@raishin/vanguard-frontier-agentic 2.9.0 → 2.11.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/.claude-plugin/marketplace.json +2 -2
- package/.claude-plugin/plugin.json +72 -1
- package/.cursor-plugin/plugin.json +72 -1
- package/.github/plugin/marketplace.json +3 -3
- package/README.md +40 -16
- package/agents/databricks/README.md +84 -0
- package/agents/databricks/databricks-lakehouse-engineering-at-azure-agent/AGENT.md +54 -0
- package/agents/databricks/databricks-lakehouse-engineering-at-azure-agent/harnesses/claude-code.agent.md +38 -0
- package/agents/databricks/databricks-lakehouse-engineering-at-azure-agent/harnesses/codex.toml +14 -0
- package/agents/databricks/databricks-lakehouse-engineering-at-azure-agent/harnesses/copilot.agent.md +51 -0
- package/agents/databricks/databricks-lakehouse-engineering-at-azure-agent/harnesses/cursor.agent.md +40 -0
- package/agents/databricks/databricks-lakehouse-engineering-at-azure-agent/harnesses/gemini.agent.md +39 -0
- package/agents/databricks/databricks-lakehouse-engineering-at-azure-agent/harnesses/kiro-cli.agent.json +5 -0
- package/agents/databricks/databricks-lakehouse-engineering-at-azure-agent/harnesses/kiro-ide.agent.md +38 -0
- package/agents/databricks/databricks-lakehouse-engineering-at-azure-agent/metadata.json +40 -0
- package/agents/databricks/databricks-live-unity-catalog-grant-guard-at-azure-agent/AGENT.md +72 -0
- package/agents/databricks/databricks-live-unity-catalog-grant-guard-at-azure-agent/PERMISSIONS.md +53 -0
- package/agents/databricks/databricks-live-unity-catalog-grant-guard-at-azure-agent/PREFLIGHT.md +76 -0
- package/agents/databricks/databricks-live-unity-catalog-grant-guard-at-azure-agent/ROLLBACK.md +42 -0
- package/agents/databricks/databricks-live-unity-catalog-grant-guard-at-azure-agent/harnesses/claude-code.agent.md +61 -0
- package/agents/databricks/databricks-live-unity-catalog-grant-guard-at-azure-agent/harnesses/codex.toml +14 -0
- package/agents/databricks/databricks-live-unity-catalog-grant-guard-at-azure-agent/harnesses/copilot.agent.md +60 -0
- package/agents/databricks/databricks-live-unity-catalog-grant-guard-at-azure-agent/harnesses/cursor.agent.md +61 -0
- package/agents/databricks/databricks-live-unity-catalog-grant-guard-at-azure-agent/harnesses/gemini.agent.md +61 -0
- package/agents/databricks/databricks-live-unity-catalog-grant-guard-at-azure-agent/harnesses/kiro-cli.agent.json +5 -0
- package/agents/databricks/databricks-live-unity-catalog-grant-guard-at-azure-agent/harnesses/kiro-ide.agent.md +61 -0
- package/agents/databricks/databricks-live-unity-catalog-grant-guard-at-azure-agent/metadata.json +61 -0
- package/agents/databricks/databricks-unity-catalog-governance-at-azure-agent/AGENT.md +54 -0
- package/agents/databricks/databricks-unity-catalog-governance-at-azure-agent/harnesses/claude-code.agent.md +38 -0
- package/agents/databricks/databricks-unity-catalog-governance-at-azure-agent/harnesses/codex.toml +14 -0
- package/agents/databricks/databricks-unity-catalog-governance-at-azure-agent/harnesses/copilot.agent.md +51 -0
- package/agents/databricks/databricks-unity-catalog-governance-at-azure-agent/harnesses/cursor.agent.md +40 -0
- package/agents/databricks/databricks-unity-catalog-governance-at-azure-agent/harnesses/gemini.agent.md +39 -0
- package/agents/databricks/databricks-unity-catalog-governance-at-azure-agent/harnesses/kiro-cli.agent.json +5 -0
- package/agents/databricks/databricks-unity-catalog-governance-at-azure-agent/harnesses/kiro-ide.agent.md +38 -0
- package/agents/databricks/databricks-unity-catalog-governance-at-azure-agent/metadata.json +40 -0
- package/agents/microsoft/copilot-governance-maestro-agent/AGENT.md +55 -0
- package/agents/microsoft/copilot-governance-maestro-agent/harnesses/claude-code.agent.md +38 -0
- package/agents/microsoft/copilot-governance-maestro-agent/harnesses/codex.toml +34 -0
- package/agents/microsoft/copilot-governance-maestro-agent/harnesses/copilot.agent.md +51 -0
- package/agents/microsoft/copilot-governance-maestro-agent/harnesses/cursor.agent.md +40 -0
- package/agents/microsoft/copilot-governance-maestro-agent/harnesses/gemini.agent.md +39 -0
- package/agents/microsoft/copilot-governance-maestro-agent/harnesses/kiro-cli.agent.json +5 -0
- package/agents/microsoft/copilot-governance-maestro-agent/harnesses/kiro-ide.agent.md +38 -0
- package/agents/microsoft/copilot-governance-maestro-agent/metadata.json +39 -0
- package/agents/microsoft/copilot-studio-agent-governance-alm-agent/AGENT.md +63 -0
- package/agents/microsoft/copilot-studio-agent-governance-alm-agent/harnesses/claude-code.agent.md +38 -0
- package/agents/microsoft/copilot-studio-agent-governance-alm-agent/harnesses/codex.toml +14 -0
- package/agents/microsoft/copilot-studio-agent-governance-alm-agent/harnesses/copilot.agent.md +51 -0
- package/agents/microsoft/copilot-studio-agent-governance-alm-agent/harnesses/cursor.agent.md +40 -0
- package/agents/microsoft/copilot-studio-agent-governance-alm-agent/harnesses/gemini.agent.md +39 -0
- package/agents/microsoft/copilot-studio-agent-governance-alm-agent/harnesses/kiro-cli.agent.json +5 -0
- package/agents/microsoft/copilot-studio-agent-governance-alm-agent/harnesses/kiro-ide.agent.md +38 -0
- package/agents/microsoft/copilot-studio-agent-governance-alm-agent/metadata.json +42 -0
- package/agents/microsoft/d365-commerce-agent/AGENT.md +63 -0
- package/agents/microsoft/d365-commerce-agent/harnesses/claude-code.agent.md +38 -0
- package/agents/microsoft/d365-commerce-agent/harnesses/codex.toml +14 -0
- package/agents/microsoft/d365-commerce-agent/harnesses/copilot.agent.md +51 -0
- package/agents/microsoft/d365-commerce-agent/harnesses/cursor.agent.md +40 -0
- package/agents/microsoft/d365-commerce-agent/harnesses/gemini.agent.md +39 -0
- package/agents/microsoft/d365-commerce-agent/harnesses/kiro-cli.agent.json +5 -0
- package/agents/microsoft/d365-commerce-agent/harnesses/kiro-ide.agent.md +38 -0
- package/agents/microsoft/d365-commerce-agent/metadata.json +39 -0
- package/agents/microsoft/d365-customer-insights-journeys-agent/AGENT.md +63 -0
- package/agents/microsoft/d365-customer-insights-journeys-agent/harnesses/claude-code.agent.md +38 -0
- package/agents/microsoft/d365-customer-insights-journeys-agent/harnesses/codex.toml +14 -0
- package/agents/microsoft/d365-customer-insights-journeys-agent/harnesses/copilot.agent.md +51 -0
- package/agents/microsoft/d365-customer-insights-journeys-agent/harnesses/cursor.agent.md +40 -0
- package/agents/microsoft/d365-customer-insights-journeys-agent/harnesses/gemini.agent.md +39 -0
- package/agents/microsoft/d365-customer-insights-journeys-agent/harnesses/kiro-cli.agent.json +5 -0
- package/agents/microsoft/d365-customer-insights-journeys-agent/harnesses/kiro-ide.agent.md +38 -0
- package/agents/microsoft/d365-customer-insights-journeys-agent/metadata.json +41 -0
- package/agents/microsoft/d365-customer-service-contact-center-agent/AGENT.md +63 -0
- package/agents/microsoft/d365-customer-service-contact-center-agent/harnesses/claude-code.agent.md +38 -0
- package/agents/microsoft/d365-customer-service-contact-center-agent/harnesses/codex.toml +14 -0
- package/agents/microsoft/d365-customer-service-contact-center-agent/harnesses/copilot.agent.md +51 -0
- package/agents/microsoft/d365-customer-service-contact-center-agent/harnesses/cursor.agent.md +40 -0
- package/agents/microsoft/d365-customer-service-contact-center-agent/harnesses/gemini.agent.md +39 -0
- package/agents/microsoft/d365-customer-service-contact-center-agent/harnesses/kiro-cli.agent.json +5 -0
- package/agents/microsoft/d365-customer-service-contact-center-agent/harnesses/kiro-ide.agent.md +38 -0
- package/agents/microsoft/d365-customer-service-contact-center-agent/metadata.json +39 -0
- package/agents/microsoft/d365-data-migration-cutover-agent/AGENT.md +64 -0
- package/agents/microsoft/d365-data-migration-cutover-agent/harnesses/claude-code.agent.md +38 -0
- package/agents/microsoft/d365-data-migration-cutover-agent/harnesses/codex.toml +14 -0
- package/agents/microsoft/d365-data-migration-cutover-agent/harnesses/copilot.agent.md +51 -0
- package/agents/microsoft/d365-data-migration-cutover-agent/harnesses/cursor.agent.md +40 -0
- package/agents/microsoft/d365-data-migration-cutover-agent/harnesses/gemini.agent.md +39 -0
- package/agents/microsoft/d365-data-migration-cutover-agent/harnesses/kiro-cli.agent.json +5 -0
- package/agents/microsoft/d365-data-migration-cutover-agent/harnesses/kiro-ide.agent.md +38 -0
- package/agents/microsoft/d365-data-migration-cutover-agent/metadata.json +41 -0
- package/agents/microsoft/d365-field-service-to-cash-agent/AGENT.md +63 -0
- package/agents/microsoft/d365-field-service-to-cash-agent/harnesses/claude-code.agent.md +38 -0
- package/agents/microsoft/d365-field-service-to-cash-agent/harnesses/codex.toml +14 -0
- package/agents/microsoft/d365-field-service-to-cash-agent/harnesses/copilot.agent.md +51 -0
- package/agents/microsoft/d365-field-service-to-cash-agent/harnesses/cursor.agent.md +40 -0
- package/agents/microsoft/d365-field-service-to-cash-agent/harnesses/gemini.agent.md +39 -0
- package/agents/microsoft/d365-field-service-to-cash-agent/harnesses/kiro-cli.agent.json +5 -0
- package/agents/microsoft/d365-field-service-to-cash-agent/harnesses/kiro-ide.agent.md +38 -0
- package/agents/microsoft/d365-field-service-to-cash-agent/metadata.json +39 -0
- package/agents/microsoft/d365-finance-close-to-report-agent/AGENT.md +64 -0
- package/agents/microsoft/d365-finance-close-to-report-agent/harnesses/claude-code.agent.md +38 -0
- package/agents/microsoft/d365-finance-close-to-report-agent/harnesses/codex.toml +14 -0
- package/agents/microsoft/d365-finance-close-to-report-agent/harnesses/copilot.agent.md +51 -0
- package/agents/microsoft/d365-finance-close-to-report-agent/harnesses/cursor.agent.md +40 -0
- package/agents/microsoft/d365-finance-close-to-report-agent/harnesses/gemini.agent.md +39 -0
- package/agents/microsoft/d365-finance-close-to-report-agent/harnesses/kiro-cli.agent.json +5 -0
- package/agents/microsoft/d365-finance-close-to-report-agent/harnesses/kiro-ide.agent.md +38 -0
- package/agents/microsoft/d365-finance-close-to-report-agent/metadata.json +39 -0
- package/agents/microsoft/d365-fno-developer-extension-agent/AGENT.md +64 -0
- package/agents/microsoft/d365-fno-developer-extension-agent/harnesses/claude-code.agent.md +39 -0
- package/agents/microsoft/d365-fno-developer-extension-agent/harnesses/codex.toml +14 -0
- package/agents/microsoft/d365-fno-developer-extension-agent/harnesses/copilot.agent.md +52 -0
- package/agents/microsoft/d365-fno-developer-extension-agent/harnesses/cursor.agent.md +41 -0
- package/agents/microsoft/d365-fno-developer-extension-agent/harnesses/gemini.agent.md +40 -0
- package/agents/microsoft/d365-fno-developer-extension-agent/harnesses/kiro-cli.agent.json +5 -0
- package/agents/microsoft/d365-fno-developer-extension-agent/harnesses/kiro-ide.agent.md +39 -0
- package/agents/microsoft/d365-fno-developer-extension-agent/metadata.json +40 -0
- package/agents/microsoft/d365-integration-dual-write-agent/AGENT.md +63 -0
- package/agents/microsoft/d365-integration-dual-write-agent/harnesses/claude-code.agent.md +38 -0
- package/agents/microsoft/d365-integration-dual-write-agent/harnesses/codex.toml +14 -0
- package/agents/microsoft/d365-integration-dual-write-agent/harnesses/copilot.agent.md +51 -0
- package/agents/microsoft/d365-integration-dual-write-agent/harnesses/cursor.agent.md +40 -0
- package/agents/microsoft/d365-integration-dual-write-agent/harnesses/gemini.agent.md +39 -0
- package/agents/microsoft/d365-integration-dual-write-agent/harnesses/kiro-cli.agent.json +5 -0
- package/agents/microsoft/d365-integration-dual-write-agent/harnesses/kiro-ide.agent.md +38 -0
- package/agents/microsoft/d365-integration-dual-write-agent/metadata.json +40 -0
- package/agents/microsoft/d365-live-record-field-update-guard-agent/AGENT.md +78 -0
- package/agents/microsoft/d365-live-record-field-update-guard-agent/PERMISSIONS.md +67 -0
- package/agents/microsoft/d365-live-record-field-update-guard-agent/PREFLIGHT.md +81 -0
- package/agents/microsoft/d365-live-record-field-update-guard-agent/ROLLBACK.md +76 -0
- package/agents/microsoft/d365-live-record-field-update-guard-agent/harnesses/claude-code.agent.md +59 -0
- package/agents/microsoft/d365-live-record-field-update-guard-agent/harnesses/codex.toml +14 -0
- package/agents/microsoft/d365-live-record-field-update-guard-agent/harnesses/copilot.agent.md +68 -0
- package/agents/microsoft/d365-live-record-field-update-guard-agent/harnesses/cursor.agent.md +59 -0
- package/agents/microsoft/d365-live-record-field-update-guard-agent/harnesses/gemini.agent.md +59 -0
- package/agents/microsoft/d365-live-record-field-update-guard-agent/harnesses/kiro-cli.agent.json +5 -0
- package/agents/microsoft/d365-live-record-field-update-guard-agent/harnesses/kiro-ide.agent.md +59 -0
- package/agents/microsoft/d365-live-record-field-update-guard-agent/metadata.json +62 -0
- package/agents/microsoft/d365-live-security-role-guard-agent/AGENT.md +61 -0
- package/agents/microsoft/d365-live-security-role-guard-agent/PERMISSIONS.md +45 -0
- package/agents/microsoft/d365-live-security-role-guard-agent/PREFLIGHT.md +44 -0
- package/agents/microsoft/d365-live-security-role-guard-agent/ROLLBACK.md +39 -0
- package/agents/microsoft/d365-live-security-role-guard-agent/harnesses/claude-code.agent.md +60 -0
- package/agents/microsoft/d365-live-security-role-guard-agent/harnesses/codex.toml +14 -0
- package/agents/microsoft/d365-live-security-role-guard-agent/harnesses/copilot.agent.md +69 -0
- package/agents/microsoft/d365-live-security-role-guard-agent/harnesses/cursor.agent.md +60 -0
- package/agents/microsoft/d365-live-security-role-guard-agent/harnesses/gemini.agent.md +60 -0
- package/agents/microsoft/d365-live-security-role-guard-agent/harnesses/kiro-cli.agent.json +5 -0
- package/agents/microsoft/d365-live-security-role-guard-agent/harnesses/kiro-ide.agent.md +60 -0
- package/agents/microsoft/d365-live-security-role-guard-agent/metadata.json +60 -0
- package/agents/microsoft/d365-maestro-agent/AGENT.md +56 -0
- package/agents/microsoft/d365-maestro-agent/harnesses/claude-code.agent.md +39 -0
- package/agents/microsoft/d365-maestro-agent/harnesses/codex.toml +35 -0
- package/agents/microsoft/d365-maestro-agent/harnesses/copilot.agent.md +52 -0
- package/agents/microsoft/d365-maestro-agent/harnesses/cursor.agent.md +41 -0
- package/agents/microsoft/d365-maestro-agent/harnesses/gemini.agent.md +40 -0
- package/agents/microsoft/d365-maestro-agent/harnesses/kiro-cli.agent.json +5 -0
- package/agents/microsoft/d365-maestro-agent/harnesses/kiro-ide.agent.md +39 -0
- package/agents/microsoft/d365-maestro-agent/metadata.json +38 -0
- package/agents/microsoft/d365-project-operations-agent/AGENT.md +63 -0
- package/agents/microsoft/d365-project-operations-agent/harnesses/claude-code.agent.md +38 -0
- package/agents/microsoft/d365-project-operations-agent/harnesses/codex.toml +14 -0
- package/agents/microsoft/d365-project-operations-agent/harnesses/copilot.agent.md +51 -0
- package/agents/microsoft/d365-project-operations-agent/harnesses/cursor.agent.md +40 -0
- package/agents/microsoft/d365-project-operations-agent/harnesses/gemini.agent.md +39 -0
- package/agents/microsoft/d365-project-operations-agent/harnesses/kiro-cli.agent.json +5 -0
- package/agents/microsoft/d365-project-operations-agent/harnesses/kiro-ide.agent.md +38 -0
- package/agents/microsoft/d365-project-operations-agent/metadata.json +39 -0
- package/agents/microsoft/d365-sales-revenue-operations-agent/AGENT.md +64 -0
- package/agents/microsoft/d365-sales-revenue-operations-agent/harnesses/claude-code.agent.md +38 -0
- package/agents/microsoft/d365-sales-revenue-operations-agent/harnesses/codex.toml +14 -0
- package/agents/microsoft/d365-sales-revenue-operations-agent/harnesses/copilot.agent.md +51 -0
- package/agents/microsoft/d365-sales-revenue-operations-agent/harnesses/cursor.agent.md +40 -0
- package/agents/microsoft/d365-sales-revenue-operations-agent/harnesses/gemini.agent.md +39 -0
- package/agents/microsoft/d365-sales-revenue-operations-agent/harnesses/kiro-cli.agent.json +5 -0
- package/agents/microsoft/d365-sales-revenue-operations-agent/harnesses/kiro-ide.agent.md +38 -0
- package/agents/microsoft/d365-sales-revenue-operations-agent/metadata.json +39 -0
- package/agents/microsoft/d365-security-sod-governance-agent/AGENT.md +64 -0
- package/agents/microsoft/d365-security-sod-governance-agent/harnesses/claude-code.agent.md +38 -0
- package/agents/microsoft/d365-security-sod-governance-agent/harnesses/codex.toml +14 -0
- package/agents/microsoft/d365-security-sod-governance-agent/harnesses/copilot.agent.md +51 -0
- package/agents/microsoft/d365-security-sod-governance-agent/harnesses/cursor.agent.md +40 -0
- package/agents/microsoft/d365-security-sod-governance-agent/harnesses/gemini.agent.md +39 -0
- package/agents/microsoft/d365-security-sod-governance-agent/harnesses/kiro-cli.agent.json +5 -0
- package/agents/microsoft/d365-security-sod-governance-agent/harnesses/kiro-ide.agent.md +38 -0
- package/agents/microsoft/d365-security-sod-governance-agent/metadata.json +39 -0
- package/agents/microsoft/d365-success-by-design-governance-agent/AGENT.md +64 -0
- package/agents/microsoft/d365-success-by-design-governance-agent/harnesses/claude-code.agent.md +38 -0
- package/agents/microsoft/d365-success-by-design-governance-agent/harnesses/codex.toml +14 -0
- package/agents/microsoft/d365-success-by-design-governance-agent/harnesses/copilot.agent.md +51 -0
- package/agents/microsoft/d365-success-by-design-governance-agent/harnesses/cursor.agent.md +40 -0
- package/agents/microsoft/d365-success-by-design-governance-agent/harnesses/gemini.agent.md +39 -0
- package/agents/microsoft/d365-success-by-design-governance-agent/harnesses/kiro-cli.agent.json +5 -0
- package/agents/microsoft/d365-success-by-design-governance-agent/harnesses/kiro-ide.agent.md +38 -0
- package/agents/microsoft/d365-success-by-design-governance-agent/metadata.json +41 -0
- package/agents/microsoft/d365-supply-chain-plan-to-produce-agent/AGENT.md +64 -0
- package/agents/microsoft/d365-supply-chain-plan-to-produce-agent/harnesses/claude-code.agent.md +38 -0
- package/agents/microsoft/d365-supply-chain-plan-to-produce-agent/harnesses/codex.toml +14 -0
- package/agents/microsoft/d365-supply-chain-plan-to-produce-agent/harnesses/copilot.agent.md +51 -0
- package/agents/microsoft/d365-supply-chain-plan-to-produce-agent/harnesses/cursor.agent.md +40 -0
- package/agents/microsoft/d365-supply-chain-plan-to-produce-agent/harnesses/gemini.agent.md +39 -0
- package/agents/microsoft/d365-supply-chain-plan-to-produce-agent/harnesses/kiro-cli.agent.json +5 -0
- package/agents/microsoft/d365-supply-chain-plan-to-produce-agent/harnesses/kiro-ide.agent.md +38 -0
- package/agents/microsoft/d365-supply-chain-plan-to-produce-agent/metadata.json +39 -0
- package/agents/microsoft/fabric-analytics-engineering-agent/AGENT.md +63 -0
- package/agents/microsoft/fabric-analytics-engineering-agent/harnesses/claude-code.agent.md +38 -0
- package/agents/microsoft/fabric-analytics-engineering-agent/harnesses/codex.toml +14 -0
- package/agents/microsoft/fabric-analytics-engineering-agent/harnesses/copilot.agent.md +51 -0
- package/agents/microsoft/fabric-analytics-engineering-agent/harnesses/cursor.agent.md +40 -0
- package/agents/microsoft/fabric-analytics-engineering-agent/harnesses/gemini.agent.md +39 -0
- package/agents/microsoft/fabric-analytics-engineering-agent/harnesses/kiro-cli.agent.json +5 -0
- package/agents/microsoft/fabric-analytics-engineering-agent/harnesses/kiro-ide.agent.md +38 -0
- package/agents/microsoft/fabric-analytics-engineering-agent/metadata.json +39 -0
- package/agents/microsoft/fabric-data-engineering-agent/AGENT.md +63 -0
- package/agents/microsoft/fabric-data-engineering-agent/harnesses/claude-code.agent.md +38 -0
- package/agents/microsoft/fabric-data-engineering-agent/harnesses/codex.toml +14 -0
- package/agents/microsoft/fabric-data-engineering-agent/harnesses/copilot.agent.md +51 -0
- package/agents/microsoft/fabric-data-engineering-agent/harnesses/cursor.agent.md +40 -0
- package/agents/microsoft/fabric-data-engineering-agent/harnesses/gemini.agent.md +39 -0
- package/agents/microsoft/fabric-data-engineering-agent/harnesses/kiro-cli.agent.json +5 -0
- package/agents/microsoft/fabric-data-engineering-agent/harnesses/kiro-ide.agent.md +38 -0
- package/agents/microsoft/fabric-data-engineering-agent/metadata.json +39 -0
- package/agents/microsoft/fabric-power-bi-business-insights-governance-agent/AGENT.md +63 -0
- package/agents/microsoft/fabric-power-bi-business-insights-governance-agent/harnesses/claude-code.agent.md +38 -0
- package/agents/microsoft/fabric-power-bi-business-insights-governance-agent/harnesses/codex.toml +14 -0
- package/agents/microsoft/fabric-power-bi-business-insights-governance-agent/harnesses/copilot.agent.md +51 -0
- package/agents/microsoft/fabric-power-bi-business-insights-governance-agent/harnesses/cursor.agent.md +40 -0
