agent.md +51 -0
  168. package/agents/salesforce/salesforce-devops-release-agent/harnesses/kiro-cli.agent.json +5 -0
  169. package/agents/salesforce/salesforce-devops-release-agent/harnesses/kiro-ide.agent.md +51 -0
  170. package/agents/salesforce/salesforce-devops-release-agent/metadata.json +40 -0
  171. package/agents/salesforce/salesforce-enterprise-architect-agent/AGENT.md +128 -0
  172. package/agents/salesforce/salesforce-enterprise-architect-agent/LEAST-PRIVILEGES.md +92 -0
  173. package/agents/salesforce/salesforce-enterprise-architect-agent/harnesses/claude-code.agent.md +81 -0
  174. package/agents/salesforce/salesforce-enterprise-architect-agent/harnesses/codex.toml +36 -0
  175. package/agents/salesforce/salesforce-enterprise-architect-agent/harnesses/copilot.agent.md +81 -0
  176. package/agents/salesforce/salesforce-enterprise-architect-agent/harnesses/cursor.agent.md +81 -0
  177. package/agents/salesforce/salesforce-enterprise-architect-agent/harnesses/gemini.agent.md +81 -0
  178. package/agents/salesforce/salesforce-enterprise-architect-agent/harnesses/kiro-cli.agent.json +5 -0
  179. package/agents/salesforce/salesforce-enterprise-architect-agent/harnesses/kiro-ide.agent.md +49 -0
  180. package/agents/salesforce/salesforce-enterprise-architect-agent/metadata.json +41 -0
  181. package/agents/salesforce/salesforce-experience-cloud-agent/AGENT.md +124 -0
  182. package/agents/salesforce/salesforce-experience-cloud-agent/LEAST-PRIVILEGES.md +80 -0
  183. package/agents/salesforce/salesforce-experience-cloud-agent/harnesses/claude-code.agent.md +79 -0
  184. package/agents/salesforce/salesforce-experience-cloud-agent/harnesses/codex.toml +35 -0
  185. package/agents/salesforce/salesforce-experience-cloud-agent/harnesses/copilot.agent.md +79 -0
  186. package/agents/salesforce/salesforce-experience-cloud-agent/harnesses/cursor.agent.md +79 -0
  187. package/agents/salesforce/salesforce-experience-cloud-agent/harnesses/gemini.agent.md +79 -0
  188. package/agents/salesforce/salesforce-experience-cloud-agent/harnesses/kiro-cli.agent.json +5 -0
  189. package/agents/salesforce/salesforce-experience-cloud-agent/harnesses/kiro-ide.agent.md +59 -0
  190. package/agents/salesforce/salesforce-experience-cloud-agent/metadata.json +40 -0
  191. package/agents/salesforce/salesforce-hyperforce-security-agent/AGENT.md +113 -0
  192. package/agents/salesforce/salesforce-hyperforce-security-agent/LEAST-PRIVILEGES.md +80 -0
  193. package/agents/salesforce/salesforce-hyperforce-security-agent/harnesses/claude-code.agent.md +72 -0
  194. package/agents/salesforce/salesforce-hyperforce-security-agent/harnesses/codex.toml +28 -0
  195. package/agents/salesforce/salesforce-hyperforce-security-agent/harnesses/copilot.agent.md +72 -0
  196. package/agents/salesforce/salesforce-hyperforce-security-agent/harnesses/cursor.agent.md +72 -0
  197. package/agents/salesforce/salesforce-hyperforce-security-agent/harnesses/gemini.agent.md +72 -0
  198. package/agents/salesforce/salesforce-hyperforce-security-agent/harnesses/kiro-cli.agent.json +5 -0
  199. package/agents/salesforce/salesforce-hyperforce-security-agent/harnesses/kiro-ide.agent.md +72 -0
  200. package/agents/salesforce/salesforce-hyperforce-security-agent/metadata.json +30 -0
  201. package/agents/salesforce/salesforce-industry-cloud-agent/AGENT.md +125 -0
  202. package/agents/salesforce/salesforce-industry-cloud-agent/LEAST-PRIVILEGES.md +88 -0
  203. package/agents/salesforce/salesforce-industry-cloud-agent/harnesses/claude-code.agent.md +80 -0
  204. package/agents/salesforce/salesforce-industry-cloud-agent/harnesses/codex.toml +41 -0
  205. package/agents/salesforce/salesforce-industry-cloud-agent/harnesses/copilot.agent.md +80 -0
  206. package/agents/salesforce/salesforce-industry-cloud-agent/harnesses/cursor.agent.md +80 -0
  207. package/agents/salesforce/salesforce-industry-cloud-agent/harnesses/gemini.agent.md +80 -0
  208. package/agents/salesforce/salesforce-industry-cloud-agent/harnesses/kiro-cli.agent.json +5 -0
  209. package/agents/salesforce/salesforce-industry-cloud-agent/harnesses/kiro-ide.agent.md +48 -0
  210. package/agents/salesforce/salesforce-industry-cloud-agent/metadata.json +42 -0
  211. package/agents/salesforce/salesforce-integration-mulesoft-agent/AGENT.md +115 -0
  212. package/agents/salesforce/salesforce-integration-mulesoft-agent/LEAST-PRIVILEGES.md +91 -0
  213. package/agents/salesforce/salesforce-integration-mulesoft-agent/harnesses/claude-code.agent.md +50 -0
  214. package/agents/salesforce/salesforce-integration-mulesoft-agent/harnesses/codex.toml +35 -0
  215. package/agents/salesforce/salesforce-integration-mulesoft-agent/harnesses/copilot.agent.md +50 -0
  216. package/agents/salesforce/salesforce-integration-mulesoft-agent/harnesses/cursor.agent.md +50 -0
  217. package/agents/salesforce/salesforce-integration-mulesoft-agent/harnesses/gemini.agent.md +50 -0
  218. package/agents/salesforce/salesforce-integration-mulesoft-agent/harnesses/kiro-cli.agent.json +5 -0
  219. package/agents/salesforce/salesforce-integration-mulesoft-agent/harnesses/kiro-ide.agent.md +50 -0
  220. package/agents/salesforce/salesforce-integration-mulesoft-agent/metadata.json +40 -0
  221. package/agents/salesforce/salesforce-live-guard-agent/AGENT.md +126 -0
  222. package/agents/salesforce/salesforce-live-guard-agent/LEAST-PRIVILEGES.md +100 -0
  223. package/agents/salesforce/salesforce-live-guard-agent/harnesses/claude-code.agent.md +85 -0
  224. package/agents/salesforce/salesforce-live-guard-agent/harnesses/codex.toml +50 -0
  225. package/agents/salesforce/salesforce-live-guard-agent/harnesses/copilot.agent.md +85 -0
  226. package/agents/salesforce/salesforce-live-guard-agent/harnesses/cursor.agent.md +85 -0
  227. package/agents/salesforce/salesforce-live-guard-agent/harnesses/gemini.agent.md +85 -0
  228. package/agents/salesforce/salesforce-live-guard-agent/harnesses/kiro-cli.agent.json +5 -0
  229. package/agents/salesforce/salesforce-live-guard-agent/harnesses/kiro-ide.agent.md +58 -0
  230. package/agents/salesforce/salesforce-live-guard-agent/metadata.json +39 -0
  231. package/agents/salesforce/salesforce-maestro-agent/AGENT.md +77 -0
  232. package/agents/salesforce/salesforce-maestro-agent/LEAST-PRIVILEGES.md +93 -0
  233. package/agents/salesforce/salesforce-maestro-agent/README.md +593 -0
  234. package/agents/salesforce/salesforce-maestro-agent/harnesses/claude-code.agent.md +65 -0
  235. package/agents/salesforce/salesforce-maestro-agent/harnesses/codex.toml +66 -0
  236. package/agents/salesforce/salesforce-maestro-agent/harnesses/copilot.agent.md +65 -0
  237. package/agents/salesforce/salesforce-maestro-agent/harnesses/cursor.agent.md +65 -0
  238. package/agents/salesforce/salesforce-maestro-agent/harnesses/gemini.agent.md +65 -0
  239. package/agents/salesforce/salesforce-maestro-agent/harnesses/kiro-cli.agent.json +5 -0
  240. package/agents/salesforce/salesforce-maestro-agent/harnesses/kiro-ide.agent.md +65 -0
  241. package/agents/salesforce/salesforce-maestro-agent/metadata.json +38 -0
  242. package/agents/salesforce/salesforce-marketing-cloud-agent/AGENT.md +124 -0
  243. package/agents/salesforce/salesforce-marketing-cloud-agent/LEAST-PRIVILEGES.md +86 -0
  244. package/agents/salesforce/salesforce-marketing-cloud-agent/harnesses/claude-code.agent.md +78 -0
  245. package/agents/salesforce/salesforce-marketing-cloud-agent/harnesses/codex.toml +34 -0
  246. package/agents/salesforce/salesforce-marketing-cloud-agent/harnesses/copilot.agent.md +78 -0
  247. package/agents/salesforce/salesforce-marketing-cloud-agent/harnesses/cursor.agent.md +78 -0
  248. package/agents/salesforce/salesforce-marketing-cloud-agent/harnesses/gemini.agent.md +78 -0
  249. package/agents/salesforce/salesforce-marketing-cloud-agent/harnesses/kiro-cli.agent.json +5 -0
  250. package/agents/salesforce/salesforce-marketing-cloud-agent/harnesses/kiro-ide.agent.md +48 -0
  251. package/agents/salesforce/salesforce-marketing-cloud-agent/metadata.json +41 -0
  252. package/agents/salesforce/salesforce-network-policy-architect-agent/AGENT.md +113 -0
  253. package/agents/salesforce/salesforce-network-policy-architect-agent/LEAST-PRIVILEGES.md +87 -0
  254. package/agents/salesforce/salesforce-network-policy-architect-agent/harnesses/claude-code.agent.md +72 -0
  255. package/agents/salesforce/salesforce-network-policy-architect-agent/harnesses/codex.toml +28 -0
  256. package/agents/salesforce/salesforce-network-policy-architect-agent/harnesses/copilot.agent.md +72 -0
  257. package/agents/salesforce/salesforce-network-policy-architect-agent/harnesses/cursor.agent.md +72 -0
  258. package/agents/salesforce/salesforce-network-policy-architect-agent/harnesses/gemini.agent.md +72 -0
  259. package/agents/salesforce/salesforce-network-policy-architect-agent/harnesses/kiro-cli.agent.json +5 -0
