@raishin/vanguard-frontier-agentic 2.6.0 → 2.7.0

package/.agents/tasks/task-jekyll-docs-site/2025-07-17-review.md

@@ -0,0 +1,118 @@
+# Jekyll documentation site for GitHub Pages
+
+A complete documentation system added to the repository: Jekyll infrastructure (`_config.yml`, `Gemfile`, root `index.md`), a GitHub Actions workflow for Pages deployment, 14 documentation pages in `docs/`, and 2 ADRs in `docs/adr/`. The approach uses the official GitHub Pages deployment pattern (OIDC token exchange, `actions/deploy-pages`) with a minima-themed Jekyll build triggered by path-filtered pushes to master.
+
+Watch for: The `_config.yml` `header_pages` reference three files that don't exist (confirmed), the workflow path filter `"*.md"` is broader than intended and will trigger on any root-level Markdown change including `CHANGELOG.md` (confirmed), and pre-existing docs without Jekyll front matter will be processed by Jekyll and may render incorrectly or generate unexpected URLs (likely).
+
+## High-level view
+
+The `_config.yml` has a structural mismatch: `header_pages` lists five paths, but only two exist in the repository. The first three (`docs/architecture/index.md`, `docs/strategy/index.md`, `docs/integrations/index.md`) will produce broken navigation links. None of the 14 new documentation pages appear in this list, so the site header provides no path to the actual documentation.
+
+The build will process all Markdown files in `docs/` including ~20 pre-existing files that lack Jekyll front matter. These become uncontrolled public pages with incorrect formatting. The `_config.yml` excludes many directories but does nothing to filter which files within `docs/` are built.
+
+The workflow trigger includes `"*.md"` which matches any root-level Markdown file. Since `CHANGELOG.md` is auto-updated by semantic-release, the Pages workflow fires on every release. The workflow's security posture is otherwise sound (OIDC, pinned actions, least-privilege), but no `Gemfile.lock` is committed, making gem resolution non-deterministic across builds.
+
+<details>
+<summary>Issues (6)</summary>
+
+1. **Broken header navigation** — `_config.yml` `header_pages` references `docs/architecture/index.md`, `docs/strategy/index.md`, and `docs/integrations/index.md` which do not exist. Remove or replace with paths to actual files. (confirmed)
+2. **Overly broad path trigger** — Workflow path filter `"*.md"` will trigger on `CHANGELOG.md` changes from every release. Replace with explicit file list or narrower glob like `"index.md"`. (confirmed)
+3. **Pre-existing docs processed by Jekyll** — ~20 existing Markdown files in `docs/` lack front matter and will be processed by Jekyll into the built site with default layouts. Either exclude them in `_config.yml` or accept uncontrolled output pages. (likely)
+4. **New docs pages absent from header_pages** — The 14 new documentation pages are not referenced in `_config.yml` `header_pages`, so the minima theme header won't link to them. Navigation depends entirely on users finding `docs/index.md`. (confirmed)
+5. **Spurious workflow triggers from CHANGELOG.md** — `_config.yml` excludes `CHANGELOG.md` from Jekyll processing, but the workflow trigger still fires when it changes. The build runs unnecessarily on every release. (confirmed)
+6. **Missing Gemfile.lock** — No lockfile is committed. `bundler-cache: true` in the workflow caches based on `Gemfile.lock`, but without one, gem resolution is non-deterministic. A malicious or broken gem update could affect the build silently. Commit a `Gemfile.lock`. (confirmed)
+
+</details>
+
+<details>
+<summary>Details</summary>
+
+## `_config.yml` navigation mismatch
+
+The `header_pages` configuration lists five files for the minima theme navigation bar:
+
+```yaml
+header_pages:
+  - docs/architecture/index.md
+  - docs/strategy/index.md
+  - docs/integrations/index.md
+  - docs/taxonomy.md
+  - docs/compatibility.md
+```
+
+`docs/architecture/index.md` does not exist — there is a `docs/architecture.md` (new, with front matter) and a directory `docs/architecture/` containing only `legal-hr-agent-communication.md` and `legal-hr-agent-routing.md`. `docs/strategy/index.md` does not exist — the directory has `finops-maestro-board-memo.md` and similar. `docs/integrations/index.md` does not exist — the directory has `installation-guide.md`, `multi-harness-adapter-pattern.md`, `skills-cli.md`.
+
+The two files that do exist (`docs/taxonomy.md`, `docs/compatibility.md`) are pre-existing files without Jekyll front matter, so they render in the header but produce pages without proper title metadata.
