@raishin/vanguard-frontier-agentic
v2.2.0
Published
Cloud and zero-trust agentic workflow marketplace for skills, agents, rules, MCP references, and compliance-aware architecture.
Maintainers
raishinReadme
Vanguard Frontier Agentic
This is the edge of agentic intelligence — an enterprise-grade ecosystem for running AI agents at scale in environments where a wrong move is a board-level incident. It collects reusable skills, agents, rules, MCP references, and supporting assets for AWS, Azure, OCI, GCP, Alibaba Cloud, Huawei Cloud, Kubernetes, and Terraform — plus a cross-functional Legal + HR agentic ecosystem.
This is not just cloud infrastructure tooling. It is agentic coordination: maestro routing, escalation-aware protocol, structured handoff between specialists, and refusal-by-default safety on every irreversible action. Cloud is one domain it operates in. Coordination, governance, and escalation are the product.
📊 Catalog at a glance
| Catalog | Count | | --- | --- | | Skills | 364 | | Agents | 386 | | Providers | 30 | | Install roles | 19 | | Rules | 1 | | MCP references | 3 |
- 🧠 Skills = step-by-step workflows an AI assistant can follow.
- 🤖 Agents = reusable expert roles for review, architecture, and operations.
- 📏 Rules = durable instructions for a specific AI harness.
- 🔌 MCP references = trusted notes for connecting tools to real systems.
- 🗂️ Catalogs = machine-readable indexes so tools can discover everything.
Works with: Claude Code · Codex · GitHub Copilot · Cursor · Gemini CLI · Kiro · and any other coding agent.
📦 Available on npm:
@raishin/vanguard-frontier-agenticis published on the public npm registry.⚠️ ALPHA FINOPS BUNDLE: As of v1.8.0, this package includes 4 new experimental FinOps agents and 7 skills for cloud cost optimization, AI economics modeling, Kubernetes rightsizing, and FOCUS-spec normalization. All are marked
lifecycle: experimental. See the board readiness memo for known limitations, risk mitigation, and 30-day diligence closure requirements. Use at your own risk in pre-production environments. Production deployment requires signed design-partner SOWs, Big 4 accounting validation, and SOC 2 Type II observation (≥150 days).
🛰️ Why Vanguard Frontier?
"Vanguard frontier" is not branding — it is an operating posture. This ecosystem is built for the front line of agentic deployment, where AI agents touch real production systems, real regulated data, and real legal exposure.
- 🏛️ Built for Fortune 50 / high-stakes environments. Every agent assumes the blast radius is enterprise-scale: regulated data, audited controls, and decisions that survive legal discovery. Refusal-by-default beats a fast path to a board-level incident.
- ⚖️ The Legal + HR ecosystem is proof of cross-functional agentic coordination. 28 specialist agents (Legal maestro + 12 specialists, HR maestro + 14 specialists) and 3 cross-functional protocol skills demonstrate that agents can hand off, escalate, and coordinate across organizational boundaries — not just answer in isolation.
- 🧾 Audit-ready, privacy-preserving, escalation-aware by design. Every
review and live-guard agent emits a structured verdict (
verdict,evidence_level,blockers,safe_next_actions,open_questions) that maps directly to SOC 2, PCI DSS, NIS2, NIST CSF, and ISO 27001 — no post-processing. - 🛡️ Battle-tested against real compliance, governance, and risk workflows. These patterns are exercised against live IAM mutations, KMS destruction, litigation holds, RIF planning, and privacy reviews — the workflows where a generic agent gets an organization sued.
The bar: an auditor, a regulator, or opposing counsel should be able to read the agent's output and trace exactly who decided what, on what evidence, and who approved the risk.
🧱 What's Inside — the three-layer agentic architecture
Vanguard Frontier is not a flat bag of prompts. It is a deliberate three-layer system, and every domain — cloud providers, Kubernetes, marketing, Legal, HR — follows the same shape.
| Layer | Role | Examples |
| ----- | ---- | -------- |
| 1. 🧭 Maestro (router) | Entry point. Classifies the request, routes to the right specialist, never executes risk itself. | legal-maestro-agent, hr-maestro-agent, kubernetes-maestro-agent, provider maestros |
| 2. 🤖 Specialists | Domain experts with judgment and a hardened permission model. Each loads one companion skill and emits a guarded verdict. | 13 Legal specialists, 15 HR specialists, cloud advisory + live-guard operators |
| 3. 🔗 Cross-functional protocol | Shared contracts that let specialists hand off, escalate, and coordinate across organizational boundaries without leaking scope. | legal-hr-routing-protocol, legal-hr-case-capsule, legal-hr-risk-taxonomy |
How it flows: a request enters at the maestro, which routes to a specialist. When a matter crosses a boundary — an HR investigation that needs privileged Legal review, or a Legal hold that triggers an HR data freeze — the cross-functional protocol carries a structured case capsule between agents, preserving privilege, minimizing data, and recording the escalation path.
This is what "agentic coordination" means here: routing, protocol, and escalation are first-class, not improvised.
🚀 Get Started
Pick the install path for your coding agent. Each dropdown is crystal-clear, step-by-step, and one-click plug-and-play where the harness supports it; the npm/export path works for everything else.
At a glance — which path is yours:
| Your harness | Fastest path | One-liner |
| ------------ | ------------ | --------- |
| 🤖 Claude Code | Plugin marketplace | /plugin marketplace add Raishin/vanguard-frontier-agentic |
| 🐙 GitHub Copilot CLI | Plugin marketplace | copilot plugin marketplace add Raishin/vanguard-frontier-agentic |
| 🖱️ Cursor | Clone + register plugin dir | git clone … then Settings → Plugins → Add Plugin Directory |
| ⚡ Codex | Plugin marketplace | codex plugin marketplace add Raishin/vanguard-frontier-agentic |
| ♊ Gemini / Antigravity | npm export | npx vfa-export-agents --platform gemini --all --repo . |
| 🔮 Kiro | Add Powers per-directory | Powers panel → Add Custom Power → Local Directory |
| 📦 Any other | npm + vfa-export-agents CLI | npm install @raishin/vanguard-frontier-agentic@latest |
Expand the matching dropdown below for the full step-by-step.