- package/agents/microsoft/fabric-power-bi-business-insights-governance-agent/harnesses/gemini.agent.md +39 -0
- package/agents/microsoft/fabric-power-bi-business-insights-governance-agent/harnesses/kiro-cli.agent.json +5 -0
- package/agents/microsoft/fabric-power-bi-business-insights-governance-agent/harnesses/kiro-ide.agent.md +38 -0
- package/agents/microsoft/fabric-power-bi-business-insights-governance-agent/metadata.json +39 -0
- package/agents/microsoft/m365-backup-bcdr-data-resilience-agent/AGENT.md +63 -0
- package/agents/microsoft/m365-backup-bcdr-data-resilience-agent/harnesses/claude-code.agent.md +38 -0
- package/agents/microsoft/m365-backup-bcdr-data-resilience-agent/harnesses/codex.toml +14 -0
- package/agents/microsoft/m365-backup-bcdr-data-resilience-agent/harnesses/copilot.agent.md +51 -0
- package/agents/microsoft/m365-backup-bcdr-data-resilience-agent/harnesses/cursor.agent.md +40 -0
- package/agents/microsoft/m365-backup-bcdr-data-resilience-agent/harnesses/gemini.agent.md +39 -0
- package/agents/microsoft/m365-backup-bcdr-data-resilience-agent/harnesses/kiro-cli.agent.json +5 -0
- package/agents/microsoft/m365-backup-bcdr-data-resilience-agent/harnesses/kiro-ide.agent.md +38 -0
- package/agents/microsoft/m365-backup-bcdr-data-resilience-agent/metadata.json +39 -0
- package/agents/microsoft/m365-copilot-readiness-governance-agent/AGENT.md +64 -0
- package/agents/microsoft/m365-copilot-readiness-governance-agent/harnesses/claude-code.agent.md +38 -0
- package/agents/microsoft/m365-copilot-readiness-governance-agent/harnesses/codex.toml +14 -0
- package/agents/microsoft/m365-copilot-readiness-governance-agent/harnesses/copilot.agent.md +51 -0
- package/agents/microsoft/m365-copilot-readiness-governance-agent/harnesses/cursor.agent.md +40 -0
- package/agents/microsoft/m365-copilot-readiness-governance-agent/harnesses/gemini.agent.md +39 -0
- package/agents/microsoft/m365-copilot-readiness-governance-agent/harnesses/kiro-cli.agent.json +5 -0
- package/agents/microsoft/m365-copilot-readiness-governance-agent/harnesses/kiro-ide.agent.md +38 -0
- package/agents/microsoft/m365-copilot-readiness-governance-agent/metadata.json +39 -0
- package/agents/microsoft/m365-defender-xdr-security-operations-agent/AGENT.md +63 -0
- package/agents/microsoft/m365-defender-xdr-security-operations-agent/harnesses/claude-code.agent.md +38 -0
- package/agents/microsoft/m365-defender-xdr-security-operations-agent/harnesses/codex.toml +14 -0
- package/agents/microsoft/m365-defender-xdr-security-operations-agent/harnesses/copilot.agent.md +51 -0
- package/agents/microsoft/m365-defender-xdr-security-operations-agent/harnesses/cursor.agent.md +40 -0
- package/agents/microsoft/m365-defender-xdr-security-operations-agent/harnesses/gemini.agent.md +39 -0
- package/agents/microsoft/m365-defender-xdr-security-operations-agent/harnesses/kiro-cli.agent.json +5 -0
- package/agents/microsoft/m365-defender-xdr-security-operations-agent/harnesses/kiro-ide.agent.md +38 -0
- package/agents/microsoft/m365-defender-xdr-security-operations-agent/metadata.json +41 -0
- package/agents/microsoft/m365-exchange-sharepoint-information-governance-agent/AGENT.md +63 -0
- package/agents/microsoft/m365-exchange-sharepoint-information-governance-agent/harnesses/claude-code.agent.md +38 -0
- package/agents/microsoft/m365-exchange-sharepoint-information-governance-agent/harnesses/codex.toml +14 -0
- package/agents/microsoft/m365-exchange-sharepoint-information-governance-agent/harnesses/copilot.agent.md +51 -0
- package/agents/microsoft/m365-exchange-sharepoint-information-governance-agent/harnesses/cursor.agent.md +40 -0
- package/agents/microsoft/m365-exchange-sharepoint-information-governance-agent/harnesses/gemini.agent.md +39 -0
- package/agents/microsoft/m365-exchange-sharepoint-information-governance-agent/harnesses/kiro-cli.agent.json +5 -0
- package/agents/microsoft/m365-exchange-sharepoint-information-governance-agent/harnesses/kiro-ide.agent.md +38 -0
- package/agents/microsoft/m365-exchange-sharepoint-information-governance-agent/metadata.json +41 -0
- package/agents/microsoft/m365-identity-zero-trust-agent/AGENT.md +64 -0
- package/agents/microsoft/m365-identity-zero-trust-agent/harnesses/claude-code.agent.md +38 -0
- package/agents/microsoft/m365-identity-zero-trust-agent/harnesses/codex.toml +14 -0
- package/agents/microsoft/m365-identity-zero-trust-agent/harnesses/copilot.agent.md +51 -0
- package/agents/microsoft/m365-identity-zero-trust-agent/harnesses/cursor.agent.md +40 -0
- package/agents/microsoft/m365-identity-zero-trust-agent/harnesses/gemini.agent.md +39 -0
- package/agents/microsoft/m365-identity-zero-trust-agent/harnesses/kiro-cli.agent.json +5 -0
- package/agents/microsoft/m365-identity-zero-trust-agent/harnesses/kiro-ide.agent.md +38 -0
- package/agents/microsoft/m365-identity-zero-trust-agent/metadata.json +39 -0
- package/agents/microsoft/m365-intune-endpoint-management-agent/AGENT.md +63 -0
- package/agents/microsoft/m365-intune-endpoint-management-agent/harnesses/claude-code.agent.md +38 -0
- package/agents/microsoft/m365-intune-endpoint-management-agent/harnesses/codex.toml +14 -0
- package/agents/microsoft/m365-intune-endpoint-management-agent/harnesses/copilot.agent.md +51 -0
- package/agents/microsoft/m365-intune-endpoint-management-agent/harnesses/cursor.agent.md +40 -0
- package/agents/microsoft/m365-intune-endpoint-management-agent/harnesses/gemini.agent.md +39 -0
- package/agents/microsoft/m365-intune-endpoint-management-agent/harnesses/kiro-cli.agent.json +5 -0
- package/agents/microsoft/m365-intune-endpoint-management-agent/harnesses/kiro-ide.agent.md +38 -0
- package/agents/microsoft/m365-intune-endpoint-management-agent/metadata.json +41 -0
- package/agents/microsoft/m365-licensing-ea-optimization-agent/AGENT.md +63 -0
- package/agents/microsoft/m365-licensing-ea-optimization-agent/harnesses/claude-code.agent.md +38 -0
- package/agents/microsoft/m365-licensing-ea-optimization-agent/harnesses/codex.toml +14 -0
- package/agents/microsoft/m365-licensing-ea-optimization-agent/harnesses/copilot.agent.md +51 -0
- package/agents/microsoft/m365-licensing-ea-optimization-agent/harnesses/cursor.agent.md +40 -0
- package/agents/microsoft/m365-licensing-ea-optimization-agent/harnesses/gemini.agent.md +39 -0
- package/agents/microsoft/m365-licensing-ea-optimization-agent/harnesses/kiro-cli.agent.json +5 -0
- package/agents/microsoft/m365-licensing-ea-optimization-agent/harnesses/kiro-ide.agent.md +38 -0
- package/agents/microsoft/m365-licensing-ea-optimization-agent/metadata.json +39 -0
- package/agents/microsoft/m365-live-identity-posture-guard-agent/AGENT.md +60 -0
- package/agents/microsoft/m365-live-identity-posture-guard-agent/PERMISSIONS.md +45 -0
- package/agents/microsoft/m365-live-identity-posture-guard-agent/PREFLIGHT.md +39 -0
- package/agents/microsoft/m365-live-identity-posture-guard-agent/ROLLBACK.md +38 -0
- package/agents/microsoft/m365-live-identity-posture-guard-agent/harnesses/claude-code.agent.md +59 -0
- package/agents/microsoft/m365-live-identity-posture-guard-agent/harnesses/codex.toml +14 -0
- package/agents/microsoft/m365-live-identity-posture-guard-agent/harnesses/copilot.agent.md +68 -0
- package/agents/microsoft/m365-live-identity-posture-guard-agent/harnesses/cursor.agent.md +59 -0
- package/agents/microsoft/m365-live-identity-posture-guard-agent/harnesses/gemini.agent.md +59 -0
- package/agents/microsoft/m365-live-identity-posture-guard-agent/harnesses/kiro-cli.agent.json +5 -0
- package/agents/microsoft/m365-live-identity-posture-guard-agent/harnesses/kiro-ide.agent.md +59 -0
- package/agents/microsoft/m365-live-identity-posture-guard-agent/metadata.json +66 -0
- package/agents/microsoft/m365-live-sensitivity-label-apply-guard-agent/AGENT.md +79 -0
- package/agents/microsoft/m365-live-sensitivity-label-apply-guard-agent/PERMISSIONS.md +68 -0
- package/agents/microsoft/m365-live-sensitivity-label-apply-guard-agent/PREFLIGHT.md +76 -0
- package/agents/microsoft/m365-live-sensitivity-label-apply-guard-agent/ROLLBACK.md +86 -0
- package/agents/microsoft/m365-live-sensitivity-label-apply-guard-agent/harnesses/claude-code.agent.md +60 -0
- package/agents/microsoft/m365-live-sensitivity-label-apply-guard-agent/harnesses/codex.toml +14 -0
- package/agents/microsoft/m365-live-sensitivity-label-apply-guard-agent/harnesses/copilot.agent.md +69 -0
- package/agents/microsoft/m365-live-sensitivity-label-apply-guard-agent/harnesses/cursor.agent.md +60 -0
- package/agents/microsoft/m365-live-sensitivity-label-apply-guard-agent/harnesses/gemini.agent.md +60 -0
- package/agents/microsoft/m365-live-sensitivity-label-apply-guard-agent/harnesses/kiro-cli.agent.json +5 -0
- package/agents/microsoft/m365-live-sensitivity-label-apply-guard-agent/harnesses/kiro-ide.agent.md +60 -0
- package/agents/microsoft/m365-live-sensitivity-label-apply-guard-agent/metadata.json +67 -0
- package/agents/microsoft/m365-maestro-agent/AGENT.md +55 -0
- package/agents/microsoft/m365-maestro-agent/harnesses/claude-code.agent.md +38 -0
- package/agents/microsoft/m365-maestro-agent/harnesses/codex.toml +34 -0
- package/agents/microsoft/m365-maestro-agent/harnesses/copilot.agent.md +51 -0
- package/agents/microsoft/m365-maestro-agent/harnesses/cursor.agent.md +40 -0
- package/agents/microsoft/m365-maestro-agent/harnesses/gemini.agent.md +39 -0
- package/agents/microsoft/m365-maestro-agent/harnesses/kiro-cli.agent.json +5 -0
- package/agents/microsoft/m365-maestro-agent/harnesses/kiro-ide.agent.md +38 -0
- package/agents/microsoft/m365-maestro-agent/metadata.json +38 -0
- package/agents/microsoft/m365-purview-data-security-compliance-agent/AGENT.md +63 -0
- package/agents/microsoft/m365-purview-data-security-compliance-agent/harnesses/claude-code.agent.md +38 -0
- package/agents/microsoft/m365-purview-data-security-compliance-agent/harnesses/codex.toml +14 -0
- package/agents/microsoft/m365-purview-data-security-compliance-agent/harnesses/copilot.agent.md +51 -0
- package/agents/microsoft/m365-purview-data-security-compliance-agent/harnesses/cursor.agent.md +40 -0
- package/agents/microsoft/m365-purview-data-security-compliance-agent/harnesses/gemini.agent.md +39 -0
- package/agents/microsoft/m365-purview-data-security-compliance-agent/harnesses/kiro-cli.agent.json +5 -0
- package/agents/microsoft/m365-purview-data-security-compliance-agent/harnesses/kiro-ide.agent.md +38 -0
- package/agents/microsoft/m365-purview-data-security-compliance-agent/metadata.json +41 -0
- package/agents/microsoft/m365-teams-collaboration-governance-agent/AGENT.md +63 -0
- package/agents/microsoft/m365-teams-collaboration-governance-agent/harnesses/claude-code.agent.md +38 -0
- package/agents/microsoft/m365-teams-collaboration-governance-agent/harnesses/codex.toml +14 -0
- package/agents/microsoft/m365-teams-collaboration-governance-agent/harnesses/copilot.agent.md +51 -0
- package/agents/microsoft/m365-teams-collaboration-governance-agent/harnesses/cursor.agent.md +40 -0
- package/agents/microsoft/m365-teams-collaboration-governance-agent/harnesses/gemini.agent.md +39 -0
- package/agents/microsoft/m365-teams-collaboration-governance-agent/harnesses/kiro-cli.agent.json +5 -0
- package/agents/microsoft/m365-teams-collaboration-governance-agent/harnesses/kiro-ide.agent.md +38 -0
- package/agents/microsoft/m365-teams-collaboration-governance-agent/metadata.json +40 -0
- package/agents/microsoft/m365-tenant-governance-agent/AGENT.md +63 -0
- package/agents/microsoft/m365-tenant-governance-agent/harnesses/claude-code.agent.md +38 -0
- package/agents/microsoft/m365-tenant-governance-agent/harnesses/codex.toml +14 -0
- package/agents/microsoft/m365-tenant-governance-agent/harnesses/copilot.agent.md +51 -0
- package/agents/microsoft/m365-tenant-governance-agent/harnesses/cursor.agent.md +40 -0
- package/agents/microsoft/m365-tenant-governance-agent/harnesses/gemini.agent.md +39 -0
- package/agents/microsoft/m365-tenant-governance-agent/harnesses/kiro-cli.agent.json +5 -0
- package/agents/microsoft/m365-tenant-governance-agent/harnesses/kiro-ide.agent.md +38 -0
- package/agents/microsoft/m365-tenant-governance-agent/metadata.json +39 -0
- package/agents/microsoft/microsoft-business-impact-value-realization-agent/AGENT.md +64 -0
- package/agents/microsoft/microsoft-business-impact-value-realization-agent/harnesses/claude-code.agent.md +39 -0
- package/agents/microsoft/microsoft-business-impact-value-realization-agent/harnesses/codex.toml +14 -0
- package/agents/microsoft/microsoft-business-impact-value-realization-agent/harnesses/copilot.agent.md +52 -0
- package/agents/microsoft/microsoft-business-impact-value-realization-agent/harnesses/cursor.agent.md +41 -0
- package/agents/microsoft/microsoft-business-impact-value-realization-agent/harnesses/gemini.agent.md +40 -0
- package/agents/microsoft/microsoft-business-impact-value-realization-agent/harnesses/kiro-cli.agent.json +5 -0
- package/agents/microsoft/microsoft-business-impact-value-realization-agent/harnesses/kiro-ide.agent.md +39 -0
- package/agents/microsoft/microsoft-business-impact-value-realization-agent/metadata.json +39 -0
- package/agents/microsoft/microsoft-maestro-agent/AGENT.md +56 -0
- package/agents/microsoft/microsoft-maestro-agent/harnesses/claude-code.agent.md +39 -0
- package/agents/microsoft/microsoft-maestro-agent/harnesses/codex.toml +35 -0
- package/agents/microsoft/microsoft-maestro-agent/harnesses/copilot.agent.md +52 -0
- package/agents/microsoft/microsoft-maestro-agent/harnesses/cursor.agent.md +41 -0
- package/agents/microsoft/microsoft-maestro-agent/harnesses/gemini.agent.md +40 -0
- package/agents/microsoft/microsoft-maestro-agent/harnesses/kiro-cli.agent.json +5 -0
- package/agents/microsoft/microsoft-maestro-agent/harnesses/kiro-ide.agent.md +39 -0
- package/agents/microsoft/microsoft-maestro-agent/metadata.json +38 -0
- package/agents/microsoft/power-automate-automation-risk-review-agent/AGENT.md +64 -0
- package/agents/microsoft/power-automate-automation-risk-review-agent/harnesses/claude-code.agent.md +39 -0
- package/agents/microsoft/power-automate-automation-risk-review-agent/harnesses/codex.toml +14 -0
- package/agents/microsoft/power-automate-automation-risk-review-agent/harnesses/copilot.agent.md +52 -0
- package/agents/microsoft/power-automate-automation-risk-review-agent/harnesses/cursor.agent.md +41 -0
- package/agents/microsoft/power-automate-automation-risk-review-agent/harnesses/gemini.agent.md +40 -0
- package/agents/microsoft/power-automate-automation-risk-review-agent/harnesses/kiro-cli.agent.json +5 -0
- package/agents/microsoft/power-automate-automation-risk-review-agent/harnesses/kiro-ide.agent.md +39 -0
- package/agents/microsoft/power-automate-automation-risk-review-agent/metadata.json +39 -0
- package/agents/microsoft/power-platform-alm-pipelines-agent/AGENT.md +64 -0
- package/agents/microsoft/power-platform-alm-pipelines-agent/harnesses/claude-code.agent.md +39 -0
- package/agents/microsoft/power-platform-alm-pipelines-agent/harnesses/codex.toml +14 -0
- package/agents/microsoft/power-platform-alm-pipelines-agent/harnesses/copilot.agent.md +52 -0
- package/agents/microsoft/power-platform-alm-pipelines-agent/harnesses/cursor.agent.md +41 -0
- package/agents/microsoft/power-platform-alm-pipelines-agent/harnesses/gemini.agent.md +40 -0
- package/agents/microsoft/power-platform-alm-pipelines-agent/harnesses/kiro-cli.agent.json +5 -0
- package/agents/microsoft/power-platform-alm-pipelines-agent/harnesses/kiro-ide.agent.md +39 -0
- package/agents/microsoft/power-platform-alm-pipelines-agent/metadata.json +41 -0
- package/agents/microsoft/power-platform-governance-dataverse-security-agent/AGENT.md +64 -0
- package/agents/microsoft/power-platform-governance-dataverse-security-agent/harnesses/claude-code.agent.md +38 -0
- package/agents/microsoft/power-platform-governance-dataverse-security-agent/harnesses/codex.toml +14 -0
- package/agents/microsoft/power-platform-governance-dataverse-security-agent/harnesses/copilot.agent.md +51 -0
- package/agents/microsoft/power-platform-governance-dataverse-security-agent/harnesses/cursor.agent.md +40 -0
- package/agents/microsoft/power-platform-governance-dataverse-security-agent/harnesses/gemini.agent.md +39 -0
- package/agents/microsoft/power-platform-governance-dataverse-security-agent/harnesses/kiro-cli.agent.json +5 -0
- package/agents/microsoft/power-platform-governance-dataverse-security-agent/harnesses/kiro-ide.agent.md +38 -0
- package/agents/microsoft/power-platform-governance-dataverse-security-agent/metadata.json +40 -0
- package/agents/microsoft/power-platform-maestro-agent/AGENT.md +55 -0
- package/agents/microsoft/power-platform-maestro-agent/harnesses/claude-code.agent.md +38 -0
- package/agents/microsoft/power-platform-maestro-agent/harnesses/codex.toml +34 -0
- package/agents/microsoft/power-platform-maestro-agent/harnesses/copilot.agent.md +51 -0
- package/agents/microsoft/power-platform-maestro-agent/harnesses/cursor.agent.md +40 -0
- package/agents/microsoft/power-platform-maestro-agent/harnesses/gemini.agent.md +39 -0
- package/agents/microsoft/power-platform-maestro-agent/harnesses/kiro-cli.agent.json +5 -0
- package/agents/microsoft/power-platform-maestro-agent/harnesses/kiro-ide.agent.md +38 -0
- package/agents/microsoft/power-platform-maestro-agent/metadata.json +39 -0
- package/agents/netsuite/AGENTS.md +183 -0
- package/agents/netsuite/MAESTRO-EXAMPLES.md +438 -0
- package/agents/netsuite/README.md +70 -0
- package/agents/netsuite/SETUP-GUIDE.md +327 -0
- package/agents/netsuite/netsuite-administrator-agent/AGENT.md +122 -0
- package/agents/netsuite/netsuite-administrator-agent/LEAST-PRIVILEGES.md +66 -0
- package/agents/netsuite/netsuite-administrator-agent/harnesses/claude-code.agent.md +105 -0
- package/agents/netsuite/netsuite-administrator-agent/harnesses/codex.toml +37 -0
- package/agents/netsuite/netsuite-administrator-agent/harnesses/copilot.agent.md +112 -0
- package/agents/netsuite/netsuite-administrator-agent/harnesses/cursor.agent.md +105 -0
- package/agents/netsuite/netsuite-administrator-agent/harnesses/gemini.agent.md +105 -0
- package/agents/netsuite/netsuite-administrator-agent/harnesses/kiro-cli.agent.json +5 -0
- package/agents/netsuite/netsuite-administrator-agent/harnesses/kiro-ide.agent.md +105 -0
- package/agents/netsuite/netsuite-administrator-agent/metadata.json +43 -0
- package/agents/netsuite/netsuite-ai-connector-mcp-agent/AGENT.md +120 -0
- package/agents/netsuite/netsuite-ai-connector-mcp-agent/LEAST-PRIVILEGES.md +63 -0
- package/agents/netsuite/netsuite-ai-connector-mcp-agent/harnesses/claude-code.agent.md +103 -0
- package/agents/netsuite/netsuite-ai-connector-mcp-agent/harnesses/codex.toml +37 -0
- package/agents/netsuite/netsuite-ai-connector-mcp-agent/harnesses/copilot.agent.md +110 -0
- package/agents/netsuite/netsuite-ai-connector-mcp-agent/harnesses/cursor.agent.md +103 -0
- package/agents/netsuite/netsuite-ai-connector-mcp-agent/harnesses/gemini.agent.md +103 -0
- package/agents/netsuite/netsuite-ai-connector-mcp-agent/harnesses/kiro-cli.agent.json +5 -0
- package/agents/netsuite/netsuite-ai-connector-mcp-agent/harnesses/kiro-ide.agent.md +103 -0
- package/agents/netsuite/netsuite-ai-connector-mcp-agent/metadata.json +43 -0
- package/agents/netsuite/netsuite-ai-foundations-agent/AGENT.md +117 -0
- package/agents/netsuite/netsuite-ai-foundations-agent/LEAST-PRIVILEGES.md +63 -0
- package/agents/netsuite/netsuite-ai-foundations-agent/harnesses/claude-code.agent.md +100 -0
- package/agents/netsuite/netsuite-ai-foundations-agent/harnesses/codex.toml +37 -0
- package/agents/netsuite/netsuite-ai-foundations-agent/harnesses/copilot.agent.md +107 -0
- package/agents/netsuite/netsuite-ai-foundations-agent/harnesses/cursor.agent.md +100 -0
- package/agents/netsuite/netsuite-ai-foundations-agent/harnesses/gemini.agent.md +100 -0
- package/agents/netsuite/netsuite-ai-foundations-agent/harnesses/kiro-cli.agent.json +5 -0
- package/agents/netsuite/netsuite-ai-foundations-agent/harnesses/kiro-ide.agent.md +100 -0
- package/agents/netsuite/netsuite-ai-foundations-agent/metadata.json +43 -0
- package/agents/netsuite/netsuite-application-developer-agent/AGENT.md +121 -0
- package/agents/netsuite/netsuite-application-developer-agent/LEAST-PRIVILEGES.md +64 -0
- package/agents/netsuite/netsuite-application-developer-agent/harnesses/claude-code.agent.md +104 -0
- package/agents/netsuite/netsuite-application-developer-agent/harnesses/codex.toml +37 -0
- package/agents/netsuite/netsuite-application-developer-agent/harnesses/copilot.agent.md +111 -0
- package/agents/netsuite/netsuite-application-developer-agent/harnesses/cursor.agent.md +104 -0
- package/agents/netsuite/netsuite-application-developer-agent/harnesses/gemini.agent.md +104 -0
- package/agents/netsuite/netsuite-application-developer-agent/harnesses/kiro-cli.agent.json +5 -0
- package/agents/netsuite/netsuite-application-developer-agent/harnesses/kiro-ide.agent.md +104 -0
- package/agents/netsuite/netsuite-application-developer-agent/metadata.json +42 -0
- package/agents/netsuite/netsuite-audit-controls-sox-agent/AGENT.md +120 -0