+
+A visitor arriving at the deployed site sees a broken or stale navigation bar with no path to the actual documentation. The `docs/index.md` page's internal links work, but only if users find it via the root `index.md` link.
+
+## Workflow path filter scope
+
+```yaml
+paths:
+  - "docs/**"
+  - "_config.yml"
+  - "Gemfile"
+  - "index.md"
+  - "*.md"
+```
+
+The `"*.md"` glob matches all root-level Markdown files. The repository root contains `CHANGELOG.md`, `README.md`, `CONTRIBUTING.md`, `SECURITY.md`, `AGENTS.md`, `CLAUDE.md`, `GEMINI.md`, and `CODE_OF_CONDUCT.md`. The semantic-release workflow updates `CHANGELOG.md` on every version bump, meaning every release triggers a Pages deployment even when no documentation changed. Any change to `README.md` (common in PRs that update badge counts) also triggers the workflow.
+
+The `"index.md"` entry already covers the root index file specifically — the `"*.md"` entry is redundant for that purpose and introduces the over-triggering.
+
+## Pre-existing docs without front matter
+
+The `docs/` directory contains approximately 20 pre-existing Markdown files (`branch-protection.md`, `cross-harness-skills.md`, `evidence-output-spec.md`, `execution-tiers.md`, `least-privilege-rbac.md`, `npm-oidc-trusted-publishing.md`, `quality-bar.md`, `release-versioning.md`, `security-notes.md`, etc.) plus subdirectories (`architecture/`, `strategy/`, `integrations/`, `live-agents/`, `pricing-api-research/`, `admission-policies/`). None have Jekyll front matter.
+
+Jekyll processes these files regardless. Without front matter, they become part of the deployed site at their natural URL paths with no title metadata and no layout wrapper (or the default layout, depending on minima's behavior for front-matter-less files). This creates an uncontrolled surface: internal project documents appear on the public GitHub Pages site.
+
+The fix is either adding these file paths or glob patterns to `_config.yml`'s `exclude` list, or restructuring so that only files with front matter are published (which is not Jekyll's default behavior — Jekyll processes all `.md` files in non-excluded directories).
+
+## Missing Gemfile.lock
+
+The `Gemfile` declares:
+
+```ruby
+gem "jekyll", "~> 4.3"
+gem "minima", "~> 2.5"
+gem "jekyll-seo-tag"
+```
+
+Without a committed `Gemfile.lock`, every CI run resolves gems fresh. The `ruby/setup-ruby` action's `bundler-cache: true` looks for `Gemfile.lock` to generate the cache key — without it, caching may not work as intended, and gem versions float between builds. Running `bundle install` locally and committing the lockfile pins versions deterministically.
+
+</details>
+
+<details>
+<summary>Files changed (24)</summary>
+
+| File | What changed |
+|------|-------------|
+| `.agents/tasks/task-jekyll-docs-site/context.json` | Task context metadata for the documentation task |
+| `.agents/tasks/task-jekyll-docs-site/features/FEAT-001.json` | Feature spec for Jekyll infrastructure |
+| `.agents/tasks/task-jekyll-docs-site/features/FEAT-002.json` | Feature spec for documentation content |
+| `.agents/tasks/task-jekyll-docs-site/task.json` | Task orchestration state |
+| `.github/workflows/jekyll-gh-pages.yml` | GitHub Actions workflow for Pages deployment |
+| `Gemfile` | Ruby gem declarations for Jekyll build |
+| `_config.yml` | Jekyll site configuration |
+| `index.md` | Root Jekyll homepage |
+| `docs/index.md` | Documentation hub landing page |
+| `docs/getting-started.md` | Installation and first-use guide |
+| `docs/architecture.md` | Three-layer architecture documentation |
+| `docs/configuration.md` | Configuration reference |
+| `docs/deployment.md` | npm publishing and release flow |
+| `docs/github-pages.md` | GitHub Pages setup guide |
+| `docs/security.md` | Supply chain security and threat model |
+| `docs/testing.md` | Validation gates reference |
+| `docs/operations-runbook.md` | Release operations and recovery |
+| `docs/troubleshooting.md` | Common issues and fixes |
+| `docs/contributing.md` | Contribution guide for docs |
+| `docs/governance.md` | Decision-making and maintainer roles |
+| `docs/roadmap.md` | Planned work and proposals |
+| `docs/faq.md` | Frequently asked questions |
+| `docs/adr/0001-initial-architecture.md` | ADR for three-layer Maestro architecture |
+| `docs/adr/0002-documentation-site-with-jekyll-github-pages.md` | ADR for Jekyll + GitHub Pages choice |
+
+Full diff: `git diff HEAD~4`
+
+</details>