/plugin marketplace add Raishin/vanguard-frontier-agentic
/plugin install vanguard-frontier-agentic@vanguard-frontier-agenticOr wire it into ~/.claude/settings.json (or your project's .claude/settings.json) for team-wide trust:
{
"extraKnownMarketplaces": {
"vanguard-frontier-agentic": {
"source": { "source": "github", "repo": "Raishin/vanguard-frontier-agentic" }
}
},
"enabledPlugins": {
"vanguard-frontier-agentic@vanguard-frontier-agentic": true
}
}Pin to a tag for reproducible installs: Raishin/[email protected].
- Bundled: all 386 cloud, security, compliance, Kubernetes, Terraform agents (incl. provider maestros and live-guard agents)
- Spec:
.claude-plugin/marketplace.json+.claude-plugin/plugin.json(canonical Claude Code plugin layout) - Not bundled: skills, rules, MCP references — use the npm path for those
- Docs: code.claude.com/docs/en/plugin-marketplaces
# Add the marketplace, then install
copilot plugin marketplace add Raishin/vanguard-frontier-agentic
/plugin install vanguard-frontier-agenticOr in .github/copilot/settings.json for repo-wide trust:
{
"extraKnownMarketplaces": [
"https://raw.githubusercontent.com/Raishin/vanguard-frontier-agentic/master/.github/plugin/marketplace.json"
]
}- Marketplace manifest:
.github/plugin/marketplace.jsondeclares this repo as a single-plugin marketplace - Source path:
./(the repo root is the plugin root) - Bundled: 386 Copilot agent adapters under
agents/<provider>/<agent>/harnesses/copilot.agent.md - Docs: github.com/github/copilot-cli (
/plugin marketplace add)
# Clone the repo, then register it as a plugin directory in Cursor:
git clone https://github.com/Raishin/vanguard-frontier-agenticIn Cursor: Settings → Plugins → Add Plugin Directory → pick the cloned repo path. Or via the Cursor Extension API:
vscode.cursor.plugins.registerPath("/absolute/path/to/vanguard-frontier-agentic");- Plugin manifest:
.cursor-plugin/plugin.jsonenumerates all 386 Cursor agent adapters explicitly via theagentsfield - Bundled: all agents from
agents/<provider>/<agent>/harnesses/cursor.agent.md - Rules: existing
rules/directory at repo root is auto-discovered by Cursor - Docs: cursor.com/docs/plugins · cursor.com/docs/reference/plugins
Kiro Powers UI is per-Power directory add — there is no single-command marketplace flow. This repo ships 14 Powers under powers/, one per provider, so Kiro users can add only what they need.
# 1. Clone this repo
git clone https://github.com/Raishin/vanguard-frontier-agentic
cd vanguard-frontier-agentic
# 2. In Kiro:
# Open the Powers panel → "Add Custom Power" → "Local Directory"
# Paste the absolute path to the Power(s) you need, one at a time:
# /absolute/path/to/vanguard-frontier-agentic/powers/vanguard-aws
# /absolute/path/to/vanguard-frontier-agentic/powers/vanguard-kubernetes
# /absolute/path/to/vanguard-frontier-agentic/powers/vanguard-terraform- Powers available:
vanguard-aws,vanguard-azure,vanguard-gcp,vanguard-oci,vanguard-alibaba,vanguard-huawei,vanguard-ovhcloud,vanguard-scaleway,vanguard-hetzner,vanguard-contabo,vanguard-ionos,vanguard-kubernetes,vanguard-terraform,vanguard-nvidia - Each Power ships: routing pattern (maestro entry), live-mutation discipline, provider invariants (account-ID/region, MLPS 2.0, EU sovereignty, etc.)
- Frontmatter: strict-5 fields (
name,displayName,description,keywords,author) per Kiro spec - For Kiro agent adapter files (
.kiro/agents/*.md,.kiro/agents/*.json): use the npm-export path below - Docs: github.com/kirodotdev/powers
Antigravity reads skills from .agent/skills/<name>/SKILL.md (workspace) or ~/.gemini/antigravity/skills/<name>/ (global). There is no first-party marketplace install command — use the npm export to write skills + adapters into the right paths:
# Install the package
npm install @raishin/vanguard-frontier-agentic@latest
# Export agents + companion skills for Gemini Antigravity
npx vfa-export-agents --platform gemini --all --repo .Or for a single provider:
npx vfa-export-agents --platform gemini --provider aws --repo .- Workspace skills install to:
.agent/skills/<name>/SKILL.md - Global rules:
~/.gemini/GEMINI.md - MCP servers: configure via Antigravity's MCP Store UI →
mcp_config.json - Docs: antigravity.google · github.com/google-gemini/gemini-cli
# Add the marketplace, then enable the bundled plugin
codex plugin marketplace add Raishin/vanguard-frontier-agentic
/plugin install vanguard-frontier-agentic@vanguard-frontier-agenticcodex plugin marketplace add writes the marketplace into your ~/.codex/config.toml. The resulting block looks like this (the screenshot pattern):
[marketplaces.vanguard-frontier-agentic]
last_updated = "2026-05-11T06:46:00Z"
last_revision = "<sha>"
source_type = "git"
source = "https://github.com/Raishin/vanguard-frontier-agentic.git"
[plugins."vanguard-frontier-agentic@vanguard-frontier-agentic"]
enabled = true- Marketplace registry:
.agents/plugins/marketplace.jsonat repo root (canonical Codex location per codex-rs plugin-json-spec) - Bundled plugins:
vanguard-frontier-agentic— the main plugin, manifest atplugins/vanguard-frontier-agentic/.codex-plugin/plugin.jsoncross-platform-agent-template— scaffold for new cross-platform agents
- For agent adapter files (
.codex/agents/*.toml): after enabling the plugin, runnpx vfa-export-agents --platform codex --all --repo .to write the 386 agent adapters into your repo - Other commands:
codex plugin marketplace upgrade vanguard-frontier-agentic,codex plugin marketplace remove vanguard-frontier-agentic - Docs: github.com/openai/codex · Codex plugin spec
Prerequisite: Node.js 18+
# 1️⃣ Install the package
npm install @raishin/vanguard-frontier-agentic@latest
# 2️⃣ Export agents for your role into your repo (claude-code shown — swap platform)
npx vfa-export-agents --platform claude-code --role cloud-security-engineer --repo .
