npm - @raishin/vanguard-frontier-agentic - Versions diffs - 2.8.0 → 2.9.0 - Mend

@raishin/vanguard-frontier-agentic 2.8.0 → 2.9.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (1724) hide show

package/skills/oci/oci-live-cost-budget-runaway-guard/references/cost-budget-runaway-operations.md ADDED Viewed

@@ -0,0 +1,65 @@
+# OCI Live Cost Budget Runaway Guard Operations
+> Version note: OCI service behavior and tooling change over time. Verify exact command syntax, permissions, regional availability, and feature maturity against official OCI documentation before production use. Do not paste secrets or sensitive identifiers into commands, files, or chat.
+Use this reference for current, source-grounded service behavior and the hard review gates that the lean `SKILL.md` intentionally does not carry.
+## What people get wrong
+- Raising budget thresholds to silence alerts instead of investigating spend.
+- Treating budgets as hard quota enforcement.
+- Approving expensive shapes without owner, duration, quota, and shutdown evidence.
+- Stopping resources blindly without business criticality and rollback checks.
+## Officially grounded service shape
+- Official OCI documentation describes budgets as soft spending controls with alert rules; they are not hard enforcement of spend.
+- Official OCI documentation says budget alerts can be based on percentage or absolute amount and actual or forecast spending.
+- OCI API evidence through the user’s configured read-only OCI MCP shows budget listing is compartment-scoped and can filter by lifecycle state, display name, target type, sorting, and pagination.
+- OCI API evidence through the user’s configured read-only OCI MCP shows summarized usage requests require tenant scope, time window, granularity, query type, grouping, tags, filters, and pagination. Treat that as API-shape evidence, not spend truth unless current state is sampled.
+Documentation evidence proves documented OCI service behavior. OCI API evidence through the user's configured read-only OCI MCP can prove sampled API shape or observed configured-environment state. Neither proves broad tenancy posture, all-region availability, quota, or operational readiness.
+## Non-negotiable design rules
+- Separate budget alerts, quotas, usage, forecasts, resource inventory, and owner approval.
+- Require financial authority before raising thresholds, increasing quotas, or provisioning high-cost resources.
+- For emergency containment, prefer reversible stop/scale actions and preserve evidence before deletion.
+- Do not expose billing exports, resource names, customer data, or sensitive business identifiers.
+## Minimal safe implementation flow
+- Confirm time window, scope, service, owner, cost signal, and requested action.
+- Use official docs for budget/quota behavior and sampled read-only evidence for usage or budget API shape.
+- Classify actions as observe, alert, stop, scale, quota, or budget mutation.
+- Return financial risk, blocker list, emergency safe actions, approvals, and verification plan.
+## High-risk assumptions to kill
+- “Budget alerts prevent overspend.”
+- “Forecasted cost is exact.”
+- “Expensive equals waste.”
+- “Stopping the biggest item is always safe.”
+Those are lazy assumptions.
+## Safe command/code verification targets
+- Check usage by service, region, tag, compartment, SKU, and resource for the confirmed window.
+- Check budget target type, alert rules, recipients, lifecycle state, and threshold basis.
+- Validate quota and high-cost shape requests against owner, duration, and shutdown automation.
+- Confirm emergency actions are reversible and approved.
+## Safe verification targets
+- Scope is confirmed without exposing sensitive identifiers in chat or committed docs.
+- Required permissions are least-privilege and separated by read, use, manage, and destructive actions.
+- Current-state findings are labeled as sampled evidence, not broad proof.
+- Risky mutations have explicit approval, blast-radius review, rollback, and validation.
+- Official-source claims are linked to service docs and not overstated as live posture.
+## When to push back
+- The user asks to raise thresholds or quotas without financial authority.
+- The request treats alert noise as the problem instead of spend cause.
+- Emergency stop/delete would affect unknown production dependencies.

package/skills/oci/oci-live-cost-budget-runaway-guard/references/mcp-and-evidence.md ADDED Viewed