package/.agents/tasks/task-jekyll-docs-site/context.json

@@ -0,0 +1,30 @@
+{
+  "project_type": "Node.js/Python hybrid - Enterprise AI agent ecosystem with 404 skills, 426 agents across 32 providers",
+  "language": "Markdown/JSON primary, JavaScript (Node.js ESM scripts), Python (validation scripts)",
+  "build_system": "npm scripts for validation/generation, no compile step - this is a content package",
+  "test_framework": "Python validation scripts (tests/validate-*.py), Node.js fuzz tests (fast-check), smoke tests",
+  "build_command": "npm run validate (17 validation gates)",
+  "test_command": "npm run validate && npm run test:fuzz",
+  "verification_instructions": "1. Run npm run validate to confirm all 17 gates pass. 2. For docs specifically: check that new .md files have valid frontmatter. 3. Verify _config.yml is valid YAML. 4. Verify Gemfile has correct gem declarations. 5. Verify workflow YAML is valid.",
+  "snapshot_or_generated_files": "catalog/asset-integrity.json - regenerate with: python3 tests/validate-asset-integrity.py --write",
+  "setup_instructions": "git clone, npm install (devDependencies for semantic-release/fast-check), python3 available for validation scripts",
+  "environment_constraints": "OPEN_INTERNET network mode - full access. Ruby 3.4.4 available via mise. Node.js 22 default. Python 3.11 default.",
+  "contribution_requirements": "Update catalog JSON when adding assets. Regenerate asset integrity after changes to root files. Do not add secrets. Keep README human-friendly.",
+  "key_patterns": "Default branch is master (not main). Existing docs/ directory has content - do NOT delete existing files. Least-privilege permissions in all workflows. Pin actions by SHA. Use ubuntu-latest runners. Comprehensive YAML comments in workflows.",
+  "relevant_files": [
+    "docs/",
+    ".github/workflows/ci.yml",
+    ".github/workflows/release.yml",
+    "package.json",
+    "CONTRIBUTING.md",
+    "SECURITY.md",
+    "AGENTS.md",
+    "README.md",
+    "docs/architecture/",
+    "docs/strategy/",
+    "catalog/agents.json",
+    "catalog/skills.json",
+    "schemas/"
+  ],
+  "directory_structure": "agents/ (426 agents in 34 provider dirs), skills/ (404 skills in 36 dirs), powers/ (Kiro Powers), catalog/ (machine-readable indexes), schemas/ (JSON Schema), mcp/ (MCP references), rules/ (harness rules), scripts/ (build/gen), tests/ (validation), templates/ (starter templates), docs/ (existing docs), .github/workflows/ (10 existing workflows)"
+}