  260. package/agents/salesforce/salesforce-network-policy-architect-agent/harnesses/kiro-ide.agent.md +72 -0
  261. package/agents/salesforce/salesforce-network-policy-architect-agent/metadata.json +31 -0
  262. package/agents/salesforce/salesforce-platform-admin-review-agent/AGENT.md +113 -0
  263. package/agents/salesforce/salesforce-platform-admin-review-agent/LEAST-PRIVILEGES.md +88 -0
  264. package/agents/salesforce/salesforce-platform-admin-review-agent/harnesses/claude-code.agent.md +49 -0
  265. package/agents/salesforce/salesforce-platform-admin-review-agent/harnesses/codex.toml +36 -0
  266. package/agents/salesforce/salesforce-platform-admin-review-agent/harnesses/copilot.agent.md +49 -0
  267. package/agents/salesforce/salesforce-platform-admin-review-agent/harnesses/cursor.agent.md +49 -0
  268. package/agents/salesforce/salesforce-platform-admin-review-agent/harnesses/gemini.agent.md +49 -0
  269. package/agents/salesforce/salesforce-platform-admin-review-agent/harnesses/kiro-cli.agent.json +5 -0
  270. package/agents/salesforce/salesforce-platform-admin-review-agent/harnesses/kiro-ide.agent.md +49 -0
  271. package/agents/salesforce/salesforce-platform-admin-review-agent/metadata.json +40 -0
  272. package/agents/salesforce/salesforce-sales-cloud-revenue-agent/AGENT.md +115 -0
  273. package/agents/salesforce/salesforce-sales-cloud-revenue-agent/LEAST-PRIVILEGES.md +83 -0
  274. package/agents/salesforce/salesforce-sales-cloud-revenue-agent/harnesses/claude-code.agent.md +50 -0
  275. package/agents/salesforce/salesforce-sales-cloud-revenue-agent/harnesses/codex.toml +35 -0
  276. package/agents/salesforce/salesforce-sales-cloud-revenue-agent/harnesses/copilot.agent.md +50 -0
  277. package/agents/salesforce/salesforce-sales-cloud-revenue-agent/harnesses/cursor.agent.md +50 -0
  278. package/agents/salesforce/salesforce-sales-cloud-revenue-agent/harnesses/gemini.agent.md +50 -0
  279. package/agents/salesforce/salesforce-sales-cloud-revenue-agent/harnesses/kiro-cli.agent.json +5 -0
  280. package/agents/salesforce/salesforce-sales-cloud-revenue-agent/harnesses/kiro-ide.agent.md +50 -0
  281. package/agents/salesforce/salesforce-sales-cloud-revenue-agent/metadata.json +40 -0
  282. package/agents/salesforce/salesforce-sandbox-governance-agent/AGENT.md +120 -0
  283. package/agents/salesforce/salesforce-sandbox-governance-agent/LEAST-PRIVILEGES.md +80 -0
  284. package/agents/salesforce/salesforce-sandbox-governance-agent/harnesses/claude-code.agent.md +72 -0
  285. package/agents/salesforce/salesforce-sandbox-governance-agent/harnesses/codex.toml +30 -0
  286. package/agents/salesforce/salesforce-sandbox-governance-agent/harnesses/copilot.agent.md +72 -0
  287. package/agents/salesforce/salesforce-sandbox-governance-agent/harnesses/cursor.agent.md +72 -0
  288. package/agents/salesforce/salesforce-sandbox-governance-agent/harnesses/gemini.agent.md +72 -0
  289. package/agents/salesforce/salesforce-sandbox-governance-agent/harnesses/kiro-cli.agent.json +5 -0
  290. package/agents/salesforce/salesforce-sandbox-governance-agent/harnesses/kiro-ide.agent.md +72 -0
  291. package/agents/salesforce/salesforce-sandbox-governance-agent/metadata.json +30 -0
  292. package/agents/salesforce/salesforce-sandbox-isolation-agent/AGENT.md +113 -0
  293. package/agents/salesforce/salesforce-sandbox-isolation-agent/LEAST-PRIVILEGES.md +90 -0
  294. package/agents/salesforce/salesforce-sandbox-isolation-agent/harnesses/claude-code.agent.md +71 -0
  295. package/agents/salesforce/salesforce-sandbox-isolation-agent/harnesses/codex.toml +28 -0
  296. package/agents/salesforce/salesforce-sandbox-isolation-agent/harnesses/copilot.agent.md +71 -0
  297. package/agents/salesforce/salesforce-sandbox-isolation-agent/harnesses/cursor.agent.md +71 -0
  298. package/agents/salesforce/salesforce-sandbox-isolation-agent/harnesses/gemini.agent.md +71 -0
  299. package/agents/salesforce/salesforce-sandbox-isolation-agent/harnesses/kiro-cli.agent.json +5 -0
  300. package/agents/salesforce/salesforce-sandbox-isolation-agent/harnesses/kiro-ide.agent.md +71 -0
  301. package/agents/salesforce/salesforce-sandbox-isolation-agent/metadata.json +30 -0
  302. package/agents/salesforce/salesforce-security-identity-access-agent/AGENT.md +118 -0
  303. package/agents/salesforce/salesforce-security-identity-access-agent/LEAST-PRIVILEGES.md +85 -0
  304. package/agents/salesforce/salesforce-security-identity-access-agent/harnesses/claude-code.agent.md +52 -0
  305. package/agents/salesforce/salesforce-security-identity-access-agent/harnesses/codex.toml +36 -0
  306. package/agents/salesforce/salesforce-security-identity-access-agent/harnesses/copilot.agent.md +52 -0
  307. package/agents/salesforce/salesforce-security-identity-access-agent/harnesses/cursor.agent.md +52 -0
  308. package/agents/salesforce/salesforce-security-identity-access-agent/harnesses/gemini.agent.md +52 -0
  309. package/agents/salesforce/salesforce-security-identity-access-agent/harnesses/kiro-cli.agent.json +5 -0
  310. package/agents/salesforce/salesforce-security-identity-access-agent/harnesses/kiro-ide.agent.md +52 -0
  311. package/agents/salesforce/salesforce-security-identity-access-agent/metadata.json +40 -0
  312. package/agents/salesforce/salesforce-service-field-service-agent/AGENT.md +115 -0
  313. package/agents/salesforce/salesforce-service-field-service-agent/LEAST-PRIVILEGES.md +82 -0
  314. package/agents/salesforce/salesforce-service-field-service-agent/harnesses/claude-code.agent.md +50 -0
  315. package/agents/salesforce/salesforce-service-field-service-agent/harnesses/codex.toml +35 -0
  316. package/agents/salesforce/salesforce-service-field-service-agent/harnesses/copilot.agent.md +50 -0
  317. package/agents/salesforce/salesforce-service-field-service-agent/harnesses/cursor.agent.md +50 -0
  318. package/agents/salesforce/salesforce-service-field-service-agent/harnesses/gemini.agent.md +50 -0
  319. package/agents/salesforce/salesforce-service-field-service-agent/harnesses/kiro-cli.agent.json +5 -0
  320. package/agents/salesforce/salesforce-service-field-service-agent/harnesses/kiro-ide.agent.md +50 -0
  321. package/agents/salesforce/salesforce-service-field-service-agent/metadata.json +40 -0
  322. package/agents/salesforce/salesforce-session-governance-agent/AGENT.md +116 -0
  323. package/agents/salesforce/salesforce-session-governance-agent/LEAST-PRIVILEGES.md +91 -0
  324. package/agents/salesforce/salesforce-session-governance-agent/harnesses/claude-code.agent.md +74 -0
  325. package/agents/salesforce/salesforce-session-governance-agent/harnesses/codex.toml +28 -0
  326. package/agents/salesforce/salesforce-session-governance-agent/harnesses/copilot.agent.md +74 -0
  327. package/agents/salesforce/salesforce-session-governance-agent/harnesses/cursor.agent.md +74 -0
  328. package/agents/salesforce/salesforce-session-governance-agent/harnesses/gemini.agent.md +74 -0
  329. package/agents/salesforce/salesforce-session-governance-agent/harnesses/kiro-cli.agent.json +5 -0
  330. package/agents/salesforce/salesforce-session-governance-agent/harnesses/kiro-ide.agent.md +74 -0
  331. package/agents/salesforce/salesforce-session-governance-agent/metadata.json +30 -0
  332. package/agents/salesforce/salesforce-slack-collaboration-agent/AGENT.md +123 -0
  333. package/agents/salesforce/salesforce-slack-collaboration-agent/LEAST-PRIVILEGES.md +86 -0
  334. package/agents/salesforce/salesforce-slack-collaboration-agent/harnesses/claude-code.agent.md +79 -0
  335. package/agents/salesforce/salesforce-slack-collaboration-agent/harnesses/codex.toml +35 -0
  336. package/agents/salesforce/salesforce-slack-collaboration-agent/harnesses/copilot.agent.md +79 -0
  337. package/agents/salesforce/salesforce-slack-collaboration-agent/harnesses/cursor.agent.md +79 -0
  338. package/agents/salesforce/salesforce-slack-collaboration-agent/harnesses/gemini.agent.md +79 -0
  339. package/agents/salesforce/salesforce-slack-collaboration-agent/harnesses/kiro-cli.agent.json +5 -0
  340. package/agents/salesforce/salesforce-slack-collaboration-agent/harnesses/kiro-ide.agent.md +48 -0
  341. package/agents/salesforce/salesforce-slack-collaboration-agent/metadata.json +41 -0
  342. package/assets/logos/cloud/salesforce/salesforce.svg +34 -0
  343. package/catalog/agents.json +1451 -283
  344. package/catalog/asset-integrity.json +2257 -332
  345. package/catalog/install-roles.json +68 -0
  346. package/catalog/skill-manifest.json +1040 -155
  347. package/catalog/skills.json +1242 -262
  348. package/package.json +5 -2
  349. package/plugins/vanguard-frontier-agentic/.codex-plugin/plugin.json +3 -2
  350. package/plugins/vanguard-frontier-agentic/skills/vanguard-frontier-agentic-install/SKILL.md +37 -0
  351. package/powers/README.md +28 -10
  352. package/powers/vanguard-argocd/POWER.md +40 -0
  353. package/powers/vanguard-backstage/POWER.md +40 -0