@@ -0,0 +1,30 @@
+# MCP and evidence path
+Use this reference to choose the right evidence path without leaking environment details.
+## Evidence order
+1. Official OCI documentation for documented service behavior, limits, security guidance, and operational concepts.
+2. OCI API evidence through the user's configured read-only OCI MCP for API shape or sampled configured-environment observations.
+3. Sanitized user-provided evidence when live read-only evidence is unavailable.
+4. Explicit inference only when evidence is incomplete.
+## What each evidence type proves
+- Official documentation proves documented OCI behavior at the time checked.
+- Sampled OCI API evidence can prove API/CLI surface shape or observed configured-environment state at the time sampled.
+- User-provided evidence proves only what was provided and only if sanitized.
+- Inference is not proof; label it and keep recommendations conditional.
+## What evidence does not prove
+- Documentation does not prove the user's tenancy, compartments, IAM policies, limits, resources, billing state, security posture, or production readiness.
+- Sampled API evidence does not prove all regions, all compartments, all resources, future posture, or full operational readiness.
+- Command help proves command/API surface shape; it does not prove permission, resource existence, or safe execution.
+## Safe phrasing
+- “Official OCI documentation says...”
+- “OCI API evidence through the user's configured read-only OCI MCP shows...”
+- “The current state was not queried, so this remains an assumption.”
+- “This recommendation is documentation-based and needs environment validation before production change.”

package/skills/oci/oci-live-cost-budget-runaway-guard/references/official-sources.md CHANGED Viewed

@@ -1,17 +1,22 @@
-# Official Sources: OCI Live Cost Budget Runaway Guard
+# Official sources
-## OCI Budgets and cost management
+Use these sources to ground service behavior before making production recommendations.
-- https://docs.oracle.com/en-us/iaas/Content/Billing/Concepts/budgetsoverview.htm
+## Oracle documentation checked on 2026-06-05
+- https://docs.oracle.com/iaas/Content/Billing/Concepts/budgetsoverview.htm
 - https://docs.oracle.com/en-us/iaas/Content/Billing/Tasks/managingbudgets.htm
-- https://docs.oracle.com/en-us/iaas/Content/Billing/Tasks/managingalertrules.htm
+- https://docs.oracle.com/iaas/Content/Billing/Tasks/managingalertrules.htm
+- https://docs.oracle.com/en-us/iaas/Content/General/Concepts/resourcequotas.htm
-## OCI Quotas
+## Sampled read-only OCI API evidence checked on 2026-06-05
-- https://docs.oracle.com/en-us/iaas/Content/Quotas/Concepts/quotasoverview.htm
-- https://docs.oracle.com/en-us/iaas/Content/Quotas/Tasks/managingquotas.htm
+- OCI API evidence through the user's configured read-only OCI MCP was used for command/API surface shape only.
+- Command-help evidence confirms available list/filter surfaces; it does not prove permissions, resource existence, regional availability, capacity, quota, data correctness, or production readiness.
-## Source-grounding rule
+## Grounding rules
-Use official Oracle Cloud Infrastructure documentation as the source of truth.
-Budget behavior and alert rule mechanics must be verified against current OCI docs.
+- Prefer the most specific Oracle documentation page for the service or feature being discussed.
+- If documentation and sampled API evidence appear to conflict, report the conflict and avoid stronger claims until resolved.
+- Do not cite internal tool names, local environment labels, connector identifiers, or environment-specific details in committed docs.
+- Do not paste sensitive identifiers or customer data into examples.

package/skills/oci/oci-live-cost-budget-runaway-guard/references/safety-checklist.md ADDED Viewed

@@ -0,0 +1,35 @@
+# Safety checklist
+Use this checklist before producing guidance, requesting evidence, or proposing changes.
+## Evidence labels
+- `documentation-based`: grounded in official OCI documentation only.
+- `sampled-api-shape`: grounded in read-only command/API help or metadata evidence.
+- `sampled-current-state`: grounded in read-only observations from the configured environment.
+- `user-supplied`: grounded in sanitized user evidence.
+- `inference`: reasoned from incomplete evidence; never present it as fact.
+## Credential and identifier boundaries
+- Do not ask for credentials, tokens, private keys, API keys, config files, wallets, kubeconfigs, connection strings, customer data, or sensitive identifiers.
+- Do not commit environment-specific identifiers, internal tool names, local environment labels, connector IDs, or private endpoint details.
+- If the task requires live context, ask for a sanitized export or use approved read-only evidence paths.
+## Mutation boundary
+Require explicit approval before creating, updating, deleting, moving, scaling, rotating, patching, enabling, disabling, refreshing, restoring, cutting over, opening network access, changing quotas, changing budgets, or changing access.
+## Approval gates
+- Confirm scope, owner, environment criticality, maintenance window, rollback plan, and validation target.
+- Separate read-only discovery from write actions.
+- Prefer least privilege and reversible changes.
+- Stop if evidence conflicts or if the blast radius is unknown.
+## Final-answer minimum
+- State evidence level and scope.
+- List blockers and unsafe assumptions.
+- Give safe next actions before risky actions.
+- Name what was not proved.

