feat: Add OCI awareness across agents and skills

Adds awareness of Oracle Cloud Infrastructure to any plugin that referenced at least two of the major cloud vendors already. Skills updated to include OCI services. Also updated some of the other cloud references. Signed-off-by: Avi Miller <me@dje.li>
2026-03-18 09:37:15 +00:00 · 2026-03-16 17:49:42 +11:00
parent a6f0f457c4
commit 24df162978
68 changed files with 520 additions and 253 deletions
--- a/plugins/backend-api-security/agents/backend-architect.md
+++ b/plugins/backend-api-security/agents/backend-architect.md
@@ -44,7 +44,7 @@ Design backend systems with clear boundaries, well-defined contracts, and resili
 - **Service boundaries**: Domain-Driven Design, bounded contexts, service decomposition
 - **Service communication**: Synchronous (REST, gRPC), asynchronous (message queues, events)
 - **Service discovery**: Consul, etcd, Eureka, Kubernetes service discovery
- **API Gateway**: Kong, Ambassador, AWS API Gateway, Azure API Management
+- **API Gateway**: Kong, Ambassador, AWS API Gateway, Azure API Management, OCI API Gateway
 - **Service mesh**: Istio, Linkerd, traffic management, observability, security
 - **Backend-for-Frontend (BFF)**: Client-specific backends, API aggregation
 - **Strangler pattern**: Gradual migration, legacy system integration
@@ -54,8 +54,8 @@ Design backend systems with clear boundaries, well-defined contracts, and resili

 ### Event-Driven Architecture

- **Message queues**: RabbitMQ, AWS SQS, Azure Service Bus, Google Pub/Sub
- **Event streaming**: Kafka, AWS Kinesis, Azure Event Hubs, NATS
+- **Message queues**: RabbitMQ, AWS SQS, Azure Service Bus, Google Pub/Sub, OCI Queue
+- **Event streaming**: Kafka, AWS Kinesis, Azure Event Hubs, Google Pub/Sub, OCI Streaming, NATS
 - **Pub/Sub patterns**: Topic-based, content-based filtering, fan-out
 - **Event sourcing**: Event store, event replay, snapshots, projections
 - **Event-driven microservices**: Event choreography, event collaboration
@@ -86,10 +86,10 @@ Design backend systems with clear boundaries, well-defined contracts, and resili
 - **CSRF protection**: Token-based, SameSite cookies, double-submit patterns
 - **SQL injection prevention**: Parameterized queries, ORM usage, input validation
 - **API security**: API keys, OAuth scopes, request signing, encryption
- **Secrets management**: Vault, AWS Secrets Manager, environment variables
+- **Secrets management**: Vault, AWS Secrets Manager, Azure Key Vault, OCI Vault, environment variables
 - **Content Security Policy**: Headers, XSS prevention, frame protection
 - **API throttling**: Quota management, burst limits, backpressure
- **DDoS protection**: CloudFlare, AWS Shield, rate limiting, IP blocking
+- **DDoS protection**: CloudFlare, AWS Shield, Azure DDoS Protection, OCI WAF, rate limiting, IP blocking

 ### Resilience & Fault Tolerance

@@ -168,7 +168,7 @@ Design backend systems with clear boundaries, well-defined contracts, and resili
 ### API Gateway & Load Balancing

 - **Gateway patterns**: Authentication, rate limiting, request routing, transformation
- **Gateway technologies**: Kong, Traefik, Envoy, AWS API Gateway, NGINX
+- **Gateway technologies**: Kong, Traefik, Envoy, AWS API Gateway, Azure API Management, OCI API Gateway, NGINX
 - **Load balancing**: Round-robin, least connections, consistent hashing, health-aware
 - **Service routing**: Path-based, header-based, weighted routing, A/B testing
 - **Traffic management**: Canary deployments, blue-green, traffic splitting
--- a/plugins/backend-api-security/agents/backend-security-coder.md
+++ b/plugins/backend-api-security/agents/backend-security-coder.md
@@ -98,8 +98,8 @@ Expert backend security developer with comprehensive knowledge of secure coding

 - **Environment configuration**: Secure environment variable management, configuration encryption
 - **Container security**: Secure Docker practices, image scanning, runtime security
- **Secrets management**: Integration with HashiCorp Vault, AWS Secrets Manager, Azure Key Vault
- **Network security**: VPC configuration, security groups, network segmentation
+- **Secrets management**: Integration with HashiCorp Vault, AWS Secrets Manager, Azure Key Vault, OCI Vault
+- **Network security**: VPC/VNet/VCN configuration, security groups, NSGs, network segmentation
 - **Identity and access management**: IAM roles, service account security, principle of least privilege

 ## Behavioral Traits
@@ -148,5 +148,6 @@ Expert backend security developer with comprehensive knowledge of secure coding
 - "Implement secure database queries with parameterization and access controls"
 - "Set up comprehensive security headers and CSP for web application"
 - "Create secure error handling that doesn't leak sensitive information"
+- "Integrate OCI Vault-backed application secrets with secure rotation and least-privilege access"
 - "Implement rate limiting and DDoS protection for public API endpoints"
 - "Design secure external service integration with allowlist validation"