# 3️⃣ Open your coding agent and reference the exported agent
# "Use kubernetes-rbac-review-agent to audit this RBAC change."Supports --platform: claude-code, codex, copilot, cursor, gemini, kiro, kiro-ide, kiro-cli. Supports --role, --agents, --all, --provider filters. See the Install Reference for the full argument matrix.
Install paths
There are now eight supported install paths — Claude Code plugin marketplace, GitHub Copilot CLI marketplace, Cursor plugin, Codex plugin marketplace, Kiro Powers, Gemini Antigravity skills, npm package + vfa-export-agents CLI, and the third-party skills CLI — each with different versioning, trust, and scope characteristics. See docs/integrations/skills-cli.md for the full trust matrix, verified flag syntax, pinning guidance, and pre-install inspection steps.
npm install @raishin/vanguard-frontier-agentic@latest🧠 Skills
364 skills across AWS, Azure, OCI, GCP, Alibaba Cloud, Huawei Cloud, Kubernetes, CNCF ecosystem, Terraform, marketing governance, and more.
| Domain | Count | What they cover | | ------------------ | ----: | ------------------------------------------------------------------------------------------------- | | 🟧 AWS | 47 | IAM, EKS, ECS, Lambda, RDS, S3, Cost, DevOps, Bedrock, Security, WAF reviews, Live Guards | | 🟥 OCI | 41 | ADB, OKE, IAM, Vault, Resource Manager, Cost, Networking, WAF reviews, Live Guards | | 🟩 GCP | 51 | GKE, BigQuery, Vertex AI, Cloud Run, AlloyDB, Firebase, Gemini API, WAF reviews, Live Guards | | 🟦 Azure | 36 | AKS, App Service, ARM/Bicep, Key Vault, PIM, Cost, Entra ID, CosmosDB, WAF reviews, Live Guards | | 🟠 Alibaba Cloud | 43 | ACK, ECS, PolarDB, MaxCompute, RAM, OSS, MLPS 2.0, WAF reviews, Live Guards | | 🔴 Huawei Cloud | 43 | CCE, GaussDB, ModelArts, DEW, SecMaster, OBS, MLPS 2.0, WAF reviews, Live Guards | | ☸️ Kubernetes | 10 | RBAC review, workload identity, PSA, live RBAC/admission/mesh/network/ArgoCD guards, maestro | | 🛡️ Kyverno | 1 | ClusterPolicy/Policy, PolicyException, failureAction, background scan | | 🔄 Argo CD | 2 | AppProject blast-radius, sync impersonation, RollingSync, sync-window | | 🕸️ Istio | 1 | Ambient mesh, ztunnel L4 vs waypoint L7, PeerAuthentication, mTLS posture | | 🐝 Cilium | 1 | CiliumNetworkPolicy, ClusterMesh trust, 169.254.169.254 egress, WireGuard encryption | | 📡 OpenTelemetry | 1 | Collector pipeline, memory_limiter, receiver exposure, exporter cardinality, credential handling | | 🟩 Terraform | 1 | IaC review and plan safety | | 📣 Marketing | 14 | Consent, pixel-leakage, martech access, GPC, email auth, ads.txt, targeting fairness, EU AI Act, audience uploads, list retention, influencer, dark patterns, analytics, maestro |
🛡️ Live Guard skills — stop before you break prod
Live-guard skills enforce approval gates and rollback posture for irreversible operations:
🟧 AWS (5):
aws-live-deployment-guarded-operator— approval-gated generic live deployment actions with account/region confirmationaws-live-iac-change-guard— CloudFormation/SAM/CDK/Terraform change set + drift + rollback posture enforcementaws-live-pipeline-approval-operator— CodePipeline approval gating with exact stage and approver scopeaws-live-serverless-release-guard— Lambda alias/canary/linear rollout with alarm + rollback requiredaws-live-ecs-rollout-guard— ECS/Fargate deployment circuit breaker, health check evidence, rollback path
🟩 GCP (6):
gcp-live-gke-rollout-guard— GKE deployment and node pool mutations, control-plane version gatinggcp-live-iam-policy-change-guard— IAM binding mutations, org policy changes, SA key creation — org-wide blast radiusgcp-live-kms-key-destruction-guard— Cloud KMS key version destruction — CMEK data permanently unrecoverablegcp-live-cost-budget-action-guard— budget thresholds, CUD commitments, quota increases — financial authority gategcp-live-bigquery-dataset-deletion-guard— dataset deletion, table truncation, authorized view changes — irreversible data lossgcp-live-cloud-run-traffic-migration-guard— Cloud Run revision traffic shifts, min-instances changes — production traffic blast radius
🟠 Alibaba Cloud (6):
alibaba-live-ack-rollout-guard— ACK deployment mutations, node pool scaling, cluster version upgradesalibaba-live-ram-policy-change-guard— RAM policy/role mutations — account-wide blast radius, privilege escalation riskalibaba-live-kms-key-mutation-guard— KMS key deletion/disable — encrypted data permanently inaccessiblealibaba-live-cost-budget-action-guard— budget threshold changes, Savings Plan purchases, RI commitments — financial authority gatealibaba-live-oss-bucket-policy-guard— OSS bucket ACL/policy changes — public exposure or China data-residency violationalibaba-live-rds-polardb-mutation-guard— RDS/PolarDB instance deletion, spec downgrade, backup policy removal — data loss risk
🔴 Huawei Cloud (6):
huawei-live-cce-rollout-guard— CCE deployment mutations, node pool upgrades, cluster version changeshuawei-live-iam-policy-change-guard— IAM policy/SCP mutations — account-wide blast radius, privilege escalationhuawei-live-kms-key-destruction-guard— DEW/KMS key deletion — CSMS secrets and DBSS-encrypted data permanently losthuawei-live-cost-budget-action-guard— budget threshold changes, RI purchases, CUD commitments — financial authority gatehuawei-live-obs-bucket-policy-guard— OBS bucket ACL/policy changes — public exposure or data residency violationhuawei-live-gaussdb-mutation-guard— GaussDB/RDS instance deletion, spec downgrade, backup policy changes — data loss
🟦 Azure (7):