package/skills/oci/oci-live-cost-budget-runaway-guard/references/workflow-and-output.md ADDED Viewed

@@ -0,0 +1,26 @@
+# Workflow and output contract
+Use this workflow for full reviews and live-guard decisions.
+## Execution flow
+1. Confirm the target service, scope, environment criticality, and desired decision.
+2. Load official source guidance and this skill's operations reference.
+3. Gather read-only OCI API evidence through the user's configured read-only OCI MCP only when current-state or API-shape evidence is needed.
+4. Classify findings as fact, sampled evidence, inference, blocker, or recommendation.
+5. Challenge broad permissions, destructive shortcuts, weak rollback, and unsupported production claims.
+6. Return concise findings with safe next actions and explicit unknowns.
+## Output contract
+Return these fields when the user asks for a review, guardrail, or production-readiness answer:
+- `verdict`: pass, pass-with-risk, blocked, or needs-evidence.
+- `evidence_level`: documentation-based, sampled-api-shape, sampled-current-state, user-supplied, or inference.
+- `blockers`: missing proof, unsafe assumptions, or approval gaps.
+- `safe_next_actions`: least-risk steps the user can take next.
+- `open_questions`: only questions that materially change the decision.
+## Tone
+Be blunt. Do not validate a weak plan. If the evidence is thin, say so and narrow the recommendation.

package/skills/oci/oci-live-iam-policy-compartment-guard/SKILL.md CHANGED Viewed

@@ -1,11 +1,11 @@
 ---
 name: oci-live-iam-policy-compartment-guard
-description: Guard OCI IAM policy writes and dynamic group changes with verb-hierarchy audit, compartment scope enforcement, anti-pattern detection (any-user/any-group), and rollback via statement restore.
-allowed-tools: Read Grep Glob WebFetch
+description: Guard live OCI IAM policy and dynamic-group changes with statement-level review, verb hierarchy, compartment scope, broad-principal detection, rollback capture, and explicit approval.
+allowed-tools: Read Grep Glob
 metadata:
-  author: "github: Raishin"
-  version: "0.1.0"
-  updated: "2026-05-05"
+  author: github: Raishin
+  version: 0.1.1
+  updated: "2026-06-05"
   category: security
 ---
@@ -13,40 +13,39 @@ metadata:
 ## Purpose
-Act as the guarded live OCI operator for oci-live-iam-policy-compartment-guard work. Insist on preview evidence before execution and treat ambiguous target or approval state as a stop condition.
+Act as a blunt OCI guard for this domain. Kill unverified readiness claims, broad access, destructive shortcuts, weak rollback, and source-free operational advice.
-## When to use
+Use this skill for:
-Use this skill when:
-- an OCI IAM policy must be created or modified in a compartment or at tenancy root
-- a dynamic group rule must be changed and blast-radius must be audited before write
-- an IAM audit finds overly broad policies that must be narrowed with least-privilege verb selection
+- IAM policy create, update, or delete review
+- dynamic-group matching-rule change review
+- compartment-scope and parent-policy blast-radius analysis
+- broad-principal and broad-resource anti-pattern detection
+- least-privilege rollback and approval planning
 ## Lean operating rules
-- Prefer OCI CLI (`oci`) official documentation when available; fall back to Oracle Cloud docs and sanitized user evidence.
-- Do not execute a live OCI change until tenancy, compartment, active principal, and resource ownership are explicit.
-- Prefer plan, detect-drift, inspect, read, describe, and rollback evidence before execution.
-- If the request skips preview or rollback design, push back.
-- Never print secrets, API keys, tenancy OCIDs, private key contents, or raw config values. Summarize sanitized evidence only.
-- Load references only when needed.
+- Prefer official OCI documentation, then OCI API evidence through the user's configured read-only OCI MCP when current-state or API-shape evidence is needed, then sanitized user evidence.
+- Separate confirmed facts from inference. If state was not queried or shown, say so.
+- Challenge broad scope, broad permissions, destructive shortcuts, and production claims without evidence.
+- Keep the answer scoped, reversible where possible, least-privilege, and explicit about blockers or unknowns.
+- Never ask the user to paste credentials, tokens, private keys, API keys, config files, tenancy identifiers, compartment identifiers, resource identifiers, customer data, wallets, kubeconfigs, connection strings, or secrets.
 ## References
 Load these only when needed:
-- [Preflight commands](references/preflight-commands.md) — OCI CLI commands to run before any mutation.
-- [Rollback playbook](references/rollback-playbook.md) — concrete rollback steps for this service.
-- [Permission model](references/permission-model.md) — OCI IAM policy statements and dynamic group guidance.
-- [Official sources](references/official-sources.md) — authoritative OCI documentation links.
+- [OCI Live IAM Policy Compartment Guard Operations](references/iam-policy-compartment-operations.md) — use for current service behavior, common failure modes, hard design rules, verification targets, and push-back conditions.
+- [Safety checklist](references/safety-checklist.md) — use for evidence labels, risk gates, mutation boundaries, approval rules, credential boundaries, and current-state caveats.
+- [MCP and evidence path](references/mcp-and-evidence.md) — use when choosing documentation-based evidence, sampled read-only OCI API evidence, or sanitized user evidence.
+- [Workflow and output contract](references/workflow-and-output.md) — use when executing the full review, applying stress checks, or formatting the final answer.
+- [Official sources](references/official-sources.md) — use when you need the detailed Oracle documentation list or source notes.
 ## Response minimum
 Return, at minimum:
-- confirmed tenancy, compartment, and active principal
-- preflight evidence (plan output, drift result, inspect/read, health check)
-- approval status for the proposed mutation
-- rollback posture or explicit statement of what cannot be rolled back
-- post-action verification steps or refusal reason
+- the scoped target and evidence level,
+- the main risks or control gaps,
+- the safest next actions,
+- the assumptions or blockers that prevent stronger conclusions.