  354. package/powers/vanguard-cert-manager/POWER.md +40 -0
  355. package/powers/vanguard-cilium/POWER.md +40 -0
  356. package/powers/vanguard-dotnet/POWER.md +41 -0
  357. package/powers/vanguard-falco/POWER.md +40 -0
  358. package/powers/vanguard-fluxcd/POWER.md +40 -0
  359. package/powers/vanguard-generic/POWER.md +40 -0
  360. package/powers/vanguard-hr/POWER.md +41 -0
  361. package/powers/vanguard-istio/POWER.md +40 -0
  362. package/powers/vanguard-kyverno/POWER.md +40 -0
  363. package/powers/vanguard-legal/POWER.md +41 -0
  364. package/powers/vanguard-marketing/POWER.md +41 -0
  365. package/powers/vanguard-multi-cloud/POWER.md +41 -0
  366. package/powers/vanguard-opentelemetry/POWER.md +40 -0
  367. package/powers/vanguard-prometheus/POWER.md +40 -0
  368. package/powers/vanguard-salesforce/POWER.md +42 -0
  369. package/powers/vanguard-sigstore/POWER.md +40 -0
  370. package/schemas/agent.schema.json +2 -1
  371. package/schemas/skill.frontmatter.schema.json +33 -3
  372. package/schemas/skill.schema.json +2 -1
  373. package/scripts/export-marketplace-agents.mjs +43 -1
  374. package/scripts/generate-kiro-powers.mjs +372 -5
  375. package/scripts/install-codex-home.mjs +95 -0
  376. package/scripts/release-prepare.mjs +35 -0
  377. package/skills/aws/aws-agentcore/references/official-sources.md +19 -19
  378. package/skills/aws/aws-generative-ai-developer/references/official-sources.md +10 -10
  379. package/skills/azure/azure-ai-foundry-ops-governor/references/workflow-and-output.md +2 -2
  380. package/skills/azure/azure-aks-platform-operator/references/workflow-and-output.md +1 -1
  381. package/skills/azure/azure-app-service-production-readiness/references/workflow-and-output.md +1 -1
  382. package/skills/azure/azure-cosmosdb-application-developer/references/official-sources.md +11 -11
  383. package/skills/azure/azure-cosmosdb-performance-investigator/references/official-sources.md +11 -11
  384. package/skills/azure/azure-cosmosdb-platform-operator/references/official-sources.md +10 -10
  385. package/skills/azure/azure-cost-estimation-review/references/workflow-and-output.md +1 -1
  386. package/skills/azure/azure-cost-optimization-governor/references/workflow-and-output.md +1 -1
  387. package/skills/azure/azure-entra-id-specialist/references/official-sources.md +28 -28
  388. package/skills/azure/azure-identity-governance-review/references/official-sources.md +11 -11
  389. package/skills/azure/azure-identity-governance-review/references/workflow-and-output.md +1 -1
  390. package/skills/azure/azure-key-vault-secret-lifecycle-auditor/references/workflow-and-output.md +1 -1
  391. package/skills/azure/azure-migrate-landing-zone-cutover/references/workflow-and-output.md +1 -1
  392. package/skills/azure/azure-platform-automation-devops/references/workflow-and-output.md +1 -1
  393. package/skills/azure/azure-private-endpoint-adoption-planner/references/workflow-and-output.md +1 -1
  394. package/skills/azure/azure-resource-health-incident-triage/references/workflow-and-output.md +6 -6
  395. package/skills/azure/azure-subscription-resource-organization/references/workflow-and-output.md +1 -1
  396. package/skills/cross-functional/salesforce-case-capsule/SKILL.md +164 -0
  397. package/skills/cross-functional/salesforce-case-capsule/metadata.json +19 -0
  398. package/skills/cross-functional/salesforce-data-exposure-escalation-protocol/SKILL.md +165 -0
  399. package/skills/cross-functional/salesforce-data-exposure-escalation-protocol/metadata.json +19 -0
  400. package/skills/cross-functional/salesforce-live-change-approval-protocol/SKILL.md +118 -0
  401. package/skills/cross-functional/salesforce-live-change-approval-protocol/metadata.json +19 -0
  402. package/skills/cross-functional/salesforce-risk-taxonomy/SKILL.md +162 -0
  403. package/skills/cross-functional/salesforce-risk-taxonomy/metadata.json +19 -0
  404. package/skills/cross-functional/salesforce-routing-protocol/SKILL.md +159 -0
  405. package/skills/cross-functional/salesforce-routing-protocol/metadata.json +19 -0
  406. package/skills/dotnet/dotnet-aspnetcore-api-review/SKILL.md +1 -1
  407. package/skills/dotnet/dotnet-aspnetcore-api-review/references/workflow-and-output.md +2 -2
  408. package/skills/dotnet/dotnet-csharp-runtime-review/SKILL.md +2 -2
  409. package/skills/dotnet/dotnet-csharp-runtime-review/references/workflow-and-output.md +7 -7
  410. package/skills/dotnet/dotnet-efcore-data-access-review/SKILL.md +4 -4
  411. package/skills/dotnet/dotnet-efcore-data-access-review/references/workflow-and-output.md +3 -3
  412. package/skills/dotnet/dotnet-performance-aot-review/references/workflow-and-output.md +1 -1
  413. package/skills/dotnet/dotnet-testing-quality-review/SKILL.md +1 -1
  414. package/skills/dotnet/dotnet-testing-quality-review/references/workflow-and-output.md +2 -2
  415. package/skills/finops/focus-spec-normalizer/references/focus-columns.md +2 -2
  416. package/skills/gcp/gcp-alloydb-ai-developer/SKILL.md +1 -1
  417. package/skills/gcp/gcp-gemini-api-developer/SKILL.md +2 -2
  418. package/skills/nvidia/nvidia-model-promotion-gatekeeper/SKILL.md +1 -1
  419. package/skills/nvidia/nvidia-model-promotion-gatekeeper/references/allowlist-commands.md +1 -1
  420. package/skills/oci/oci-compute-platform-operator/SKILL.md +0 -2
  421. package/skills/oci/oci-cost-finops-analyst/SKILL.md +0 -2
  422. package/skills/oci/oci-database-platform-dba/SKILL.md +0 -2
  423. package/skills/oci/oci-devops-container-platform-engineer/SKILL.md +0 -2
  424. package/skills/oci/oci-identity-access-governor/SKILL.md +0 -2
  425. package/skills/oci/oci-multi-cloud-architect/SKILL.md +0 -2
  426. package/skills/oci/oci-network-architect/SKILL.md +0 -2
  427. package/skills/oci/oci-observability-incident-responder/SKILL.md +0 -2
  428. package/skills/oci/oci-security-compliance-reviewer/SKILL.md +0 -2
  429. package/skills/oci/oci-solution-architect/SKILL.md +1 -3
  430. package/skills/oci/oci-storage-backup-steward/SKILL.md +0 -2
  431. package/skills/prometheus/prometheus-alerting-cardinality-review/SKILL.md +1 -1
  432. package/skills/prometheus/prometheus-alerting-cardinality-review/references/workflow-and-output.md +4 -4
  433. package/skills/qa/ci-test-pipeline-review/references/workflow-and-output.md +1 -1
  434. package/skills/qa/llm-ai-pipeline-test-review/references/workflow-and-output.md +1 -1
  435. package/skills/qa/playwright-e2e-suite-review/SKILL.md +4 -4
  436. package/skills/qa/playwright-e2e-suite-review/references/workflow-and-output.md +12 -12
  437. package/skills/qa/plc-control-logic-safety-review/references/workflow-and-output.md +2 -2
  438. package/skills/qa/test-coverage-quality-review/SKILL.md +1 -1
  439. package/skills/qa/test-coverage-quality-review/references/workflow-and-output.md +8 -8
  440. package/skills/qa/test-flakiness-triage/SKILL.md +1 -1
  441. package/skills/qa/test-flakiness-triage/references/workflow-and-output.md +1 -1
  442. package/skills/salesforce/README.md +117 -0
  443. package/skills/salesforce/salesforce-agentforce-risk-review-skill/SKILL.md +206 -0
  444. package/skills/salesforce/salesforce-agentforce-risk-review-skill/metadata.json +18 -0
  445. package/skills/salesforce/salesforce-agentforce-risk-review-skill/references/action-safety-matrix.md +160 -0
  446. package/skills/salesforce/salesforce-agentforce-risk-review-skill/references/agentforce-anti-patterns.md +193 -0
  447. package/skills/salesforce/salesforce-agentforce-risk-review-skill/references/grounding-source-evaluation.md +162 -0
  448. package/skills/salesforce/salesforce-agentforce-stdm-observer-skill/SKILL.md +557 -0
  449. package/skills/salesforce/salesforce-agentforce-stdm-observer-skill/metadata.json +41 -0
  450. package/skills/salesforce/salesforce-agentforce-stdm-observer-skill/references/observability-rubric.md +219 -0
  451. package/skills/salesforce/salesforce-agentforce-stdm-observer-skill/references/privacy-redaction.md +240 -0
  452. package/skills/salesforce/salesforce-agentforce-stdm-observer-skill/references/stdm-queries.md +436 -0
  453. package/skills/salesforce/salesforce-apex-generator-skill/SKILL.md +307 -0
  454. package/skills/salesforce/salesforce-apex-generator-skill/metadata.json +30 -0
  455. package/skills/salesforce/salesforce-apex-generator-skill/references/apex-patterns.md +224 -0
  456. package/skills/salesforce/salesforce-apex-generator-skill/references/governor-limits.md +175 -0
  457. package/skills/salesforce/salesforce-apex-generator-skill/references/security-defaults.md +155 -0
  458. package/skills/salesforce/salesforce-apex-log-analyzer-skill/SKILL.md +360 -0
  459. package/skills/salesforce/salesforce-apex-log-analyzer-skill/metadata.json +38 -0
  460. package/skills/salesforce/salesforce-apex-log-analyzer-skill/references/governor-limit-signatures.md +174 -0
