docs: reframe pitch as workload-agnostic and document workflow activation

.github/workflows/git-ape-verify.exampleyml

@@ -117,8 +117,6 @@ jobs:
             "git-ape-plan.yml:Git-Ape: Plan"
             "git-ape-deploy.yml:Git-Ape: Deploy"
             "git-ape-destroy.yml:Git-Ape: Destroy"
-            "git-ape-drift.yml:Git-Ape: Drift Detection"
-            "git-ape-ttl-reaper.yml:Git-Ape: TTL Reaper"
           )
 
           for WF in "${WORKFLOWS[@]}"; do

README.md

@@ -8,7 +8,7 @@
 
 **📖 Documentation:** [azure.github.io/git-ape](https://azure.github.io/git-ape/)
 
-Git-Ape is a **platform engineering framework** built on GitHub Copilot. It is a multi-agent system that plans, validates, and deploys Azure infrastructure — with security gates, cost analysis, and CI/CD pipeline integration built in.
+Git-Ape is a **platform engineering framework** built on GitHub Copilot. It is a multi-agent system that plans, validates, and deploys **any Azure workload** — with security gates, cost analysis, and CI/CD pipeline integration built in.
 
 Nothing is deployed without your explicit confirmation.
 
@@ -23,10 +23,10 @@ Git-Ape walks every deployment through the same four steps:
 
 It is built for:
 
-- Azure application stacks: Function Apps, Web Apps, Storage, SQL, Cosmos DB, Container Apps.
+- Any Azure resource deployable via Azure Resource Manager.
 - Repository onboarding: OIDC, RBAC, GitHub environments, and secrets.
 - Auditable deployments: every run is saved under `.azure/deployments/`.
-- Drift detection between live Azure state and stored deployment artifacts *(agentic workflow — coming soon)*.
+- Drift detection between live Azure state and stored deployment artifacts via the `/azure-drift-detector` skill.
 
 ## Git-Ape in action
 
@@ -148,6 +148,7 @@ graph TD
 
     subgraph AD ["Advisory"]
         PA["<b>Principal Architect</b><br/>WAF 5-pillar review<br/>Trade-off analysis"]
+        PO["<b>Policy Advisor</b><br/>Azure Policy compliance<br/>CIS / NIST mapping"]
     end
 