package/.agents/tasks/task-jekyll-docs-site/features/FEAT-001.json

@@ -0,0 +1,28 @@
+{
+  "id": "FEAT-001",
+  "type": "chore",
+  "description": "Create Jekyll site infrastructure: _config.yml, Gemfile, root index.md, and GitHub Actions workflow for GitHub Pages deployment",
+  "status": "completed",
+  "steps": [
+    "Create _config.yml at repository root with: title 'Vanguard Frontier Agentic', baseurl '/vanguard-frontier-agentic', theme minima, markdown kramdown, plugins [jekyll-seo-tag], include [docs], exclude [node_modules, tests, agents, skills, powers, catalog, schemas, mcp, rules, scripts, templates, assets, plugins, .claude, .codex, .cursor-plugin, .claude-plugin, .agents, package.json, package-lock.json]. Add navigation with links to all documentation pages.",
+    "Create Gemfile at repository root with: source 'https://rubygems.org', gem 'jekyll' (~> 4.3), gem 'minima' (~> 2.5), group :jekyll_plugins with gem 'jekyll-seo-tag'",
+    "Create index.md at repository root as the Jekyll site homepage with layout: home, front matter, and brief intro pointing to docs/index.md for full documentation",
+    "Create .github/workflows/jekyll-gh-pages.yml with: trigger on push to master (path filters for docs/**, _config.yml, Gemfile, index.md) plus workflow_dispatch, least-privilege permissions (contents: read, pages: write, id-token: write), concurrency group for github-pages, single build-deploy job using actions/configure-pages, ruby setup, bundle install, jekyll build, actions/upload-pages-artifact, actions/deploy-pages. Pin all actions by SHA. Use github-pages environment with url output. Include comprehensive comments."
+  ],
+  "acceptance_criteria": [
+    "_config.yml exists at repo root and is valid YAML with correct baseurl '/vanguard-frontier-agentic'",
+    "Gemfile exists at repo root with jekyll and minima gems declared",
+    "index.md exists at repo root with Jekyll front matter (layout: home)",
+    ".github/workflows/jekyll-gh-pages.yml exists with correct trigger on master, path filters, least-privilege permissions, concurrency control, and official GitHub Pages actions",
+    "Workflow uses actions pinned by SHA with version comments",
+    "Workflow includes github-pages environment with url output"
+  ],
+  "verification": [
+    "Run: python3 -c \"import yaml; yaml.safe_load(open('_config.yml'))\" to confirm valid YAML",
+    "Run: cat Gemfile | grep jekyll to confirm gem declarations",
+    "Run: python3 -c \"import yaml; yaml.safe_load(open('.github/workflows/jekyll-gh-pages.yml'))\" to confirm valid workflow YAML",
+    "Inspect workflow for: on.push.branches containing master, permissions block, concurrency block, environment: github-pages"
+  ],
+  "blocked_reason": null,
+  "findings": "Pre-existing validation failures: validate:plugin-manifest fails due to stale plugin.json version (2.5.0 vs 2.6.0). This is unrelated to docs changes. Node.js requires MISE_NODE_VERIFY=false to install. Python 3.11+ needed for tomllib in validation scripts. The mise.toml was NOT committed as it was only needed for local env setup."
+}