  461. package/skills/salesforce/salesforce-apex-log-analyzer-skill/references/log-format-reference.md +154 -0
  462. package/skills/salesforce/salesforce-apex-log-analyzer-skill/references/redaction-rules.md +178 -0
  463. package/skills/salesforce/salesforce-apex-lwc-code-review-skill/SKILL.md +195 -0
  464. package/skills/salesforce/salesforce-apex-lwc-code-review-skill/metadata.json +18 -0
  465. package/skills/salesforce/salesforce-apex-lwc-code-review-skill/references/apex-anti-patterns.md +270 -0
  466. package/skills/salesforce/salesforce-apex-lwc-code-review-skill/references/governor-limits-reference.md +198 -0
  467. package/skills/salesforce/salesforce-apex-lwc-code-review-skill/references/lwc-security.md +206 -0
  468. package/skills/salesforce/salesforce-apex-test-generator-skill/SKILL.md +274 -0
  469. package/skills/salesforce/salesforce-apex-test-generator-skill/metadata.json +29 -0
  470. package/skills/salesforce/salesforce-apex-test-generator-skill/references/assertion-patterns.md +174 -0
  471. package/skills/salesforce/salesforce-apex-test-generator-skill/references/async-testing.md +217 -0
  472. package/skills/salesforce/salesforce-apex-test-generator-skill/references/test-data-factory.md +174 -0
  473. package/skills/salesforce/salesforce-apex-test-runner-skill/SKILL.md +344 -0
  474. package/skills/salesforce/salesforce-apex-test-runner-skill/metadata.json +37 -0
  475. package/skills/salesforce/salesforce-apex-test-runner-skill/references/cli-commands.md +162 -0
  476. package/skills/salesforce/salesforce-apex-test-runner-skill/references/coverage-analysis.md +107 -0
  477. package/skills/salesforce/salesforce-apex-test-runner-skill/references/failure-diagnosis.md +187 -0
  478. package/skills/salesforce/salesforce-bulk-data-ops-skill/SKILL.md +356 -0
  479. package/skills/salesforce/salesforce-bulk-data-ops-skill/metadata.json +29 -0
  480. package/skills/salesforce/salesforce-bulk-data-ops-skill/references/anonymous-apex-patterns.md +380 -0
  481. package/skills/salesforce/salesforce-bulk-data-ops-skill/references/data-loader-templates.md +209 -0
  482. package/skills/salesforce/salesforce-bulk-data-ops-skill/references/rollback-strategy.md +209 -0
  483. package/skills/salesforce/salesforce-deployment-validator-skill/SKILL.md +380 -0
  484. package/skills/salesforce/salesforce-deployment-validator-skill/metadata.json +37 -0
  485. package/skills/salesforce/salesforce-deployment-validator-skill/references/cli-commands.md +264 -0
  486. package/skills/salesforce/salesforce-deployment-validator-skill/references/production-refusal-rules.md +243 -0
  487. package/skills/salesforce/salesforce-deployment-validator-skill/references/test-selection-strategy.md +250 -0
  488. package/skills/salesforce/salesforce-devsecops-pipeline-skill/SKILL.md +195 -0
  489. package/skills/salesforce/salesforce-devsecops-pipeline-skill/metadata.json +19 -0
  490. package/skills/salesforce/salesforce-devsecops-pipeline-skill/references/change-impact-categories.md +216 -0
  491. package/skills/salesforce/salesforce-devsecops-pipeline-skill/references/sandbox-masking-strategy.md +193 -0
  492. package/skills/salesforce/salesforce-devsecops-pipeline-skill/references/sca-rule-catalog.md +226 -0
  493. package/skills/salesforce/salesforce-field-mapping-skill/SKILL.md +348 -0
  494. package/skills/salesforce/salesforce-field-mapping-skill/metadata.json +29 -0
  495. package/skills/salesforce/salesforce-field-mapping-skill/references/api-name-normalization.md +141 -0
  496. package/skills/salesforce/salesforce-field-mapping-skill/references/picklist-value-mapping.md +245 -0
  497. package/skills/salesforce/salesforce-field-mapping-skill/references/type-mismatch-detection.md +187 -0
  498. package/skills/salesforce/salesforce-flow-automation-review-skill/SKILL.md +163 -0
  499. package/skills/salesforce/salesforce-flow-automation-review-skill/metadata.json +18 -0
  500. package/skills/salesforce/salesforce-flow-automation-review-skill/references/automation-conflict-matrix.md +193 -0
  501. package/skills/salesforce/salesforce-flow-automation-review-skill/references/fault-path-design.md +189 -0
  502. package/skills/salesforce/salesforce-flow-automation-review-skill/references/flow-anti-patterns.md +211 -0
  503. package/skills/salesforce/salesforce-flow-debugger-skill/SKILL.md +355 -0
  504. package/skills/salesforce/salesforce-flow-debugger-skill/metadata.json +35 -0
  505. package/skills/salesforce/salesforce-flow-debugger-skill/references/fault-path-design.md +175 -0
  506. package/skills/salesforce/salesforce-flow-debugger-skill/references/flow-error-patterns.md +247 -0
  507. package/skills/salesforce/salesforce-flow-debugger-skill/references/interview-log-redaction.md +171 -0
  508. package/skills/salesforce/salesforce-infrastructure-audit-skill/SKILL.md +137 -0
  509. package/skills/salesforce/salesforce-infrastructure-audit-skill/metadata.json +19 -0
  510. package/skills/salesforce/salesforce-infrastructure-audit-skill/references/hyperforce-deployment-controls.md +181 -0
  511. package/skills/salesforce/salesforce-infrastructure-audit-skill/references/network-policy-reference.md +200 -0
  512. package/skills/salesforce/salesforce-infrastructure-audit-skill/references/session-policy-reference.md +219 -0
  513. package/skills/salesforce/salesforce-integration-review-skill/SKILL.md +186 -0
  514. package/skills/salesforce/salesforce-integration-review-skill/metadata.json +18 -0
  515. package/skills/salesforce/salesforce-integration-review-skill/references/integration-anti-patterns.md +280 -0
  516. package/skills/salesforce/salesforce-integration-review-skill/references/integration-pattern-reference.md +239 -0
  517. package/skills/salesforce/salesforce-integration-review-skill/references/named-credential-design.md +211 -0
  518. package/skills/salesforce/salesforce-marketing-consent-review-skill/SKILL.md +204 -0
  519. package/skills/salesforce/salesforce-marketing-consent-review-skill/metadata.json +18 -0
  520. package/skills/salesforce/salesforce-marketing-consent-review-skill/references/consent-anti-patterns.md +247 -0
  521. package/skills/salesforce/salesforce-marketing-consent-review-skill/references/consent-model-reference.md +205 -0
  522. package/skills/salesforce/salesforce-marketing-consent-review-skill/references/regulatory-mapping.md +192 -0
  523. package/skills/salesforce/salesforce-metadata-fetcher-skill/SKILL.md +418 -0
  524. package/skills/salesforce/salesforce-metadata-fetcher-skill/metadata.json +50 -0
  525. package/skills/salesforce/salesforce-metadata-fetcher-skill/references/cli-commands.md +347 -0
  526. package/skills/salesforce/salesforce-metadata-fetcher-skill/references/delegation-routing.md +416 -0
  527. package/skills/salesforce/salesforce-metadata-fetcher-skill/references/sanitization-rules.md +392 -0
  528. package/skills/salesforce/salesforce-metadata-review-skill/SKILL.md +148 -0
  529. package/skills/salesforce/salesforce-metadata-review-skill/metadata.json +18 -0
  530. package/skills/salesforce/salesforce-metadata-review-skill/references/deprecated-metadata.md +217 -0
  531. package/skills/salesforce/salesforce-metadata-review-skill/references/field-hygiene-rules.md +182 -0
  532. package/skills/salesforce/salesforce-metadata-review-skill/references/object-design-patterns.md +187 -0
  533. package/skills/salesforce/salesforce-org-assessment-skill/SKILL.md +137 -0
  534. package/skills/salesforce/salesforce-org-assessment-skill/metadata.json +18 -0
  535. package/skills/salesforce/salesforce-org-assessment-skill/references/assessment-rubric.md +228 -0
  536. package/skills/salesforce/salesforce-org-assessment-skill/references/risk-register-template.md +211 -0
  537. package/skills/salesforce/salesforce-org-assessment-skill/references/tech-debt-indicators.md +252 -0
  538. package/skills/salesforce/salesforce-permission-model-review-skill/SKILL.md +165 -0
  539. package/skills/salesforce/salesforce-permission-model-review-skill/metadata.json +18 -0
  540. package/skills/salesforce/salesforce-permission-model-review-skill/references/fls-review-patterns.md +235 -0
  541. package/skills/salesforce/salesforce-permission-model-review-skill/references/permission-set-strategy.md +203 -0
  542. package/skills/salesforce/salesforce-permission-model-review-skill/references/toxic-combinations.md +228 -0
  543. package/skills/salesforce/salesforce-release-readiness-skill/SKILL.md +185 -0
  544. package/skills/salesforce/salesforce-release-readiness-skill/metadata.json +18 -0
  545. package/skills/salesforce/salesforce-release-readiness-skill/references/release-checklist.md +191 -0
  546. package/skills/salesforce/salesforce-release-readiness-skill/references/rollback-strategy.md +234 -0
  547. package/skills/salesforce/salesforce-release-readiness-skill/references/test-coverage-strategy.md +314 -0
  548. package/skills/salesforce/salesforce-soql-explorer-skill/SKILL.md +391 -0