- package/agents/netsuite/netsuite-audit-controls-sox-agent/LEAST-PRIVILEGES.md +66 -0
- package/agents/netsuite/netsuite-audit-controls-sox-agent/harnesses/claude-code.agent.md +103 -0
- package/agents/netsuite/netsuite-audit-controls-sox-agent/harnesses/codex.toml +37 -0
- package/agents/netsuite/netsuite-audit-controls-sox-agent/harnesses/copilot.agent.md +110 -0
- package/agents/netsuite/netsuite-audit-controls-sox-agent/harnesses/cursor.agent.md +103 -0
- package/agents/netsuite/netsuite-audit-controls-sox-agent/harnesses/gemini.agent.md +103 -0
- package/agents/netsuite/netsuite-audit-controls-sox-agent/harnesses/kiro-cli.agent.json +5 -0
- package/agents/netsuite/netsuite-audit-controls-sox-agent/harnesses/kiro-ide.agent.md +103 -0
- package/agents/netsuite/netsuite-audit-controls-sox-agent/metadata.json +43 -0
- package/agents/netsuite/netsuite-bi-reporting-agent/AGENT.md +120 -0
- package/agents/netsuite/netsuite-bi-reporting-agent/LEAST-PRIVILEGES.md +64 -0
- package/agents/netsuite/netsuite-bi-reporting-agent/harnesses/claude-code.agent.md +103 -0
- package/agents/netsuite/netsuite-bi-reporting-agent/harnesses/codex.toml +37 -0
- package/agents/netsuite/netsuite-bi-reporting-agent/harnesses/copilot.agent.md +110 -0
- package/agents/netsuite/netsuite-bi-reporting-agent/harnesses/cursor.agent.md +103 -0
- package/agents/netsuite/netsuite-bi-reporting-agent/harnesses/gemini.agent.md +103 -0
- package/agents/netsuite/netsuite-bi-reporting-agent/harnesses/kiro-cli.agent.json +5 -0
- package/agents/netsuite/netsuite-bi-reporting-agent/harnesses/kiro-ide.agent.md +103 -0
- package/agents/netsuite/netsuite-bi-reporting-agent/metadata.json +43 -0
- package/agents/netsuite/netsuite-data-governance-privacy-agent/AGENT.md +117 -0
- package/agents/netsuite/netsuite-data-governance-privacy-agent/LEAST-PRIVILEGES.md +66 -0
- package/agents/netsuite/netsuite-data-governance-privacy-agent/harnesses/claude-code.agent.md +100 -0
- package/agents/netsuite/netsuite-data-governance-privacy-agent/harnesses/codex.toml +37 -0
- package/agents/netsuite/netsuite-data-governance-privacy-agent/harnesses/copilot.agent.md +107 -0
- package/agents/netsuite/netsuite-data-governance-privacy-agent/harnesses/cursor.agent.md +100 -0
- package/agents/netsuite/netsuite-data-governance-privacy-agent/harnesses/gemini.agent.md +100 -0
- package/agents/netsuite/netsuite-data-governance-privacy-agent/harnesses/kiro-cli.agent.json +5 -0
- package/agents/netsuite/netsuite-data-governance-privacy-agent/harnesses/kiro-ide.agent.md +100 -0
- package/agents/netsuite/netsuite-data-governance-privacy-agent/metadata.json +41 -0
- package/agents/netsuite/netsuite-enterprise-architecture-agent/AGENT.md +120 -0
- package/agents/netsuite/netsuite-enterprise-architecture-agent/LEAST-PRIVILEGES.md +63 -0
- package/agents/netsuite/netsuite-enterprise-architecture-agent/harnesses/claude-code.agent.md +103 -0
- package/agents/netsuite/netsuite-enterprise-architecture-agent/harnesses/codex.toml +37 -0
- package/agents/netsuite/netsuite-enterprise-architecture-agent/harnesses/copilot.agent.md +110 -0
- package/agents/netsuite/netsuite-enterprise-architecture-agent/harnesses/cursor.agent.md +103 -0
- package/agents/netsuite/netsuite-enterprise-architecture-agent/harnesses/gemini.agent.md +103 -0
- package/agents/netsuite/netsuite-enterprise-architecture-agent/harnesses/kiro-cli.agent.json +5 -0
- package/agents/netsuite/netsuite-enterprise-architecture-agent/harnesses/kiro-ide.agent.md +103 -0
- package/agents/netsuite/netsuite-enterprise-architecture-agent/metadata.json +46 -0
- package/agents/netsuite/netsuite-erp-consultant-agent/AGENT.md +121 -0
- package/agents/netsuite/netsuite-erp-consultant-agent/LEAST-PRIVILEGES.md +64 -0
- package/agents/netsuite/netsuite-erp-consultant-agent/harnesses/claude-code.agent.md +104 -0
- package/agents/netsuite/netsuite-erp-consultant-agent/harnesses/codex.toml +36 -0
- package/agents/netsuite/netsuite-erp-consultant-agent/harnesses/copilot.agent.md +111 -0
- package/agents/netsuite/netsuite-erp-consultant-agent/harnesses/cursor.agent.md +104 -0
- package/agents/netsuite/netsuite-erp-consultant-agent/harnesses/gemini.agent.md +104 -0
- package/agents/netsuite/netsuite-erp-consultant-agent/harnesses/kiro-cli.agent.json +5 -0
- package/agents/netsuite/netsuite-erp-consultant-agent/harnesses/kiro-ide.agent.md +104 -0
- package/agents/netsuite/netsuite-erp-consultant-agent/metadata.json +42 -0
- package/agents/netsuite/netsuite-evidence-release-drift-agent/AGENT.md +114 -0
- package/agents/netsuite/netsuite-evidence-release-drift-agent/LEAST-PRIVILEGES.md +58 -0
- package/agents/netsuite/netsuite-evidence-release-drift-agent/harnesses/claude-code.agent.md +97 -0
- package/agents/netsuite/netsuite-evidence-release-drift-agent/harnesses/codex.toml +36 -0
- package/agents/netsuite/netsuite-evidence-release-drift-agent/harnesses/copilot.agent.md +104 -0
- package/agents/netsuite/netsuite-evidence-release-drift-agent/harnesses/cursor.agent.md +97 -0
- package/agents/netsuite/netsuite-evidence-release-drift-agent/harnesses/gemini.agent.md +97 -0
- package/agents/netsuite/netsuite-evidence-release-drift-agent/harnesses/kiro-cli.agent.json +5 -0
- package/agents/netsuite/netsuite-evidence-release-drift-agent/harnesses/kiro-ide.agent.md +97 -0
- package/agents/netsuite/netsuite-evidence-release-drift-agent/metadata.json +43 -0
- package/agents/netsuite/netsuite-financial-foundations-agent/AGENT.md +119 -0
- package/agents/netsuite/netsuite-financial-foundations-agent/LEAST-PRIVILEGES.md +65 -0
- package/agents/netsuite/netsuite-financial-foundations-agent/harnesses/claude-code.agent.md +102 -0
- package/agents/netsuite/netsuite-financial-foundations-agent/harnesses/codex.toml +37 -0
- package/agents/netsuite/netsuite-financial-foundations-agent/harnesses/copilot.agent.md +109 -0
- package/agents/netsuite/netsuite-financial-foundations-agent/harnesses/cursor.agent.md +102 -0
- package/agents/netsuite/netsuite-financial-foundations-agent/harnesses/gemini.agent.md +102 -0
- package/agents/netsuite/netsuite-financial-foundations-agent/harnesses/kiro-cli.agent.json +5 -0
- package/agents/netsuite/netsuite-financial-foundations-agent/harnesses/kiro-ide.agent.md +102 -0
- package/agents/netsuite/netsuite-financial-foundations-agent/metadata.json +43 -0
- package/agents/netsuite/netsuite-identity-access-role-permission-agent/AGENT.md +118 -0
- package/agents/netsuite/netsuite-identity-access-role-permission-agent/LEAST-PRIVILEGES.md +63 -0
- package/agents/netsuite/netsuite-identity-access-role-permission-agent/harnesses/claude-code.agent.md +101 -0
- package/agents/netsuite/netsuite-identity-access-role-permission-agent/harnesses/codex.toml +37 -0
- package/agents/netsuite/netsuite-identity-access-role-permission-agent/harnesses/copilot.agent.md +108 -0
- package/agents/netsuite/netsuite-identity-access-role-permission-agent/harnesses/cursor.agent.md +101 -0
- package/agents/netsuite/netsuite-identity-access-role-permission-agent/harnesses/gemini.agent.md +101 -0
- package/agents/netsuite/netsuite-identity-access-role-permission-agent/harnesses/kiro-cli.agent.json +5 -0
- package/agents/netsuite/netsuite-identity-access-role-permission-agent/harnesses/kiro-ide.agent.md +101 -0
- package/agents/netsuite/netsuite-identity-access-role-permission-agent/metadata.json +43 -0
- package/agents/netsuite/netsuite-integration-migration-agent/AGENT.md +119 -0
- package/agents/netsuite/netsuite-integration-migration-agent/LEAST-PRIVILEGES.md +61 -0
- package/agents/netsuite/netsuite-integration-migration-agent/harnesses/claude-code.agent.md +102 -0
- package/agents/netsuite/netsuite-integration-migration-agent/harnesses/codex.toml +37 -0
- package/agents/netsuite/netsuite-integration-migration-agent/harnesses/copilot.agent.md +109 -0
- package/agents/netsuite/netsuite-integration-migration-agent/harnesses/cursor.agent.md +102 -0
- package/agents/netsuite/netsuite-integration-migration-agent/harnesses/gemini.agent.md +102 -0
- package/agents/netsuite/netsuite-integration-migration-agent/harnesses/kiro-cli.agent.json +5 -0
- package/agents/netsuite/netsuite-integration-migration-agent/harnesses/kiro-ide.agent.md +102 -0
- package/agents/netsuite/netsuite-integration-migration-agent/metadata.json +43 -0
- package/agents/netsuite/netsuite-live-org-mutation-guard-agent/AGENT.md +126 -0
- package/agents/netsuite/netsuite-live-org-mutation-guard-agent/LEAST-PRIVILEGES.md +65 -0
- package/agents/netsuite/netsuite-live-org-mutation-guard-agent/harnesses/claude-code.agent.md +109 -0
- package/agents/netsuite/netsuite-live-org-mutation-guard-agent/harnesses/codex.toml +37 -0
- package/agents/netsuite/netsuite-live-org-mutation-guard-agent/harnesses/copilot.agent.md +116 -0
- package/agents/netsuite/netsuite-live-org-mutation-guard-agent/harnesses/cursor.agent.md +109 -0
- package/agents/netsuite/netsuite-live-org-mutation-guard-agent/harnesses/gemini.agent.md +109 -0
- package/agents/netsuite/netsuite-live-org-mutation-guard-agent/harnesses/kiro-cli.agent.json +5 -0
- package/agents/netsuite/netsuite-live-org-mutation-guard-agent/harnesses/kiro-ide.agent.md +109 -0
- package/agents/netsuite/netsuite-live-org-mutation-guard-agent/metadata.json +45 -0
- package/agents/netsuite/netsuite-maestro-agent/AGENT.md +111 -0
- package/agents/netsuite/netsuite-maestro-agent/LEAST-PRIVILEGES.md +58 -0
- package/agents/netsuite/netsuite-maestro-agent/README.md +259 -0
- package/agents/netsuite/netsuite-maestro-agent/harnesses/claude-code.agent.md +94 -0
- package/agents/netsuite/netsuite-maestro-agent/harnesses/codex.toml +30 -0
- package/agents/netsuite/netsuite-maestro-agent/harnesses/copilot.agent.md +101 -0
- package/agents/netsuite/netsuite-maestro-agent/harnesses/cursor.agent.md +94 -0
- package/agents/netsuite/netsuite-maestro-agent/harnesses/gemini.agent.md +94 -0
- package/agents/netsuite/netsuite-maestro-agent/harnesses/kiro-cli.agent.json +5 -0
- package/agents/netsuite/netsuite-maestro-agent/harnesses/kiro-ide.agent.md +94 -0
- package/agents/netsuite/netsuite-maestro-agent/metadata.json +39 -0
- package/agents/netsuite/netsuite-oneworld-multisubsidiary-agent/AGENT.md +117 -0
- package/agents/netsuite/netsuite-oneworld-multisubsidiary-agent/LEAST-PRIVILEGES.md +64 -0
- package/agents/netsuite/netsuite-oneworld-multisubsidiary-agent/harnesses/claude-code.agent.md +100 -0
- package/agents/netsuite/netsuite-oneworld-multisubsidiary-agent/harnesses/codex.toml +37 -0
- package/agents/netsuite/netsuite-oneworld-multisubsidiary-agent/harnesses/copilot.agent.md +107 -0
- package/agents/netsuite/netsuite-oneworld-multisubsidiary-agent/harnesses/cursor.agent.md +100 -0
- package/agents/netsuite/netsuite-oneworld-multisubsidiary-agent/harnesses/gemini.agent.md +100 -0
- package/agents/netsuite/netsuite-oneworld-multisubsidiary-agent/harnesses/kiro-cli.agent.json +5 -0
- package/agents/netsuite/netsuite-oneworld-multisubsidiary-agent/harnesses/kiro-ide.agent.md +100 -0
- package/agents/netsuite/netsuite-oneworld-multisubsidiary-agent/metadata.json +40 -0
- package/agents/netsuite/netsuite-sandbox-nonproduction-governance-agent/AGENT.md +119 -0
- package/agents/netsuite/netsuite-sandbox-nonproduction-governance-agent/LEAST-PRIVILEGES.md +60 -0
- package/agents/netsuite/netsuite-sandbox-nonproduction-governance-agent/harnesses/claude-code.agent.md +102 -0
- package/agents/netsuite/netsuite-sandbox-nonproduction-governance-agent/harnesses/codex.toml +37 -0
- package/agents/netsuite/netsuite-sandbox-nonproduction-governance-agent/harnesses/copilot.agent.md +109 -0
- package/agents/netsuite/netsuite-sandbox-nonproduction-governance-agent/harnesses/cursor.agent.md +102 -0
- package/agents/netsuite/netsuite-sandbox-nonproduction-governance-agent/harnesses/gemini.agent.md +102 -0
- package/agents/netsuite/netsuite-sandbox-nonproduction-governance-agent/harnesses/kiro-cli.agent.json +5 -0
- package/agents/netsuite/netsuite-sandbox-nonproduction-governance-agent/harnesses/kiro-ide.agent.md +102 -0
- package/agents/netsuite/netsuite-sandbox-nonproduction-governance-agent/metadata.json +44 -0
- package/agents/netsuite/netsuite-saved-searches-workbook-agent/AGENT.md +121 -0
- package/agents/netsuite/netsuite-saved-searches-workbook-agent/LEAST-PRIVILEGES.md +65 -0
- package/agents/netsuite/netsuite-saved-searches-workbook-agent/harnesses/claude-code.agent.md +104 -0
- package/agents/netsuite/netsuite-saved-searches-workbook-agent/harnesses/codex.toml +37 -0
- package/agents/netsuite/netsuite-saved-searches-workbook-agent/harnesses/copilot.agent.md +111 -0
- package/agents/netsuite/netsuite-saved-searches-workbook-agent/harnesses/cursor.agent.md +104 -0
- package/agents/netsuite/netsuite-saved-searches-workbook-agent/harnesses/gemini.agent.md +104 -0
- package/agents/netsuite/netsuite-saved-searches-workbook-agent/harnesses/kiro-cli.agent.json +5 -0
- package/agents/netsuite/netsuite-saved-searches-workbook-agent/harnesses/kiro-ide.agent.md +104 -0
- package/agents/netsuite/netsuite-saved-searches-workbook-agent/metadata.json +41 -0
- package/agents/netsuite/netsuite-sdf-devops-release-agent/AGENT.md +122 -0
- package/agents/netsuite/netsuite-sdf-devops-release-agent/LEAST-PRIVILEGES.md +64 -0
- package/agents/netsuite/netsuite-sdf-devops-release-agent/harnesses/claude-code.agent.md +105 -0
- package/agents/netsuite/netsuite-sdf-devops-release-agent/harnesses/codex.toml +37 -0
- package/agents/netsuite/netsuite-sdf-devops-release-agent/harnesses/copilot.agent.md +112 -0
- package/agents/netsuite/netsuite-sdf-devops-release-agent/harnesses/cursor.agent.md +105 -0
- package/agents/netsuite/netsuite-sdf-devops-release-agent/harnesses/gemini.agent.md +105 -0
- package/agents/netsuite/netsuite-sdf-devops-release-agent/harnesses/kiro-cli.agent.json +5 -0
- package/agents/netsuite/netsuite-sdf-devops-release-agent/harnesses/kiro-ide.agent.md +105 -0
- package/agents/netsuite/netsuite-sdf-devops-release-agent/metadata.json +42 -0
- package/agents/netsuite/netsuite-sso-oauth-tba-agent/AGENT.md +123 -0
- package/agents/netsuite/netsuite-sso-oauth-tba-agent/LEAST-PRIVILEGES.md +62 -0
- package/agents/netsuite/netsuite-sso-oauth-tba-agent/harnesses/claude-code.agent.md +106 -0
- package/agents/netsuite/netsuite-sso-oauth-tba-agent/harnesses/codex.toml +37 -0
- package/agents/netsuite/netsuite-sso-oauth-tba-agent/harnesses/copilot.agent.md +113 -0
- package/agents/netsuite/netsuite-sso-oauth-tba-agent/harnesses/cursor.agent.md +106 -0
- package/agents/netsuite/netsuite-sso-oauth-tba-agent/harnesses/gemini.agent.md +106 -0
- package/agents/netsuite/netsuite-sso-oauth-tba-agent/harnesses/kiro-cli.agent.json +5 -0
- package/agents/netsuite/netsuite-sso-oauth-tba-agent/harnesses/kiro-ide.agent.md +106 -0
- package/agents/netsuite/netsuite-sso-oauth-tba-agent/metadata.json +48 -0
- package/agents/netsuite/netsuite-suitecloud-developer-agent/AGENT.md +120 -0
- package/agents/netsuite/netsuite-suitecloud-developer-agent/LEAST-PRIVILEGES.md +61 -0
- package/agents/netsuite/netsuite-suitecloud-developer-agent/harnesses/claude-code.agent.md +103 -0
- package/agents/netsuite/netsuite-suitecloud-developer-agent/harnesses/codex.toml +37 -0
- package/agents/netsuite/netsuite-suitecloud-developer-agent/harnesses/copilot.agent.md +110 -0
- package/agents/netsuite/netsuite-suitecloud-developer-agent/harnesses/cursor.agent.md +103 -0
- package/agents/netsuite/netsuite-suitecloud-developer-agent/harnesses/gemini.agent.md +103 -0
- package/agents/netsuite/netsuite-suitecloud-developer-agent/harnesses/kiro-cli.agent.json +5 -0
- package/agents/netsuite/netsuite-suitecloud-developer-agent/harnesses/kiro-ide.agent.md +103 -0
- package/agents/netsuite/netsuite-suitecloud-developer-agent/metadata.json +44 -0
- package/agents/netsuite/netsuite-suiteflow-automation-agent/AGENT.md +120 -0
- package/agents/netsuite/netsuite-suiteflow-automation-agent/LEAST-PRIVILEGES.md +65 -0
- package/agents/netsuite/netsuite-suiteflow-automation-agent/harnesses/claude-code.agent.md +103 -0
- package/agents/netsuite/netsuite-suiteflow-automation-agent/harnesses/codex.toml +37 -0
- package/agents/netsuite/netsuite-suiteflow-automation-agent/harnesses/copilot.agent.md +110 -0
- package/agents/netsuite/netsuite-suiteflow-automation-agent/harnesses/cursor.agent.md +103 -0
- package/agents/netsuite/netsuite-suiteflow-automation-agent/harnesses/gemini.agent.md +103 -0
- package/agents/netsuite/netsuite-suiteflow-automation-agent/harnesses/kiro-cli.agent.json +5 -0
- package/agents/netsuite/netsuite-suiteflow-automation-agent/harnesses/kiro-ide.agent.md +103 -0
- package/agents/netsuite/netsuite-suiteflow-automation-agent/metadata.json +43 -0
- package/agents/netsuite/netsuite-suitefoundation-agent/AGENT.md +118 -0
- package/agents/netsuite/netsuite-suitefoundation-agent/LEAST-PRIVILEGES.md +63 -0
- package/agents/netsuite/netsuite-suitefoundation-agent/harnesses/claude-code.agent.md +101 -0
- package/agents/netsuite/netsuite-suitefoundation-agent/harnesses/codex.toml +36 -0
- package/agents/netsuite/netsuite-suitefoundation-agent/harnesses/copilot.agent.md +108 -0
- package/agents/netsuite/netsuite-suitefoundation-agent/harnesses/cursor.agent.md +101 -0
- package/agents/netsuite/netsuite-suitefoundation-agent/harnesses/gemini.agent.md +101 -0
- package/agents/netsuite/netsuite-suitefoundation-agent/harnesses/kiro-cli.agent.json +5 -0
- package/agents/netsuite/netsuite-suitefoundation-agent/harnesses/kiro-ide.agent.md +101 -0
- package/agents/netsuite/netsuite-suitefoundation-agent/metadata.json +42 -0
- package/agents/netsuite/netsuite-suitescript-secure-code-review-agent/AGENT.md +121 -0
- package/agents/netsuite/netsuite-suitescript-secure-code-review-agent/LEAST-PRIVILEGES.md +65 -0
- package/agents/netsuite/netsuite-suitescript-secure-code-review-agent/harnesses/claude-code.agent.md +104 -0
- package/agents/netsuite/netsuite-suitescript-secure-code-review-agent/harnesses/codex.toml +37 -0
- package/agents/netsuite/netsuite-suitescript-secure-code-review-agent/harnesses/copilot.agent.md +111 -0
- package/agents/netsuite/netsuite-suitescript-secure-code-review-agent/harnesses/cursor.agent.md +104 -0
- package/agents/netsuite/netsuite-suitescript-secure-code-review-agent/harnesses/gemini.agent.md +104 -0
- package/agents/netsuite/netsuite-suitescript-secure-code-review-agent/harnesses/kiro-cli.agent.json +5 -0
- package/agents/netsuite/netsuite-suitescript-secure-code-review-agent/harnesses/kiro-ide.agent.md +104 -0
- package/agents/netsuite/netsuite-suitescript-secure-code-review-agent/metadata.json +44 -0
- package/agents/netsuite/netsuite-web-services-integration-agent/AGENT.md +119 -0
- package/agents/netsuite/netsuite-web-services-integration-agent/LEAST-PRIVILEGES.md +61 -0
- package/agents/netsuite/netsuite-web-services-integration-agent/harnesses/claude-code.agent.md +102 -0
- package/agents/netsuite/netsuite-web-services-integration-agent/harnesses/codex.toml +37 -0
- package/agents/netsuite/netsuite-web-services-integration-agent/harnesses/copilot.agent.md +109 -0
- package/agents/netsuite/netsuite-web-services-integration-agent/harnesses/cursor.agent.md +102 -0
- package/agents/netsuite/netsuite-web-services-integration-agent/harnesses/gemini.agent.md +102 -0
- package/agents/netsuite/netsuite-web-services-integration-agent/harnesses/kiro-cli.agent.json +5 -0
- package/agents/netsuite/netsuite-web-services-integration-agent/harnesses/kiro-ide.agent.md +102 -0
- package/agents/netsuite/netsuite-web-services-integration-agent/metadata.json +45 -0
- package/agents/snowflake/README.md +87 -0
- package/agents/snowflake/snowflake-data-platform-engineering-at-azure-agent/AGENT.md +55 -0
- package/agents/snowflake/snowflake-data-platform-engineering-at-azure-agent/harnesses/claude-code.agent.md +38 -0
- package/agents/snowflake/snowflake-data-platform-engineering-at-azure-agent/harnesses/codex.toml +14 -0
- package/agents/snowflake/snowflake-data-platform-engineering-at-azure-agent/harnesses/copilot.agent.md +51 -0
- package/agents/snowflake/snowflake-data-platform-engineering-at-azure-agent/harnesses/cursor.agent.md +40 -0
- package/agents/snowflake/snowflake-data-platform-engineering-at-azure-agent/harnesses/gemini.agent.md +39 -0
- package/agents/snowflake/snowflake-data-platform-engineering-at-azure-agent/harnesses/kiro-cli.agent.json +5 -0
- package/agents/snowflake/snowflake-data-platform-engineering-at-azure-agent/harnesses/kiro-ide.agent.md +38 -0
- package/agents/snowflake/snowflake-data-platform-engineering-at-azure-agent/metadata.json +39 -0
- package/agents/snowflake/snowflake-live-rbac-grant-guard-at-azure-agent/AGENT.md +72 -0
- package/agents/snowflake/snowflake-live-rbac-grant-guard-at-azure-agent/PERMISSIONS.md +54 -0
- package/agents/snowflake/snowflake-live-rbac-grant-guard-at-azure-agent/PREFLIGHT.md +82 -0
- package/agents/snowflake/snowflake-live-rbac-grant-guard-at-azure-agent/ROLLBACK.md +45 -0
- package/agents/snowflake/snowflake-live-rbac-grant-guard-at-azure-agent/harnesses/claude-code.agent.md +61 -0
- package/agents/snowflake/snowflake-live-rbac-grant-guard-at-azure-agent/harnesses/codex.toml +14 -0
- package/agents/snowflake/snowflake-live-rbac-grant-guard-at-azure-agent/harnesses/copilot.agent.md +60 -0