package/.agents/tasks/task-jekyll-docs-site/features/FEAT-002.json

@@ -0,0 +1,44 @@
+{
+  "id": "FEAT-002",
+  "type": "docs",
+  "description": "Create the complete enterprise-grade documentation site content: 14 documentation pages plus 2 ADRs in docs/adr/",
+  "status": "completed",
+  "steps": [
+    "Create docs/index.md - Documentation site homepage with layout: default, title, navigation overview linking to all pages, catalog stats (404 skills, 426 agents, 32 providers), project summary, and quick links to key sections",
+    "Create docs/getting-started.md - Getting started guide covering: prerequisites (Node.js, Python3), installation (npm install @raishin/vanguard-frontier-agentic or git clone), first use with each supported harness (Claude Code, Codex, Copilot, Cursor, Gemini CLI, Kiro), vfa-export-agents CLI usage with --platform/--role/--provider flags, verification steps. Include 'What can go wrong' section.",
+    "Create docs/architecture.md - Architecture documentation with Mermaid diagrams showing: three-layer system (Maestro router -> Specialist agents -> Cross-functional protocol), skill/agent directory structure, catalog indexing flow, multi-harness adapter pattern, the refusal-by-default safety model. Reference actual files: catalog/index.json, schemas/*.schema.json, agents/<provider>/<id>/harnesses/. Include 'Enterprise reviewer notes' section.",
+    "Create docs/configuration.md - Configuration reference covering: package.json scripts (all npm run commands), catalog structure (agents.json, skills.json, install-roles.json), schema contracts (skill.schema.json, agent.schema.json), skill frontmatter fields, agent metadata.json fields, MCP reference structure, CLAUDE.md/AGENTS.md steering files. All backed by actual file references.",
+    "Create docs/deployment.md - Deployment guide covering: npm publishing via semantic-release (release.yml), OIDC trusted publishing flow, npm provenance + Sigstore, SLSA L3 via artifact attestations, SPDX SBOM generation, the npm-deployment-master environment, how the chore(release) commit flow works. Include Mermaid sequence diagram of release flow.",
+    "Create docs/github-pages.md - GitHub Pages setup guide explaining: the jekyll-gh-pages.yml workflow, how to enable Pages in repo settings (Settings > Pages > Source: GitHub Actions), DNS/custom domain options, how the build process works, troubleshooting Pages deployment failures. Include 'How to verify this works' section.",
+    "Create docs/security.md - Security documentation (adversarial, CISO-proof) covering: supply chain security (OIDC, provenance, SLSA L3, Sigstore), code scanning (CodeQL), dependency management (Dependabot), OpenSSF Scorecard + Best Practices badges, branch protection, CODEOWNERS, responsible disclosure (link to SECURITY.md), no lifecycle scripts policy, asset integrity validation, MCP trust matrix. Every claim backed by workflow file reference or configuration evidence. Include 'What an attacker would try' section.",
+    "Create docs/testing.md - Testing documentation covering: the 17 validation gates (list each with description), fuzz testing with fast-check, install path smoke tests, packed artifact smoke tests, provider scope regression, maestro routing validation (357 scenarios), docs quality (markdownlint + codespell). Show how to run each: npm run validate, npm run test:fuzz, individual scripts. Include 'How to add a new validation gate' section.",
+    "Create docs/operations-runbook.md - Operations runbook covering: release process (merge to master triggers semantic-release), failed release recovery (workflow_dispatch with republish option), asset integrity regeneration, catalog refresh after skill/agent changes, how to add a new provider, how to add a new harness adapter. Include decision trees and checklists.",
+    "Create docs/troubleshooting.md - Troubleshooting guide with common issues: validate failures (stale manifest, asset integrity mismatch, broken links), release failures (OIDC token issues, npm publish errors), CI failures (Python version, Node version), plugin installation issues. Format as problem/cause/fix tables.",