  549. package/skills/salesforce/salesforce-soql-explorer-skill/metadata.json +35 -0
  550. package/skills/salesforce/salesforce-soql-explorer-skill/references/cli-commands.md +266 -0
  551. package/skills/salesforce/salesforce-soql-explorer-skill/references/least-privilege-scope.md +224 -0
  552. package/skills/salesforce/salesforce-soql-explorer-skill/references/safe-query-patterns.md +317 -0
  553. package/skills/salesforce/salesforce-soql-generator-skill/SKILL.md +305 -0
  554. package/skills/salesforce/salesforce-soql-generator-skill/metadata.json +25 -0
  555. package/skills/salesforce/salesforce-soql-generator-skill/references/common-patterns.md +293 -0
  556. package/skills/salesforce/salesforce-soql-generator-skill/references/governor-limits.md +171 -0
  557. package/skills/salesforce/salesforce-soql-generator-skill/references/soql-syntax-quickref.md +255 -0
  558. package/skills/salesforce/salesforce-validation-rule-writer-skill/SKILL.md +329 -0
  559. package/skills/salesforce/salesforce-validation-rule-writer-skill/metadata.json +28 -0
  560. package/skills/salesforce/salesforce-validation-rule-writer-skill/references/error-message-style.md +132 -0
  561. package/skills/salesforce/salesforce-validation-rule-writer-skill/references/formula-syntax-quickref.md +182 -0
  562. package/skills/salesforce/salesforce-validation-rule-writer-skill/references/validation-patterns.md +214 -0
  563. package/skills/salesforce/salesforce-zero-trust-maturity-skill/SKILL.md +164 -0
  564. package/skills/salesforce/salesforce-zero-trust-maturity-skill/metadata.json +19 -0
  565. package/skills/salesforce/salesforce-zero-trust-maturity-skill/references/continuous-verification-patterns.md +209 -0
  566. package/skills/salesforce/salesforce-zero-trust-maturity-skill/references/maturity-scoring-rubric.md +179 -0
  567. package/skills/salesforce/salesforce-zero-trust-maturity-skill/references/nist-zta-pillars.md +194 -0
  568. package/tests/fixtures/salesforce-maestro-routing/expected/001-happy-platform-admin-review.json +6 -0
  569. package/tests/fixtures/salesforce-maestro-routing/expected/002-happy-business-analyst.json +6 -0
  570. package/tests/fixtures/salesforce-maestro-routing/expected/003-happy-app-builder-automation.json +6 -0
  571. package/tests/fixtures/salesforce-maestro-routing/expected/004-happy-development.json +6 -0
  572. package/tests/fixtures/salesforce-maestro-routing/expected/005-happy-devops-release.json +6 -0
  573. package/tests/fixtures/salesforce-maestro-routing/expected/006-happy-security-identity-access.json +6 -0
  574. package/tests/fixtures/salesforce-maestro-routing/expected/007-happy-data-architecture.json +6 -0
  575. package/tests/fixtures/salesforce-maestro-routing/expected/008-happy-integration-mulesoft.json +6 -0
  576. package/tests/fixtures/salesforce-maestro-routing/expected/009-happy-sales-cloud-revenue.json +6 -0
  577. package/tests/fixtures/salesforce-maestro-routing/expected/010-happy-marketing-cloud.json +6 -0
  578. package/tests/fixtures/salesforce-maestro-routing/expected/011-happy-agentforce-ai.json +6 -0
  579. package/tests/fixtures/salesforce-maestro-routing/expected/012-happy-analytics-tableau.json +6 -0
  580. package/tests/fixtures/salesforce-maestro-routing/expected/013-happy-compliance-privacy.json +6 -0
  581. package/tests/fixtures/salesforce-maestro-routing/expected/014-happy-network-policy-architect.json +6 -0
  582. package/tests/fixtures/salesforce-maestro-routing/expected/015-happy-hyperforce-security.json +6 -0
  583. package/tests/fixtures/salesforce-maestro-routing/expected/016-happy-sandbox-isolation.json +6 -0
  584. package/tests/fixtures/salesforce-maestro-routing/expected/017-happy-session-governance.json +6 -0
  585. package/tests/fixtures/salesforce-maestro-routing/expected/018-happy-continuous-verification.json +6 -0
  586. package/tests/fixtures/salesforce-maestro-routing/expected/019-happy-certificate-lifecycle.json +6 -0
  587. package/tests/fixtures/salesforce-maestro-routing/expected/020-happy-adaptive-access.json +6 -0
  588. package/tests/fixtures/salesforce-maestro-routing/expected/021-happy-code-analyzer-orchestrator.json +6 -0
  589. package/tests/fixtures/salesforce-maestro-routing/expected/022-happy-sandbox-governance.json +6 -0
  590. package/tests/fixtures/salesforce-maestro-routing/expected/023-happy-change-impact-analyst.json +6 -0
  591. package/tests/fixtures/salesforce-maestro-routing/expected/adv-ambiguous.json +4 -0
  592. package/tests/fixtures/salesforce-maestro-routing/expected/adv-instruction-injection.json +6 -0
  593. package/tests/fixtures/salesforce-maestro-routing/expected/adv-liveguard-01-live-org-deploy-guard.json +6 -0
  594. package/tests/fixtures/salesforce-maestro-routing/expected/adv-liveguard-02-live-mass-delete-guard.json +6 -0
  595. package/tests/fixtures/salesforce-maestro-routing/expected/adv-liveguard-03-live-release-to-prod-guard.json +6 -0
  596. package/tests/fixtures/salesforce-maestro-routing/expected/adv-persona-replacement.json +6 -0
  597. package/tests/fixtures/salesforce-maestro-routing/expected/adv-secrets-bait.json +6 -0
  598. package/tests/fixtures/salesforce-maestro-routing/inputs/001-happy-platform-admin-review.json +7 -0
  599. package/tests/fixtures/salesforce-maestro-routing/inputs/002-happy-business-analyst.json +7 -0
  600. package/tests/fixtures/salesforce-maestro-routing/inputs/003-happy-app-builder-automation.json +7 -0
  601. package/tests/fixtures/salesforce-maestro-routing/inputs/004-happy-development.json +7 -0
  602. package/tests/fixtures/salesforce-maestro-routing/inputs/005-happy-devops-release.json +7 -0
  603. package/tests/fixtures/salesforce-maestro-routing/inputs/006-happy-security-identity-access.json +7 -0
  604. package/tests/fixtures/salesforce-maestro-routing/inputs/007-happy-data-architecture.json +7 -0
  605. package/tests/fixtures/salesforce-maestro-routing/inputs/008-happy-integration-mulesoft.json +7 -0
  606. package/tests/fixtures/salesforce-maestro-routing/inputs/009-happy-sales-cloud-revenue.json +7 -0
  607. package/tests/fixtures/salesforce-maestro-routing/inputs/010-happy-marketing-cloud.json +7 -0
  608. package/tests/fixtures/salesforce-maestro-routing/inputs/011-happy-agentforce-ai.json +7 -0
  609. package/tests/fixtures/salesforce-maestro-routing/inputs/012-happy-analytics-tableau.json +7 -0
  610. package/tests/fixtures/salesforce-maestro-routing/inputs/013-happy-compliance-privacy.json +7 -0
  611. package/tests/fixtures/salesforce-maestro-routing/inputs/014-happy-network-policy-architect.json +7 -0
  612. package/tests/fixtures/salesforce-maestro-routing/inputs/015-happy-hyperforce-security.json +7 -0
  613. package/tests/fixtures/salesforce-maestro-routing/inputs/016-happy-sandbox-isolation.json +7 -0
  614. package/tests/fixtures/salesforce-maestro-routing/inputs/017-happy-session-governance.json +7 -0
  615. package/tests/fixtures/salesforce-maestro-routing/inputs/018-happy-continuous-verification.json +7 -0
  616. package/tests/fixtures/salesforce-maestro-routing/inputs/019-happy-certificate-lifecycle.json +7 -0
  617. package/tests/fixtures/salesforce-maestro-routing/inputs/020-happy-adaptive-access.json +7 -0
  618. package/tests/fixtures/salesforce-maestro-routing/inputs/021-happy-code-analyzer-orchestrator.json +7 -0
  619. package/tests/fixtures/salesforce-maestro-routing/inputs/022-happy-sandbox-governance.json +7 -0
  620. package/tests/fixtures/salesforce-maestro-routing/inputs/023-happy-change-impact-analyst.json +7 -0
  621. package/tests/fixtures/salesforce-maestro-routing/inputs/adv-ambiguous.json +7 -0
  622. package/tests/fixtures/salesforce-maestro-routing/inputs/adv-instruction-injection.json +7 -0
  623. package/tests/fixtures/salesforce-maestro-routing/inputs/adv-liveguard-01-live-org-deploy-guard.json +7 -0
  624. package/tests/fixtures/salesforce-maestro-routing/inputs/adv-liveguard-02-live-mass-delete-guard.json +7 -0
  625. package/tests/fixtures/salesforce-maestro-routing/inputs/adv-liveguard-03-live-release-to-prod-guard.json +7 -0
  626. package/tests/fixtures/salesforce-maestro-routing/inputs/adv-persona-replacement.json +7 -0
  627. package/tests/fixtures/salesforce-maestro-routing/inputs/adv-secrets-bait.json +7 -0
  628. package/tests/fixtures/salesforce-maestro-routing/taxonomy.json +371 -0
  629. package/tests/test-codex-plugin-marketplace-install.test.mjs +132 -0
  630. package/tests/test-vfa-export-coverage.test.mjs +116 -4
  631. package/tests/validate-catalog.py +12 -1
  632. package/tests/validate-codex-marketplace.py +23 -1
  633. package/tests/validate-plugin-manifest.py +11 -1
package/skills/salesforce/salesforce-zero-trust-maturity-skill/references/maturity-scoring-rubric.md ADDED
@@ -0,0 +1,179 @@
1
+ # Maturity Scoring Rubric Reference
2
+
3
+ Scoring matrix for assessing Zero Trust maturity in Salesforce orgs across
4
+ five NIST SP 800-207 pillars with gap analysis template.