azure-live-aks-rollout-guard— PDB audit, rollout pause/undo, post-rollout healthazure-live-arm-deployment-stack-guard— what-if evidence, denySettings, PIM-gated deleteazure-live-app-service-slot-swap-guard— sticky-setting audit, traffic shifting, swap-back pathazure-live-keyvault-rotation-purge-guard— rotation policy, soft-delete/purge-protection, PIM gateazure-live-pim-jit-activation-guard— eligible assignment audit, MFA gate, JIT revocationazure-live-cost-budget-action-guard— budget mutation, GPU SKU policy, quota read-onlyazure-live-entra-role-assignment-guard— permanent role assignment scope/principal audit, PIM-preference enforcement, Guest principal blocking
🟥 OCI (7):
oci-live-autonomous-db-lifecycle-guard— ADB scale/stop/clone/terminate with tag enforcementoci-live-oke-rollout-guard— DevOps pipeline approval, PDB audit, rollout pause/undooci-live-resource-manager-stack-guard— plan-before-apply, drift detection, job-lock enforcementoci-live-vault-key-destruction-guard— rotation vs. destruction separation, 7–30 day deletion windowoci-live-iam-policy-compartment-guard— MFA break-glass, dual-approval for tenancy-root changesoci-live-cost-budget-runaway-guard— 3-tier budget management, GPU shape gate, ONS alert routingoci-live-network-security-rule-guard— Security List/NSG rule capture, 0.0.0.0/0 detection, DB-subnet criticality, Path Analyzer gate
☸️ Kubernetes (5):
kubernetes-live-rbac-mutation-guard— escalate/bind/impersonate verb detection, wildcard blocking, pre-mutation state capture, rollback via YAML backupkubernetes-live-admission-policy-guard— Kyverno/VAP mutation blast-radius, failureAction enforcement, PolicyException scope validationkubernetes-live-mesh-policy-guard— Istio AuthorizationPolicy/PeerAuthentication traffic impact, PERMISSIVE→STRICT migration gatingkubernetes-live-network-policy-guard— CiliumNetworkPolicy/NetworkPolicy connectivity impact, metadata service egress blockingkubernetes-live-argocd-sync-guard— AppProject blast-radius, sync impersonation identity review, sync-window change gating
Sample skills
- 🔐
skills/aws/aws-iam-least-privilege-review— Review AWS IAM policies and reduce unnecessary access. - 🟦
skills/azure/azure-rbac-review— Review Azure RBAC assignments, scopes, and custom roles. - 🟥
skills/oci/oci-autonomous-database-architect— Design and review Oracle Autonomous Database across OCI and multicloud options. - 🟩
skills/gcp/gcp-gke-platform-operator— GKE Standard/Autopilot design with Day-0/Day-1 decisions, Workload Identity, and AI inference quickstart. - 🟠
skills/alibaba/alibaba-china-compliance— MLPS 2.0, DSL, PIPL, and ICP filing compliance review for workloads in Alibaba Cloud China regions. - 🔴
skills/huawei/huawei-secmaster-security-operations— Huawei SecMaster SIEM/SOAR, HSS, CFW, WAF posture hardening and incident triage. - 💰
skills/finops/finops-cloud-price-advisor— Fetch live prices from AWS, Azure, and OCI public pricing APIs; estimate costs for live environments or prototypes. - 📣
skills/marketing/marketing-pixel-data-leakage-review— Review advertising pixels and event tracking for PII/PHI leakage to ad networks.
Rule of thumb: if the asset teaches how to do a repeatable task, it is a skill.
🤖 Agents
386 agents matching the skill catalog — agents ship harness adapters and a hardened permission model.
| Provider | Count | Specialisations |
| ------------------ | ----: | ----------------------------------------------------------------------------------- |
| 🟧 AWS | 47 | advisory, execution, live-guard operators |
| 🟥 OCI | 39 | advisory, live-guard operators |
| 🟩 GCP | 51 | advisory, live-guard operators, maestro router |
| 🟦 Azure | 36 | advisory, live-guard operators |
| 🟠 Alibaba Cloud | 43 | advisory, live-guard operators, maestro router |
| 🔴 Huawei Cloud | 43 | advisory, live-guard operators, maestro router |
| ☁️ OVHcloud | 6 | advisory, live KMS guard, maestro router |
| 🌐 IONOS Cloud | 6 | advisory, live DB lifecycle guard, maestro router |
| 🇫🇷 Scaleway | 6 | advisory, live Kapsule rollout guard, maestro router |
| 🇩🇪 Hetzner Cloud | 6 | advisory, live firewall + server lifecycle guards, maestro router |
| 💰 Contabo | 6 | advisory, live instance + storage guards, maestro router |
| ☸️ Kubernetes | 15 | RBAC review, workload identity, PSA, 5 live-guard operators, maestro router |
| 🛡️ Kyverno | 1 | Admission policy review |
| 🔄 Argo CD | 2 | GitOps review, live sync guard |
| 🕸️ Istio | 1 | Ambient mesh review |
| 🐝 Cilium | 1 | Network policy review |
| 📡 OpenTelemetry | 1 | Collector config review |
| 💰 Multi-cloud | 1 | FinOps Cloud Price Advisor |
| 🟩 Terraform | 2 | IaC review, maestro |
| 📣 Marketing | 14 | 13 governance review agents + maestro router |
| ⚖️ Legal | 13 | contract review, employment law risk, privacy & data protection, regulatory compliance, IP & open source, litigation & discovery hold, ethics & investigations, vendor/procurement risk, policy governance, public disclosure, counsel review, knowledge management |
| 👥 HR | 15 | employee relations, workplace investigations, performance management, compensation & equity, benefits & payroll, recruiting & selection, workforce planning & RIF, leave & accommodation, learning policy, culture & DEI, people analytics, HRIS process controls, termination readiness, risk triage |
| 🔗 Cross-functional | 3 | legal-hr-routing-protocol, legal-hr-case-capsule, legal-hr-risk-taxonomy |
⚖️ The Legal + HR cross-functional agentic ecosystem
Beyond cloud and platform agents, Vanguard Frontier ships a 28-agent cross-functional Legal + HR ecosystem plus 3 cross-functional protocol skills — proof that agentic coordination works across organizational boundaries, not just inside one cloud account.
Every Legal and HR agent is escalation-aware (knows when a matter must go to privileged counsel or a human owner), privacy-preserving (minimizes personal and sensitive data in every handoff), and audit-ready (emits the same structured verdict shape as the cloud live-guard agents). These agents advise on process and risk posture — they do not replace licensed legal counsel or qualified HR professionals, and they say so.