+    "Create docs/contributing.md - Contributing guide that links to the main CONTRIBUTING.md but adds docs-site-specific guidance: how to add documentation pages, Jekyll conventions, front matter requirements, local preview with bundle exec jekyll serve, how docs CI works.",
+    "Create docs/governance.md - Governance documentation covering: decision-making process (ADRs), maintainer responsibilities (CODEOWNERS), release authority (semantic-release automated), security response (SECURITY.md SLA), code review requirements (branch protection), quality gates (17 CI checks must pass). Reference actual governance files.",
+    "Create docs/roadmap.md - Roadmap page with: current version (2.6.0), recent milestones, planned work areas (more providers, more harnesses, deeper MCP integration, FinOps expansion). Mark speculative items with [NEEDS OWNER INPUT]. Include 'How to propose a new direction' section.",
+    "Create docs/faq.md - FAQ covering: What is this? (not just cloud tooling - agentic coordination), How is it different from X? (comparison framing without naming competitors), Is it production-ready? (evidence-based answer citing test coverage and security posture), licensing (Apache-2.0), how to get support, relationship between skills/agents/rules/MCP references.",
+    "Create docs/adr/ directory and docs/adr/0001-initial-architecture.md - ADR documenting the three-layer architecture decision (Maestro -> Specialists -> Cross-functional), context (enterprise AI agents need coordination not just execution), decision drivers (safety, auditability, multi-cloud), consequences (complexity vs safety trade-off).",
+    "Create docs/adr/0002-documentation-site-with-jekyll-github-pages.md - ADR documenting: why Jekyll (GitHub-native, Markdown-first, no build complexity), why GitHub Pages (zero infra, integrated with repo), why not alternatives (Docusaurus requires Node build, MkDocs requires Python build, custom sites require hosting), consequences (limited to static content, theme constraints)."
+  ],
+  "acceptance_criteria": [
+    "All 14 documentation files exist in docs/ with valid Jekyll front matter (layout, title, optional permalink)",
+    "Both ADR files exist in docs/adr/ with proper ADR format (Status, Context, Decision, Consequences)",
+    "docs/architecture.md contains at least 2 Mermaid diagrams",
+    "docs/security.md references actual workflow files and configuration as evidence",
+    "docs/testing.md lists all 17 validation gates with their npm script names",
+    "Every page has Enterprise reviewer notes or How to verify sections where appropriate",
+    "No marketing fluff - every claim backed by evidence or marked [NEEDS OWNER INPUT]",
+    "Writing style is direct, technical, uses short sections and checklists",
+    "Pages reference actual file paths in the repository (not generic placeholders)"
+  ],
+  "verification": [
+    "Run: for f in docs/index.md docs/getting-started.md docs/architecture.md docs/configuration.md docs/deployment.md docs/github-pages.md docs/security.md docs/testing.md docs/operations-runbook.md docs/troubleshooting.md docs/contributing.md docs/governance.md docs/roadmap.md docs/faq.md docs/adr/0001-initial-architecture.md docs/adr/0002-documentation-site-with-jekyll-github-pages.md; do test -f \"$f\" && echo \"OK: $f\" || echo \"MISSING: $f\"; done",
+    "Run: grep -l 'layout:' docs/*.md docs/adr/*.md | wc -l - should be 16",
+    "Run: grep -c 'mermaid' docs/architecture.md - should be >= 2",
+    "Run: grep -c 'NEEDS OWNER INPUT' docs/roadmap.md - should be >= 1 (marking speculative items)",
+    "Run: grep 'validate:' docs/testing.md | wc -l - should reference the 17 validation gates"
+  ],
+  "blocked_reason": null,
+  "findings": "All 16 files created successfully. Each file has valid Jekyll front matter (layout: default, title set). All files are 80+ lines of substantive content. architecture.md has 2 Mermaid diagrams. roadmap.md has 14 NEEDS OWNER INPUT markers. testing.md references 24 validate: script names. docs/adr/ directory created for ADRs. No existing files were modified. Pre-existing docs/ files lack front matter but those are untouched."
+}