- package/agents/snowflake/snowflake-live-rbac-grant-guard-at-azure-agent/harnesses/cursor.agent.md +61 -0
- package/agents/snowflake/snowflake-live-rbac-grant-guard-at-azure-agent/harnesses/gemini.agent.md +61 -0
- package/agents/snowflake/snowflake-live-rbac-grant-guard-at-azure-agent/harnesses/kiro-cli.agent.json +5 -0
- package/agents/snowflake/snowflake-live-rbac-grant-guard-at-azure-agent/harnesses/kiro-ide.agent.md +61 -0
- package/agents/snowflake/snowflake-live-rbac-grant-guard-at-azure-agent/metadata.json +60 -0
- package/agents/snowflake/snowflake-rbac-access-governance-at-azure-agent/AGENT.md +55 -0
- package/agents/snowflake/snowflake-rbac-access-governance-at-azure-agent/harnesses/claude-code.agent.md +38 -0
- package/agents/snowflake/snowflake-rbac-access-governance-at-azure-agent/harnesses/codex.toml +14 -0
- package/agents/snowflake/snowflake-rbac-access-governance-at-azure-agent/harnesses/copilot.agent.md +51 -0
- package/agents/snowflake/snowflake-rbac-access-governance-at-azure-agent/harnesses/cursor.agent.md +40 -0
- package/agents/snowflake/snowflake-rbac-access-governance-at-azure-agent/harnesses/gemini.agent.md +39 -0
- package/agents/snowflake/snowflake-rbac-access-governance-at-azure-agent/harnesses/kiro-cli.agent.json +5 -0
- package/agents/snowflake/snowflake-rbac-access-governance-at-azure-agent/harnesses/kiro-ide.agent.md +38 -0
- package/agents/snowflake/snowflake-rbac-access-governance-at-azure-agent/metadata.json +39 -0
- package/catalog/agents.json +8909 -6155
- package/catalog/asset-integrity.json +9983 -5918
- package/catalog/install-roles.json +881 -641
- package/catalog/skill-manifest.json +5352 -2550
- package/catalog/skills.json +5532 -3089
- package/package.json +2 -2
- package/plugins/vanguard-frontier-agentic/.codex-plugin/plugin.json +1 -1
- package/powers/README.md +6 -2
- package/powers/vanguard-accounting/POWER.md +2 -2
- package/powers/vanguard-databricks/POWER.md +42 -0
- package/powers/vanguard-finance/POWER.md +2 -2
- package/powers/vanguard-microsoft/POWER.md +45 -0
- package/powers/vanguard-netsuite/POWER.md +41 -0
- package/powers/vanguard-snowflake/POWER.md +42 -0
- package/schemas/agent.schema.json +5 -1
- package/schemas/mcp-reference.schema.json +4 -1
- package/schemas/rule.schema.json +4 -1
- package/schemas/skill.schema.json +5 -1
- package/scripts/gen_netsuite_agents.py +536 -0
- package/scripts/generate-docs-data.mjs +3 -0
- package/scripts/generate-kiro-powers.mjs +36 -0
- package/scripts/netsuite_data/agents/netsuite-administrator-agent.json +150 -0
- package/scripts/netsuite_data/agents/netsuite-ai-connector-mcp-agent.json +144 -0
- package/scripts/netsuite_data/agents/netsuite-ai-foundations-agent.json +144 -0
- package/scripts/netsuite_data/agents/netsuite-application-developer-agent.json +146 -0
- package/scripts/netsuite_data/agents/netsuite-audit-controls-sox-agent.json +151 -0
- package/scripts/netsuite_data/agents/netsuite-bi-reporting-agent.json +146 -0
- package/scripts/netsuite_data/agents/netsuite-data-governance-privacy-agent.json +143 -0
- package/scripts/netsuite_data/agents/netsuite-enterprise-architecture-agent.json +185 -0
- package/scripts/netsuite_data/agents/netsuite-erp-consultant-agent.json +146 -0
- package/scripts/netsuite_data/agents/netsuite-evidence-release-drift-agent.json +156 -0
- package/scripts/netsuite_data/agents/netsuite-financial-foundations-agent.json +148 -0
- package/scripts/netsuite_data/agents/netsuite-identity-access-role-permission-agent.json +140 -0
- package/scripts/netsuite_data/agents/netsuite-integration-migration-agent.json +147 -0
- package/scripts/netsuite_data/agents/netsuite-live-org-mutation-guard-agent.json +165 -0
- package/scripts/netsuite_data/agents/netsuite-maestro-agent.json +85 -0
- package/scripts/netsuite_data/agents/netsuite-oneworld-multisubsidiary-agent.json +140 -0
- package/scripts/netsuite_data/agents/netsuite-sandbox-nonproduction-governance-agent.json +147 -0
- package/scripts/netsuite_data/agents/netsuite-saved-searches-workbook-agent.json +147 -0
- package/scripts/netsuite_data/agents/netsuite-sdf-devops-release-agent.json +145 -0
- package/scripts/netsuite_data/agents/netsuite-sso-oauth-tba-agent.json +151 -0
- package/scripts/netsuite_data/agents/netsuite-suitecloud-developer-agent.json +148 -0
- package/scripts/netsuite_data/agents/netsuite-suiteflow-automation-agent.json +149 -0
- package/scripts/netsuite_data/agents/netsuite-suitefoundation-agent.json +142 -0
- package/scripts/netsuite_data/agents/netsuite-suitescript-secure-code-review-agent.json +150 -0
- package/scripts/netsuite_data/agents/netsuite-web-services-integration-agent.json +149 -0
- package/scripts/release-prepare.mjs +40 -0
- package/skills/cross-functional/audit-evidence-mapping-protocol/SKILL.md +92 -0
- package/skills/cross-functional/audit-evidence-mapping-protocol/metadata.json +20 -0
- package/skills/cross-functional/audit-evidence-mapping-protocol/references/workflow-and-output.md +194 -0
- package/skills/cross-functional/case-to-resolution-protocol/SKILL.md +120 -0
- package/skills/cross-functional/case-to-resolution-protocol/metadata.json +21 -0
- package/skills/cross-functional/case-to-resolution-protocol/references/workflow-and-output.md +197 -0
- package/skills/cross-functional/change-request-to-go-live-protocol/SKILL.md +101 -0
- package/skills/cross-functional/change-request-to-go-live-protocol/metadata.json +21 -0
- package/skills/cross-functional/close-to-report-protocol/SKILL.md +99 -0
- package/skills/cross-functional/close-to-report-protocol/metadata.json +19 -0
- package/skills/cross-functional/close-to-report-protocol/references/workflow-and-output.md +185 -0
- package/skills/cross-functional/copilot-data-readiness-protocol/SKILL.md +142 -0
- package/skills/cross-functional/copilot-data-readiness-protocol/metadata.json +21 -0
- package/skills/cross-functional/copilot-data-readiness-protocol/references/workflow-and-output.md +264 -0
- package/skills/cross-functional/data-classification-to-dlp-protocol/SKILL.md +95 -0
- package/skills/cross-functional/data-classification-to-dlp-protocol/metadata.json +20 -0
- package/skills/cross-functional/data-classification-to-dlp-protocol/references/workflow-and-output.md +211 -0
- package/skills/cross-functional/environment-to-production-release-protocol/SKILL.md +95 -0
- package/skills/cross-functional/environment-to-production-release-protocol/metadata.json +20 -0
- package/skills/cross-functional/environment-to-production-release-protocol/references/workflow-and-output.md +214 -0
- package/skills/cross-functional/erp-crm-cutover-protocol/SKILL.md +142 -0
- package/skills/cross-functional/erp-crm-cutover-protocol/metadata.json +21 -0
- package/skills/cross-functional/erp-crm-cutover-protocol/references/workflow-and-output.md +270 -0
- package/skills/cross-functional/field-service-to-cash-protocol/SKILL.md +99 -0
- package/skills/cross-functional/field-service-to-cash-protocol/metadata.json +19 -0
- package/skills/cross-functional/field-service-to-cash-protocol/references/workflow-and-output.md +206 -0
- package/skills/cross-functional/identity-to-data-access-protocol/SKILL.md +132 -0
- package/skills/cross-functional/identity-to-data-access-protocol/metadata.json +21 -0
- package/skills/cross-functional/identity-to-data-access-protocol/references/workflow-and-output.md +224 -0
- package/skills/cross-functional/incident-to-remediation-protocol/SKILL.md +94 -0
- package/skills/cross-functional/incident-to-remediation-protocol/metadata.json +20 -0
- package/skills/cross-functional/incident-to-remediation-protocol/references/workflow-and-output.md +200 -0
- package/skills/cross-functional/lead-to-cash-protocol/SKILL.md +96 -0
- package/skills/cross-functional/lead-to-cash-protocol/metadata.json +19 -0
- package/skills/cross-functional/lead-to-cash-protocol/references/workflow-and-output.md +166 -0
- package/skills/cross-functional/license-to-value-protocol/SKILL.md +142 -0
- package/skills/cross-functional/license-to-value-protocol/metadata.json +21 -0
- package/skills/cross-functional/license-to-value-protocol/references/workflow-and-output.md +283 -0
- package/skills/cross-functional/netsuite-routing-protocol/SKILL.md +150 -0
- package/skills/cross-functional/netsuite-routing-protocol/metadata.json +18 -0
- package/skills/cross-functional/order-to-cash-protocol/SKILL.md +95 -0
- package/skills/cross-functional/order-to-cash-protocol/metadata.json +19 -0
- package/skills/cross-functional/order-to-cash-protocol/references/workflow-and-output.md +140 -0
- package/skills/cross-functional/procure-to-pay-protocol/SKILL.md +98 -0
- package/skills/cross-functional/procure-to-pay-protocol/metadata.json +19 -0
- package/skills/cross-functional/procure-to-pay-protocol/references/workflow-and-output.md +155 -0
- package/skills/databricks/databricks-lakehouse-engineering-at-azure/SKILL.md +56 -0
- package/skills/databricks/databricks-lakehouse-engineering-at-azure/metadata.json +28 -0
- package/skills/databricks/databricks-lakehouse-engineering-at-azure/references/official-sources.md +40 -0
- package/skills/databricks/databricks-lakehouse-engineering-at-azure/references/safety-checklist.md +26 -0
- package/skills/databricks/databricks-lakehouse-engineering-at-azure/references/workflow-and-output.md +64 -0
- package/skills/databricks/databricks-live-unity-catalog-grant-guard-at-azure/SKILL.md +144 -0
- package/skills/databricks/databricks-live-unity-catalog-grant-guard-at-azure/metadata.json +22 -0
- package/skills/databricks/databricks-unity-catalog-governance-at-azure/SKILL.md +56 -0
- package/skills/databricks/databricks-unity-catalog-governance-at-azure/metadata.json +28 -0
- package/skills/databricks/databricks-unity-catalog-governance-at-azure/references/official-sources.md +41 -0
- package/skills/databricks/databricks-unity-catalog-governance-at-azure/references/safety-checklist.md +26 -0
- package/skills/databricks/databricks-unity-catalog-governance-at-azure/references/workflow-and-output.md +64 -0
- package/skills/microsoft/copilot-governance-maestro/SKILL.md +65 -0
- package/skills/microsoft/copilot-governance-maestro/metadata.json +30 -0
- package/skills/microsoft/copilot-governance-maestro/references/official-sources.md +32 -0
- package/skills/microsoft/copilot-governance-maestro/references/routing-quality-and-safety.md +62 -0
- package/skills/microsoft/copilot-governance-maestro/references/safety-checklist.md +42 -0
- package/skills/microsoft/copilot-governance-maestro/references/workflow-and-output.md +78 -0
- package/skills/microsoft/copilot-studio-agent-governance-alm/SKILL.md +65 -0
- package/skills/microsoft/copilot-studio-agent-governance-alm/metadata.json +32 -0
- package/skills/microsoft/copilot-studio-agent-governance-alm/references/official-sources.md +21 -0
- package/skills/microsoft/copilot-studio-agent-governance-alm/references/safety-checklist.md +41 -0
- package/skills/microsoft/copilot-studio-agent-governance-alm/references/workflow-and-output.md +68 -0
- package/skills/microsoft/d365-commerce/SKILL.md +63 -0
- package/skills/microsoft/d365-commerce/metadata.json +30 -0
- package/skills/microsoft/d365-commerce/references/official-sources.md +25 -0
- package/skills/microsoft/d365-commerce/references/safety-checklist.md +35 -0
- package/skills/microsoft/d365-commerce/references/workflow-and-output.md +67 -0
- package/skills/microsoft/d365-customer-insights-journeys/SKILL.md +57 -0
- package/skills/microsoft/d365-customer-insights-journeys/metadata.json +32 -0
- package/skills/microsoft/d365-customer-insights-journeys/references/official-sources.md +46 -0
- package/skills/microsoft/d365-customer-insights-journeys/references/safety-checklist.md +41 -0
- package/skills/microsoft/d365-customer-insights-journeys/references/workflow-and-output.md +74 -0
- package/skills/microsoft/d365-customer-service-contact-center/SKILL.md +62 -0
- package/skills/microsoft/d365-customer-service-contact-center/metadata.json +30 -0
- package/skills/microsoft/d365-customer-service-contact-center/references/official-sources.md +25 -0
- package/skills/microsoft/d365-customer-service-contact-center/references/safety-checklist.md +34 -0
- package/skills/microsoft/d365-customer-service-contact-center/references/workflow-and-output.md +66 -0
- package/skills/microsoft/d365-data-migration-cutover/SKILL.md +58 -0
- package/skills/microsoft/d365-data-migration-cutover/metadata.json +32 -0
- package/skills/microsoft/d365-data-migration-cutover/references/data-migration-cutover-guide.md +76 -0
- package/skills/microsoft/d365-data-migration-cutover/references/official-sources.md +51 -0
- package/skills/microsoft/d365-data-migration-cutover/references/safety-checklist.md +40 -0
- package/skills/microsoft/d365-data-migration-cutover/references/workflow-and-output.md +72 -0
- package/skills/microsoft/d365-field-service-to-cash/SKILL.md +63 -0
- package/skills/microsoft/d365-field-service-to-cash/metadata.json +30 -0
- package/skills/microsoft/d365-field-service-to-cash/references/official-sources.md +21 -0
- package/skills/microsoft/d365-field-service-to-cash/references/safety-checklist.md +35 -0
- package/skills/microsoft/d365-field-service-to-cash/references/workflow-and-output.md +66 -0
- package/skills/microsoft/d365-finance-close-to-report/SKILL.md +59 -0
- package/skills/microsoft/d365-finance-close-to-report/metadata.json +30 -0
- package/skills/microsoft/d365-finance-close-to-report/references/financial-close-controls-guide.md +79 -0
- package/skills/microsoft/d365-finance-close-to-report/references/official-sources.md +45 -0
- package/skills/microsoft/d365-finance-close-to-report/references/safety-checklist.md +39 -0
- package/skills/microsoft/d365-finance-close-to-report/references/workflow-and-output.md +71 -0
- package/skills/microsoft/d365-fno-developer-extension/SKILL.md +58 -0
- package/skills/microsoft/d365-fno-developer-extension/metadata.json +31 -0
- package/skills/microsoft/d365-fno-developer-extension/references/official-sources.md +44 -0
- package/skills/microsoft/d365-fno-developer-extension/references/safety-checklist.md +42 -0
- package/skills/microsoft/d365-fno-developer-extension/references/workflow-and-output.md +74 -0
- package/skills/microsoft/d365-integration-dual-write/SKILL.md +58 -0
- package/skills/microsoft/d365-integration-dual-write/metadata.json +31 -0
- package/skills/microsoft/d365-integration-dual-write/references/official-sources.md +48 -0
- package/skills/microsoft/d365-integration-dual-write/references/safety-checklist.md +41 -0
- package/skills/microsoft/d365-integration-dual-write/references/workflow-and-output.md +75 -0
- package/skills/microsoft/d365-live-record-field-update-guard/SKILL.md +170 -0
- package/skills/microsoft/d365-live-record-field-update-guard/metadata.json +22 -0
- package/skills/microsoft/d365-live-security-role-guard/SKILL.md +100 -0
- package/skills/microsoft/d365-live-security-role-guard/metadata.json +22 -0
- package/skills/microsoft/d365-maestro/SKILL.md +52 -0
- package/skills/microsoft/d365-maestro/metadata.json +30 -0
- package/skills/microsoft/d365-maestro/references/official-sources.md +29 -0
- package/skills/microsoft/d365-maestro/references/routing-quality-and-safety.md +73 -0
- package/skills/microsoft/d365-maestro/references/safety-checklist.md +65 -0
- package/skills/microsoft/d365-maestro/references/workflow-and-output.md +95 -0
- package/skills/microsoft/d365-project-operations/SKILL.md +63 -0
- package/skills/microsoft/d365-project-operations/metadata.json +30 -0
- package/skills/microsoft/d365-project-operations/references/official-sources.md +25 -0
- package/skills/microsoft/d365-project-operations/references/safety-checklist.md +35 -0
- package/skills/microsoft/d365-project-operations/references/workflow-and-output.md +67 -0
- package/skills/microsoft/d365-sales-revenue-operations/SKILL.md +59 -0
- package/skills/microsoft/d365-sales-revenue-operations/metadata.json +30 -0
- package/skills/microsoft/d365-sales-revenue-operations/references/official-sources.md +47 -0
- package/skills/microsoft/d365-sales-revenue-operations/references/revenue-operations-domain-guide.md +71 -0
- package/skills/microsoft/d365-sales-revenue-operations/references/safety-checklist.md +37 -0
- package/skills/microsoft/d365-sales-revenue-operations/references/workflow-and-output.md +67 -0
- package/skills/microsoft/d365-security-sod-governance/SKILL.md +57 -0
- package/skills/microsoft/d365-security-sod-governance/metadata.json +30 -0
- package/skills/microsoft/d365-security-sod-governance/references/official-sources.md +43 -0
- package/skills/microsoft/d365-security-sod-governance/references/safety-checklist.md +36 -0
- package/skills/microsoft/d365-security-sod-governance/references/sod-role-design-guide.md +72 -0
- package/skills/microsoft/d365-security-sod-governance/references/workflow-and-output.md +67 -0
- package/skills/microsoft/d365-success-by-design-governance/SKILL.md +58 -0
- package/skills/microsoft/d365-success-by-design-governance/metadata.json +32 -0
- package/skills/microsoft/d365-success-by-design-governance/references/implementation-governance-guide.md +77 -0
- package/skills/microsoft/d365-success-by-design-governance/references/official-sources.md +51 -0
- package/skills/microsoft/d365-success-by-design-governance/references/safety-checklist.md +38 -0
- package/skills/microsoft/d365-success-by-design-governance/references/workflow-and-output.md +70 -0
- package/skills/microsoft/d365-supply-chain-plan-to-produce/SKILL.md +59 -0
- package/skills/microsoft/d365-supply-chain-plan-to-produce/metadata.json +30 -0
- package/skills/microsoft/d365-supply-chain-plan-to-produce/references/official-sources.md +46 -0
- package/skills/microsoft/d365-supply-chain-plan-to-produce/references/planning-and-production-guide.md +80 -0
- package/skills/microsoft/d365-supply-chain-plan-to-produce/references/safety-checklist.md +38 -0
- package/skills/microsoft/d365-supply-chain-plan-to-produce/references/workflow-and-output.md +71 -0
- package/skills/microsoft/fabric-analytics-engineering/SKILL.md +60 -0
- package/skills/microsoft/fabric-analytics-engineering/metadata.json +30 -0
- package/skills/microsoft/fabric-analytics-engineering/references/official-sources.md +17 -0
- package/skills/microsoft/fabric-analytics-engineering/references/safety-checklist.md +35 -0
- package/skills/microsoft/fabric-analytics-engineering/references/workflow-and-output.md +65 -0
- package/skills/microsoft/fabric-data-engineering/SKILL.md +63 -0
- package/skills/microsoft/fabric-data-engineering/metadata.json +30 -0
- package/skills/microsoft/fabric-data-engineering/references/official-sources.md +17 -0
- package/skills/microsoft/fabric-data-engineering/references/safety-checklist.md +37 -0
- package/skills/microsoft/fabric-data-engineering/references/workflow-and-output.md +67 -0
- package/skills/microsoft/fabric-power-bi-business-insights-governance/SKILL.md +61 -0
- package/skills/microsoft/fabric-power-bi-business-insights-governance/metadata.json +30 -0
- package/skills/microsoft/fabric-power-bi-business-insights-governance/references/official-sources.md +17 -0
- package/skills/microsoft/fabric-power-bi-business-insights-governance/references/safety-checklist.md +35 -0
- package/skills/microsoft/fabric-power-bi-business-insights-governance/references/workflow-and-output.md +65 -0
- package/skills/microsoft/m365-backup-bcdr-data-resilience/SKILL.md +57 -0
- package/skills/microsoft/m365-backup-bcdr-data-resilience/metadata.json +30 -0
- package/skills/microsoft/m365-backup-bcdr-data-resilience/references/official-sources.md +66 -0
- package/skills/microsoft/m365-backup-bcdr-data-resilience/references/safety-checklist.md +38 -0
- package/skills/microsoft/m365-backup-bcdr-data-resilience/references/workflow-and-output.md +66 -0
- package/skills/microsoft/m365-copilot-readiness-governance/SKILL.md +58 -0
- package/skills/microsoft/m365-copilot-readiness-governance/metadata.json +30 -0
- package/skills/microsoft/m365-copilot-readiness-governance/references/copilot-governance-domain.md +66 -0
- package/skills/microsoft/m365-copilot-readiness-governance/references/official-sources.md +59 -0
- package/skills/microsoft/m365-copilot-readiness-governance/references/safety-checklist.md +38 -0
- package/skills/microsoft/m365-copilot-readiness-governance/references/workflow-and-output.md +67 -0
- package/skills/microsoft/m365-defender-xdr-security-operations/SKILL.md +62 -0
- package/skills/microsoft/m365-defender-xdr-security-operations/metadata.json +32 -0
- package/skills/microsoft/m365-defender-xdr-security-operations/references/official-sources.md +79 -0
- package/skills/microsoft/m365-defender-xdr-security-operations/references/safety-checklist.md +44 -0
- package/skills/microsoft/m365-defender-xdr-security-operations/references/workflow-and-output.md +66 -0
- package/skills/microsoft/m365-exchange-sharepoint-information-governance/SKILL.md +57 -0
- package/skills/microsoft/m365-exchange-sharepoint-information-governance/metadata.json +32 -0
- package/skills/microsoft/m365-exchange-sharepoint-information-governance/references/official-sources.md +64 -0