5
+
6
+ ---
7
+
8
+ ## Maturity Level Definitions
9
+
10
+ | Level | Label | Description |
11
+ |-------|-------|-------------|
12
+ | 0 | None | No controls in place for this area |
13
+ | 1 | Initial | Ad hoc controls; inconsistently applied |
14
+ | 2 | Developing | Defined controls; applied to most cases; manual processes |
15
+ | 3 | Established | Defined, documented, and consistently applied; some automation |
16
+ | 4 | Advanced | Automated, measured, and continuously improved |
17
+ | 5 | Optimized | Predictive and adaptive controls; industry-leading posture |
18
+
19
+ ---
20
+
21
+ ## Pillar 1: Identity Maturity
22
+
23
+ | Check | Level 0 | Level 1 | Level 2 | Level 3 | Level 4 | Level 5 |
24
+ |-------|---------|---------|---------|---------|---------|---------|
25
+ | MFA enforcement | No MFA | MFA optional | MFA required for some users | MFA required for all internal | MFA + risk-adaptive step-up | Biometric + hardware key everywhere |
26
+ | SSO integration | Username/password only | SSO available but not required | SSO required for most | SSO required for all; JIT provisioning | SSO with device signal | Continuous posture evaluation |
27
+ | Session management | Default (8h) timeout | Timeouts configured | IP-locked sessions | High Assurance for admin ops | Adaptive timeout by risk | Continuous session re-evaluation |
28
+ | Privileged access | Shared admin accounts | Named admin accounts | Named + IP restricted | Named + IP + audit alerts | Just-in-time privilege elevation | Full PAM with recorded sessions |
29
+ | Identity governance | No review process | Annual review | Quarterly review | Automated drift detection | Real-time anomaly alerts | ML-driven identity behavior baseline |
30
+
31
+ **Target minimum for production orgs: Level 3**
32
+
33
+ ### Level 3 Requirements for Identity
34
+
35
+ - [ ] MFA required for all active internal users via org-wide setting.
36
+ - [ ] SSO configured; username/password login disabled for internal users (if possible).
37
+ - [ ] Admin accounts named, IP-restricted, and documented.
38
+ - [ ] High Assurance required for: Manage Users, Connected Apps, Certificates.
39
+ - [ ] Permission set assignments reviewed quarterly.
40
+ - [ ] Login History exported to SIEM.
41
+
42
+ ---
43
+
44
+ ## Pillar 2: Device Maturity
45
+
46
+ | Check | Level 0 | Level 1 | Level 2 | Level 3 | Level 4 | Level 5 |
47
+ |-------|---------|---------|---------|---------|---------|---------|
48
+ | Device trust | No controls | IP restrictions on profiles | MDM enrollment required | MDM compliance gates SSO | Device posture in IdP token | Continuous device health |
49
+ | Mobile access | Unrestricted | Mobile app configured | MDM PIN/encrypt required | App wrapping via MDM | Container isolation | Biometric device access |
50
+ | Network access | Any network | VPN recommended | VPN required for sensitive | VPN + IP restrictions | Zero Trust Network Access (ZTNA) | Software-defined perimeter |
51
+
52
+ **Target minimum for production orgs: Level 2**
53
+
54
+ ---
55
+
56
+ ## Pillar 3: Network Maturity
57
+
58
+ | Check | Level 0 | Level 1 | Level 2 | Level 3 | Level 4 | Level 5 |
59
+ |-------|---------|---------|---------|---------|---------|---------|
60
+ | Transport security | HTTP allowed | HTTPS enforced | TLS 1.2+ enforced | HSTS + pinning | Private Connect/PrivateLink | Full mTLS everywhere |
61
+ | Egress control | Open callouts | Remote Site Settings managed | Named Credentials only | Named Credentials + IP allowlist | Outbound proxy filtering | Micro-segmented egress |
62
+ | CSP | No CSP | Basic CSP Trusted Sites | CSP for all Salesforce pages | CSP + Report-URI monitoring | Real-time CSP violation alerting | Adaptive CSP |
63
+
64
+ **Target minimum for production orgs: Level 2-3**
65
+
66
+ ### Level 3 Requirements for Network
67
+
68
+ - [ ] All callout endpoints use Named Credentials (no hardcoded URLs).
69
+ - [ ] All Remote Site Settings reviewed; none have DisableProtocolSecurity=true.
70
+ - [ ] CSP Trusted Sites contain only HTTPS origins; no wildcards.
71
+ - [ ] HSTS confirmed on custom domain.
72
+ - [ ] Private Connect evaluated for regulated data integrations.
73
+
74
+ ---
75
+
76
+ ## Pillar 4: Application Maturity
77
+
78
+ | Check | Level 0 | Level 1 | Level 2 | Level 3 | Level 4 | Level 5 |
79
+ |-------|---------|---------|---------|---------|---------|---------|
80
+ | Object CRUD | Default profiles | CRUD on profiles | CRUD via Permission Sets | Least-privilege Permission Sets | Automated access review | Dynamic permission grant |
81
+ | FLS enforcement | No FLS controls | FLS on standard objects | FLS on custom sensitive fields | FLS + Apex enforcement | Automated FLS coverage scan | Real-time FLS anomaly detection |
82
+ | API access | API Enabled broadly | API limited by license | API only for named roles | API + IP restrictions | API + JWT Bearer only | Zero standing API access |
83
+ | Code security | No static analysis | Manual review | PMD/ESLint in CI | SCA gates blocking deployment | DAST + runtime monitoring | Self-healing security controls |
84
+
85
+ **Target minimum for production orgs: Level 3**
86
+
87
+ ---
88
+
89
+ ## Pillar 5: Data Maturity
90
+
91
+ | Check | Level 0 | Level 1 | Level 2 | Level 3 | Level 4 | Level 5 |
92
+ |-------|---------|---------|---------|---------|---------|---------|
93
+ | Data classification | No classification | Some fields labeled | All PII fields classified | Classification drives FLS | Automated classification | Dynamic classification at ingest |
94
+ | Encryption at rest | No encryption | Salesforce default encryption | Shield Encryption on PII fields | Shield + BYOK | EKM with HSM | Post-quantum key management |
95
+ | Data masking | No masking | Manual masking | Partial automated masking | Full automated post-refresh masking | Continuous masking monitoring | Synthetic data generation |
96
+ | Data residency | Unknown | Data center known | Contract specifies region | Hyperforce + DPA executed | Customer Trust Access Management | Dedicated infrastructure |
97
+ | DLP monitoring | No monitoring | Manual data export review | Event Monitoring for exports | CASB integration | Real-time DLP alerts | Behavioral DLP |
98
+
99
+ **Target minimum for production orgs: Level 2-3**
100
+
101
+ ---
102
+
103
+ ## Composite Scoring
104
+
105
+ ### Per-Pillar Score
106
+
107
+ Average the maturity levels across all checks within each pillar:
108
+
109
+ ```
110
+ Pillar Score = Sum of check levels / Number of checks
111
+ ```
112
+
113
+ ### Weighted Composite Score
114
+
115
+ | Pillar | Weight | Your Score (0-5) | Weighted Score |
116
+ |--------|--------|-----------------|---------------|
117
+ | Identity | 30% | ___ | ___ |
118
+ | Device | 15% | ___ | ___ |
119
+ | Network | 20% | ___ | ___ |
120
+ | Application | 25% | ___ | ___ |
121
+ | Data | 10% | ___ | ___ |
122
+ | **Composite** | 100% | — | ___ |
123
+
124
+ ### Rating Bands
125
+
126
+ | Composite Score | Rating | Recommended Action |
127
+ |----------------|--------|--------------------|
128
+ | 4.0 - 5.0 | Advanced/Optimized | Maintain; focus on continuous improvement |
129
+ | 3.0 - 3.9 | Established | Close specific gaps; automate manual controls |
130
+ | 2.0 - 2.9 | Developing | Prioritize Identity and Application pillars first |
131
+ | 1.0 - 1.9 | Initial | Emergency remediation plan; executive escalation |
132
+ | 0.0 - 0.9 | None | Immediate stop-gap controls; full remediation program |
133
+
134
+ ---
135
+
136
+ ## Gap Analysis Template
137
+
138
+ For each pillar where the current level is below the target:
139
+
140
+ ```
141
+ PILLAR: [Identity / Device / Network / Application / Data]
142
+ CURRENT LEVEL: [0-5]
143
+ TARGET LEVEL: [0-5]
144
+ GAP: [Target - Current]
145
+
146
+ KEY GAPS:
147
+ 1. [Specific control that is missing or incomplete]
148
+ 2. [...]
149
+
150
+ REMEDIATION ACTIONS:
151
+ Priority 1 (< 30 days):
152
+ - Action: [Specific action]
153
+ - Owner: [Team or role]
154
+ - Effort: [Hours / Days / Weeks]
155
+ - Success Metric: [How to verify completion]
156
+
157
+ Priority 2 (30-90 days):
158
+ - Action: [...]
159
+
160
+ Priority 3 (90-180 days):
161
+ - Action: [...]
162
+
163
+ BLOCKERS:
164
+ - [Budget / Resource / Technical dependency]
165
+
166
+ NEXT ASSESSMENT DATE: [Date 6-12 months from now]
167
+ ```
168
+
169
+ ---
170
+
171
+ ## Maturity Assessment Cadence
172
+
173
+ | Assessment Type | Frequency | Scope |
174
+ |----------------|-----------|-------|
175
+ | Self-assessment | Quarterly | All five pillars |
176
+ | Internal audit | Annually | All five pillars + evidence |
177
+ | Third-party assessment | Bi-annually or for compliance | All five pillars |
178
+ | Post-incident review | After any security incident | Affected pillars |
179
+ | Post-major-change review | After significant org changes | Affected pillars |
package/skills/salesforce/salesforce-zero-trust-maturity-skill/references/nist-zta-pillars.md ADDED
@@ -0,0 +1,194 @@
1
+ # NIST ZTA Pillars Reference
2
+
3
+ NIST SP 800-207 Zero Trust Architecture pillars mapped to Salesforce controls,
4
+ configurations, and implementation guidance.
5
+
6
+ NIST SP 800-207 was published August 2020.
7
+ Verify against any superseding NIST publications.