Every agent ships:
- 📄
AGENT.md— harness-neutral contract with guarded response shape - 🗂️
metadata.json— schema-validated catalog entry - 🔌 Harness adapters — claude-code + codex (EU providers); all 7 adapters for established providers
agents/
├── aws/ (47 agents)
├── alibaba/ (43 agents — advisory, live-guard operators, maestro)
├── argocd/ (2 agents — GitOps review, live sync guard)
├── azure/ (36 agents)
├── backstage/ (1 agent — IDP scaffolder review)
├── cert-manager/ (1 agent — PKI cert lifecycle review)
├── cilium/ (1 agent — network policy review)
├── contabo/ (6 agents — advisory, live instance + storage guards, maestro)
├── falco/ (1 agent — runtime threat detection)
├── finops/ (1 agent — cross-cloud price advisor)
├── fluxcd/ (1 agent — GitOps Kustomization/HelmRelease review)
├── gcp/ (51 agents — advisory, live-guard operators, maestro)
├── hetzner/ (6 agents — advisory, live firewall + server lifecycle guards, maestro)
├── huawei/ (43 agents — advisory, live-guard operators, maestro)
├── ionos/ (6 agents — advisory, live DB lifecycle guard, maestro)
├── istio/ (1 agent — ambient mesh review)
├── kubernetes/ (15 agents — RBAC, workload identity, PSA, pod-spec, ESO, Kubecost, live-guards, maestro)
├── kyverno/ (1 agent — admission policy review)
├── marketing/ (14 agents — 13 governance review agents + maestro router)
├── oci/ (39 agents)
├── opentelemetry/ (1 agent — collector config review)
├── ovhcloud/ (6 agents — advisory, live KMS guard, maestro)
├── prometheus/ (1 agent — alerting and cardinality review)
├── scaleway/ (6 agents — advisory, live Kapsule rollout guard, maestro)
├── sigstore/ (1 agent — supply chain security)
├── terraform/ (2 agents)
└── velero/ (1 agent — backup and restore)Example:
- 🧱
agents/terraform/terraform-reviewer— Review Terraform modules, plans, provider usage, and state assumptions.
Use an agent when you need a role with judgment, not just a checklist.
📦 Install Reference
Everything you can install, and exactly how to install it. One section, no hunting.
🧭 How to pick what to install
🙋 I know my job function → use --role
🎯 I know the specific agent I want → use --agents
☁️ I work on one cloud provider only → add --provider to either of the above
💥 I want everything for a platform → use --all
🔍 I don't know what exists yet → use --list or --list-roles first🏷️ Argument reference
| Argument | Values | Required | Description |
| -------------- | ----------------------------------------------------- | --------------------------------------- | ---------------------------------------------------- |
| --platform | see table below | ✅ yes (except --list, --list-roles) | Target AI harness |
| --role | see role table below | pick one ↓ | Install all agents for a job role |
| --agents | comma-separated agent IDs | pick one ↓ | Install specific agents by ID |
| --all | — | pick one ↓ | Install every agent for the platform |
| --provider | aws azure oci gcp alibaba huawei ovhcloud ionos scaleway hetzner contabo kubernetes terraform finops kyverno argocd istio cilium opentelemetry | ➕ optional | Narrow --role results to one provider |
| --repo | path | ➕ optional | Target repo root (defaults to current directory) |
| --force | — | ➕ optional | Overwrite files that already exist |
| --list | — | 🔍 standalone | Print all agent IDs, providers, and names; then exit |
| --list-roles | — | 🔍 standalone | Print role IDs with agent counts; then exit |
| --list-providers | — | 🔍 standalone | List all providers with agent counts; then exit |
| --dry-run | — | ➕ optional | Print the export plan without writing files |
| --no-skills | — | ➕ optional | Skip companion skill bundling |
🖥️ Platform reference
Each platform writes agent files to a different folder in your repo.
| --platform value | AI harness | Installs into |
| ------------------ | -------------------------------- | ----------------- |
| claude-code | 🤖 Claude Code (Anthropic) | .claude/agents/ |
| codex | ⚡ Codex CLI (OpenAI) | .codex/agents/ |
| copilot | 🐙 GitHub Copilot / VS Code | .github/agents/ |
| cursor | 🖱️ Cursor | .cursor/agents/ |
| gemini | ♊ Gemini CLI (Google) | .gemini/agents/ |
| kiro | 🔮 Kiro — both IDE + CLI adapters | .kiro/agents/ |
| kiro-ide | 🔮 Kiro IDE only | .kiro/agents/ |
| kiro-cli | 🔮 Kiro CLI only | .kiro/agents/ |
ℹ️ The exporter installs agent files only. It does not write repo-level guidance files (
CLAUDE.md,AGENTS.md,.github/copilot-instructions.md, etc.). Seedocs/normalized-platform-matrix.md.
👤 Role reference
A role installs the curated set of agents a practitioner in that job function needs, across all cloud providers. Roles overlap intentionally — one agent may appear in multiple roles.