package/skills/oci/oci-live-iam-policy-compartment-guard/metadata.json CHANGED Viewed

@@ -11,17 +11,17 @@
     "kiro",
     "other"
   ],
-  "summary": "Guard OCI IAM policy writes and dynamic group changes with verb-hierarchy audit, compartment scope enforcement, anti-pattern detection (any-user/any-group), and rollback via statement restore.",
+  "summary": "Guard live OCI IAM policy and dynamic-group changes with statement-level review, verb hierarchy, compartment scope, broad-principal detection, rollback capture, and explicit approval.",
   "source_type": "original",
   "official_docs": [
-    "https://docs.oracle.com/en-us/iaas/Content/Identity/Concepts/policygetstarted.htm",
-    "https://docs.oracle.com/en-us/iaas/Content/Identity/Tasks/managingdynamicgroups.htm",
     "https://docs.oracle.com/en-us/iaas/Content/Identity/Concepts/policysyntax.htm",
-    "https://docs.oracle.com/en-us/iaas/Content/Identity/Reference/iampolicyreference.htm"
+    "https://docs.oracle.com/en-us/iaas/Content/Identity/Reference/policyreference.htm",
+    "https://docs.oracle.com/iaas/Content/Identity/policyreference/policyreference_topic-Verbs.htm",
+    "https://docs.oracle.com/en-us/iaas/Content/Identity/dynamicgroups/managingdynamicgroups.htm"
   ],
-  "security_notes": "Any-user and any-group policies in tenancy root are the most common OCI security misconfiguration. Never approve manage-verb policies at tenancy scope without compartment scoping. Policy deletes take effect immediately with no grace period.",
-  "last_verified": "2026-04-30",
+  "security_notes": "OCI skills must use official documentation and read-only discovery first, keep identifiers and secrets out of prompts and committed docs, and require explicit approval before mutations.",
+  "last_verified": "2026-06-05",
   "path": "skills/oci/oci-live-iam-policy-compartment-guard",
   "author": "github: Raishin",
-  "version": "0.1.0"
+  "version": "0.1.1"
 }

package/skills/oci/oci-live-iam-policy-compartment-guard/references/iam-policy-compartment-operations.md ADDED Viewed