- package/skills/microsoft/m365-exchange-sharepoint-information-governance/references/safety-checklist.md +40 -0
- package/skills/microsoft/m365-exchange-sharepoint-information-governance/references/workflow-and-output.md +66 -0
- package/skills/microsoft/m365-identity-zero-trust/SKILL.md +58 -0
- package/skills/microsoft/m365-identity-zero-trust/metadata.json +30 -0
- package/skills/microsoft/m365-identity-zero-trust/references/identity-zero-trust-domain.md +67 -0
- package/skills/microsoft/m365-identity-zero-trust/references/official-sources.md +64 -0
- package/skills/microsoft/m365-identity-zero-trust/references/safety-checklist.md +38 -0
- package/skills/microsoft/m365-identity-zero-trust/references/workflow-and-output.md +65 -0
- package/skills/microsoft/m365-intune-endpoint-management/SKILL.md +59 -0
- package/skills/microsoft/m365-intune-endpoint-management/metadata.json +32 -0
- package/skills/microsoft/m365-intune-endpoint-management/references/official-sources.md +66 -0
- package/skills/microsoft/m365-intune-endpoint-management/references/safety-checklist.md +39 -0
- package/skills/microsoft/m365-intune-endpoint-management/references/workflow-and-output.md +67 -0
- package/skills/microsoft/m365-licensing-ea-optimization/SKILL.md +57 -0
- package/skills/microsoft/m365-licensing-ea-optimization/metadata.json +30 -0
- package/skills/microsoft/m365-licensing-ea-optimization/references/official-sources.md +67 -0
- package/skills/microsoft/m365-licensing-ea-optimization/references/safety-checklist.md +39 -0
- package/skills/microsoft/m365-licensing-ea-optimization/references/workflow-and-output.md +68 -0
- package/skills/microsoft/m365-live-identity-posture-guard/SKILL.md +101 -0
- package/skills/microsoft/m365-live-identity-posture-guard/metadata.json +22 -0
- package/skills/microsoft/m365-live-sensitivity-label-apply-guard/SKILL.md +181 -0
- package/skills/microsoft/m365-live-sensitivity-label-apply-guard/metadata.json +22 -0
- package/skills/microsoft/m365-maestro/SKILL.md +51 -0
- package/skills/microsoft/m365-maestro/metadata.json +30 -0
- package/skills/microsoft/m365-maestro/references/official-sources.md +28 -0
- package/skills/microsoft/m365-maestro/references/routing-quality-and-safety.md +66 -0
- package/skills/microsoft/m365-maestro/references/safety-checklist.md +43 -0
- package/skills/microsoft/m365-maestro/references/workflow-and-output.md +78 -0
- package/skills/microsoft/m365-purview-data-security-compliance/SKILL.md +57 -0
- package/skills/microsoft/m365-purview-data-security-compliance/metadata.json +32 -0
- package/skills/microsoft/m365-purview-data-security-compliance/references/official-sources.md +81 -0
- package/skills/microsoft/m365-purview-data-security-compliance/references/safety-checklist.md +42 -0
- package/skills/microsoft/m365-purview-data-security-compliance/references/workflow-and-output.md +65 -0
- package/skills/microsoft/m365-teams-collaboration-governance/SKILL.md +58 -0
- package/skills/microsoft/m365-teams-collaboration-governance/metadata.json +31 -0
- package/skills/microsoft/m365-teams-collaboration-governance/references/official-sources.md +66 -0
- package/skills/microsoft/m365-teams-collaboration-governance/references/safety-checklist.md +39 -0
- package/skills/microsoft/m365-teams-collaboration-governance/references/workflow-and-output.md +66 -0
- package/skills/microsoft/m365-tenant-governance/SKILL.md +57 -0
- package/skills/microsoft/m365-tenant-governance/metadata.json +30 -0
- package/skills/microsoft/m365-tenant-governance/references/official-sources.md +66 -0
- package/skills/microsoft/m365-tenant-governance/references/safety-checklist.md +38 -0
- package/skills/microsoft/m365-tenant-governance/references/workflow-and-output.md +66 -0
- package/skills/microsoft/microsoft-business-impact-value-realization/SKILL.md +60 -0
- package/skills/microsoft/microsoft-business-impact-value-realization/metadata.json +30 -0
- package/skills/microsoft/microsoft-business-impact-value-realization/references/official-sources.md +17 -0
- package/skills/microsoft/microsoft-business-impact-value-realization/references/safety-checklist.md +31 -0
- package/skills/microsoft/microsoft-business-impact-value-realization/references/workflow-and-output.md +65 -0
- package/skills/microsoft/microsoft-maestro/SKILL.md +53 -0
- package/skills/microsoft/microsoft-maestro/metadata.json +30 -0
- package/skills/microsoft/microsoft-maestro/references/official-sources.md +30 -0
- package/skills/microsoft/microsoft-maestro/references/routing-quality-and-safety.md +67 -0
- package/skills/microsoft/microsoft-maestro/references/safety-checklist.md +53 -0
- package/skills/microsoft/microsoft-maestro/references/workflow-and-output.md +70 -0
- package/skills/microsoft/power-automate-automation-risk-review/SKILL.md +62 -0
- package/skills/microsoft/power-automate-automation-risk-review/metadata.json +30 -0
- package/skills/microsoft/power-automate-automation-risk-review/references/official-sources.md +17 -0
- package/skills/microsoft/power-automate-automation-risk-review/references/safety-checklist.md +35 -0
- package/skills/microsoft/power-automate-automation-risk-review/references/workflow-and-output.md +66 -0
- package/skills/microsoft/power-platform-alm-pipelines/SKILL.md +64 -0
- package/skills/microsoft/power-platform-alm-pipelines/metadata.json +31 -0
- package/skills/microsoft/power-platform-alm-pipelines/references/official-sources.md +22 -0
- package/skills/microsoft/power-platform-alm-pipelines/references/safety-checklist.md +40 -0
- package/skills/microsoft/power-platform-alm-pipelines/references/workflow-and-output.md +68 -0
- package/skills/microsoft/power-platform-governance-dataverse-security/SKILL.md +58 -0
- package/skills/microsoft/power-platform-governance-dataverse-security/metadata.json +31 -0
- package/skills/microsoft/power-platform-governance-dataverse-security/references/dataverse-dlp-domain-guide.md +73 -0
- package/skills/microsoft/power-platform-governance-dataverse-security/references/official-sources.md +31 -0
- package/skills/microsoft/power-platform-governance-dataverse-security/references/safety-checklist.md +36 -0
- package/skills/microsoft/power-platform-governance-dataverse-security/references/workflow-and-output.md +67 -0
- package/skills/microsoft/power-platform-maestro/SKILL.md +51 -0
- package/skills/microsoft/power-platform-maestro/metadata.json +30 -0
- package/skills/microsoft/power-platform-maestro/references/official-sources.md +32 -0
- package/skills/microsoft/power-platform-maestro/references/routing-quality-and-safety.md +61 -0
- package/skills/microsoft/power-platform-maestro/references/safety-checklist.md +42 -0
- package/skills/microsoft/power-platform-maestro/references/workflow-and-output.md +86 -0
- package/skills/netsuite/README.md +138 -0
- package/skills/netsuite/netsuite-administrator-skill/SKILL.md +85 -0
- package/skills/netsuite/netsuite-administrator-skill/metadata.json +36 -0
- package/skills/netsuite/netsuite-administrator-skill/references/least-privilege.md +66 -0
- package/skills/netsuite/netsuite-administrator-skill/references/official-sources.md +12 -0
- package/skills/netsuite/netsuite-administrator-skill/references/release-drift.md +11 -0
- package/skills/netsuite/netsuite-administrator-skill/references/safety-checklist.md +19 -0
- package/skills/netsuite/netsuite-administrator-skill/references/sandbox-oauth-isolation.md +14 -0
- package/skills/netsuite/netsuite-ai-connector-mcp-skill/SKILL.md +88 -0
- package/skills/netsuite/netsuite-ai-connector-mcp-skill/metadata.json +36 -0
- package/skills/netsuite/netsuite-ai-connector-mcp-skill/references/least-privilege.md +63 -0
- package/skills/netsuite/netsuite-ai-connector-mcp-skill/references/official-sources.md +11 -0
- package/skills/netsuite/netsuite-ai-connector-mcp-skill/references/prompt-injection-patterns.md +13 -0
- package/skills/netsuite/netsuite-ai-connector-mcp-skill/references/release-drift.md +11 -0
- package/skills/netsuite/netsuite-ai-connector-mcp-skill/references/safety-checklist.md +19 -0
- package/skills/netsuite/netsuite-ai-foundations-skill/SKILL.md +85 -0
- package/skills/netsuite/netsuite-ai-foundations-skill/metadata.json +36 -0
- package/skills/netsuite/netsuite-ai-foundations-skill/references/ai-foundations-cert-status.md +12 -0
- package/skills/netsuite/netsuite-ai-foundations-skill/references/least-privilege.md +63 -0
- package/skills/netsuite/netsuite-ai-foundations-skill/references/official-sources.md +12 -0
- package/skills/netsuite/netsuite-ai-foundations-skill/references/release-drift.md +11 -0
- package/skills/netsuite/netsuite-ai-foundations-skill/references/safety-checklist.md +18 -0
- package/skills/netsuite/netsuite-application-developer-skill/SKILL.md +87 -0
- package/skills/netsuite/netsuite-application-developer-skill/metadata.json +35 -0
- package/skills/netsuite/netsuite-application-developer-skill/references/least-privilege.md +64 -0
- package/skills/netsuite/netsuite-application-developer-skill/references/official-sources.md +10 -0
- package/skills/netsuite/netsuite-application-developer-skill/references/release-drift.md +11 -0
- package/skills/netsuite/netsuite-application-developer-skill/references/safety-checklist.md +18 -0
- package/skills/netsuite/netsuite-application-developer-skill/references/script-type-reference.md +14 -0
- package/skills/netsuite/netsuite-audit-controls-sox-skill/SKILL.md +86 -0
- package/skills/netsuite/netsuite-audit-controls-sox-skill/metadata.json +36 -0
- package/skills/netsuite/netsuite-audit-controls-sox-skill/references/least-privilege.md +66 -0
- package/skills/netsuite/netsuite-audit-controls-sox-skill/references/official-sources.md +12 -0
- package/skills/netsuite/netsuite-audit-controls-sox-skill/references/release-drift.md +11 -0
- package/skills/netsuite/netsuite-audit-controls-sox-skill/references/safety-checklist.md +18 -0
- package/skills/netsuite/netsuite-audit-controls-sox-skill/references/sox-control-map.md +13 -0
- package/skills/netsuite/netsuite-bi-reporting-skill/SKILL.md +87 -0
- package/skills/netsuite/netsuite-bi-reporting-skill/metadata.json +36 -0
- package/skills/netsuite/netsuite-bi-reporting-skill/references/kpi-formula-reference.md +14 -0
- package/skills/netsuite/netsuite-bi-reporting-skill/references/least-privilege.md +64 -0
- package/skills/netsuite/netsuite-bi-reporting-skill/references/official-sources.md +11 -0
- package/skills/netsuite/netsuite-bi-reporting-skill/references/release-drift.md +11 -0
- package/skills/netsuite/netsuite-bi-reporting-skill/references/safety-checklist.md +18 -0
- package/skills/netsuite/netsuite-data-governance-privacy-skill/SKILL.md +85 -0
- package/skills/netsuite/netsuite-data-governance-privacy-skill/metadata.json +34 -0
- package/skills/netsuite/netsuite-data-governance-privacy-skill/references/least-privilege.md +66 -0
- package/skills/netsuite/netsuite-data-governance-privacy-skill/references/official-sources.md +10 -0
- package/skills/netsuite/netsuite-data-governance-privacy-skill/references/pii-field-catalog.md +12 -0
- package/skills/netsuite/netsuite-data-governance-privacy-skill/references/release-drift.md +11 -0
- package/skills/netsuite/netsuite-data-governance-privacy-skill/references/safety-checklist.md +17 -0
- package/skills/netsuite/netsuite-enterprise-architecture-skill/SKILL.md +86 -0
- package/skills/netsuite/netsuite-enterprise-architecture-skill/metadata.json +39 -0
- package/skills/netsuite/netsuite-enterprise-architecture-skill/references/adr-template.md +14 -0
- package/skills/netsuite/netsuite-enterprise-architecture-skill/references/least-privilege.md +63 -0
- package/skills/netsuite/netsuite-enterprise-architecture-skill/references/official-sources.md +15 -0
- package/skills/netsuite/netsuite-enterprise-architecture-skill/references/release-drift.md +11 -0
- package/skills/netsuite/netsuite-enterprise-architecture-skill/references/safety-checklist.md +19 -0
- package/skills/netsuite/netsuite-erp-consultant-skill/SKILL.md +85 -0
- package/skills/netsuite/netsuite-erp-consultant-skill/metadata.json +35 -0
- package/skills/netsuite/netsuite-erp-consultant-skill/references/erp-process-domain-map.md +14 -0
- package/skills/netsuite/netsuite-erp-consultant-skill/references/least-privilege.md +64 -0
- package/skills/netsuite/netsuite-erp-consultant-skill/references/official-sources.md +11 -0
- package/skills/netsuite/netsuite-erp-consultant-skill/references/release-drift.md +11 -0
- package/skills/netsuite/netsuite-erp-consultant-skill/references/safety-checklist.md +19 -0
- package/skills/netsuite/netsuite-evidence-release-drift-skill/SKILL.md +85 -0
- package/skills/netsuite/netsuite-evidence-release-drift-skill/metadata.json +36 -0
- package/skills/netsuite/netsuite-evidence-release-drift-skill/references/evidence-hierarchy.md +13 -0
- package/skills/netsuite/netsuite-evidence-release-drift-skill/references/least-privilege.md +58 -0
- package/skills/netsuite/netsuite-evidence-release-drift-skill/references/official-sources.md +12 -0
- package/skills/netsuite/netsuite-evidence-release-drift-skill/references/release-drift.md +11 -0
- package/skills/netsuite/netsuite-evidence-release-drift-skill/references/safety-checklist.md +18 -0
- package/skills/netsuite/netsuite-financial-foundations-skill/SKILL.md +85 -0
- package/skills/netsuite/netsuite-financial-foundations-skill/metadata.json +36 -0
- package/skills/netsuite/netsuite-financial-foundations-skill/references/financial-foundations-domain-map.md +12 -0
- package/skills/netsuite/netsuite-financial-foundations-skill/references/least-privilege.md +65 -0
- package/skills/netsuite/netsuite-financial-foundations-skill/references/official-sources.md +12 -0
- package/skills/netsuite/netsuite-financial-foundations-skill/references/release-drift.md +11 -0
- package/skills/netsuite/netsuite-financial-foundations-skill/references/safety-checklist.md +18 -0
- package/skills/netsuite/netsuite-identity-access-role-permission-skill/SKILL.md +86 -0
- package/skills/netsuite/netsuite-identity-access-role-permission-skill/metadata.json +36 -0
- package/skills/netsuite/netsuite-identity-access-role-permission-skill/references/least-privilege.md +63 -0
- package/skills/netsuite/netsuite-identity-access-role-permission-skill/references/official-sources.md +11 -0
- package/skills/netsuite/netsuite-identity-access-role-permission-skill/references/release-drift.md +11 -0
- package/skills/netsuite/netsuite-identity-access-role-permission-skill/references/safety-checklist.md +18 -0
- package/skills/netsuite/netsuite-identity-access-role-permission-skill/references/sod-conflict-matrix.md +12 -0
- package/skills/netsuite/netsuite-integration-migration-skill/SKILL.md +85 -0
- package/skills/netsuite/netsuite-integration-migration-skill/metadata.json +36 -0
- package/skills/netsuite/netsuite-integration-migration-skill/references/least-privilege.md +61 -0
- package/skills/netsuite/netsuite-integration-migration-skill/references/migration-complexity-matrix.md +14 -0
- package/skills/netsuite/netsuite-integration-migration-skill/references/official-sources.md +12 -0
- package/skills/netsuite/netsuite-integration-migration-skill/references/release-drift.md +11 -0
- package/skills/netsuite/netsuite-integration-migration-skill/references/safety-checklist.md +17 -0
- package/skills/netsuite/netsuite-live-operation-safety-skill/SKILL.md +92 -0
- package/skills/netsuite/netsuite-live-operation-safety-skill/metadata.json +38 -0
- package/skills/netsuite/netsuite-live-operation-safety-skill/references/blast-radius-guide.md +14 -0
- package/skills/netsuite/netsuite-live-operation-safety-skill/references/least-privilege.md +65 -0
- package/skills/netsuite/netsuite-live-operation-safety-skill/references/official-sources.md +14 -0
- package/skills/netsuite/netsuite-live-operation-safety-skill/references/release-drift.md +11 -0
- package/skills/netsuite/netsuite-live-operation-safety-skill/references/safety-checklist.md +24 -0
- package/skills/netsuite/netsuite-oneworld-multisubsidiary-skill/SKILL.md +85 -0
- package/skills/netsuite/netsuite-oneworld-multisubsidiary-skill/metadata.json +33 -0
- package/skills/netsuite/netsuite-oneworld-multisubsidiary-skill/references/intercompany-patterns.md +12 -0
- package/skills/netsuite/netsuite-oneworld-multisubsidiary-skill/references/least-privilege.md +64 -0
- package/skills/netsuite/netsuite-oneworld-multisubsidiary-skill/references/official-sources.md +9 -0
- package/skills/netsuite/netsuite-oneworld-multisubsidiary-skill/references/release-drift.md +11 -0
- package/skills/netsuite/netsuite-oneworld-multisubsidiary-skill/references/safety-checklist.md +17 -0
- package/skills/netsuite/netsuite-sandbox-nonproduction-governance-skill/SKILL.md +85 -0
- package/skills/netsuite/netsuite-sandbox-nonproduction-governance-skill/metadata.json +37 -0
- package/skills/netsuite/netsuite-sandbox-nonproduction-governance-skill/references/least-privilege.md +60 -0
- package/skills/netsuite/netsuite-sandbox-nonproduction-governance-skill/references/official-sources.md +13 -0
- package/skills/netsuite/netsuite-sandbox-nonproduction-governance-skill/references/release-drift.md +11 -0
- package/skills/netsuite/netsuite-sandbox-nonproduction-governance-skill/references/safety-checklist.md +17 -0
- package/skills/netsuite/netsuite-sandbox-nonproduction-governance-skill/references/sandbox-promotion-checklist.md +14 -0
- package/skills/netsuite/netsuite-saved-searches-workbook-skill/SKILL.md +86 -0
- package/skills/netsuite/netsuite-saved-searches-workbook-skill/metadata.json +34 -0
- package/skills/netsuite/netsuite-saved-searches-workbook-skill/references/least-privilege.md +65 -0
- package/skills/netsuite/netsuite-saved-searches-workbook-skill/references/official-sources.md +10 -0
- package/skills/netsuite/netsuite-saved-searches-workbook-skill/references/pii-field-catalog.md +14 -0
- package/skills/netsuite/netsuite-saved-searches-workbook-skill/references/release-drift.md +11 -0
- package/skills/netsuite/netsuite-saved-searches-workbook-skill/references/safety-checklist.md +18 -0
- package/skills/netsuite/netsuite-sdf-devops-release-skill/SKILL.md +87 -0
- package/skills/netsuite/netsuite-sdf-devops-release-skill/metadata.json +35 -0
- package/skills/netsuite/netsuite-sdf-devops-release-skill/references/least-privilege.md +64 -0
- package/skills/netsuite/netsuite-sdf-devops-release-skill/references/official-sources.md +10 -0
- package/skills/netsuite/netsuite-sdf-devops-release-skill/references/release-drift.md +11 -0
- package/skills/netsuite/netsuite-sdf-devops-release-skill/references/safety-checklist.md +18 -0
- package/skills/netsuite/netsuite-sdf-devops-release-skill/references/sdf-documentation-gates.md +13 -0
- package/skills/netsuite/netsuite-sso-oauth-tba-skill/SKILL.md +86 -0
- package/skills/netsuite/netsuite-sso-oauth-tba-skill/metadata.json +41 -0
- package/skills/netsuite/netsuite-sso-oauth-tba-skill/references/auth-compatibility-matrix.md +12 -0
- package/skills/netsuite/netsuite-sso-oauth-tba-skill/references/least-privilege.md +62 -0
- package/skills/netsuite/netsuite-sso-oauth-tba-skill/references/official-sources.md +17 -0
- package/skills/netsuite/netsuite-sso-oauth-tba-skill/references/release-drift.md +11 -0
- package/skills/netsuite/netsuite-sso-oauth-tba-skill/references/safety-checklist.md +18 -0
- package/skills/netsuite/netsuite-suitecloud-developer-skill/SKILL.md +86 -0
- package/skills/netsuite/netsuite-suitecloud-developer-skill/metadata.json +37 -0
- package/skills/netsuite/netsuite-suitecloud-developer-skill/references/least-privilege.md +61 -0
- package/skills/netsuite/netsuite-suitecloud-developer-skill/references/official-sources.md +12 -0
- package/skills/netsuite/netsuite-suitecloud-developer-skill/references/release-drift.md +11 -0
- package/skills/netsuite/netsuite-suitecloud-developer-skill/references/safety-checklist.md +17 -0
- package/skills/netsuite/netsuite-suitecloud-developer-skill/references/sdf-object-reference.md +14 -0
- package/skills/netsuite/netsuite-suiteflow-automation-skill/SKILL.md +85 -0
- package/skills/netsuite/netsuite-suiteflow-automation-skill/metadata.json +36 -0
- package/skills/netsuite/netsuite-suiteflow-automation-skill/references/least-privilege.md +65 -0
- package/skills/netsuite/netsuite-suiteflow-automation-skill/references/official-sources.md +12 -0
- package/skills/netsuite/netsuite-suiteflow-automation-skill/references/release-drift.md +11 -0
- package/skills/netsuite/netsuite-suiteflow-automation-skill/references/safety-checklist.md +18 -0
- package/skills/netsuite/netsuite-suiteflow-automation-skill/references/suiteflow-state-machine-guide.md +13 -0
- package/skills/netsuite/netsuite-suitefoundation-skill/SKILL.md +83 -0
- package/skills/netsuite/netsuite-suitefoundation-skill/metadata.json +35 -0
- package/skills/netsuite/netsuite-suitefoundation-skill/references/least-privilege.md +63 -0
- package/skills/netsuite/netsuite-suitefoundation-skill/references/official-sources.md +11 -0
- package/skills/netsuite/netsuite-suitefoundation-skill/references/release-drift.md +11 -0
- package/skills/netsuite/netsuite-suitefoundation-skill/references/safety-checklist.md +17 -0