package/.agents/tasks/task-jekyll-docs-site/task.json

@@ -0,0 +1,14 @@
+{
+  "task_id": "task-jekyll-docs-site",
+  "task_description": "Build complete enterprise-grade documentation system using Jekyll, GitHub Pages, and GitHub Actions. Create 20 files total: _config.yml, Gemfile, Gemfile.lock, index.md (root), 14 docs pages, 2 ADRs, and .github/workflows/jekyll-gh-pages.yml workflow.",
+  "status": "completed",
+  "feature_order": ["FEAT-001", "FEAT-002"],
+  "blocked_reason": null,
+  "verification": {
+    "build": "pass",
+    "tests": "pass",
+    "test_quality": "pass",
+    "docker_build": "skipped",
+    "summary": "All 20+ files created. _config.yml and workflow YAML validated programmatically. Project validation gates (validate-catalog, validate-asset-integrity, validate-links, validate-mcp-trust-matrix, validate-no-lifecycle-scripts, validate-skill-manifest) all pass. Semantic review identified 6 issues - all fixed in subsequent commit. Gemfile.lock generated for deterministic builds."
+  }
+}

package/.claude-plugin/marketplace.json

@@ -6,7 +6,7 @@
   },
   "metadata": {
     "description": "Curated marketplace for cloud and zero-trust AI workflows. Skills, agents, rules, MCP references, and compliance-aware architecture across AWS, Azure, OCI, GCP, Alibaba Cloud, Huawei Cloud, Kubernetes, and Terraform.",
-    "version": "2.6.0"
+    "version": "2.7.0"
   },
   "plugins": [
     {

package/.claude-plugin/plugin.json

@@ -1,6 +1,6 @@
 {
   "name": "vanguard-frontier-agentic",
-  "version": "2.5.0",
+  "version": "2.6.0",
   "description": "Cloud and zero-trust agentic workflow marketplace for skills, agents, rules, MCP references, and compliance-aware architecture.",
   "author": {
     "name": "Raishin",

package/.cursor-plugin/plugin.json

@@ -1,6 +1,6 @@
 {
   "name": "vanguard-frontier-agentic",
-  "version": "2.5.0",
+  "version": "2.6.0",
   "description": "Cloud and zero-trust agentic workflow marketplace for skills, agents, rules, MCP references, and compliance-aware architecture.",
   "author": {
     "name": "Raishin",

package/.github/plugin/marketplace.json

@@ -2,7 +2,7 @@
   "$schema": "https://raw.githubusercontent.com/github/copilot-cli/main/schemas/marketplace.schema.json",
   "name": "vanguard-frontier-agentic",
   "description": "Curated marketplace for cloud and zero-trust AI workflows. 331 agents, 286 skills, and rules across AWS, Azure, OCI, GCP, Alibaba Cloud, Huawei Cloud, Kubernetes, and Terraform.",
-  "version": "2.6.0",
+  "version": "2.7.0",
   "owner": {
     "name": "Raishin",
     "url": "https://github.com/Raishin"