| --role value | 👤 Who it is for | 🔢 Agents | ☁️ What it covers |
| -------------------------------------------- | ------------------------------------------------------------------------ | -------: | -------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
| cloud-security-engineer | 🔐 Security engineers, compliance teams, IAM owners | 51 | IAM/RBAC review, secrets lifecycle, identity governance, live guards for access and key mutations — AWS · Azure · OCI · GCP · Alibaba · Huawei · OVHcloud · Scaleway · Contabo · K8s |
| cloud-platform-engineer | 🏗️ Infrastructure/SRE, IaC owners, Kubernetes platform teams | 58 | IaC safety review, container platform operators, networking, landing zones, live deployment guards — AWS · Azure · OCI · GCP · Alibaba · Huawei · EU providers · Terraform |
| cloud-dba | 🗄️ Database administrators, data platform engineers | 20 | RDS/Aurora, DynamoDB, CosmosDB, OCI Autonomous/Exadata/MySQL HeatWave, IONOS DBaaS, replication, live DB lifecycle guards |
| cloud-finops-analyst | 💰 FinOps leads, cost governance teams | 25 | Cost optimization governors, anomaly watch, budget runaway guards, capacity planning — AWS · Azure · OCI · GCP · Alibaba · Huawei · EU providers |
| cloud-solutions-architect | 🏛️ Cloud architects, migration leads, AI/generative engineers | 38 | Solution architecture, migration cutover, resilience/BCDR, event-driven design, multi-cloud, AI/generative — AWS · Azure · OCI · GCP · Alibaba · Huawei |
| cloud-devops-engineer | 🚀 CI/CD engineers, release managers, SRE ops | 49 | CI/CD, pipeline approval gates, live rollout guards, deployment hotfix operators, serverless readiness, observability — AWS · Azure · OCI · GCP · Alibaba · Huawei |
| kubernetes-admission-security-engineer | 🛡️ Platform security, policy engineers, admission control owners | 6 | Kyverno policy review, K8s workload identity, PSA profiles, live admission-policy guard, live RBAC guard |
| kubernetes-network-engineer | 🐝 Network engineers, platform SREs, zero-trust mesh owners | 5 | Cilium/NetworkPolicy review, Istio ambient mesh review, live network-policy and mesh-policy guards |
| kubernetes-application-platform-engineer | 🔄 Platform engineers, GitOps owners, ArgoCD operators | 3 | Argo CD GitOps review, live ArgoCD sync guard, kubernetes-maestro router |
| kubernetes-runtime-security-engineer | 🔍 Runtime security, observability, and threat detection engineers | 6 | Falco threat rules, Sigstore supply chain, K8s workload identity, RBAC review, pod-spec review, live RBAC guard |
| kubernetes-pki-engineer | 🔐 PKI/cert lifecycle engineers, secrets management owners | 6 | cert-manager Issuer/ClusterIssuer, CertificateRequestPolicy gap, ESO scope, AWS Private CA, Azure KV cert, OCI Certificates |
| kubernetes-observability-engineer | 📊 SRE observability engineers, FinOps cost analysts | 4 | Prometheus alerting/cardinality, OTEL Collector pipeline, Kubecost chargeback/allocation, maestro router |
| kubernetes-supply-chain-security-engineer | 🔏 Supply chain security engineers, DevSecOps practitioners | 7 | Sigstore/Cosign, Falco runtime rules, Kyverno admission policy, PSA hardening, pod-spec review, live admission guard |
| kubernetes-developer-platform-engineer | 🎭 IDP/platform engineers, GitOps owners, developer experience leads | 6 | Backstage Scaffolder templates, Argo CD, Argo Rollouts progressive delivery, FluxCD Kustomization/HelmRelease, maestro router |
| kubernetes-disaster-recovery-engineer | 💾 SRE disaster recovery engineers, backup and restore owners | 2 | Velero live-guarded restore operations with pre-restore checklist, maestro router |
# 🔍 See exactly which roles exist and how many agents each has
npx vfa-export-agents --list-roles
# 📦 Install a cloud role
npx vfa-export-agents --platform claude-code --role cloud-security-engineer --repo .
# ☁️ Install a cloud role but only for one provider
npx vfa-export-agents --platform claude-code --role cloud-security-engineer --provider azure --repo .
# ☸️ Install a Kubernetes specialist role
npx vfa-export-agents --platform claude-code --role kubernetes-admission-security-engineer --repo .
npx vfa-export-agents --platform claude-code --role kubernetes-network-engineer --repo .☁️ Provider reference
Use --provider with --role to narrow the install to one cloud.
| --provider value | Domain | 🔢 Agents in catalog |
| ------------------- | ---------------------------------------- | ------------------: |
| aws | 🟧 Amazon Web Services | 47 |
| azure | 🟦 Microsoft Azure | 36 |
| oci | 🟥 Oracle Cloud Infrastructure | 39 |
| gcp | 🟩 Google Cloud Platform | 51 |
| alibaba | 🟠 Alibaba Cloud | 43 |
| huawei | 🔴 Huawei Cloud | 43 |
| ovhcloud | ☁️ OVHcloud | 6 |
| ionos | 🌐 IONOS Cloud | 6 |
| scaleway | 🇫🇷 Scaleway | 6 |
| hetzner | 🇩🇪 Hetzner Cloud | 6 |
| contabo | 💰 Contabo | 6 |
| kubernetes | ☸️ Kubernetes (cross-cloud) | 15 |
| kyverno | 🛡️ Kyverno (admission policy) | 1 |
| argocd | 🔄 Argo CD + Argo Rollouts (GitOps) | 2 |
| istio | 🕸️ Istio (service mesh) | 1 |
| cilium | 🐝 Cilium (network policy) | 1 |
| opentelemetry | 📡 OpenTelemetry (observability) | 1 |
| terraform | 🟩 Terraform (cross-cloud) | 2 |
| multi-cloud | 💰 FinOps / multi-cloud | 1 |
| prometheus | 📊 Prometheus (alerting + cardinality) | 1 |
| falco | 🦅 Falco (runtime threat detection) | 1 |
| sigstore | 🔏 Sigstore / Cosign (supply chain) | 1 |
| cert-manager | 🔐 cert-manager (PKI / cert lifecycle) | 1 |
| fluxcd | 🔄 FluxCD (GitOps) | 1 |
| backstage | 🎭 Backstage (IDP / developer platform) | 1 |
| velero | 💾 Velero (backup + restore) | 1 |
| marketing | 📣 Marketing governance (consent, pixel, access, AI, deliverability) | 14 |
# 🟥 Install every OCI agent for a cloud-platform-engineer (OCI-only team)
npx vfa-export-agents --platform codex --role cloud-platform-engineer --provider oci --repo .