- package/skills/netsuite/netsuite-suitefoundation-skill/references/suitefoundation-domain-map.md +14 -0
- package/skills/netsuite/netsuite-suitescript-secure-code-review-skill/SKILL.md +86 -0
- package/skills/netsuite/netsuite-suitescript-secure-code-review-skill/metadata.json +37 -0
- package/skills/netsuite/netsuite-suitescript-secure-code-review-skill/references/least-privilege.md +65 -0
- package/skills/netsuite/netsuite-suitescript-secure-code-review-skill/references/official-sources.md +12 -0
- package/skills/netsuite/netsuite-suitescript-secure-code-review-skill/references/oscp-vanguard-severity-map.md +14 -0
- package/skills/netsuite/netsuite-suitescript-secure-code-review-skill/references/release-drift.md +11 -0
- package/skills/netsuite/netsuite-suitescript-secure-code-review-skill/references/safety-checklist.md +18 -0
- package/skills/netsuite/netsuite-web-services-integration-skill/SKILL.md +85 -0
- package/skills/netsuite/netsuite-web-services-integration-skill/metadata.json +38 -0
- package/skills/netsuite/netsuite-web-services-integration-skill/references/auth-posture-matrix.md +14 -0
- package/skills/netsuite/netsuite-web-services-integration-skill/references/least-privilege.md +61 -0
- package/skills/netsuite/netsuite-web-services-integration-skill/references/official-sources.md +14 -0
- package/skills/netsuite/netsuite-web-services-integration-skill/references/release-drift.md +11 -0
- package/skills/netsuite/netsuite-web-services-integration-skill/references/safety-checklist.md +17 -0
- package/skills/snowflake/snowflake-data-platform-engineering-at-azure/SKILL.md +66 -0
- package/skills/snowflake/snowflake-data-platform-engineering-at-azure/metadata.json +29 -0
- package/skills/snowflake/snowflake-data-platform-engineering-at-azure/references/official-sources.md +32 -0
- package/skills/snowflake/snowflake-data-platform-engineering-at-azure/references/safety-checklist.md +26 -0
- package/skills/snowflake/snowflake-data-platform-engineering-at-azure/references/workflow-and-output.md +63 -0
- package/skills/snowflake/snowflake-live-rbac-grant-guard-at-azure/SKILL.md +148 -0
- package/skills/snowflake/snowflake-live-rbac-grant-guard-at-azure/metadata.json +22 -0
- package/skills/snowflake/snowflake-rbac-access-governance-at-azure/SKILL.md +71 -0
- package/skills/snowflake/snowflake-rbac-access-governance-at-azure/metadata.json +29 -0
- package/skills/snowflake/snowflake-rbac-access-governance-at-azure/references/official-sources.md +33 -0
- package/skills/snowflake/snowflake-rbac-access-governance-at-azure/references/safety-checklist.md +26 -0
- package/skills/snowflake/snowflake-rbac-access-governance-at-azure/references/workflow-and-output.md +61 -0
- package/tests/fixtures/microsoft-maestro-routing/expected/001-happy-business-impact-value-realization.json +6 -0
- package/tests/fixtures/microsoft-maestro-routing/expected/002-happy-copilot-governance-maestro.json +6 -0
- package/tests/fixtures/microsoft-maestro-routing/expected/003-happy-copilot-studio-agent-governance-alm.json +6 -0
- package/tests/fixtures/microsoft-maestro-routing/expected/004-happy-d365-commerce.json +6 -0
- package/tests/fixtures/microsoft-maestro-routing/expected/005-happy-d365-customer-insights-journeys.json +6 -0
- package/tests/fixtures/microsoft-maestro-routing/expected/006-happy-d365-customer-service-contact-center.json +6 -0
- package/tests/fixtures/microsoft-maestro-routing/expected/007-happy-d365-data-migration-cutover.json +6 -0
- package/tests/fixtures/microsoft-maestro-routing/expected/008-happy-d365-field-service-to-cash.json +6 -0
- package/tests/fixtures/microsoft-maestro-routing/expected/009-happy-d365-finance-close-to-report.json +6 -0
- package/tests/fixtures/microsoft-maestro-routing/expected/010-happy-d365-fno-developer-extension.json +6 -0
- package/tests/fixtures/microsoft-maestro-routing/expected/011-happy-d365-integration-dual-write.json +6 -0
- package/tests/fixtures/microsoft-maestro-routing/expected/012-happy-d365-maestro.json +6 -0
- package/tests/fixtures/microsoft-maestro-routing/expected/013-happy-d365-project-operations.json +6 -0
- package/tests/fixtures/microsoft-maestro-routing/expected/014-happy-d365-sales-revenue-operations.json +6 -0
- package/tests/fixtures/microsoft-maestro-routing/expected/015-happy-d365-security-sod-governance.json +6 -0
- package/tests/fixtures/microsoft-maestro-routing/expected/016-happy-d365-success-by-design-governance.json +6 -0
- package/tests/fixtures/microsoft-maestro-routing/expected/017-happy-d365-supply-chain-plan-to-produce.json +6 -0
- package/tests/fixtures/microsoft-maestro-routing/expected/018-happy-fabric-analytics-engineering.json +6 -0
- package/tests/fixtures/microsoft-maestro-routing/expected/019-happy-fabric-data-engineering.json +6 -0
- package/tests/fixtures/microsoft-maestro-routing/expected/020-happy-fabric-power-bi-business-insights-governance.json +6 -0
- package/tests/fixtures/microsoft-maestro-routing/expected/021-happy-m365-backup-bcdr-data-resilience.json +6 -0
- package/tests/fixtures/microsoft-maestro-routing/expected/022-happy-m365-copilot-readiness-governance.json +6 -0
- package/tests/fixtures/microsoft-maestro-routing/expected/023-happy-m365-defender-xdr-security-operations.json +6 -0
- package/tests/fixtures/microsoft-maestro-routing/expected/024-happy-m365-exchange-sharepoint-information-governance.json +6 -0
- package/tests/fixtures/microsoft-maestro-routing/expected/025-happy-m365-identity-zero-trust.json +6 -0
- package/tests/fixtures/microsoft-maestro-routing/expected/026-happy-m365-intune-endpoint-management.json +6 -0
- package/tests/fixtures/microsoft-maestro-routing/expected/027-happy-m365-licensing-ea-optimization.json +6 -0
- package/tests/fixtures/microsoft-maestro-routing/expected/028-happy-m365-maestro.json +6 -0
- package/tests/fixtures/microsoft-maestro-routing/expected/029-happy-m365-purview-data-security-compliance.json +6 -0
- package/tests/fixtures/microsoft-maestro-routing/expected/030-happy-m365-teams-collaboration-governance.json +6 -0
- package/tests/fixtures/microsoft-maestro-routing/expected/031-happy-m365-tenant-governance.json +6 -0
- package/tests/fixtures/microsoft-maestro-routing/expected/032-happy-power-automate-automation-risk-review.json +6 -0
- package/tests/fixtures/microsoft-maestro-routing/expected/033-happy-power-platform-alm-pipelines.json +6 -0
- package/tests/fixtures/microsoft-maestro-routing/expected/034-happy-power-platform-governance-dataverse-security.json +6 -0
- package/tests/fixtures/microsoft-maestro-routing/expected/035-happy-power-platform-maestro.json +6 -0
- package/tests/fixtures/microsoft-maestro-routing/expected/adv-ambiguous.json +4 -0
- package/tests/fixtures/microsoft-maestro-routing/expected/adv-instruction-injection.json +6 -0
- package/tests/fixtures/microsoft-maestro-routing/expected/adv-liveguard-01-d365-live-record-field-update-guard.json +6 -0
- package/tests/fixtures/microsoft-maestro-routing/expected/adv-liveguard-02-d365-live-security-role-guard.json +6 -0
- package/tests/fixtures/microsoft-maestro-routing/expected/adv-liveguard-03-m365-live-identity-posture-guard.json +6 -0
- package/tests/fixtures/microsoft-maestro-routing/expected/adv-liveguard-04-m365-live-sensitivity-label-apply-guard.json +6 -0
- package/tests/fixtures/microsoft-maestro-routing/expected/adv-persona-replacement.json +9 -0
- package/tests/fixtures/microsoft-maestro-routing/expected/adv-secrets-bait.json +6 -0
- package/tests/fixtures/microsoft-maestro-routing/inputs/001-happy-business-impact-value-realization.json +7 -0
- package/tests/fixtures/microsoft-maestro-routing/inputs/002-happy-copilot-governance-maestro.json +7 -0
- package/tests/fixtures/microsoft-maestro-routing/inputs/003-happy-copilot-studio-agent-governance-alm.json +7 -0
- package/tests/fixtures/microsoft-maestro-routing/inputs/004-happy-d365-commerce.json +7 -0
- package/tests/fixtures/microsoft-maestro-routing/inputs/005-happy-d365-customer-insights-journeys.json +7 -0
- package/tests/fixtures/microsoft-maestro-routing/inputs/006-happy-d365-customer-service-contact-center.json +7 -0
- package/tests/fixtures/microsoft-maestro-routing/inputs/007-happy-d365-data-migration-cutover.json +7 -0
- package/tests/fixtures/microsoft-maestro-routing/inputs/008-happy-d365-field-service-to-cash.json +7 -0
- package/tests/fixtures/microsoft-maestro-routing/inputs/009-happy-d365-finance-close-to-report.json +7 -0
- package/tests/fixtures/microsoft-maestro-routing/inputs/010-happy-d365-fno-developer-extension.json +7 -0
- package/tests/fixtures/microsoft-maestro-routing/inputs/011-happy-d365-integration-dual-write.json +7 -0
- package/tests/fixtures/microsoft-maestro-routing/inputs/012-happy-d365-maestro.json +7 -0
- package/tests/fixtures/microsoft-maestro-routing/inputs/013-happy-d365-project-operations.json +7 -0
- package/tests/fixtures/microsoft-maestro-routing/inputs/014-happy-d365-sales-revenue-operations.json +7 -0
- package/tests/fixtures/microsoft-maestro-routing/inputs/015-happy-d365-security-sod-governance.json +7 -0
- package/tests/fixtures/microsoft-maestro-routing/inputs/016-happy-d365-success-by-design-governance.json +7 -0
- package/tests/fixtures/microsoft-maestro-routing/inputs/017-happy-d365-supply-chain-plan-to-produce.json +7 -0
- package/tests/fixtures/microsoft-maestro-routing/inputs/018-happy-fabric-analytics-engineering.json +7 -0
- package/tests/fixtures/microsoft-maestro-routing/inputs/019-happy-fabric-data-engineering.json +7 -0
- package/tests/fixtures/microsoft-maestro-routing/inputs/020-happy-fabric-power-bi-business-insights-governance.json +7 -0
- package/tests/fixtures/microsoft-maestro-routing/inputs/021-happy-m365-backup-bcdr-data-resilience.json +7 -0
- package/tests/fixtures/microsoft-maestro-routing/inputs/022-happy-m365-copilot-readiness-governance.json +7 -0
- package/tests/fixtures/microsoft-maestro-routing/inputs/023-happy-m365-defender-xdr-security-operations.json +7 -0
- package/tests/fixtures/microsoft-maestro-routing/inputs/024-happy-m365-exchange-sharepoint-information-governance.json +7 -0
- package/tests/fixtures/microsoft-maestro-routing/inputs/025-happy-m365-identity-zero-trust.json +7 -0
- package/tests/fixtures/microsoft-maestro-routing/inputs/026-happy-m365-intune-endpoint-management.json +7 -0
- package/tests/fixtures/microsoft-maestro-routing/inputs/027-happy-m365-licensing-ea-optimization.json +7 -0
- package/tests/fixtures/microsoft-maestro-routing/inputs/028-happy-m365-maestro.json +7 -0
- package/tests/fixtures/microsoft-maestro-routing/inputs/029-happy-m365-purview-data-security-compliance.json +7 -0
- package/tests/fixtures/microsoft-maestro-routing/inputs/030-happy-m365-teams-collaboration-governance.json +7 -0
- package/tests/fixtures/microsoft-maestro-routing/inputs/031-happy-m365-tenant-governance.json +7 -0
- package/tests/fixtures/microsoft-maestro-routing/inputs/032-happy-power-automate-automation-risk-review.json +7 -0
- package/tests/fixtures/microsoft-maestro-routing/inputs/033-happy-power-platform-alm-pipelines.json +7 -0
- package/tests/fixtures/microsoft-maestro-routing/inputs/034-happy-power-platform-governance-dataverse-security.json +7 -0
- package/tests/fixtures/microsoft-maestro-routing/inputs/035-happy-power-platform-maestro.json +7 -0
- package/tests/fixtures/microsoft-maestro-routing/inputs/adv-ambiguous.json +7 -0
- package/tests/fixtures/microsoft-maestro-routing/inputs/adv-instruction-injection.json +7 -0
- package/tests/fixtures/microsoft-maestro-routing/inputs/adv-liveguard-01-d365-live-record-field-update-guard.json +7 -0
- package/tests/fixtures/microsoft-maestro-routing/inputs/adv-liveguard-02-d365-live-security-role-guard.json +7 -0
- package/tests/fixtures/microsoft-maestro-routing/inputs/adv-liveguard-03-m365-live-identity-posture-guard.json +7 -0
- package/tests/fixtures/microsoft-maestro-routing/inputs/adv-liveguard-04-m365-live-sensitivity-label-apply-guard.json +7 -0
- package/tests/fixtures/microsoft-maestro-routing/inputs/adv-persona-replacement.json +7 -0
- package/tests/fixtures/microsoft-maestro-routing/inputs/adv-secrets-bait.json +7 -0
- package/tests/fixtures/microsoft-maestro-routing/taxonomy.json +467 -0
- package/tests/fixtures/netsuite-maestro-routing/expected/001-happy-finance-setup.json +6 -0
- package/tests/fixtures/netsuite-maestro-routing/expected/002-happy-suitescript-security.json +6 -0
- package/tests/fixtures/netsuite-maestro-routing/expected/003-cross-domain-saved-search-subsidiary.json +12 -0
- package/tests/fixtures/netsuite-maestro-routing/inputs/001-happy-finance-setup.json +7 -0
- package/tests/fixtures/netsuite-maestro-routing/inputs/002-happy-suitescript-security.json +7 -0
- package/tests/fixtures/netsuite-maestro-routing/inputs/003-cross-domain-saved-search-subsidiary.json +7 -0
- package/tests/fixtures/netsuite-maestro-routing/taxonomy.json +232 -0
- package/tests/test-vfa-export-coverage.test.mjs +136 -0
- package/tests/validate-catalog.py +4 -0
|
@@ -0,0 +1,79 @@
|
|
|
1
|
+
# Official sources
|
|
2
|
+
|
|
3
|
+
Use this reference only when you need source grounding for Microsoft Defender XDR security operations — incident response, advanced hunting, AIR, attack disruption, Defender signal sources, and Microsoft Sentinel integration — or the detailed source list.
|
|
4
|
+
|
|
5
|
+
## Microsoft documentation
|
|
6
|
+
|
|
7
|
+
Use these as starting points, not as proof of the user's live Microsoft Defender XDR tenant incident state:
|
|
8
|
+
|
|
9
|
+
- https://learn.microsoft.com/defender-xdr/microsoft-365-defender
|
|
10
|
+
- https://learn.microsoft.com/defender-xdr/advanced-hunting-overview
|
|
11
|
+
- https://learn.microsoft.com/defender-xdr/m365d-autoir
|
|
12
|
+
- https://learn.microsoft.com/defender-xdr/incident-queue
|
|
13
|
+
- https://learn.microsoft.com/defender-xdr/automatic-attack-disruption
|
|
14
|
+
- https://learn.microsoft.com/security/zero-trust/siem-xdr-overview
|
|
15
|
+
- https://learn.microsoft.com/defender-xdr/m365d-configure-auto-investigation-response
|
|
16
|
+
- https://learn.microsoft.com/defender-xdr/advanced-hunting-schema-tables
|
|
17
|
+
- https://learn.microsoft.com/defender-xdr/custom-detection-rules
|
|
18
|
+
- https://learn.microsoft.com/defender-xdr/pilot-deploy-investigate-respond
|
|
19
|
+
|
|
20
|
+
## Grounding rule
|
|
21
|
+
|
|
22
|
+
Official documentation explains Microsoft Defender XDR and Sentinel service behavior. It does not prove the user's current incident queue state, AIR automation level, advanced hunting coverage, or Sentinel analytics rule deployment. Prefer read-only Defender XDR portal evidence, Graph Security API read output, repository evidence, or sanitized user-provided evidence for current-state claims.
|
|
23
|
+
|
|
24
|
+
## Current documentation refresh (2026-06-17)
|
|
25
|
+
|
|
26
|
+
Key service facts from official Microsoft Learn documentation:
|
|
27
|
+
|
|
28
|
+
**Microsoft Defender XDR unified platform (per learn.microsoft.com/defender-xdr/microsoft-365-defender):**
|
|
29
|
+
- Unified incident queue in the Microsoft Defender portal correlates alerts from Defender for Endpoint, Defender for Office 365, Defender for Identity, and Defender for Cloud Apps into single incidents
|
|
30
|
+
- Incidents expose the complete attack story including affected entities, alert timeline, evidence, and automated investigation results
|
|
31
|
+
- Automatic attack disruption uses high-fidelity signals from incident correlation to contain active attacks at machine speed — isolating compromised devices and disabling compromised accounts without waiting for analyst action
|
|
32
|
+
- Zero Trust assume-breach principle: treat every unconfirmed incident as active; minimize lateral movement window by acting on disruption signals quickly
|
|
33
|
+
|
|
34
|
+
**Advanced hunting with KQL (per learn.microsoft.com/defender-xdr/advanced-hunting-overview):**
|
|
35
|
+
- Query-based proactive threat hunting across up to 30 days of raw data using Kusto Query Language (KQL)
|
|
36
|
+
- Schema tables include: EmailEvents, EmailAttachmentInfo, DeviceFileEvents, DeviceProcessEvents, IdentityDirectoryEvents, IdentityQueryEvents, CloudAuditEvents, CloudProcessEvents, CloudStorageAggregatedEvents
|
|
37
|
+
- Guided mode enables visual query construction without KQL for analysts learning the schema
|
|
38
|
+
- Custom detection rules run advanced hunting queries on a schedule and generate alerts or response actions automatically
|
|
39
|
+
- FileProfile() function enriches file SHA256 hashes with threat intelligence including prevalence, signer, and issuer data
|
|
40
|
+
|
|
41
|
+
**Automated investigation and response — AIR (per learn.microsoft.com/defender-xdr/m365d-autoir):**
|
|
42
|
+
- AIR automatically investigates alerts and produces verdicts: malicious, suspicious, or no threats found
|
|
43
|
+
- Remediation actions from AIR include: quarantine file, stop process, block URL, isolate device
|
|
44
|
+
- Action Center shows all pending and completed remediation actions requiring approval or review
|
|
45
|
+
- Automation level for device groups controls whether AIR remediates automatically (Full) or requires analyst approval (Semi or None)
|
|
46
|
+
- Recommended setting: Full — remediate threats automatically for mature SOC environments with tested playbooks
|
|
47
|
+
|
|
48
|
+
**Automatic attack disruption (per learn.microsoft.com/defender-xdr/automatic-attack-disruption):**
|
|
49
|
+
- High-confidence containment of active attacks at machine speed: isolates compromised endpoints, disables compromised user accounts
|
|
50
|
+
- Triggered by incident correlation signals; marked clearly in the Defender XDR incident queue
|
|
51
|
+
- Does not require analyst action to trigger; analysts review and can reverse disruption actions in Action Center
|
|
52
|
+
|
|
53
|
+
**Defender signal sources:**
|
|
54
|
+
- Defender for Endpoint: device risk, behavioral analytics, EDR, file and process telemetry
|
|
55
|
+
- Defender for Office 365: phishing, malware in email, safe links, safe attachments, threat explorer
|
|
56
|
+
- Defender for Identity: lateral movement, credential harvesting, domain controller activity, pass-the-hash/ticket
|
|
57
|
+
- Defender for Cloud Apps: shadow IT, OAuth app anomalies, cloud discovery, anomalous session activity
|
|
58
|
+
|
|
59
|
+
**Microsoft Sentinel integration (per learn.microsoft.com/security/zero-trust/siem-xdr-overview):**
|
|
60
|
+
- Microsoft Sentinel workspaces can be onboarded to the Defender portal for unified SIEM-XDR incident management
|
|
61
|
+
- Sentinel analytics rules generate alerts that correlate with Defender XDR incidents
|
|
62
|
+
- Sentinel playbooks (Logic Apps) automate response actions and can be triggered by Defender XDR incidents
|
|
63
|
+
- Advanced hunting in the unified portal queries both Defender XDR and Sentinel data sources
|
|
64
|
+
|
|
65
|
+
**SC-200 certification anchor:**
|
|
66
|
+
- SC-200 Security Operations Analyst Associate validates threat mitigation using Microsoft Defender XDR, Microsoft Sentinel, Defender for Endpoint, Defender for Identity, Defender for Office 365, and Defender for Cloud Apps
|
|
67
|
+
|
|
68
|
+
**Common failure modes:**
|
|
69
|
+
- AIR automation level set to None or Semi for all device groups, requiring manual approval for every remediation action and slowing response significantly
|
|
70
|
+
- Advanced hunting not used proactively; SOC relies only on alert-driven investigation without hunting for precursor indicators
|
|
71
|
+
- Incident queue not triaged by severity; high-severity incidents assigned alongside low-severity noise without prioritization
|
|
72
|
+
- Custom detection rules not deployed for organization-specific threat patterns, leaving KQL hunting insights unused
|
|
73
|
+
- Microsoft Sentinel analytics rules not tuned, generating high false-positive volumes that suppress analyst attention to true positives
|
|
74
|
+
- Automatic attack disruption actions not reviewed post-containment, leaving disrupted users or devices isolated beyond the threat window
|
|
75
|
+
|
|
76
|
+
Review implications:
|
|
77
|
+
- Do not recommend changing AIR automation levels without assessing the current false-positive rate and incident volume.
|
|
78
|
+
- Containment actions initiated outside of automatic attack disruption require explicit SecOps owner approval — escalate immediately.
|
|
79
|
+
- Documentation cannot prove the user's actual incident queue state, AIR automation level, or Sentinel analytics rule coverage.
|
|
@@ -0,0 +1,44 @@
|
|
|
1
|
+
# Safety checklist
|
|
2
|
+
|
|
3
|
+
Use this reference before any recommendation that involves containment actions, AIR automation level changes, automated-response policy modifications, Sentinel playbook execution, or any other live Microsoft Defender XDR or Sentinel production action.
|
|
4
|
+
|
|
5
|
+
## Non-negotiables
|
|
6
|
+
|
|
7
|
+
- Never recommend or initiate device isolation, user account disable, file or URL block, process termination, or any other containment action without explicit SecOps owner approval and a documented blast-radius assessment. State this escalation requirement plainly.