@@ -0,0 +1,65 @@
+# OCI Live IAM Policy Compartment Guard Operations
+> Version note: OCI service behavior and tooling change over time. Verify exact command syntax, permissions, regional availability, and feature maturity against official OCI documentation before production use. Do not paste secrets or sensitive identifiers into commands, files, or chat.
+Use this reference for current, source-grounded service behavior and the hard review gates that the lean `SKILL.md` intentionally does not carry.
+## What people get wrong
+- Approving policy names instead of policy statements.
+- Treating temporary broad access as harmless.
+- Ignoring parent-scope policies that still apply to child compartments.
+- Changing dynamic-group rules without checking resource-principal blast radius.
+## Officially grounded service shape
+- Official OCI documentation defines policy statements as Allow subject to verb resource in location with optional conditions.
+- Official OCI documentation orders policy verbs from inspect to read to use to manage, with service-specific exceptions.
+- Official OCI documentation warns that broad subjects can include many principals; broad resource types can cover all resources in scope.
+- OCI API evidence through the user’s configured read-only OCI MCP shows policy listing is compartment-scoped and can filter by name and lifecycle state, but policy applicability requires reviewing individual statements.
+Documentation evidence proves documented OCI service behavior. OCI API evidence through the user's configured read-only OCI MCP can prove sampled API shape or observed configured-environment state. Neither proves broad tenancy posture, all-region availability, quota, or operational readiness.
+## Non-negotiable design rules
+- Review statements, subject, verb, resource type, location, conditions, and dynamic-group matching rules.
+- Flag broad subjects, all-resources, tenancy-wide scope, and manage verbs as high risk until justified.
+- Capture current statements before write and require explicit approval and rollback plan.
+- Do not expose identity exports, group names tied to real users, sensitive identifiers, or customer data.
+## Minimal safe implementation flow
+- Confirm requested access change, actor, scope, duration, owner, and rollback requirement.
+- Use official docs for policy syntax/verbs and sampled read-only evidence for policy list/API shape.
+- Compare proposed statements against least privilege and existing effective scope.
+- Return verdict, safer policy shape, blockers, rollback capture, and validation checks.
+## High-risk assumptions to kill
+- “The policy name proves intent.”
+- “Manage at compartment scope is low risk.”
+- “Dynamic groups only affect one resource.”
+- “Delete and recreate is a safe rollback.”
+Those are lazy assumptions.
+## Safe command/code verification targets
+- Review exact sanitized policy statements and dynamic-group matching rules.
+- Check policy lifecycle, compartment attachment, parent-scope effects, and broad-principal/resource patterns.
+- Map each requested operation to the least verb/resource type.
+- Validate rollback by restoring prior statements, not by memory.
+## Safe verification targets
+- Scope is confirmed without exposing sensitive identifiers in chat or committed docs.
+- Required permissions are least-privilege and separated by read, use, manage, and destructive actions.
+- Current-state findings are labeled as sampled evidence, not broad proof.
+- Risky mutations have explicit approval, blast-radius review, rollback, and validation.
+- Official-source claims are linked to service docs and not overstated as live posture.
+## When to push back
+- The user asks for broad manage access without a narrow operation.
+- The policy subject, scope, duration, or rollback is unclear.
+- The evidence includes unsanitized identity, group, principal, or customer data.

package/skills/oci/oci-live-iam-policy-compartment-guard/references/mcp-and-evidence.md ADDED Viewed

@@ -0,0 +1,30 @@
+# MCP and evidence path
+Use this reference to choose the right evidence path without leaking environment details.
+## Evidence order
+1. Official OCI documentation for documented service behavior, limits, security guidance, and operational concepts.
+2. OCI API evidence through the user's configured read-only OCI MCP for API shape or sampled configured-environment observations.
+3. Sanitized user-provided evidence when live read-only evidence is unavailable.
+4. Explicit inference only when evidence is incomplete.
+## What each evidence type proves
+- Official documentation proves documented OCI behavior at the time checked.
+- Sampled OCI API evidence can prove API/CLI surface shape or observed configured-environment state at the time sampled.
+- User-provided evidence proves only what was provided and only if sanitized.
+- Inference is not proof; label it and keep recommendations conditional.
+## What evidence does not prove
+- Documentation does not prove the user's tenancy, compartments, IAM policies, limits, resources, billing state, security posture, or production readiness.
+- Sampled API evidence does not prove all regions, all compartments, all resources, future posture, or full operational readiness.
+- Command help proves command/API surface shape; it does not prove permission, resource existence, or safe execution.
+## Safe phrasing
+- “Official OCI documentation says...”
+- “OCI API evidence through the user's configured read-only OCI MCP shows...”
+- “The current state was not queried, so this remains an assumption.”
+- “This recommendation is documentation-based and needs environment validation before production change.”