     subgraph UT ["Utility"]
@@ -164,7 +165,7 @@ graph TD
     class GA orchestrator
     class RG,TG,RD pipeline
     class SG,UC gate
-    class WR,PA advisory
+    class WR,PA,PO advisory
     class IE,OB utility
 ```
 
@@ -174,9 +175,11 @@ Skills are invoked by agents at specific stages. Each skill handles one focused
 
 | Phase | Skill | Purpose |
 |-------|-------|---------|
-| **Pre-Deploy** | `/azure-naming-research` | CAF abbreviation lookup, naming constraint validation |
+| **Pre-Deploy** | `/azure-rest-api-reference` | Look up ARM property schemas and API versions. **Mandatory before any template generation.** |
+| | `/azure-naming-research` | CAF abbreviation lookup, naming constraint validation |
 | | `/azure-resource-availability` | SKU restrictions, version support, API compatibility, quota |
 | | `/azure-security-analyzer` | Per-resource security assessment with blocking gate |
+| | `/azure-policy-advisor` | Azure Policy compliance recommendations against CIS, NIST, or general best-practice frameworks |
 | | `/azure-deployment-preflight` | What-if analysis and permission checks before deploy |
 | | `/azure-role-selector` | Least-privilege RBAC role recommendations |
 | | `/azure-cost-estimator` | Real-time cost estimation via Azure Retail Prices API |
@@ -288,7 +291,7 @@ graph LR
 | `git-ape-destroy.yml` | Merge PR with `destroy-requested` | Delete resource group |
 | `git-ape-verify.yml` | Manual dispatch | Verify OIDC, RBAC, pipeline health |
 
-> **Note:** Drift detection and TTL-based cleanup were previously handled by scheduled workflows (`git-ape-drift.yml`, `git-ape-ttl-reaper.yml`). These are being replaced by agentic workflows — coming soon.
+> **Note:** These workflows ship as `git-ape-*.exampleyml` files in `.github/workflows/` and are inert until the `/git-ape-onboarding` flow renames them to `.yml` after you complete the experimental-status acknowledgments.
 
 ## Included Components
 
@@ -298,29 +301,33 @@ Git-Ape is packaged as a Copilot CLI plugin with agents and skills under `.githu
 plugin.json                          # Plugin manifest
 .github/
 ├── agents/
-│   ├── git-ape.agent.md             # Main orchestrator
-│   ├── git-ape-onboarding.agent.md  # Onboarding agent
+│   ├── git-ape.agent.md                       # Main orchestrator
+│   ├── git-ape-onboarding.agent.md            # Onboarding agent
 │   ├── azure-requirements-gatherer.agent.md
 │   ├── azure-template-generator.agent.md
 │   ├── azure-resource-deployer.agent.md
 │   ├── azure-principal-architect.agent.md
+│   ├── azure-policy-advisor.agent.md
 │   └── azure-iac-exporter.agent.md
 ├── skills/
 │   ├── git-ape-onboarding/          # OIDC, RBAC, env setup
+│   ├── azure-rest-api-reference/    # ARM property + API version lookup
 │   ├── azure-naming-research/       # CAF naming
 │   ├── azure-resource-availability/ # SKU & quota checks
 │   ├── azure-security-analyzer/     # Security assessment
+│   ├── azure-policy-advisor/        # Azure Policy compliance
 │   ├── azure-deployment-preflight/  # What-if analysis
 │   ├── azure-role-selector/         # RBAC recommendations
 │   ├── azure-cost-estimator/        # Cost estimation
 │   ├── azure-drift-detector/        # Drift detection
 │   ├── azure-integration-tester/    # Post-deploy tests
-│   └── azure-resource-visualizer/   # Architecture diagrams
+│   ├── azure-resource-visualizer/   # Architecture diagrams
+│   └── prereq-check/                # CLI tool + auth session verification
 └── workflows/
-    ├── git-ape-plan.yml
-    ├── git-ape-deploy.yml
-    ├── git-ape-destroy.yml
-    └── git-ape-verify.yml
+    ├── git-ape-plan.exampleyml      # Activated to .yml by /git-ape-onboarding
+    ├── git-ape-deploy.exampleyml
+    ├── git-ape-destroy.exampleyml
+    └── git-ape-verify.exampleyml
 ```
 
 See [plugin.json](plugin.json) and [.github/plugin/marketplace.json](.github/plugin/marketplace.json) for packaging details.

plugin.json

@@ -1,6 +1,6 @@
 {
   "name": "git-ape",
-  "description": "Intelligent Azure deployment agent system for GitHub Copilot. Provides guided, safe, and validated Azure resource deployments using ARM templates, with built-in security analysis, cost estimation, and CI/CD pipeline integration.",
+  "description": "Intelligent agent system for deploying any Azure workload through GitHub Copilot. Provides guided, safe, and validated deployments using ARM templates, with built-in security analysis, cost estimation, and CI/CD pipeline integration.",
   "version": "0.0.1",
   "author": {
     "name": "Microsoft",
@@ -12,14 +12,14 @@
   "keywords": [
     "azure",
     "cloud",
-    "infrastructure",
-    "arm-templates",
+    "workloads",
     "deployment",
+    "arm-templates",
     "devops",
-    "iac",
     "security",
     "cost-estimation",
-    "github-actions"
+    "github-actions",
+    "copilot-agents"
   ],
   "agents": ".github/agents/",
   "skills": ".github/skills/"

scripts/generate-docs.js

@@ -252,9 +252,9 @@ function generateSkillDocs() {
 
     // Determine phase from skill content/name
     let phase = 'General';
-    const preDeploySkills = ['azure-naming-research', 'azure-resource-availability', 'azure-security-analyzer', 'azure-deployment-preflight', 'azure-role-selector', 'azure-cost-estimator', 'prereq-check', 'azure-policy-advisor'];
+    const preDeploySkills = ['azure-rest-api-reference', 'azure-naming-research', 'azure-resource-availability', 'azure-security-analyzer', 'azure-deployment-preflight', 'azure-role-selector', 'azure-cost-estimator', 'prereq-check', 'azure-policy-advisor'];
     const postDeploySkills = ['azure-integration-tester', 'azure-resource-visualizer'];
-    const opsSkills = ['azure-drift-detector', 'git-ape-onboarding', 'azure-rest-api-reference'];
+    const opsSkills = ['azure-drift-detector', 'git-ape-onboarding'];
 
     if (preDeploySkills.includes(name)) phase = 'Pre-Deploy';
     else if (postDeploySkills.includes(name)) phase = 'Post-Deploy';
@@ -423,7 +423,7 @@ description: "GitHub Actions workflow: ${name}"
 # ${name}
 