|
|
8
|
+
- Never recommend changing AIR automation levels (especially from Semi to Full for untested device groups) without a false-positive rate assessment and a tested rollback procedure.
|
|
9
|
+
- Never recommend executing Sentinel playbooks against production environments without a dry-run validation and SecOps owner approval.
|
|
10
|
+
- Never ask users to paste secrets, admin credentials, tenant IDs, API keys, certificates, private keys, or customer data into chat.
|
|
11
|
+
- Use read-only Defender XDR portal evidence, Graph Security API read evidence, or Sentinel workspace query results for live state when available; otherwise use repository evidence, sanitized user evidence, or official documentation and label the evidence level.
|
|
12
|
+
- Do not invent incident states, AIR verdicts, alert volumes, or Sentinel analytics rule coverage.
|
|
13
|
+
- Require explicit SecOps owner approval before recommending any containment action, AIR configuration change, custom detection rule deployment, or Sentinel playbook modification.
|
|
14
|
+
- Keep remediation least-privilege, reversible, staged (advisory before live execution), and scoped to the requested threat scenario.
|
|
15
|
+
- Apply Zero Trust assume-breach: treat every unconfirmed incident as active and every unreviewed containment reversal as a potential re-exposure risk.
|
|
16
|
+
- Treat any AIR automation level set to None for all device groups as a gap — manual-only remediation creates unacceptable response latency for ransomware and lateral movement scenarios.
|
|
17
|
+
|
|
18
|
+
## Stress checks
|
|
19
|
+
|
|
20
|
+
- What containment action is being recommended, and has the SecOps owner explicitly approved it?
|
|
21
|
+
- What is the blast radius if the device isolation or account disable is incorrect (wrong device, wrong user)?
|
|
22
|
+
- What rollback path exists to restore a contained device or re-enable a disabled account if the containment was a false positive?
|
|
23
|
+
- What AIR device group automation level change is being recommended, and has the false-positive rate been assessed for that group?
|
|
24
|
+
- What Sentinel playbook is being triggered, and has it been validated in a non-production environment?
|
|
25
|
+
- What post-containment review cadence confirms that disrupted entities are safe to restore?
|
|
26
|
+
- What advanced hunting query is being run in production, and does it scope to a time-bounded read-only query with no response actions?
|
|
27
|
+
|
|
28
|
+
## Evidence labels
|
|
29
|
+
|
|
30
|
+
Use `live evidence`, `repo evidence`, `user-provided evidence`, `documentation-based`, or `inference`. Documentation alone never proves the user's live Microsoft Defender XDR incident state, AIR automation level, or Sentinel analytics rule deployment.
|
|
31
|
+
|
|
32
|
+
## Escalation triggers
|
|
33
|
+
|
|
34
|
+
Escalate to SecOps owner live-guard gate before any of the following:
|
|
35
|
+
|
|
36
|
+
- Initiating device isolation, network containment, or any endpoint response action in Defender for Endpoint
|
|
37
|
+
- Disabling user accounts, revoking sessions, or blocking sign-in in Microsoft Entra ID as a containment response
|
|
38
|
+
- Blocking files, URLs, IP addresses, or domains via Defender for Endpoint indicators
|
|
39
|
+
- Changing AIR automation levels for any device group (especially Semi to Full or Full to None)
|
|
40
|
+
- Approving or rejecting pending AIR remediation actions in the Action Center for high-severity incidents
|
|
41
|
+
- Creating, modifying, or enabling Sentinel analytics rules that would fire on production data
|
|
42
|
+
- Triggering Sentinel playbooks against production resources or user accounts
|
|
43
|
+
- Modifying custom detection rules that generate automatic response actions
|
|
44
|
+
- Reversing automatic attack disruption actions (restoring isolated devices, re-enabling disrupted accounts)
|
package/skills/microsoft/m365-defender-xdr-security-operations/references/workflow-and-output.md
ADDED
|
@@ -0,0 +1,66 @@
|
|
|
1
|
+
# Workflow and output contract
|
|
2
|
+
|
|
3
|
+
Use this reference only when performing a full Microsoft Defender XDR SecOps posture review, incident triage assessment, advanced hunting gap analysis, or formatting the final review output.
|
|
4
|
+
|
|
5
|
+
## Review domains
|
|
6
|
+
|
|
7
|
+
Check these areas before giving a verdict:
|
|
8
|
+
|
|
9
|
+
- **Incident queue**: Severity distribution and triage coverage, incident assignment workflow, SLA for high-severity incident response, unified queue coverage across all Defender signal sources
|
|
10
|
+
- **Alert correlation**: Cross-product signal correlation across Defender for Endpoint, Defender for Office 365, Defender for Identity, and Defender for Cloud Apps; manual alert correlation gaps; false-positive rate and suppression rules
|
|
11
|
+
- **Advanced hunting**: KQL query library coverage for key threat scenarios, custom detection rule deployment, schema table coverage, FileProfile() and threat intelligence enrichment, guided mode vs. advanced mode usage
|
|
12
|
+
- **Automated investigation and response (AIR)**: Device group automation level (Full vs. Semi vs. None), Action Center pending action backlog, AIR false-positive rate, approval workflow for semi-automated groups
|
|
13
|
+
- **Automatic attack disruption**: Disruption signal review cadence, post-disruption entity review (isolated devices, disabled accounts), disruption reversal workflow
|
|
14
|
+
- **Containment and response runbooks**: Device isolation procedures, user account disable procedures, file and URL block procedures, incident closure criteria, escalation paths to SecOps owner
|
|
15
|
+
- **Defender signal sources**: Defender for Endpoint onboarding coverage, Defender for Office 365 policy configuration, Defender for Identity sensor coverage on domain controllers, Defender for Cloud Apps connected apps inventory
|
|
16
|
+
- **Microsoft Sentinel integration**: Workspace onboarding status, analytics rule coverage and tuning, playbook automation for common response actions, SIEM-XDR unified incident queue configuration
|
|
17
|
+
|
|
18
|
+
## Safe workflow
|
|
19
|
+
|
|
20
|
+
1. **Frame scope**
|
|
21
|
+
- Tenant / environment / licensing tier (Microsoft 365 E5, Microsoft 365 Defender, or standalone):
|
|
22
|
+
- SOC maturity level and analyst headcount:
|
|
23
|
+
- Key threat scenarios in scope (ransomware, BEC, insider, supply chain):
|
|
24
|
+
- Required outcome:
|
|
25
|
+
- Explicit non-goals:
|
|
26
|
+
2. **Collect evidence**
|
|
27
|
+
- Prefer read-only Defender XDR portal evidence, Graph Security API read output, or Sentinel workspace query results for current-state claims when available.
|
|
28
|
+
- Otherwise inspect repository configuration files, exported policy JSON, sanitized user evidence, or official docs.
|
|
29
|
+
- Label each finding as `live evidence`, `repo evidence`, `user-provided evidence`, `documentation-based`, or `inference`.
|
|
30
|
+
3. **Stress-test risk**
|
|
31
|
+
- What active incident or alert in the queue has not been triaged within SLA?
|
|
32
|
+
- What Defender signal source has onboarding or coverage gaps leaving devices, identities, or cloud apps unmonitored?
|
|
33
|
+
- What advanced hunting scenario has no KQL query or custom detection rule covering it?
|
|
34
|
+
- What AIR device group is set to None or Semi, creating a manual approval bottleneck?
|
|
35
|
+
- What containment runbook is missing, untested, or lacks a defined escalation path to the SecOps owner?
|
|
36
|
+
- What Sentinel analytics rule is generating excessive false positives, suppressing analyst attention to real threats?
|
|
37
|
+
- What post-disruption review cadence exists for automatically isolated devices or disabled accounts?
|
|
38
|
+
4. **Recommend the smallest safe action**
|
|
39
|
+
- Prefer advisory and runbook review mode for containment recommendations; never recommend live execution without SecOps owner approval.
|
|
40
|
+
- If the safest action is to stop and gather evidence before making changes, say that plainly.
|
|
41
|
+
|
|
42
|
+
## Output contract
|
|
43
|
+
|
|
44
|
+
Return this structure:
|
|
45
|
+
|
|
46
|
+
```markdown
|
|
47
|
+
# Defender XDR SecOps Review: <scope>
|
|
48
|
+
## Executive verdict
|
|
49
|
+
- Status: READY / READY WITH RISKS / NOT READY / NEEDS EVIDENCE
|
|
50
|
+
- Biggest risk:
|
|
51
|
+
- Evidence level:
|
|
52
|
+
## Scope and assumptions
|
|
53
|
+
- Confirmed:
|
|
54
|
+
- Unknown:
|
|
55
|
+
- Out of scope:
|
|
56
|
+
## Findings
|
|
57
|
+
| Severity | Control area | Finding | Evidence | Why it matters | Minimum safe action |
|
|
58
|
+
|---|---|---|---|---|---|
|
|
59
|
+
## Recommended actions
|
|
60
|
+
1. <action> — owner: <owner>, validation: <check>, rollback: <rollback>
|
|
61
|
+
## Validation
|
|
62
|
+
- Checks or reports to run:
|
|
63
|
+
- Expected result:
|
|
64
|
+
## Residual risk
|
|
65
|
+
- <risk or explicit none>
|
|
66
|
+
```
|
|
@@ -0,0 +1,57 @@
|
|
|
1
|
+
---
|
|
2
|
+
name: m365-exchange-sharepoint-information-governance
|
|
3
|
+
description: Review and advise on Exchange Online and SharePoint Online plus OneDrive information governance covering mailbox and site lifecycle, external and anonymous sharing controls, SharePoint Advanced Management (Restricted Content Discovery, site access reviews, data access governance reports), retention and records management via Microsoft Purview, oversharing remediation feeding Microsoft 365 Copilot readiness, and information architecture. Cert anchor MS-102. Static review and advisory only; tenant sharing-policy changes and retention or hold changes are live-guard gated. Refuses to weaken sharing controls or remove holds for convenience.
|
|
4
|
+
allowed-tools: Read Grep Glob
|
|
5
|
+
metadata:
|
|
6
|
+
author: "github: Raishin"
|
|
7
|
+
version: "0.1.0"
|
|
8
|
+
updated: "2026-06-17"
|
|
9
|
+
category: data
|
|
10
|
+
---
|
|
11
|
+
|
|
12
|
+
# Microsoft 365 Exchange and SharePoint Information Governance
|
|
13
|
+
|
|
14
|
+
## Purpose
|
|
15
|
+
|
|
16
|
+
Act as the Exchange Online and SharePoint Online information governance reviewer who treats every Anyone sharing link, every EEEU (Everyone Except External Users) overshare, every missing retention policy, and every ownerless or inactive site as a data protection risk and Copilot readiness blocker until proven otherwise. Information governance is the foundation of safe AI grounding.
|
|
17
|
+
|
|
18
|
+
## When to use
|
|
19
|
+
|
|
20
|
+
Use this skill for:
|
|
21
|
+
|
|
22
|
+
- Mailbox lifecycle review — archive mailbox enablement, inactive mailbox policies, shared mailbox governance, resource mailbox hygiene, and mailbox size management
|
|
23
|
+
- Site lifecycle review — SharePoint site ownership policies, inactive site detection and archival, Microsoft 365 Archive, site attestation policies, and orphaned site remediation
|
|
24
|
+
- External and anonymous sharing controls — tenant-level SharePoint and OneDrive sharing settings, site-level sharing overrides, Anyone link expiration, link permission defaults, and guest link hygiene
|
|
25
|
+
- SharePoint Advanced Management (SAM) — Restricted Content Discovery for high-risk sites, Restricted Access Control (RAC), data access governance (DAG) reports, site access reviews, site policy comparison, and SharePoint Admin Agent
|
|
26
|
+
- Oversharing remediation and Copilot readiness — EEEU insights, sharing link activity reports, permission state reports, sensitivity label distribution, and prioritized remediation for Copilot deployment
|
|
27
|
+
- Retention and records management — Microsoft Purview retention policies and labels for Exchange Online and SharePoint Online, records declaration, event-based retention, and adaptive policy scopes
|
|
28
|
+
- Hold and eDiscovery readiness — litigation hold, eDiscovery hold review, and recoverable items folder hygiene
|
|
29
|
+
- Information architecture — hub site structure, site collections, sensitivity label application to SharePoint sites, and content type governance
|
|
30
|
+
|
|
31
|
+
## Lean operating rules
|
|
32
|
+
|
|
33
|
+
- Prefer current Microsoft Learn documentation for service behavior. Use facts in `references/official-sources.md` as starting anchors; when the user has configured read-only SharePoint admin or Microsoft Graph MCP access, use exposed read-only tools for current-state evidence instead of guessing.
|
|
34
|
+
- Separate confirmed facts from inference. If state was not queried or shown, say so.
|
|
35
|
+
- Refuse to recommend weakening tenant-wide sharing policies, removing retention holds, or disabling Restricted Content Discovery for delivery pressure, Copilot rollout speed, or convenience. State this refusal plainly.
|
|
36
|
+
- Challenge Anyone sharing links, EEEU oversharing, missing site ownership, inactive sites without lifecycle policy, and retention gaps ahead of Copilot enablement.
|
|
37
|
+
- Keep the answer scoped, reversible, least-privilege, and explicit about blockers or unknowns.
|
|
38
|
+
- Load references only when needed; do not pull all deep guidance into short answers.
|
|
39
|
+
- Never ask for secrets, tenant IDs, admin credentials, client secrets, certificates, or customer data.
|
|
40
|
+
|
|
41
|
+
## References
|
|
42
|
+
|
|
43
|
+
Load these only when needed:
|
|
44
|
+
|
|
45
|
+
- [Workflow and output contract](references/workflow-and-output.md) — use when executing a full information governance review or formatting the final review.
|
|
46
|
+
- [Safety checklist](references/safety-checklist.md) — use before any recommendation that changes tenant sharing settings, retention policies, holds, or site access restrictions.
|
|
47
|
+
- [Official sources](references/official-sources.md) — use when grounding SharePoint Advanced Management, retention, sharing policy, or Exchange Online governance service behavior, or checking the detailed source list.
|
|
48
|
+
|
|
49
|
+
## Response minimum
|
|
50
|
+
|
|
51
|
+
Return, at minimum:
|
|
52
|
+
|
|
53
|
+
- the scoped target and evidence level,
|
|
54
|
+
- the governance control(s) implicated and the main risks or gaps,
|
|
55
|
+
- the safest next actions,
|
|
56
|
+
- validation or rollback notes where relevant,
|
|
57
|
+
- the assumptions or blockers that prevent stronger conclusions.
|
|
@@ -0,0 +1,32 @@
|
|
|
1
|
+
{
|
|
2
|
+
"id": "m365-exchange-sharepoint-information-governance",
|
|
3
|
+
"name": "Microsoft 365 Exchange and SharePoint Information Governance",
|
|
4
|
+
"type": "skill",
|
|
5
|
+
"provider": "microsoft",
|
|
6
|
+
"harnesses": [
|
|
7
|
+
"codex",
|
|
8
|
+
"claude-code",
|
|
9
|
+
"cursor",
|
|
10
|
+
"gemini",
|
|
11
|
+
"kiro",
|
|
12
|
+
"other"
|
|
13
|
+
],
|
|
14
|
+
"summary": "Review and advise on Exchange Online and SharePoint Online plus OneDrive information governance covering mailbox and site lifecycle, external and anonymous sharing controls, SharePoint Advanced Management (Restricted Content Discovery, site access reviews, data access governance reports), retention and records management via Microsoft Purview, oversharing remediation feeding Microsoft 365 Copilot readiness, and information architecture. Cert anchor MS-102 Microsoft 365 Administrator. Static review and advisory only; tenant sharing-policy changes and retention or hold changes are live-guard gated and require explicit human confirmation.",
|
|
15
|
+
"source_type": "original",
|
|
16
|
+
"official_docs": [
|
|
17
|
+
"https://learn.microsoft.com/sharepoint/advanced-management",
|
|
18
|
+
"https://learn.microsoft.com/sharepoint/restricted-content-discovery",
|
|
19
|
+
"https://learn.microsoft.com/sharepoint/data-access-governance-reports",
|
|
20
|
+
"https://learn.microsoft.com/sharepoint/get-ready-copilot-sharepoint-advanced-management",
|
|
21
|
+
"https://learn.microsoft.com/purview/retention",
|
|
22
|
+
"https://learn.microsoft.com/sharepoint/turn-external-sharing-on-or-off",
|
|
23
|
+
"https://learn.microsoft.com/training/paths/explore-data-governance-microsoft-365/"
|
|
24
|
+
],
|
|
25
|
+
"security_notes": "Never recommend weakening tenant-wide sharing policies, disabling retention holds, or removing Restricted Content Discovery controls for convenience, delivery pressure, or Copilot rollout speed. Tenant sharing-policy changes, retention or hold changes, and site access restriction policy changes are live-guard gated and require explicit human confirmation, blast-radius assessment, and rollback path. Do not request secrets, tenant IDs, admin credentials, client secrets, certificates, or customer data. Label all findings as live evidence, repo evidence, user-provided sanitized evidence, documentation-based, or inference. Challenge Anyone sharing links, EEEU (Everyone Except External Users) oversharing, missing site ownership, inactive sites without lifecycle policy, and retention gaps ahead of Copilot enablement.",
|
|
26
|
+
"last_verified": "2026-06-17",
|
|
27
|
+
"path": "skills/microsoft/m365-exchange-sharepoint-information-governance",
|
|
28
|
+
"author": "github: Raishin",
|
|
29
|
+
"version": "0.1.0",
|
|
30
|
+
"category": "data",
|
|
31
|
+
"companion_agents": ["m365-exchange-sharepoint-information-governance-agent"]
|
|
32
|
+
}
|
|
@@ -0,0 +1,64 @@
|
|
|
1
|
+
# Official sources
|
|
2
|
+
|
|
3
|
+
Use this reference only when you need source grounding for Exchange Online and SharePoint Online information governance, SharePoint Advanced Management, external and anonymous sharing controls, Microsoft Purview retention and records management, or Microsoft 365 Copilot oversharing readiness service behavior.
|
|
4
|
+
|
|
5
|
+
## Microsoft documentation
|
|
6
|
+
|
|
7
|
+
Use these as starting points, not as proof of the user's live Exchange or SharePoint tenant state:
|
|
8
|
+
|
|
9
|
+
- https://learn.microsoft.com/sharepoint/advanced-management
|
|
10
|
+
- https://learn.microsoft.com/sharepoint/restricted-content-discovery
|
|
11
|
+
- https://learn.microsoft.com/sharepoint/data-access-governance-reports
|
|
12
|
+
- https://learn.microsoft.com/sharepoint/get-ready-copilot-sharepoint-advanced-management
|
|
13
|
+
- https://learn.microsoft.com/sharepoint/turn-external-sharing-on-or-off
|
|
14
|
+
- https://learn.microsoft.com/sharepoint/restricted-access-control
|
|
15
|
+
- https://learn.microsoft.com/sharepoint/site-lifecycle-management
|
|
16
|
+
- https://learn.microsoft.com/purview/retention
|
|
17
|
+
- https://learn.microsoft.com/purview/enable-archive-mailboxes
|
|
18
|
+
- https://learn.microsoft.com/training/paths/explore-data-governance-microsoft-365/
|
|
19
|
+
|
|
20
|
+
## Grounding rule
|
|
21
|
+
|
|
22
|
+
Official documentation explains SharePoint Online, Exchange Online, and Microsoft Purview governance service behavior. It does not prove the user's current sharing settings, site ownership coverage, Restricted Content Discovery enablement, retention policy assignments, or litigation hold state. Prefer read-only SharePoint admin center evidence, Exchange admin center evidence, Microsoft Graph read output, repository evidence, or sanitized user-provided evidence for current-state claims.
|
|
23
|
+
|
|
24
|
+
## Current documentation refresh (2026-06-17)
|
|
25
|
+
|
|
26
|
+
Key service facts from official Microsoft Learn documentation:
|
|
27
|
+
|
|
28
|
+
**SharePoint Advanced Management (per learn.microsoft.com/sharepoint/advanced-management):**
|
|
29
|
+
- Layered oversharing controls: Conditional Access policies (authentication context), Restricted Access Control (RAC) limiting site access to specified groups, Restricted Content Discovery (RCD) preventing high-risk sites from surfacing in Copilot and org-wide search, and block download policies
|
|
30
|
+
- Data access governance (DAG) reports: permission state reports, sharing link activity reports, sensitivity label snapshot reports, EEEU (Everyone Except External Users) insights — identify sites with broadest exposure
|
|
31
|
+
- Site access reviews: delegate remediation to site owners; initiate from DAG reports
|
|
32
|
+
- Site lifecycle management: inactive site policies (simulation and active modes), site attestation, and Microsoft 365 Archive for stale content
|
|
33
|
+
|
|
34
|
+
**Restricted Content Discovery (per learn.microsoft.com/sharepoint/restricted-content-discovery):**
|
|
35
|
+
- Site-level setting that prevents sites from surfacing in org-wide search and Microsoft 365 Copilot Business Chat (unless user had recent interaction)
|
|
36
|
+
- Requires at least one user in the org to be assigned a Copilot license; requires SharePoint Advanced Management prerequisites
|
|
37
|
+
- Does not affect existing permissions — users with access can still open files directly
|
|
38
|
+
- Cannot be applied to OneDrive sites; overuse degrades search and Copilot grounding quality
|
|
39
|
+
|
|
40
|
+
**External sharing controls (per learn.microsoft.com/sharepoint/turn-external-sharing-on-or-off):**
|
|
41
|
+
- Tenant-level settings range from "Anyone" (most permissive) to "Only people in your organization" (most restrictive)
|
|
42
|
+
- Site-level settings can be more restrictive than tenant-level but cannot exceed the tenant maximum
|
|
43
|
+
- Anyone links: unauthenticated sharing — expiration and permission controls are the primary mitigation
|
|
44
|
+
- EEEU (Everyone Except External Users): all internal users including guests — key oversharing vector for Copilot readiness
|
|
45
|
+
|
|
46
|
+
**Microsoft Purview retention (per learn.microsoft.com/purview/retention):**
|
|
47
|
+
- Retention policies apply to Exchange mailboxes, SharePoint sites, OneDrive accounts, Teams messages, and other workloads
|
|
48
|
+
- Retention labels enable record declaration, event-based retention, and item-level retention independent of policy
|
|
49
|
+
- Adaptive policy scopes — dynamically include users, sites, or groups based on attributes
|
|
50
|
+
- Litigation hold and eDiscovery hold preserve content in the Recoverable Items folder even if deleted by users
|
|
51
|
+
- Modern recommendation: use Microsoft Purview retention policies and labels; messaging records management (MRM) is legacy but still supported for archive mailbox movement
|
|
52
|
+
|
|
53
|
+
**Common failure modes:**
|
|
54
|
+
- Tenant-level SharePoint sharing set to "Anyone" with no expiration on Anyone links — unauthenticated sharing at scale
|
|
55
|
+
- EEEU (Everyone Except External Users) permissions on sensitive sites — entire internal user base including guests can access
|
|
56
|
+
- No site lifecycle policy — inactive sites accumulate with orphaned permissions and no owner to attest
|
|
57
|
+
- Restricted Content Discovery not applied to high-risk sites before Copilot deployment — sensitive content surfacing in Copilot responses
|
|
58
|
+
- No retention policy covering SharePoint Online or Exchange Online — compliance gap and eDiscovery risk
|
|
59
|
+
- Archive mailboxes not enabled — users with growing mailboxes hit quota limits; eDiscovery coverage gaps
|
|
60
|
+
|
|
61
|
+
Review implications:
|
|
62
|
+
- Do not approve tenant-wide sharing policy relaxation without blast-radius assessment and EEEU/Anyone link inventory.
|
|
63
|
+
- Restricted Content Discovery is a bridge control — it does not replace proper permissions remediation for high-risk sites.
