chore(collections): rename security-planning collection to security #792
Description
Summary
Rename the security-planning collection to security to broaden the scope from planning-only to the full security domain (review, planning, incident response, risk assessment, vulnerability analysis).
This is a pre-condition for all other MVP security reviewer work. Breaking change — acceptable per copilot-instructions.md.
Acceptance Criteria
-
collections/security-planning.collection.ymlrenamed tocollections/security.collection.ymlid: security,name: Security, updateddescriptionandtags- All
path:entries updated fromsecurity-planning/tosecurity/ - Collection level maturity set to
experimental
-
collections/security-planning.collection.mdrenamed tocollections/security.collection.md- Content updated to reflect broader security domain scope
- Includes
[!CAUTION]disclaimer about AI-generated security artifacts
-
.github/agents/security-planning/moved to.github/agents/security/security-plan-creator.agent.mdpreserved at new path
-
.github/prompts/security-planning/moved to.github/prompts/security/incident-response.prompt.mdandrisk-register.prompt.mdpreserved at new paths
-
collections/hve-core-all.collection.ymlupdated (all paths fromsecurity-planning/tosecurity/) -
extension/package.security-planning.jsonrenamed toextension/package.security.jsonnameupdated tohve-security,displayNameupdated toHVE Core - Security
-
extension/README.security-planning.mdrenamed toextension/README.security.md(if exists) - Old
plugins/security-planning/directory removed -
npm run plugin:generateproducesplugins/security/successfully -
npm run plugin:validatepasses -
npm run lint:allpasses with no regressions - No references to
security-planningremain in the codebase (search verification)
Context
Discussion #480 consensus: collection scope broadens from "planning" to full security domain. All active participants (katriendg, obrocki, JasonTheDeveloper) agreed. Related to #643 (collection-based directory reorg, mostly implemented) — not a prerequisite but coordinate timing.
Files to Change
| Action | Path |
|---|---|
| Rename | collections/security-planning.collection.yml → collections/security.collection.yml |
| Rename | collections/security-planning.collection.md → collections/security.collection.md |
| Move | .github/agents/security-planning/ → .github/agents/security/ |
| Move | .github/prompts/security-planning/ → .github/prompts/security/ |
| Update | collections/hve-core-all.collection.yml (path references) |
| Rename | extension/package.security-planning.json → extension/package.security.json |
| Rename | extension/README.security-planning.md → extension/README.security.md |
| Regenerate | plugins/security/ (via npm run plugin:generate) |
| Delete | plugins/security-planning/ |
Related Issues
Complete this issue before starting the following MVP security reviewer work:
- feat(skills): add
owasp-agenticskill for OWASP Agentic Top 10 vulnerability assessment #793 —feat(skills): add owasp-agentic skill - feat(agents): add
security-revieweragent with OWASP-aligned skill delegation #794 —feat(agents): add security-reviewer agent - feat(skills): add
owasp-top-10skill for OWASP Top 10 web vulnerability assessment #795 —feat(skills): add owasp-top-10 skill - feat(skills): add
owasp-llmskill for OWASP LLM Top 10 vulnerability assessment #796 —feat(skills): add owasp-llm skill - feat(prompts): add security review prompts (
security-review,security-review-web,security-review-llm) #797 —feat(prompts): add security review prompts - chore(security): end-to-end validation of security collection MVP #798 —
chore(security): end-to-end validation - chore(collections): add MVP security artifacts to collection manifests #799 —
chore(collections): add MVP security artifacts to manifests