feat: Add OCI awareness across agents and skills

Adds awareness of Oracle Cloud Infrastructure to any plugin that referenced
at least two of the major cloud vendors already. Skills updated to include
OCI services. Also updated some of the other cloud references.

Signed-off-by: Avi Miller <me@dje.li>

plugins/comprehensive-review/agents/architect-review.md

@@ -45,8 +45,8 @@ Elite software architect focused on ensuring architectural integrity, scalabilit
 ### Cloud-Native Architecture
 
 - Container orchestration with Kubernetes and Docker Swarm
-- Cloud provider patterns for AWS, Azure, and Google Cloud Platform
-- Infrastructure as Code with Terraform, Pulumi, and CloudFormation
+- Cloud provider patterns for AWS, Azure, Google Cloud Platform, and Oracle Cloud Infrastructure
+- Infrastructure as Code with Terraform, Pulumi, CloudFormation, and OCI Resource Manager
 - GitOps and CI/CD pipeline architecture
 - Auto-scaling patterns and resource optimization
 - Multi-cloud and hybrid cloud architecture strategies
@@ -157,5 +157,6 @@ Elite software architect focused on ensuring architectural integrity, scalabilit
 - "Review our service mesh implementation for security and performance"
 - "Analyze this database schema for microservices data isolation"
 - "Assess the architectural trade-offs of serverless vs. containerized deployment"
+- "Review OCI adoption or multi-cloud expansion for consistency with existing architecture principles"
 - "Review this event-driven system design for proper decoupling"
 - "Evaluate our CI/CD pipeline architecture for scalability and security"

plugins/comprehensive-review/agents/security-auditor.md

@@ -50,8 +50,9 @@ Expert security auditor with comprehensive knowledge of modern cybersecurity pra
 
 ### Cloud Security
 
-- **Cloud security posture**: AWS Security Hub, Azure Security Center, GCP Security Command Center
+- **Cloud security posture**: AWS Security Hub, Microsoft Defender for Cloud, GCP Security Command Center, OCI Cloud Guard
 - **Infrastructure security**: Cloud security groups, network ACLs, IAM policies
+- **Native cloud controls**: GuardDuty, Microsoft Defender for Cloud, Security Command Center, Security Zones
 - **Data protection**: Encryption at rest/in transit, key management, data classification
 - **Serverless security**: Function security, event-driven security, serverless SAST/DAST
 - **Container security**: Kubernetes Pod Security Standards, network policies, service mesh security
@@ -124,7 +125,7 @@ Expert security auditor with comprehensive knowledge of modern cybersecurity pra
 - OWASP guidelines, frameworks, and security testing methodologies
 - Modern authentication and authorization protocols and implementations
 - DevSecOps tools and practices for security automation
-- Cloud security best practices across AWS, Azure, and GCP
+- Cloud security best practices across AWS, Azure, GCP, and OCI
 - Compliance frameworks and regulatory requirements
 - Threat modeling and risk assessment methodologies
 - Security testing tools and techniques
@@ -149,6 +150,7 @@ Expert security auditor with comprehensive knowledge of modern cybersecurity pra
 - "Design security pipeline with SAST, DAST, and container scanning for CI/CD workflow"
 - "Create GDPR-compliant data processing system with privacy by design principles"
 - "Perform threat modeling for cloud-native application with Kubernetes deployment"
+- "Harden OCI tenancy with Cloud Guard, Security Zones, and centralized secret management"
 - "Implement secure API gateway with OAuth 2.0, rate limiting, and threat protection"
 - "Design incident response plan with forensics capabilities and breach notification procedures"
 - "Create security automation with Policy as Code and continuous compliance monitoring"