package/skills/oci/oci-live-iam-policy-compartment-guard/references/official-sources.md CHANGED Viewed

@@ -1,13 +1,22 @@
-# Official Sources: OCI Live IAM Policy Compartment Guard
+# Official sources
-## OCI IAM policies
+Use these sources to ground service behavior before making production recommendations.
-- https://docs.oracle.com/en-us/iaas/Content/Identity/policiesgs/get-started-with-policies.htm
-- https://docs.oracle.com/en-us/iaas/Content/Identity/policieshow/Policy_How_Policies_Work.htm
-- https://docs.oracle.com/en-us/iaas/Content/Identity/policyreference/policyreference.htm
+## Oracle documentation checked on 2026-06-05
+- https://docs.oracle.com/en-us/iaas/Content/Identity/Concepts/policysyntax.htm
+- https://docs.oracle.com/en-us/iaas/Content/Identity/Reference/policyreference.htm
+- https://docs.oracle.com/iaas/Content/Identity/policyreference/policyreference_topic-Verbs.htm
 - https://docs.oracle.com/en-us/iaas/Content/Identity/dynamicgroups/managingdynamicgroups.htm
-## Source-grounding rule
+## Sampled read-only OCI API evidence checked on 2026-06-05
+- OCI API evidence through the user's configured read-only OCI MCP was used for command/API surface shape only.
+- Command-help evidence confirms available list/filter surfaces; it does not prove permissions, resource existence, regional availability, capacity, quota, data correctness, or production readiness.
+## Grounding rules
-Use official Oracle Cloud Infrastructure documentation as the source of truth for IAM policy syntax.
-OCI policy-based IAM does not use JSON like AWS — verify statement syntax against OCI policy reference.
+- Prefer the most specific Oracle documentation page for the service or feature being discussed.
+- If documentation and sampled API evidence appear to conflict, report the conflict and avoid stronger claims until resolved.
+- Do not cite internal tool names, local environment labels, connector identifiers, or environment-specific details in committed docs.
+- Do not paste sensitive identifiers or customer data into examples.

package/skills/oci/oci-live-iam-policy-compartment-guard/references/safety-checklist.md ADDED Viewed

@@ -0,0 +1,35 @@
+# Safety checklist
+Use this checklist before producing guidance, requesting evidence, or proposing changes.
+## Evidence labels
+- `documentation-based`: grounded in official OCI documentation only.
+- `sampled-api-shape`: grounded in read-only command/API help or metadata evidence.
+- `sampled-current-state`: grounded in read-only observations from the configured environment.
+- `user-supplied`: grounded in sanitized user evidence.
+- `inference`: reasoned from incomplete evidence; never present it as fact.
+## Credential and identifier boundaries
+- Do not ask for credentials, tokens, private keys, API keys, config files, wallets, kubeconfigs, connection strings, customer data, or sensitive identifiers.
+- Do not commit environment-specific identifiers, internal tool names, local environment labels, connector IDs, or private endpoint details.
+- If the task requires live context, ask for a sanitized export or use approved read-only evidence paths.
+## Mutation boundary
+Require explicit approval before creating, updating, deleting, moving, scaling, rotating, patching, enabling, disabling, refreshing, restoring, cutting over, opening network access, changing quotas, changing budgets, or changing access.
+## Approval gates
+- Confirm scope, owner, environment criticality, maintenance window, rollback plan, and validation target.
+- Separate read-only discovery from write actions.
+- Prefer least privilege and reversible changes.
+- Stop if evidence conflicts or if the blast radius is unknown.
+## Final-answer minimum
+- State evidence level and scope.
+- List blockers and unsafe assumptions.
+- Give safe next actions before risky actions.
+- Name what was not proved.

package/skills/oci/oci-live-iam-policy-compartment-guard/references/workflow-and-output.md ADDED Viewed