# 🟦 Install every Azure agent for a cloud-devops-engineer
npx vfa-export-agents --platform copilot --role cloud-devops-engineer --provider azure --repo .🎯 Common install scenarios
| 🙋 I want to… | Command |
| ----------------------------------------------- | --------------------------------------------------------------------------------------------------------------------- |
| 🔍 See what agents exist | npx vfa-export-agents --list |
| 🔍 See what roles exist | npx vfa-export-agents --list-roles |
| 🔍 See what providers exist | npx vfa-export-agents --list-providers |
| 👤 Install for my job role (Claude Code) | npx vfa-export-agents --platform claude-code --role <role> --repo . |
| ☁️ Install for my job role, one cloud only | npx vfa-export-agents --platform claude-code --role <role> --provider aws --repo . |
| ☸️ Install K8s admission security role | npx vfa-export-agents --platform claude-code --role kubernetes-admission-security-engineer --repo . |
| 🐝 Install K8s network engineering role | npx vfa-export-agents --platform claude-code --role kubernetes-network-engineer --repo . |
| 🧭 Install the Kubernetes maestro router only | npx vfa-export-agents --platform claude-code --agents kubernetes-maestro-agent --repo . |
| 🎯 Install one specific agent | npx vfa-export-agents --platform claude-code --agents kubernetes-rbac-review-agent --repo . |
| 🎯 Install two specific agents | npx vfa-export-agents --platform claude-code --agents agent-id-1,agent-id-2 --repo . |
| 💥 Install everything for Codex | npx vfa-export-agents --platform codex --all --repo . |
| 🔄 Re-install and overwrite existing files | npx vfa-export-agents --platform claude-code --role <role> --repo . --force |
| 📂 Install into a different repo path | npx vfa-export-agents --platform gemini --role <role> --repo /path/to/other-repo |
| 🏭 Enforce via CI/CD pipeline | See docs/ci-cd-enforcement-pattern.md |
🌍 Vision
Build a practical AI workflow marketplace for secure cloud engineering.
This repository exists for teams that need to design, review, and operate cloud systems where security and compliance are not optional extras.
The north star:
🛡️ Cloud architecture should be zero-trust by default, evidence-backed by design, and understandable by engineers of any seniority.
That means every serious workflow should help engineers answer:
- 👤 Who is accessing what?
- 🔐 Why are they allowed?
- 🧾 Where is the evidence?
- 🚨 How do we detect abuse or drift?
- 🧯 How do we respond and recover?
- 📋 Which compliance obligation does this support?
🧬 Philosophy
This repo is opinionated. That is a feature, not a bug.
1. 🛡️ Zero trust beats implicit trust
Do not trust a network, cloud account, CI runner, agent, workload, or human just because it is "inside" something.
Good assets should push for:
- strong identity,
- least privilege,
- explicit authorization,
- segmentation,
- continuous verification,
- logging and detection,
- short-lived credentials where possible,
- safe rollback paths.
2. 🧾 Compliance needs evidence, not vibes
SOC 2 Type 2, PCI DSS, NIS2, and NIST-style control frameworks are not passed by good intentions. They require repeatable controls and evidence over time.
Good assets should produce or point to evidence:
- policy decisions,
- access reviews,
- architecture diagrams,
- ticket approvals,
- logs and alerts,
- backup and restore tests,
- vulnerability and patch records,
- incident response records,
- change history.
3. 🔐 Least privilege is the default
If a workflow recommends broad admin access, it must explain why.
If it cannot explain why, it should not recommend it.
4. 🧪 Every claim needs a source or a validation path
Cloud behavior changes. Compliance expectations evolve. Vendor services drift.
So assets should clearly separate:
- ✅ verified facts,
- 🧠 engineering judgment,
- ⚠️ assumptions,
- ❓ unknowns.
5. 🧯 Automation must have brakes
AI-assisted automation should not become a fast path to production damage.
Dangerous actions need:
- read-only discovery first,
- explicit approval,
- scoped credentials,
- dry-run or plan mode where possible,
- rollback notes,
- post-change validation.
📋 Compliance compass
This repository is not a compliance product and does not replace auditors, QSAs, legal counsel, or official standards.
It is a control-aware engineering toolbox. The assets should help teams design and collect evidence for common security expectations across frameworks.
Every live-guard and review agent produces a structured verdict response (verdict, evidence_level, blockers, safe_next_actions, open_questions) that maps directly to SOC 2 CC6.1, PCI DSS Req 7, NIS2 Article 21, NIST CSF PR.AC-4, and ISO 27001 A.9.1.1 — no post-processing required. See docs/evidence-output-spec.md for the full control mapping and evidence retention guidance.
| Framework / standard | What it pushes us to remember | Repo design implication | | -------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------- | | 🔵 SOC 2 Type 2 | Controls must operate over a period of time, especially around security, availability, confidentiality, processing integrity, and privacy trust service criteria. | Workflows should leave evidence trails, not just one-time fixes. | | 💳 PCI DSS | Cardholder data environments need scoped controls, secure configuration, access control, monitoring, vulnerability management, and testing. | Workflows should reduce scope, avoid broad access, and flag payment-data risk. | | 🇪🇺 NIS2 | EU cybersecurity rules emphasize governance, risk management, incident reporting, supply-chain security, and management accountability. | Workflows should make ownership, reporting, and supplier/cloud dependencies explicit. | | 🧭 NIST CSF 2.0 | Cybersecurity risk management spans Govern, Identify, Protect, Detect, Respond, and Recover. | Assets should not stop at prevention; they should include detection, response, and recovery. | | 🏛️ NIST SP 800-207 Zero Trust | Access should be continuously evaluated and should not rely on implicit network trust. | Agents and skills should challenge flat networks, permanent credentials, and unverified trust boundaries. |
Ruthless correction: NIS2 is the European cybersecurity directive. NIST is a U.S. standards body. If someone says "NIST2 European compliance," they probably mean NIS2 or they are mixing two different things.
🏗️ Architecture principles
Use these principles when creating or reviewing assets:
| Principle | What good looks like | | -------------------------- | ------------------------------------------------------------------------------------- | | 👤 Identity-first | Humans, workloads, agents, and CI/CD jobs have explicit identities. | | 🔐 Least privilege | Permissions are narrow, justified, and reviewable. | | 🧱 Segmented blast radius | Network, account, project, subscription, tenancy, and data boundaries are deliberate. | | 🧾 Evidence by design | The workflow naturally produces logs, approvals, diffs, plans, or reports. | | 🔎 Continuous monitoring | Detection is part of the design, not an afterthought. | | 🧯 Recoverability | Backups, restore tests, rollback, and incident response are considered upfront. | | 🧭 Source-grounded guidance | Official docs and live state beat memory and assumptions. | | 🤝 Human accountability | AI can assist, but owners still approve risk. |
✅ Eval-driven development
This repository uses eval-driven development (EDD) to ensure quality and consistency.