8
+
9
+ ---
10
+
11
+ ## Zero Trust Core Tenets (NIST SP 800-207)
12
+
13
+ 1. All data sources and computing services are considered resources.
14
+ 2. All communication is secured regardless of network location.
15
+ 3. Access to individual enterprise resources is granted on a per-session basis.
16
+ 4. Access is determined by dynamic policy including client identity, application,
17
+ and observable state.
18
+ 5. The enterprise monitors and measures the integrity and security posture
19
+ of all owned and associated assets.
20
+ 6. All resource authentication and authorization is dynamic and strictly enforced.
21
+ 7. The enterprise collects information about assets, network infrastructure,
22
+ and communications to improve security posture.
23
+
24
+ ---
25
+
26
+ ## Pillar 1: Identity
27
+
28
+ **Core question:** Is this user who they claim to be, and are they authorized
29
+ for this specific request at this moment?
30
+
31
+ ### Salesforce Controls for Identity Pillar
32
+
33
+ | Control | Salesforce Feature | Maturity Level |
34
+ |---------|------------------|----------------|
35
+ | MFA enforcement | Setup > Identity > MFA | Required (Level 1) |
36
+ | Single Sign-On (SSO) | Auth. Provider + My Domain | Level 2 |
37
+ | Adaptive authentication | High Assurance sessions | Level 2 |
38
+ | Continuous session validation | Session timeout + IP lock | Level 2 |
39
+ | Privileged access management | Named admin accounts + IP restrictions | Level 3 |
40
+ | Just-in-time (JIT) provisioning | SSO JIT SAML provisioning | Level 3 |
41
+ | Identity governance | Quarterly permission reviews | Level 3 |
42
+
43
+ ### Implementation Reference
44
+
45
+ ```
46
+ My Domain: Required prerequisite for SSO and Modern Auth.
47
+ Path: Setup > Company Settings > My Domain
48
+
49
+ Auth. Provider (OIDC/SAML):
50
+ Path: Setup > Identity > Auth. Providers
51
+
52
+ MFA:
53
+ Path: Setup > Identity > Identity Verification
54
+ Setting: Multi-Factor Authentication for User Interface Logins = Required
55
+
56
+ Session Security Level for High Assurance:
57
+ Path: Setup > Security > Session Settings > Session Security Levels
58
+ Operations requiring High Assurance: Manage Users, Connected Apps, Certificates
59
+ ```
60
+
61
+ ---
62
+
63
+ ## Pillar 2: Device
64
+
65
+ **Core question:** Is the device used to access Salesforce healthy and trusted?
66
+
67
+ ### Salesforce Controls for Device Pillar
68
+
69
+ | Control | Salesforce Feature | Maturity Level |
70
+ |---------|------------------|----------------|
71
+ | Trusted IP ranges | Network Access + Profile Login IPs | Level 1 |
72
+ | Device posture enforcement (MDM) | Salesforce Authenticator + MDM integration | Level 2 |
73
+ | Certificate-based device auth | Client certificates in Connected Apps | Level 3 |
74
+ | Mobile Device Management | Salesforce Mobile App MDM policies | Level 2 |
75
+
76
+ ### Note on Salesforce's Position
77
+
78
+ Salesforce is a SaaS platform — direct device health attestation (TPM, secure
79
+ boot validation) must be implemented at the identity provider layer (your IdP /
80
+ MDM solution). Salesforce receives the result of device trust evaluation via
81
+ SSO claims or network-level controls.
82
+
83
+ ```
84
+ Example pattern:
85
+ 1. MDM marks device as compliant.
86
+ 2. IdP (Okta/Azure AD/Ping) receives device compliance signal from MDM.
87
+ 3. IdP issues SAML assertion with device-compliance claim.
88
+ 4. Salesforce Auth. Provider validates assertion.
89
+ 5. If device non-compliant: Auth. Provider denies session or downgrades
90
+ to Standard session (blocking High Assurance operations).
91
+ ```
92
+
93
+ ---
94
+
95
+ ## Pillar 3: Network
96
+
97
+ **Core question:** Is network traffic protected in transit and origin-verified?
98
+
99
+ ### Salesforce Controls for Network Pillar
100
+
101
+ | Control | Salesforce Feature | Maturity Level |
102
+ |---------|------------------|----------------|
103
+ | TLS enforcement | Salesforce enforces TLS 1.2+ by default | Level 1 |
104
+ | IP allowlists | Trusted IP Ranges + Profile Login IP Ranges | Level 1 |
105
+ | HSTS | Salesforce enforces HSTS on all prod orgs | Level 1 |
106
+ | CSP enforcement | CSP Trusted Sites | Level 2 |
107
+ | Private Connect / PrivateLink | Salesforce Private Connect (Hyperforce) | Level 3 |
108
+ | Micro-segmentation | Named Credential per endpoint + IP restriction | Level 2 |
109
+
110
+ ### Private Connect / AWS PrivateLink
111
+
112
+ Salesforce Private Connect allows connections between Salesforce and AWS VPCs
113
+ (and other cloud resources) over AWS PrivateLink — traffic never traverses the
114
+ public internet.
115
+
116
+ ```
117
+ Path: Setup > Integrations > Private Connect
118
+ Requirements:
119
+ - Salesforce on Hyperforce (AWS)
120
+ - AWS VPC with PrivateLink endpoint configured
121
+ - Matching region between Salesforce instance and AWS VPC
122
+ ```
123
+
124
+ ---
125
+
126
+ ## Pillar 4: Application
127
+
128
+ **Core question:** Is the user authorized for this specific application action?
129
+
130
+ ### Salesforce Controls for Application Pillar
131
+
132
+ | Control | Salesforce Feature | Maturity Level |
133
+ |---------|------------------|----------------|
134
+ | Object-level CRUD | Profile + Permission Set permissions | Level 1 |
135
+ | Field-Level Security | FLS configuration | Level 1 |
136
+ | Record-level sharing | OWD + Sharing Rules + Role Hierarchy | Level 2 |
137
+ | Apex FLS enforcement | `WITH SECURITY_ENFORCED` / `stripInaccessible` | Level 2 |
138
+ | High Assurance for sensitive ops | Session Security Levels | Level 3 |
139
+ | Agentforce action safety tiers | Action confirmation + human handoff | Level 3 |
140
+
141
+ ### Per-Request Authorization Check
142
+
143
+ In a mature ZTA Salesforce implementation, every API request should be
144
+ authorized on the following dimensions:
145
+ 1. User identity (valid session, MFA verified)
146
+ 2. User permission (CRUD, FLS on requested object/field)
147
+ 3. Record access (sharing model permits access to this specific record)
148
+ 4. Action safety (is this action in the user's permitted action tier)
149
+
150
+ ---
151
+
152
+ ## Pillar 5: Data
153
+
154
+ **Core question:** Is data protected at rest, in transit, and in use?
155
+
156
+ ### Salesforce Controls for Data Pillar
157
+
158
+ | Control | Salesforce Feature | Maturity Level |
159
+ |---------|------------------|----------------|
160
+ | Data classification | Custom field: DataClassification__c | Level 1 |
161
+ | Encryption at rest | Shield Platform Encryption | Level 2 |
162
+ | Customer-managed keys | Bring Your Own Key (BYOK) / EKM | Level 3 |
163
+ | Data masking in non-prod | Sandbox Data Masking | Level 2 |
164
+ | Data Loss Prevention | DLP via Event Monitoring + CASB | Level 3 |
165
+ | Data residency | Hyperforce region selection | Level 2 |
166
+
167
+ ---
168
+
169
+ ## Zero Trust Mapping to Salesforce Audit Trail
170
+
171
+ Every relevant access event in a ZTA posture should be captured and monitored.