@@ -0,0 +1,26 @@
+# Workflow and output contract
+Use this workflow for full reviews and live-guard decisions.
+## Execution flow
+1. Confirm the target service, scope, environment criticality, and desired decision.
+2. Load official source guidance and this skill's operations reference.
+3. Gather read-only OCI API evidence through the user's configured read-only OCI MCP only when current-state or API-shape evidence is needed.
+4. Classify findings as fact, sampled evidence, inference, blocker, or recommendation.
+5. Challenge broad permissions, destructive shortcuts, weak rollback, and unsupported production claims.
+6. Return concise findings with safe next actions and explicit unknowns.
+## Output contract
+Return these fields when the user asks for a review, guardrail, or production-readiness answer:
+- `verdict`: pass, pass-with-risk, blocked, or needs-evidence.
+- `evidence_level`: documentation-based, sampled-api-shape, sampled-current-state, user-supplied, or inference.
+- `blockers`: missing proof, unsafe assumptions, or approval gaps.
+- `safe_next_actions`: least-risk steps the user can take next.
+- `open_questions`: only questions that materially change the decision.
+## Tone
+Be blunt. Do not validate a weak plan. If the evidence is thin, say so and narrow the recommendation.

package/skills/oci/oci-live-network-security-rule-guard/SKILL.md CHANGED Viewed

@@ -1,11 +1,11 @@
 ---
 name: oci-live-network-security-rule-guard
-description: Guard live OCI Security List and Network Security Group (NSG) rule changes with current-state capture, open-internet and sensitive-port detection, stateful/stateless assessment, and explicit approval before ingress or egress rule mutation. Use only when an intentional network rule change targets a confirmed VCN component.
-allowed-tools: Read Grep Glob WebFetch
+description: Guard live OCI Security List and Network Security Group rule changes with current-state capture, open-internet detection, sensitive-port review, stateful/stateless assessment, approval, and rollback evidence.
+allowed-tools: Read Grep Glob
 metadata:
-  author: "github: Raishin"
-  version: "0.1.0"
-  updated: "2026-05-05"
+  author: github: Raishin
+  version: 0.1.1
+  updated: "2026-06-05"
   category: security
 ---
@@ -13,48 +13,39 @@ metadata:
 ## Purpose
-Act as the guarded live OCI operator for oci-live-network-security-rule-guard work. Security List and NSG rule changes take effect immediately with no native rollback. A wrong ingress rule exposes databases or compute to the internet instantly; a wrong egress rule can black-hole traffic for entire subnets. Treat every rule mutation as irreversible until the previous state is explicitly captured and restoration is confirmed possible.
+Act as a blunt OCI guard for this domain. Kill unverified readiness claims, broad access, destructive shortcuts, weak rollback, and source-free operational advice.
-## When to use
+Use this skill for:
-Use this skill when:
-- an ingress or egress rule must be added, modified, or removed from an OCI Security List or NSG in a live VCN
-- a network access audit finds over-broad CIDR blocks (`0.0.0.0/0`) or sensitive-port exposures that must be tightened
-- a workload migration requires opening or closing ports and the blast radius must be confirmed before write
+- Security List and NSG ingress or egress change review
+- open-internet and sensitive-port exposure checks
+- stateful versus stateless rule risk review
+- database subnet or production subnet access hardening
+- rollback and post-change connectivity validation
 ## Lean operating rules
-- Prefer OCI CLI (`oci`) official documentation when available; fall back to Oracle Cloud docs and sanitized user evidence.
-- Do not execute any Security List or NSG rule mutation until tenancy, compartment, VCN OCID, target Security List or NSG OCID, and exact rule change are all explicit.
-- Capture the complete current rule set (`oci network security-list get` or `oci network nsg rules list`) as rollback evidence before any write.
-- Flag the following as high-severity and require explicit justification before proceeding:
-  - Any ingress rule with source `0.0.0.0/0` (open to internet)
-  - Any egress rule with destination `0.0.0.0/0` and protocol `all` without restriction
-  - Rules permitting port 22 (SSH), 3389 (RDP), 1521/1522 (Oracle DB), 3306 (MySQL), 5432 (PostgreSQL) from `0.0.0.0/0`
-  - Stateless rules on subnets hosting databases or internal APIs (no connection tracking = asymmetric traffic risk)
-  - Changes to Security Lists attached to database subnets (Autonomous DB, Exadata, DB System)
-- If the request skips current-state capture, CIDR scope confirmation, or subnet-criticality assessment, push back.
-- Never print API signing keys, auth tokens, tenancy OCIDs, or instance credentials. Summarize sanitized evidence only.
-- Load references only when needed.
+- Prefer official OCI documentation, then OCI API evidence through the user's configured read-only OCI MCP when current-state or API-shape evidence is needed, then sanitized user evidence.
+- Separate confirmed facts from inference. If state was not queried or shown, say so.
+- Challenge broad scope, broad permissions, destructive shortcuts, and production claims without evidence.
+- Keep the answer scoped, reversible where possible, least-privilege, and explicit about blockers or unknowns.
+- Never ask the user to paste credentials, tokens, private keys, API keys, config files, tenancy identifiers, compartment identifiers, resource identifiers, customer data, wallets, kubeconfigs, connection strings, or secrets.
 ## References
 Load these only when needed:
-- [Preflight commands](references/preflight-commands.md) — OCI CLI commands to inspect current rules and capture rollback state before any mutation.
-- [Rollback playbook](references/rollback-playbook.md) — how to restore a previous Security List or NSG rule set after a bad change.
-- [Permission model](references/permission-model.md) — least-privilege IAM policy for network rule mutation and read-only audit.
-- [Official sources](references/official-sources.md) — authoritative OCI documentation links.
+- [OCI Live Network Security Rule Guard Operations](references/network-security-rule-operations.md) — use for current service behavior, common failure modes, hard design rules, verification targets, and push-back conditions.
+- [Safety checklist](references/safety-checklist.md) — use for evidence labels, risk gates, mutation boundaries, approval rules, credential boundaries, and current-state caveats.
+- [MCP and evidence path](references/mcp-and-evidence.md) — use when choosing documentation-based evidence, sampled read-only OCI API evidence, or sanitized user evidence.
+- [Workflow and output contract](references/workflow-and-output.md) — use when executing the full review, applying stress checks, or formatting the final answer.
+- [Official sources](references/official-sources.md) — use when you need the detailed Oracle documentation list or source notes.
 ## Response minimum
 Return, at minimum:
-- confirmed tenancy, compartment, VCN, and target Security List or NSG OCID
-- current rule set capture (rollback baseline)
-- risk classification of the proposed rule (open-internet / sensitive-port / safe)
-- stateful vs stateless assessment and subnet criticality
-- approval status with explicit business justification
-- rollback command to restore prior rule state
-- post-change connectivity verification steps or refusal reason
+- the scoped target and evidence level,
+- the main risks or control gaps,
+- the safest next actions,
+- the assumptions or blockers that prevent stronger conclusions.