Before implementing any new feature, agents, or skills:
- Define evals first — What must pass? (capability evals + regression evals)
- Implement — Build agents, skills, or features
- Validate — Run the test suite and evals
- Report — Document results in
.claude/evals/<feature>.md
Example: The EU cloud providers feature was built using EDD:
- CE-1 to CE-6: Capability evals (filesystem layout, companion skills, security, schema, docs, content quality)
- CE-7 to CE-8: Post-implementation evals (role-based install coverage, taxonomy/docs updates)
- Regression evals: All 7 validation gates (catalog, skill schema, allowed-tools, agent schema, manifest, links)
- Result: 30 agents + 30 skills across 5 EU providers, all validation gates passing
See the /eval-harness skill for the full EDD framework and docs/CODEMAPS/ for live inventory.
🧭 Quick map
| Folder | What lives here | Easy memory hook |
| -------------------------- | ----------------------------------------------------------------------------- | ------------------------------------- |
| skills/ | Reusable workflows grouped by provider or domain | 🧠 "How do I do this task?" |
| agents/ | Expert roles grouped by provider or domain | 🤖 "Who should review this?" |
| rules/ | Harness-specific instructions | 📏 "What behavior is always expected?" |
| mcp/ | MCP server references and trust notes | 🔌 "What can this connect to?" |
| catalog/ | JSON indexes for marketplace discovery | 🗂️ "What assets exist?" |
| schemas/ | Metadata validation contracts | ✅ "What fields are required?" |
| templates/ | Starter templates for new assets | 🧱 "How do I add one?" |
| docs/ | Quality rules, taxonomy, compliance evidence spec, CI/CD enforcement patterns | 📚 "How should this repo work?" |
| .claude/evals/ | Eval-driven development (EDD) definitions and test reports | ✅ "How are features validated?" |
| assets/ | Logos and visual assets | 🎨 "What images can docs use?" |
🔌 MCP references
MCP references describe tool/server integrations and their trust boundaries.
Examples:
- 🟧
mcp/official/aws-mcp-servers.md - 🟦
mcp/official/azure-mcp-server.md - 🟥
mcp/official/oracle-mcp-servers.md
Important: MCP tools may read or mutate real infrastructure. Treat them like production access, not like harmless documentation links.
✅ Quality bar
This repo is not a prompt junk drawer.
Every cataloged asset should be:
- 🔎 Traceable — includes official docs or clear provenance.
- 🔐 Security-aware — explains access, risk, and least-privilege concerns.
- 🧪 Validated — passes repo checks before being shared.
- 🧭 Scoped — clearly says which provider, domain, and harness it supports.
- 🧯 Safe by default — read-only discovery before mutation; approval before dangerous actions.
Hard no:
- ❌ Secrets or credentials.
- ❌ Vague "do everything" prompts.
- ❌ Unsafe production mutation recipes.
- ❌ Cloud claims with no source or verification path.
For the detailed standard, read docs/quality-bar.md.
🗂️ Metadata contract
Every cataloged asset needs metadata so people and tools can understand it.
Required common fields:
idnametype:skill,agent,rule, ormcp-referenceprovider:aws,azure,oracle,oci,gcp,kubernetes,terraform,multi-cloud, orgenericharnesses: one or more ofcodex,copilot,claude-code,cursor,gemini,kiro,othersummarysource_type:original,adapted, orreference-onlyofficial_docssecurity_noteslast_verifiedpath
🔏 Skill integrity manifests
Skills are executable guidance. Treat them like supply-chain artifacts.
This repo uses catalog/skill-manifest.json to record SHA-256 hashes for every
file under every cataloged skill directory.
After intentional skill edits, regenerate the manifest:
npm run manifest:writeBefore release or review, check it:
npm run manifest:check🧪 Validate your changes
Before contributing or sharing changes, run:
npm run validateEquivalent manual commands:
python tests/validate-catalog.py
python tests/validate-skill-manifest.py
python tests/validate-links.py --offlineIf validation fails, fix that first. A broken catalog makes the marketplace harder to trust.
📦 npm publishing and semantic versioning
Use SemVer: MAJOR.MINOR.PATCH.
| Version bump | Use when | Example |
| ------------ | --------------------------------------------------------- | ----------------- |
| 🩹 PATCH | Typos, metadata corrections, manifest refresh | 0.1.0 → 0.1.1 |
| ✨ MINOR | New skills, agents, provider folders, optional metadata | 0.1.0 → 0.2.0 |
| 💥 MAJOR | Removed/renamed IDs, moved paths, breaking schema changes | 1.4.2 → 2.0.0 |
Read the full policy in docs/release-versioning.md.
🧑💻 How to add a new asset
- 🧭 Pick the right folder —
skills/<provider>/,agents/<provider>/,rules/<harness>/, ormcp/official/. - 🧱 Start from a template —
templates/skill-templateortemplates/agent-template. - 🗂️ Add or update catalog metadata in the matching
catalog/*.jsonfile. - ✅ Run
npm run validate. - 🧯 Check safety — no secrets, no broad permissions without justification, no destructive actions without approval gates.
❓ FAQ
Skills vs agents — what's the difference? A skill teaches your coding agent how to do a task (step-by-step workflow, CLI commands, reference material). An agent gives your coding agent a role with judgment — it loads the skill and adds a guarded response shape, approval gates, and a hardened permission model.
Do I need a cloud account to use these? For reviewing architecture, writing IaC, or planning — no. For live-guard agents that execute against a real environment — yes, and they will ask you to confirm subscription/tenancy/principal before any mutation.
Can I use a skill or agent without the exporter CLI?
Yes. Copy the harness file for your platform from agents/<provider>/<id>/harnesses/ directly into your repo's agent folder. The CLI just automates that copy.
What is a "live guard" agent? A live-guard agent operates against a real cloud environment. It enforces approval gates before any mutation, requires preflight evidence (what-if/plan/status output), and treats missing rollback design as a stop condition. Live guards are refusal-by-default — if target identity, approval state, or rollback posture is ambiguous, they stop and say so.
What does the FinOps price advisor actually do?
It fetches live on-demand prices from AWS Price List API, Azure Retail Prices API, and OCI public pricing API — all public, unauthenticated endpoints. It never needs billing credentials. Currency defaults to USD; other currencies are available via Azure's native currencyCode parameter or public exchange rate APIs for AWS/OCI.
Can I contribute new skills or agents?
Yes — see Contributing. The baseline requirement: the asset must be specific, source-backed, security-aware, and validated by npm run validate.
📚 Source anchors
Use official sources when writing