|
|
64
|
+
- Documentation cannot prove the user's actual sharing settings, RCD deployment coverage, retention policy assignments, or litigation hold state.
|
|
@@ -0,0 +1,40 @@
|
|
|
1
|
+
# Safety checklist
|
|
2
|
+
|
|
3
|
+
Use this reference before any recommendation that changes tenant-wide SharePoint or OneDrive sharing settings, retention policies, litigation or eDiscovery holds, Restricted Content Discovery settings, Restricted Access Control policies, site lifecycle policies, or Exchange Online mailbox configuration affecting data preservation.
|
|
4
|
+
|
|
5
|
+
## Non-negotiables
|
|
6
|
+
|
|
7
|
+
- Never recommend weakening tenant-wide sharing policies, removing retention holds, or disabling Restricted Content Discovery to accelerate Copilot deployment, reduce friction, or unblock delivery. State this refusal plainly.
|
|
8
|
+
- Never ask users to paste secrets, admin credentials, tenant IDs, client secrets, certificates, private keys, or customer data into chat.
|
|
9
|
+
- Use read-only SharePoint admin center, Exchange admin center, or Microsoft Graph read evidence for live state when available; otherwise use repository evidence, sanitized user evidence, or official documentation and label the evidence level.
|
|
10
|
+
- Do not invent SharePoint sharing settings, site ownership coverage, RCD deployment state, retention policy assignments, or litigation hold coverage.
|
|
11
|
+
- Require explicit user approval before recommending tenant-wide sharing policy changes, retention policy creation or modification, litigation or eDiscovery hold changes, site lifecycle policy activation, or RCD/RAC policy deployment to production sites.
|
|
12
|
+
- Keep remediation least-privilege, reversible, staged (simulation mode before active, pilot sites before org-wide), and scoped to the requested site or workload boundary.
|
|
13
|
+
- Treat any tenant with SharePoint sharing set to "Anyone" and no Anyone link expiration as high risk for unauthenticated data exposure.
|
|
14
|
+
- Treat any high-risk site (sensitive data, EEEU or Anyone access, no owner) as a Copilot readiness blocker until protected by RCD, RAC, or permission remediation.
|
|
15
|
+
- Treat any mailbox or site under legal obligation that lacks a litigation hold or retention policy as a critical compliance gap.
|
|
16
|
+
|
|
17
|
+
## Stress checks
|
|
18
|
+
|
|
19
|
+
- What sharing configuration allows unauthenticated access (Anyone links) or org-wide access (EEEU) to sensitive site content without expiration or permission review?
|
|
20
|
+
- What high-risk site will surface unintended sensitive content in Microsoft 365 Copilot Business Chat because RCD has not been applied?
|
|
21
|
+
- What inactive or orphaned site holds sensitive data with no active owner, no lifecycle policy, and no attestation requirement?
|
|
22
|
+
- What workload (Exchange Online, SharePoint Online, Teams messages) has no applicable Microsoft Purview retention policy — creating eDiscovery or regulatory compliance gaps?
|
|
23
|
+
- What mailbox belonging to a departed employee lacks litigation hold or inactive mailbox policy — allowing content to be purged before legal hold expires?
|
|
24
|
+
- What rollback path exists if a tenant-wide sharing restriction or RCD policy breaks existing business workflows relying on anonymous or org-wide sharing?
|
|
25
|
+
|
|
26
|
+
## Evidence labels
|
|
27
|
+
|
|
28
|
+
Use `live evidence`, `repo evidence`, `user-provided evidence`, `documentation-based`, or `inference`. Documentation alone never proves the user's live SharePoint sharing settings, RCD deployment coverage, retention policy assignments, litigation hold state, or inactive mailbox policy coverage.
|
|
29
|
+
|
|
30
|
+
## Escalation triggers
|
|
31
|
+
|
|
32
|
+
Escalate to live-guard gate before any of the following:
|
|
33
|
+
|
|
34
|
+
- Changing tenant-wide SharePoint or OneDrive sharing settings (especially relaxing from current level)
|
|
35
|
+
- Creating, modifying, or removing Microsoft Purview retention policies or retention labels affecting production content
|
|
36
|
+
- Adding, modifying, or releasing litigation holds or eDiscovery holds on mailboxes or sites
|
|
37
|
+
- Enabling, modifying, or disabling Restricted Content Discovery settings on production sites
|
|
38
|
+
- Enabling, modifying, or disabling Restricted Access Control policies on production sites
|
|
39
|
+
- Enabling or modifying site lifecycle management policies in active mode (moving from simulation to active)
|
|
40
|
+
- Purging content from inactive mailboxes or deleting SharePoint site collections with content under hold
|
|
@@ -0,0 +1,66 @@
|
|
|
1
|
+
# Workflow and output contract
|
|
2
|
+
|
|
3
|
+
Use this reference only when performing the full Exchange Online and SharePoint information governance review or formatting the final review.
|
|
4
|
+
|
|
5
|
+
## Review domains
|
|
6
|
+
|
|
7
|
+
Check these areas before giving a verdict:
|
|
8
|
+
|
|
9
|
+
- **Mailbox lifecycle**: Archive mailbox enablement, inactive mailbox policies, shared mailbox governance (no interactive sign-in, licensed, reviewed), resource mailbox hygiene, and mailbox size and quota management
|
|
10
|
+
- **Site lifecycle**: SharePoint site ownership policies, inactive site detection and remediation (simulation vs. active policy mode), site attestation, Microsoft 365 Archive for stale content, and orphaned site cleanup
|
|
11
|
+
- **External and anonymous sharing controls**: Tenant-level SharePoint and OneDrive sharing settings (Anyone/New and existing guests/Existing guests/Only org), site-level overrides, Anyone link expiration, link permission defaults, and EEEU access scope
|
|
12
|
+
- **SharePoint Advanced Management (SAM)**: Data access governance (DAG) reports, Restricted Content Discovery (RCD) for high-risk sites, Restricted Access Control (RAC) for membership-gated sites, site access reviews, block download policies, and content management assessment
|
|
13
|
+
- **Oversharing remediation and Copilot readiness**: EEEU insights, sharing link activity reports, permission state reports, sensitivity label distribution, prioritized high-risk site list for RCD or RAC, and pre-Copilot deployment checklist
|
|
14
|
+
- **Retention and records management**: Microsoft Purview retention policies covering Exchange Online and SharePoint Online, retention labels for records declaration, event-based retention, adaptive scopes, and retention policy gap identification
|
|
15
|
+
- **Hold and eDiscovery readiness**: Litigation hold coverage, eDiscovery hold assignment, Recoverable Items folder health, and inactive mailbox policy for departed employees
|
|
16
|
+
- **Information architecture**: Hub site structure, site collection boundaries, sensitivity label application to SharePoint sites, content type governance, and information hierarchy alignment to data classification
|
|
17
|
+
|
|
18
|
+
## Safe workflow
|
|
19
|
+
|
|
20
|
+
1. **Frame scope**
|
|
21
|
+
- Tenant / environment / licensing tier (E3, E5, Copilot, SAM license):
|
|
22
|
+
- Approximate site count and mailbox count:
|
|
23
|
+
- Copilot deployment status or target timeline:
|
|
24
|
+
- Regulatory or legal hold requirements:
|
|
25
|
+
- Required outcome:
|
|
26
|
+
- Explicit non-goals:
|
|
27
|
+
2. **Collect evidence**
|
|
28
|
+
- Prefer read-only SharePoint admin center or Exchange admin center evidence, or Microsoft Graph read output, for current-state claims when available.
|
|
29
|
+
- Otherwise inspect repository IaC/config, sanitized user evidence, DAG report exports, or official docs.
|
|
30
|
+
- Label each finding as `live evidence`, `repo evidence`, `user-provided evidence`, `documentation-based`, or `inference`.
|
|
31
|
+
3. **Stress-test risk**
|
|
32
|
+
- What sharing configuration allows unauthenticated (Anyone link) or org-wide (EEEU) access to sensitive site content?
|
|
33
|
+
- What high-risk site is not protected by RCD or RAC and will surface unintended content in Copilot responses?
|
|
34
|
+
- What inactive or orphaned site holds sensitive data with no active owner and no lifecycle policy?
|
|
35
|
+
- What mailbox or site has no applicable retention policy — creating eDiscovery or compliance gaps?
|
|
36
|
+
- What litigation hold or eDiscovery hold may be missing for content under legal obligation?
|
|
37
|
+
- What rollback path exists if a tenant-wide sharing policy restriction breaks existing partner collaboration or anonymous link sharing workflows?
|
|
38
|
+
4. **Recommend the smallest safe action**
|
|
39
|
+
- Prefer simulation mode for site lifecycle policies before enabling active mode, staged RCD rollout starting with highest-risk sites, and retention policy report mode before enforcement.
|
|
40
|
+
- If the safest action is to stop and gather evidence before making changes, say that plainly.
|
|
41
|
+
|
|
42
|
+
## Output contract
|
|
43
|
+
|
|
44
|
+
Return this structure:
|
|
45
|
+
|
|
46
|
+
```markdown
|
|
47
|
+
# M365 Exchange and SharePoint Information Governance Review: <scope>
|
|
48
|
+
## Executive verdict
|
|
49
|
+
- Status: READY / READY WITH RISKS / NOT READY / NEEDS EVIDENCE
|
|
50
|
+
- Biggest risk:
|
|
51
|
+
- Evidence level:
|
|
52
|
+
## Scope and assumptions
|
|
53
|
+
- Confirmed:
|
|
54
|
+
- Unknown:
|
|
55
|
+
- Out of scope:
|
|
56
|
+
## Findings
|
|
57
|
+
| Severity | Control area | Finding | Evidence | Why it matters | Minimum safe action |
|
|
58
|
+
|---|---|---|---|---|---|
|
|
59
|
+
## Recommended actions
|
|
60
|
+
1. <action> — owner: <owner>, validation: <check>, rollback: <rollback>
|
|
61
|
+
## Validation
|
|
62
|
+
- Checks or reports to run:
|
|
63
|
+
- Expected result:
|
|
64
|
+
## Residual risk
|
|
65
|
+
- <risk or explicit none>
|
|
66
|
+
```
|
|
@@ -0,0 +1,58 @@
|
|
|
1
|
+
---
|
|
2
|
+
name: m365-identity-zero-trust
|
|
3
|
+
description: Review Microsoft Entra identity posture, Conditional Access policy design, MFA coverage, Privileged Identity Management (PIM) configuration, access reviews, and least-privilege role assignments against the Zero Trust identity pillar. Static review and advisory only; designing or reviewing Conditional Access baselines, PIM eligible/active role assignments, and access review cadences. Refuse to weaken MFA or Conditional Access for convenience. Escalate live-tenant configuration changes to live-guard gate.
|
|
4
|
+
allowed-tools: Read Grep Glob
|
|
5
|
+
metadata:
|
|
6
|
+
author: "github: Raishin"
|
|
7
|
+
version: "0.1.0"
|
|
8
|
+
updated: "2026-06-16"
|
|
9
|
+
category: security
|
|
10
|
+
---
|
|
11
|
+
|
|
12
|
+
# Microsoft 365 Identity Zero Trust
|
|
13
|
+
|
|
14
|
+
## Purpose
|
|
15
|
+
|
|
16
|
+
Act as the Microsoft Entra identity reviewer who treats every missing MFA policy, standing admin assignment, stale guest account, and unconstrained Conditional Access exclusion as a future breach until proven otherwise.
|
|
17
|
+
|
|
18
|
+
## When to use
|
|
19
|
+
|
|
20
|
+
Use this skill for:
|
|
21
|
+
|
|
22
|
+
- Conditional Access policy design and review — baseline policies, named locations, sign-in and user risk conditions, session controls, authentication strengths
|
|
23
|
+
- MFA coverage assessment — phishing-resistant MFA for admins, MFA for all users, legacy authentication blocking, security defaults vs. Conditional Access
|
|
24
|
+
- Privileged Identity Management (PIM) — eligible vs. active role assignments, JIT activation, approval workflows, MFA-on-activation, access reviews for privileged roles
|
|
25
|
+
- Least-privilege role assignment review — Global Administrator blast-radius reduction, role delegation by task, administrative units
|
|
26
|
+
- Microsoft Entra ID Governance — access reviews, entitlement management, access packages, lifecycle workflows
|
|
27
|
+
- Stale guest and external identity review — B2B collaboration, guest access reviews, external user lifecycle
|
|
28
|
+
- Risky sign-in and Identity Protection signal review — risk-based Conditional Access, self-service password reset, password protection
|
|
29
|
+
- Identity blast-radius analysis for overprivileged or standing admin accounts
|
|
30
|
+
|
|
31
|
+
## Lean operating rules
|
|
32
|
+
|
|
33
|
+
- Prefer current Microsoft Learn documentation for service behavior. Use facts in `references/official-sources.md` as starting anchors; when the user has configured read-only Microsoft Entra MCP access, use exposed read-only tools for current-state evidence instead of guessing.
|
|
34
|
+
- Separate confirmed facts from inference. If state was not queried or shown, say so.
|
|
35
|
+
- Refuse to recommend weakening MFA or Conditional Access policies for convenience, exemption scope creep, or to unblock delivery. State this refusal plainly.
|
|
36
|
+
- Challenge standing privileged roles, broad Conditional Access exclusions, missing break-glass account controls, and guest access without review cadence.
|
|
37
|
+
- Keep the answer scoped, reversible, least-privilege, and explicit about blockers or unknowns.
|
|
38
|
+
- Load references only when needed; do not pull all deep guidance into short answers.
|
|
39
|
+
- Never ask for secrets, tenant IDs, admin credentials, client secrets, certificates, or customer data.
|
|
40
|
+
|
|
41
|
+
## References
|
|
42
|
+
|
|
43
|
+
Load these only when needed:
|
|
44
|
+
|
|
45
|
+
- [Workflow and output contract](references/workflow-and-output.md) — use when executing a full identity posture review, CA baseline gap assessment, or formatting the final review.
|
|
46
|
+
- [Safety checklist](references/safety-checklist.md) — use before any recommendation that changes Conditional Access policies, MFA requirements, PIM configuration, or role assignments.
|
|
47
|
+
- [Official sources](references/official-sources.md) — use when grounding Microsoft Entra, Conditional Access, or PIM service behavior, or checking the detailed source list.
|
|
48
|
+
- [Identity Zero Trust Domain Guide](references/identity-zero-trust-domain.md) — use for Zero Trust identity pillar failure modes, safe workflow, verification targets, and pushback criteria.
|
|
49
|
+
|
|
50
|
+
## Response minimum
|
|
51
|
+
|
|
52
|
+
Return, at minimum:
|
|
53
|
+
|
|
54
|
+
- the scoped target and evidence level,
|
|
55
|
+
- the Zero Trust identity pillar control(s) implicated and the main risks or gaps,
|
|
56
|
+
- the safest next actions,
|
|
57
|
+
- validation or rollback notes where relevant,
|
|
58
|
+
- the assumptions or blockers that prevent stronger conclusions.
|
|
@@ -0,0 +1,30 @@
|
|
|
1
|
+
{
|
|
2
|
+
"id": "m365-identity-zero-trust",
|
|
3
|
+
"name": "Microsoft 365 Identity Zero Trust",
|
|
4
|
+
"type": "skill",
|
|
5
|
+
"provider": "microsoft",
|
|
6
|
+
"harnesses": [
|
|
7
|
+
"codex",
|
|
8
|
+
"claude-code",
|
|
9
|
+
"cursor",
|
|
10
|
+
"gemini",
|
|
11
|
+
"kiro",
|
|
12
|
+
"other"
|
|
13
|
+
],
|
|
14
|
+
"summary": "Review Microsoft Entra identity posture, Conditional Access policy design, MFA coverage, Privileged Identity Management (PIM) configuration, access reviews, and least-privilege role assignments against the Zero Trust identity pillar. Static review and advisory only — designing or reviewing Conditional Access baselines and PIM — never making live tenant changes. Refuses to weaken MFA or Conditional Access for convenience.",
|
|
15
|
+
"source_type": "original",
|
|
16
|
+
"official_docs": [
|
|
17
|
+
"https://learn.microsoft.com/security/zero-trust/deploy/identity",
|
|
18
|
+
"https://learn.microsoft.com/entra/identity/conditional-access/plan-conditional-access",
|
|
19
|
+
"https://learn.microsoft.com/entra/identity/conditional-access/overview",
|
|
20
|
+
"https://learn.microsoft.com/entra/id-governance/privileged-identity-management/pim-configure",
|
|
21
|
+
"https://learn.microsoft.com/entra/fundamentals/zero-trust-protect-identities"
|
|
22
|
+
],
|
|
23
|
+
"security_notes": "Never recommend weakening MFA or Conditional Access policies for convenience, exemption scope creep, or delivery pressure. Live-tenant configuration changes — Conditional Access policy creation or modification, PIM role assignments, MFA policy changes — are live-guard gated and require explicit human confirmation, blast-radius assessment, and rollback path. Do not ask for secrets, tenant IDs, admin credentials, client secrets, certificates, or customer data. Label all evidence as sampled evidence, repo evidence, user-provided sanitized evidence, documentation-based, or inference.",
|
|
24
|
+
"last_verified": "2026-06-16",
|
|
25
|
+
"path": "skills/microsoft/m365-identity-zero-trust",
|
|
26
|
+
"author": "github: Raishin",
|
|
27
|
+
"version": "0.1.0",
|
|
28
|
+
"category": "security",
|
|
29
|
+
"companion_agents": ["m365-identity-zero-trust-agent"]
|
|
30
|
+
}
|
|
@@ -0,0 +1,67 @@
|
|
|
1
|
+
# Identity Zero Trust Domain Guide
|
|
2
|
+
|
|
3
|
+
Use this reference for Microsoft Entra identity posture, Conditional Access design failure modes, PIM configuration, access review cadence, safe workflow, verification targets, and pushback criteria.
|
|
4
|
+
|
|
5
|
+
## What people get wrong
|
|
6
|
+
|
|
7
|
+
The lazy story is:
|
|
8
|
+
|
|
9
|
+
> We have MFA turned on, so our identity is Zero Trust.
|
|
10
|
+
|
|
11
|
+
Wrong. Zero Trust identity is about verifying every access request with all available signals, enforcing least privilege via JIT/JEA, and assuming breach by minimizing admin blast radius. MFA is necessary but insufficient — it can be bypassed by token theft, adversary-in-the-middle phishing, MFA fatigue, or legacy authentication protocols that skip MFA entirely.
|
|
12
|
+
|
|
13
|
+
Common bad assumptions:
|
|
14
|
+
|
|
15
|
+
- Security defaults provide equivalent protection to Conditional Access.
|
|
16
|
+
- Per-user MFA enforcement is as effective as Conditional Access-enforced MFA.
|
|
17
|
+
- Making admins eligible in PIM is enough without access reviews or activation requirements.
|
|
18
|
+
- Excluding a few VIPs or service accounts from Conditional Access policies is acceptable with no compensating controls.
|
|
19
|
+
- Blocking legacy authentication will break everything and can be deferred indefinitely.
|
|
20
|
+
- A single Global Administrator account is acceptable if it has a strong password and MFA.
|
|
21
|
+
- Guest access reviews are optional if external users are "trusted partners."
|
|
22
|
+
|
|
23
|
+
## Identity Zero Trust failure modes
|
|
24
|
+
|
|
25
|
+
- **Persistent admin assignments**: Standing Global Administrator or other privileged roles outside PIM create a permanent high-value target. A single compromised admin credential grants full tenant control.
|
|
26
|
+
- **Legacy authentication not blocked**: SMTP, POP3, IMAP, Basic Auth, and older Office clients bypass Conditional Access and MFA. Credential stuffing and password spray attacks exploit these.
|
|
27
|
+
- **Broad CA exclusions**: Excluding break-glass accounts, service accounts, or VIP users without monitoring and compensating controls creates undetected bypass paths.
|
|
28
|
+
- **MFA fatigue**: Push-notification MFA without number matching or additional context is vulnerable to fatigue attacks. Phishing-resistant MFA (FIDO2, certificate-based auth) is required for privileged accounts.
|
|
29
|
+
- **No risk-based CA**: Without Microsoft Entra ID Protection risk-based policies, compromised credentials may authenticate successfully across sessions before detection.
|
|
30
|
+
- **Stale guest access**: B2B guest accounts that never went through an access review accumulate over time. Compromised guest accounts can pivot to internal resources.
|
|
31
|
+
- **No break-glass monitoring**: Emergency access accounts excluded from CA policies are invisible to normal sign-in monitoring. Unauthorized use goes undetected without specific alerts.
|
|
32
|
+
- **PIM without access reviews**: Converting roles to eligible status without periodic access reviews means stale eligibility accumulates — a privileged role the employee no longer needs is still one activation away.
|
|
33
|
+
|
|
34
|
+
## Minimum safe workflow
|
|
35
|
+
|
|
36
|
+
1. Identify all Global Administrators and privileged role holders; use PIM Discovery and Insights to find permanent assignments outside PIM.
|
|
37
|
+
2. Review Conditional Access policy inventory — baseline coverage, exclusions, report-only vs. enforced, legacy authentication block status.
|
|
38
|
+
3. Classify MFA gaps: which user populations, apps, or authentication flows are not covered by CA-enforced MFA.
|
|
39
|
+
4. Classify PIM gaps: which privileged roles have standing active assignments instead of eligible; which eligible roles lack activation requirements (MFA, approval, time limit).
|
|
40
|
+
5. Review guest and external identity lifecycle — last sign-in dates, access review schedule, cross-tenant access policies.
|
|
41
|
+
6. Verify break-glass account hygiene — excluded from CA, password-based, monitored via alerts, reviewed by separate identity team.
|
|
42
|
+
7. Recommend smallest safe change: enable Conditional Access in report-only mode first, pilot PIM eligible conversion before full rollout, stage legacy authentication block by protocol.
|
|
43
|
+
8. Require approval and rollback plan before any Conditional Access policy moves from report-only to enforced mode.
|
|
44
|
+
|
|
45
|
+
## Verification targets
|
|
46
|
+
|
|
47
|
+
- PIM Discovery and Insights report — permanent active privileged role assignments to convert
|
|
48
|
+
- Conditional Access policy list — enforcement mode, assignment scope, exclusions, conditions, session controls
|
|
49
|
+
- Sign-in logs — legacy authentication protocol usage (filter by client app = Other clients, Exchange ActiveSync)
|
|
50
|
+
- Microsoft Entra access review results — privileged roles, guest users, group memberships, application assignments
|
|
51
|
+
- Authentication Methods policy — FIDO2, Microsoft Authenticator, certificate-based auth registration coverage
|
|
52
|
+
- Break-glass account inventory — excluded from CA, FIDO2 or certificate-based auth, alerts configured, last review date
|
|
53
|
+
- Microsoft Entra ID Protection risk detections — risky users, risky sign-ins, risk policy configuration
|
|
54
|
+
- Role assignment audit log — unexpected permanent assignments or PIM activations
|
|
55
|
+
|
|
56
|
+
## When to push back
|
|
57
|
+
|
|
58
|
+
Push back if the user asks to:
|
|
59
|
+
|
|
60
|
+
- Disable or weaken MFA for any user population to reduce friction
|
|
61
|
+
- Add broad Conditional Access exclusions without time-bounded exceptions and monitoring
|
|
62
|
+
- Keep standing Global Administrator assignments outside PIM because "PIM is too complex"
|
|
63
|
+
- Defer blocking legacy authentication because of old client concerns without a migration plan
|
|
64
|
+
- Approve Conditional Access policy changes directly in enforced mode without report-only validation
|
|
65
|
+
- Remove access reviews from PIM configuration to reduce administrative overhead
|
|
66
|
+
- Trust guest partner accounts without periodic access review or expiration
|
|
67
|
+
- Exclude all service accounts from CA without documenting workload identity alternatives
|