 **Workflow file:** \`.github/workflows/${file}\`
-
+${file.endsWith('.exampleyml') ? '\n:::info[Activation required]\nThis workflow ships as `' + file + '` and is **inert** until renamed to `' + file.replace(/\.exampleyml$/, '.yml') + '`. The [`/git-ape-onboarding`](/docs/skills/git-ape-onboarding) flow renames every `.exampleyml` file in `.github/workflows/` to `.yml` after you complete the experimental-status acknowledgments.\n:::\n' : ''}
 ## Triggers
 
 ${triggerSection}
@@ -465,6 +465,10 @@ description: "Overview of Git-Ape GitHub Actions workflows"
 
 Git-Ape provides GitHub Actions workflows for automated deployment lifecycle management.
 
+:::info[Activation required]
+Workflows ship as **\`*.exampleyml\`** files in \`.github/workflows/\` so they are inert when the plugin is first installed. The [\`/git-ape-onboarding\`](/docs/skills/git-ape-onboarding) flow renames each \`.exampleyml\` to \`.yml\` after you complete the experimental-status acknowledgments. Files still ending in \`.exampleyml\` in the inventory below are not yet active.
+:::
+
 ## Workflow Inventory
 
 | Workflow | File | Triggers | Jobs |

website/docs/getting-started/onboarding.md

@@ -24,6 +24,10 @@ Git-Ape can automate the entire setup for you, or you can run each step manually
 
 Both paths produce the same result: an Entra ID App Registration with OIDC federated credentials, RBAC role assignments, and GitHub environments with the required secrets.
 
+:::info[Workflow activation is part of onboarding]
+Git-Ape ships its CI/CD workflows as **`*.exampleyml`** files in `.github/workflows/` (`git-ape-plan.exampleyml`, `git-ape-deploy.exampleyml`, `git-ape-destroy.exampleyml`, `git-ape-verify.exampleyml`). These files are **inert** until the onboarding flow renames each one to `.yml`. The automated `/git-ape-onboarding` flow performs this rename only after you complete the experimental-status acknowledgments; the manual flow includes a final step to rename them yourself.
+:::
+
 ## Choose single or multi-environment mode {#choose-mode}
 
 Before onboarding, decide how many Azure subscriptions you need.

website/docs/intro.md

@@ -12,7 +12,7 @@ slug: /intro
 **EXPERIMENTAL PROJECT:** Git-Ape is in active development and is not production-ready. Use it for local development, demos, sandbox subscriptions, and learning only.
 :::
 
-Git-Ape is a **platform engineering framework** built on GitHub Copilot. It provides a structured, multi-agent system for planning, validating, and deploying Azure infrastructure — with security gates, cost analysis, and CI/CD pipeline integration built in.
+Git-Ape is a **platform engineering framework** built on GitHub Copilot. It provides a structured, multi-agent system for planning, validating, and deploying **any Azure workload** — with security gates, cost analysis, and CI/CD pipeline integration built in.
 
 It is the implementation of the thesis Microsoft published in [Platform Engineering for the Agentic AI Era](https://devblogs.microsoft.com/all-things-azure/platform-engineering-for-the-agentic-ai-era/) — agents and policy replacing module catalogues as the platform team's primary deliverable. See the **[Vision & Manifesto](./vision)** for the full thinking.
 
@@ -74,7 +74,8 @@ Git-Ape works in two modes:
 ```bash
 # Install the plugin
 copilot plugin marketplace add Azure/git-ape
-copilot plugin install Azure/git-ape
+copilot plugin install git-ape@git-ape
+copilot plugin list   # Should show: git-ape@git-ape
 
 # Check prerequisites
 # In Copilot Chat: /prereq-check

website/docs/personas/for-engineers.mdx

@@ -22,7 +22,8 @@ No more memorizing CAF naming conventions, ARM property paths, or RBAC role IDs.
 