package/skills/oci/oci-live-network-security-rule-guard/metadata.json CHANGED Viewed

@@ -11,18 +11,17 @@
     "kiro",
     "other"
   ],
-  "summary": "Guard live OCI Security List and NSG rule changes with current-state capture, open-internet and sensitive-port detection, stateful/stateless assessment, and explicit approval before ingress or egress mutation.",
+  "summary": "Guard live OCI Security List and Network Security Group rule changes with current-state capture, open-internet detection, sensitive-port review, stateful/stateless assessment, approval, and rollback evidence.",
   "source_type": "original",
   "official_docs": [
-    "https://docs.oracle.com/en-us/iaas/Content/Network/Concepts/securitylists.htm",
+    "https://docs.oracle.com/iaas/Content/Network/Concepts/securitylists.htm",
     "https://docs.oracle.com/en-us/iaas/Content/Network/Concepts/networksecuritygroups.htm",
-    "https://docs.oracle.com/en-us/iaas/Content/Network/Concepts/manage-nsg-security-rules.htm",
-    "https://docs.oracle.com/en-us/iaas/Content/Network/Concepts/update-securitylist.htm",
+    "https://docs.oracle.com/en-us/iaas/Content/Network/Concepts/securityrules.htm",
     "https://docs.oracle.com/en-us/iaas/Content/Network/Concepts/path_analyzer.htm"
   ],
-  "security_notes": "oci network security-list update is a full replace — always capture the complete current rule set before writing. Never approve 0.0.0.0/0 ingress rules on database subnets. Prefer NSGs over Security Lists for production database VNICs to minimize blast radius. Enable VCN Flow Logs before any rule change for forensic coverage.",
-  "last_verified": "2026-05-01",
+  "security_notes": "OCI skills must use official documentation and read-only discovery first, keep identifiers and secrets out of prompts and committed docs, and require explicit approval before mutations.",
+  "last_verified": "2026-06-05",
   "path": "skills/oci/oci-live-network-security-rule-guard",
   "author": "github: Raishin",
-  "version": "0.1.0"
+  "version": "0.1.1"
 }