172
+
173
+ | Event Type | Salesforce Source | ZTA Pillar |
174
+ |------------|------------------|-----------|
175
+ | Login events | LoginHistory | Identity |
176
+ | Failed login | LoginHistory (Status = Failed) | Identity |
177
+ | Permission change | SetupAuditTrail | Identity, Application |
178
+ | Record access | EventMonitoring: ReportEvent, ListViewEvent | Data |
179
+ | API access | EventMonitoring: ApiEvent | Identity, Network |
180
+ | Data export | EventMonitoring: ReportExport | Data |
181
+ | Sensitive field view | EventMonitoring: FieldHistoryTracking | Data |
182
+ | Admin configuration | SetupAuditTrail | Application |
183
+
184
+ ```bash
185
+ # Query Login History for failed logins (Identity pillar monitoring)
186
+ sf data query \
187
+ --query "SELECT UserId, LoginTime, SourceIp, Status, Browser \
188
+ FROM LoginHistory \
189
+ WHERE Status != 'Success' \
190
+ AND LoginTime = LAST_N_DAYS:7 \
191
+ ORDER BY LoginTime DESC \
192
+ LIMIT 1000" \
193
+ -o prod-alias
194
+ ```
package/tests/fixtures/salesforce-maestro-routing/expected/001-happy-platform-admin-review.json ADDED
@@ -0,0 +1,6 @@
1
+ {
2
+ "route": [
3
+ "salesforce-platform-admin-review-agent"
4
+ ],
5
+ "mode": "single"
6
+ }
package/tests/fixtures/salesforce-maestro-routing/expected/002-happy-business-analyst.json ADDED
@@ -0,0 +1,6 @@
1
+ {
2
+ "route": [
3
+ "salesforce-business-analyst-agent"
4
+ ],
5
+ "mode": "single"
6
+ }
package/tests/fixtures/salesforce-maestro-routing/expected/003-happy-app-builder-automation.json ADDED
@@ -0,0 +1,6 @@
1
+ {
2
+ "route": [
3
+ "salesforce-app-builder-automation-agent"
4
+ ],
5
+ "mode": "single"
6
+ }
package/tests/fixtures/salesforce-maestro-routing/expected/004-happy-development.json ADDED
@@ -0,0 +1,6 @@
1
+ {
2
+ "route": [
3
+ "salesforce-development-agent"
4
+ ],
5
+ "mode": "single"
6
+ }
package/tests/fixtures/salesforce-maestro-routing/expected/005-happy-devops-release.json ADDED
@@ -0,0 +1,6 @@
1
+ {
2
+ "route": [
3
+ "salesforce-devops-release-agent"
4
+ ],
5
+ "mode": "single"
6
+ }
package/tests/fixtures/salesforce-maestro-routing/expected/006-happy-security-identity-access.json ADDED
@@ -0,0 +1,6 @@
1
+ {
2
+ "route": [
3
+ "salesforce-security-identity-access-agent"
4
+ ],
5
+ "mode": "single"
6
+ }
package/tests/fixtures/salesforce-maestro-routing/expected/007-happy-data-architecture.json ADDED
@@ -0,0 +1,6 @@
1
+ {
2
+ "route": [
3
+ "salesforce-data-architecture-agent"
4
+ ],
5
+ "mode": "single"
6
+ }
package/tests/fixtures/salesforce-maestro-routing/expected/008-happy-integration-mulesoft.json ADDED
@@ -0,0 +1,6 @@
1
+ {
2
+ "route": [
3
+ "salesforce-integration-mulesoft-agent"
4
+ ],
5
+ "mode": "single"
6
+ }
package/tests/fixtures/salesforce-maestro-routing/expected/009-happy-sales-cloud-revenue.json ADDED
@@ -0,0 +1,6 @@
1
+ {
2
+ "route": [
3
+ "salesforce-sales-cloud-revenue-agent"
4
+ ],
5
+ "mode": "single"
6
+ }
package/tests/fixtures/salesforce-maestro-routing/expected/010-happy-marketing-cloud.json ADDED
@@ -0,0 +1,6 @@
1
+ {
2
+ "route": [
3
+ "salesforce-marketing-cloud-agent"
4
+ ],
5
+ "mode": "single"
6
+ }
package/tests/fixtures/salesforce-maestro-routing/expected/011-happy-agentforce-ai.json ADDED
@@ -0,0 +1,6 @@
1
+ {
2
+ "route": [
3
+ "salesforce-agentforce-ai-agent"
4
+ ],
5
+ "mode": "single"
6
+ }
package/tests/fixtures/salesforce-maestro-routing/expected/012-happy-analytics-tableau.json ADDED
@@ -0,0 +1,6 @@
1
+ {
2
+ "route": [
3
+ "salesforce-analytics-tableau-agent"
4
+ ],
5
+ "mode": "single"
6
+ }
package/tests/fixtures/salesforce-maestro-routing/expected/013-happy-compliance-privacy.json ADDED
@@ -0,0 +1,6 @@
1
+ {
2
+ "route": [
3
+ "salesforce-compliance-privacy-agent"
4
+ ],
5
+ "mode": "single"
6
+ }
package/tests/fixtures/salesforce-maestro-routing/expected/014-happy-network-policy-architect.json ADDED
@@ -0,0 +1,6 @@
1
+ {
2
+ "route": [
3
+ "salesforce-network-policy-architect-agent"
4
+ ],
5
+ "mode": "single"
6
+ }
package/tests/fixtures/salesforce-maestro-routing/expected/015-happy-hyperforce-security.json ADDED
@@ -0,0 +1,6 @@
1
+ {
2
+ "route": [
3
+ "salesforce-hyperforce-security-agent"
4
+ ],
5
+ "mode": "single"
6
+ }
package/tests/fixtures/salesforce-maestro-routing/expected/016-happy-sandbox-isolation.json ADDED
@@ -0,0 +1,6 @@
1
+ {
2
+ "route": [
3
+ "salesforce-sandbox-isolation-agent"
4
+ ],
5
+ "mode": "single"
6
+ }
package/tests/fixtures/salesforce-maestro-routing/expected/017-happy-session-governance.json ADDED
@@ -0,0 +1,6 @@
1
+ {
2
+ "route": [
3
+ "salesforce-session-governance-agent"
4
+ ],
5
+ "mode": "single"
6
+ }
package/tests/fixtures/salesforce-maestro-routing/expected/018-happy-continuous-verification.json ADDED
@@ -0,0 +1,6 @@
1
+ {
2
+ "route": [
3
+ "salesforce-continuous-verification-agent"
4
+ ],
5
+ "mode": "single"
6
+ }
package/tests/fixtures/salesforce-maestro-routing/expected/019-happy-certificate-lifecycle.json ADDED
@@ -0,0 +1,6 @@
1
+ {
2
+ "route": [
3
+ "salesforce-certificate-lifecycle-agent"
4
+ ],
5
+ "mode": "single"
6
+ }
package/tests/fixtures/salesforce-maestro-routing/expected/020-happy-adaptive-access.json ADDED
@@ -0,0 +1,6 @@
1
+ {
2
+ "route": [
3
+ "salesforce-adaptive-access-agent"
4
+ ],
5
+ "mode": "single"
6
+ }
package/tests/fixtures/salesforce-maestro-routing/expected/021-happy-code-analyzer-orchestrator.json ADDED
@@ -0,0 +1,6 @@
1
+ {
2
+ "route": [
3
+ "salesforce-code-analyzer-orchestrator-agent"
4
+ ],
5
+ "mode": "single"
6
+ }
package/tests/fixtures/salesforce-maestro-routing/expected/022-happy-sandbox-governance.json ADDED
@@ -0,0 +1,6 @@
1
+ {
2
+ "route": [
3
+ "salesforce-sandbox-governance-agent"
4
+ ],
5
+ "mode": "single"
6
+ }
package/tests/fixtures/salesforce-maestro-routing/expected/023-happy-change-impact-analyst.json ADDED
@@ -0,0 +1,6 @@
1
+ {
2
+ "route": [
3
+ "salesforce-change-impact-analyst-agent"
4
+ ],
5
+ "mode": "single"
6
+ }
package/tests/fixtures/salesforce-maestro-routing/expected/adv-ambiguous.json ADDED
@@ -0,0 +1,4 @@
1
+ {
2
+ "route": [],
3
+ "mode": "unclassified"
4
+ }
package/tests/fixtures/salesforce-maestro-routing/expected/adv-instruction-injection.json ADDED
@@ -0,0 +1,6 @@
1
+ {
2
+ "route": [
3
+ "salesforce-agentforce-ai-agent"
4
+ ],
5
+ "mode": "single"
6
+ }
package/tests/fixtures/salesforce-maestro-routing/expected/adv-liveguard-01-live-org-deploy-guard.json ADDED
@@ -0,0 +1,6 @@
1
+ {
2
+ "route": [
3
+ "salesforce-live-guard-agent"
4
+ ],
5
+ "mode": "live-guard-gate"
6
+ }
package/tests/fixtures/salesforce-maestro-routing/expected/adv-liveguard-02-live-mass-delete-guard.json ADDED
@@ -0,0 +1,6 @@
1
+ {
2
+ "route": [
3
+ "salesforce-live-guard-agent"
4
+ ],
5
+ "mode": "live-guard-gate"
6
+ }
package/tests/fixtures/salesforce-maestro-routing/expected/adv-liveguard-03-live-release-to-prod-guard.json ADDED
@@ -0,0 +1,6 @@
1
+ {
2
+ "route": [
3
+ "salesforce-live-guard-agent"
4
+ ],
5
+ "mode": "live-guard-gate"
6
+ }
package/tests/fixtures/salesforce-maestro-routing/expected/adv-persona-replacement.json ADDED
@@ -0,0 +1,6 @@
1
+ {
2
+ "route": [
3
+ "salesforce-agentforce-ai-agent"
4
+ ],
5
+ "mode": "single"
6
+ }
package/tests/fixtures/salesforce-maestro-routing/expected/adv-secrets-bait.json ADDED
@@ -0,0 +1,6 @@
1
+ {
2
+ "route": [
3
+ "salesforce-security-identity-access-agent"
4
+ ],
5
+ "mode": "single"
6
+ }
package/tests/fixtures/salesforce-maestro-routing/inputs/001-happy-platform-admin-review.json ADDED
@@ -0,0 +1,7 @@
1
+ {
2
+ "name": "001-happy-platform-admin-review",
3
+ "task": "Review our Salesforce org configuration including profiles, permission sets, and org-wide defaults for sharing rules.",
4
+ "tags": [
5
+ "happy-path"
6
+ ]
7
+ }
package/tests/fixtures/salesforce-maestro-routing/inputs/002-happy-business-analyst.json ADDED
@@ -0,0 +1,7 @@
1
+ {
2
+ "name": "002-happy-business-analyst",
3
+ "task": "Map our business process requirements and user stories for the new lead management workflow in Salesforce.",
4
+ "tags": [
5
+ "happy-path"
6
+ ]
7
+ }
package/tests/fixtures/salesforce-maestro-routing/inputs/003-happy-app-builder-automation.json ADDED
@@ -0,0 +1,7 @@
1
+ {
2
+ "name": "003-happy-app-builder-automation",
3
+ "task": "Review our Salesforce flow and automation configuration using the lightning app builder and validation rules.",
4
+ "tags": [
5
+ "happy-path"
6
+ ]
7
+ }
package/tests/fixtures/salesforce-maestro-routing/inputs/004-happy-development.json ADDED
@@ -0,0 +1,7 @@
1
+ {
2
+ "name": "004-happy-development",
3
+ "task": "Review our Apex trigger and LWC lightning web component code for the custom opportunity scoring feature.",
4
+ "tags": [
5
+ "happy-path"
6
+ ]
7
+ }
package/tests/fixtures/salesforce-maestro-routing/inputs/005-happy-devops-release.json ADDED
@@ -0,0 +1,7 @@
1
+ {
2
+ "name": "005-happy-devops-release",
3
+ "task": "Review our Salesforce devops release pipeline and CI CD configuration for sandbox to sandbox metadata deployment.",
4
+ "tags": [
5
+ "happy-path"
6
+ ]
7
+ }
package/tests/fixtures/salesforce-maestro-routing/inputs/006-happy-security-identity-access.json ADDED
@@ -0,0 +1,7 @@
1
+ {
2
+ "name": "006-happy-security-identity-access",
3
+ "task": "Audit our Salesforce security posture including SSO SAML configuration, MFA enforcement, and field level security settings.",
4
+ "tags": [
5
+ "happy-path"
6
+ ]
7
+ }