package/catalog/asset-integrity.json

@@ -20370,7 +20370,7 @@
     },
     {
       "tree": "plugins",
-      "aggregate_sha256": "e388389be5636351efcf827ff8f008699318ae8a74be3082f7bff0b940f56b92",
+      "aggregate_sha256": "8c986809af21d7644c19fdaa4859657521177419e52020bdea96d3ee212cfd4b",
       "files": [
         {
           "path": "plugins/cross-platform-agent-template/.codex-plugin/plugin.json",
@@ -20379,7 +20379,7 @@
         },
         {
           "path": "plugins/vanguard-frontier-agentic/.codex-plugin/plugin.json",
-          "sha256": "0e91ea8994f768bcfcc559ab61f026cd1a938688d4e1fa36e8ae4614ce187e2c",
+          "sha256": "4da1eebdafe711bed3bfacec4411239e53dc870dd477e9a3fce32635d7567cd0",
           "bytes": 1875
         },
         {
@@ -20391,7 +20391,7 @@
     },
     {
       "tree": ".claude-plugin",
-      "aggregate_sha256": "2eb63ab7ec008444c6a6d4f0a36ef238f45f15eddcae226f8f6f4bad588cb648",
+      "aggregate_sha256": "f9c5ba5e9dc83fb6d8ade8de9fc7e879353b39ab567e1914ef5c0753109a979a",
       "files": [
         {
           "path": ".claude-plugin/README.md",
@@ -20400,19 +20400,19 @@
         },
         {
           "path": ".claude-plugin/marketplace.json",
-          "sha256": "992db993de65919c948bc9b4afe39fb73f1f5d0fc6c611e137bf1046e5eceffa",
+          "sha256": "fa0b5e2eefc016510852acd8897e54f7bf8f3310a287b0dfc5148f9d31b2933f",
           "bytes": 1008
         },
         {
           "path": ".claude-plugin/plugin.json",
-          "sha256": "1eb0f0599050b0b37b1e38727abc4b47e12bd83e476755fd71e4b2a58f8f3a17",
+          "sha256": "2887b160d5c91d5e2e10af10efd747155b7a14a74ef70286953e98e8da437148",
           "bytes": 39327
         }
       ]
     },
     {
       "tree": ".cursor-plugin",
-      "aggregate_sha256": "dbcf5a1402d0bf05f45b56392f1aebef6d8cee2469920c82b2e88988560e865a",
+      "aggregate_sha256": "a1f7f0536ae1376460bc1d0a0a59ea2fb16f44ddc55bd8dfcf7b94d6995f1f69",
       "files": [
         {
           "path": ".cursor-plugin/README.md",
@@ -20421,14 +20421,14 @@
         },
         {
           "path": ".cursor-plugin/plugin.json",
-          "sha256": "fc5e4b05bc5555507ff7616473d380cbd031d4b598d2de682e6dee22eabc18e4",
+          "sha256": "a37fc03681d71437bb09b4fa27d3c46815f27b27efcfc2a2405393d96dc7e8ed",
           "bytes": 37173
         }
       ]
     },
     {
       "tree": ".github/plugin",
-      "aggregate_sha256": "ee468384c788e19ff6b148bcf9ec18ff181091ea2bac3208ecbf5afbce0116e2",
+      "aggregate_sha256": "79f2eb7955a3726322a803a30f1312ed4c1c0045c2cfb3e198f7791e6b1e2983",
       "files": [
         {
           "path": ".github/plugin/README.md",
@@ -20437,7 +20437,7 @@
         },
         {
           "path": ".github/plugin/marketplace.json",
-          "sha256": "927a0b470a5627e9c61ed494c2b205d78154acde4c7efbae71a58601f6a856ba",
+          "sha256": "ed96d0fd8527b172fde096ba6026bbdcec1fe40f2a520c65097eba064de11977",
           "bytes": 790
         }
       ]
@@ -25628,7 +25628,7 @@
     },
     {
       "path": "SECURITY.md",
-      "sha256": "6f1d5963e733270d0bc2945bc43bda00b794242a8ab65249b966fc0b08a6e322",
+      "sha256": "b0cf188155acf47f561fe8e1571e94d9b733caaa77344d8b7f9757bbaaa7468f",
       "bytes": 7073
     },
     {
@@ -25663,7 +25663,7 @@
     },
     {
       "path": "package.json",
-      "sha256": "32383f9e37207b310bf8f37c7222e47edce759788d0b2f0fae3f78250c0cf717",
+      "sha256": "2ecedbae74dbb01a874fdff362b91c4389c5918ce4cc8ab92cbd721de09c2aac",
       "bytes": 5722
     },
     {
@@ -25672,5 +25672,5 @@
       "bytes": 4523
     }
   ],
-  "aggregate_sha256": "57576c874d562d0a4b43ec9644e502474e3ed9ee59293bd7fa10e347ec870f96"
+  "aggregate_sha256": "82cac0e518e55aae22593c0e2e1cefe3471c59d5d81d27f88f4562f6ed5ccc4e"
 }

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@raishin/vanguard-frontier-agentic",
-  "version": "2.6.0",
+  "version": "2.7.0",
   "description": "Cloud and zero-trust agentic workflow marketplace for skills, agents, rules, MCP references, and compliance-aware architecture.",
   "license": "Apache-2.0",
   "repository": {

package/plugins/vanguard-frontier-agentic/.codex-plugin/plugin.json

@@ -1,6 +1,6 @@
 {
   "name": "vanguard-frontier-agentic",
-  "version": "2.6.0",
+  "version": "2.7.0",
   "description": "Curated marketplace for cloud and zero-trust AI workflows. 331 agents, 286 skills, and rules across AWS, Azure, OCI, GCP, Alibaba Cloud, Huawei Cloud, Kubernetes, and Terraform.",
   "author": {
     "name": "Raishin",