 ```bash
 copilot plugin marketplace add Azure/git-ape
-copilot plugin install Azure/git-ape
+copilot plugin install git-ape@git-ape
+copilot plugin list
 ```
 
 ### Step 2: Check Prerequisites

website/docs/reference/marketplace.md

@@ -23,6 +23,7 @@ The marketplace manifest configures how Git-Ape appears in the Copilot CLI plugi
 ## Plugins
 
 - **git-ape** v0.0.1: Intelligent Azure deployment agent system for GitHub Copilot. Provides guided, safe, and validated Azure resource deployments using ARM templates, with built-in security analysis, cost estimation, drift detection, and CI/CD pipeline integration.
+- **ape-context** v1.0.0: Extension for git-ape that provides enhanced context management, allowing platform teams to set up a baseline for Engineering context, tools use & intent
 
 ## Full Source
 
@@ -43,6 +44,31 @@ The marketplace manifest configures how Git-Ape appears in the Copilot CLI plugi
       "description": "Intelligent Azure deployment agent system for GitHub Copilot. Provides guided, safe, and validated Azure resource deployments using ARM templates, with built-in security analysis, cost estimation, drift detection, and CI/CD pipeline integration.",
       "version": "0.0.1",
       "source": "."
+    },
+    {
+      "name": "ape-context",
+      "description": "Extension for git-ape that provides enhanced context management, allowing platform teams to set up a baseline for Engineering context, tools use & intent",
+      "version": "1.0.0",
+      "author": {
+        "name": "Suzanne Daniels",
+        "url": "https://suuu.us"
+      },
+      "homepage": "https://github.com/suuus/ape-context",
+      "keywords": [
+        "context",
+        "intent",
+        "infrastructure",
+        "deployment",
+        "documentation",
+        "git-ape"
+      ],
+      "license": "MIT",
+      "repository": "https://github.com/suuus/ape-context",
+      "source": {
+        "source": "github",
+        "repo": "suuus/ape-context",
+        "path": ".github/plugins/ape-context"
+      }
     }
   ]
 }

website/docs/reference/plugin-json.md

@@ -17,22 +17,22 @@ The plugin manifest defines the Git-Ape plugin metadata. The same manifest is co
 |-------|-------|
 | **Name** | git-ape |
 | **Version** | 0.0.1 |
-| **Description** | Intelligent Azure deployment agent system for GitHub Copilot. Provides guided, safe, and validated Azure resource deployments using ARM templates, with built-in security analysis, cost estimation, and CI/CD pipeline integration. |
+| **Description** | Intelligent agent system for deploying any Azure workload through GitHub Copilot. Provides guided, safe, and validated deployments using ARM templates, with built-in security analysis, cost estimation, and CI/CD pipeline integration. |
 | **Author** | Microsoft |
 | **License** | MIT |
 | **Agents Path** | `.github/agents/` |
 | **Skills Path** | `.github/skills/` |
 
 ## Keywords
 
-`azure` · `cloud` · `infrastructure` · `arm-templates` · `deployment` · `devops` · `iac` · `security` · `cost-estimation` · `github-actions`
+`azure` · `cloud` · `workloads` · `deployment` · `arm-templates` · `devops` · `security` · `cost-estimation` · `github-actions` · `copilot-agents`
 
 ## Full Source
 
 ```json
 {
   "name": "git-ape",
-  "description": "Intelligent Azure deployment agent system for GitHub Copilot. Provides guided, safe, and validated Azure resource deployments using ARM templates, with built-in security analysis, cost estimation, and CI/CD pipeline integration.",
+  "description": "Intelligent agent system for deploying any Azure workload through GitHub Copilot. Provides guided, safe, and validated deployments using ARM templates, with built-in security analysis, cost estimation, and CI/CD pipeline integration.",
   "version": "0.0.1",
   "author": {
     "name": "Microsoft",
@@ -44,14 +44,14 @@ The plugin manifest defines the Git-Ape plugin metadata. The same manifest is co
   "keywords": [
     "azure",
     "cloud",
-    "infrastructure",
-    "arm-templates",
+    "workloads",
     "deployment",
+    "arm-templates",
     "devops",
-    "iac",
     "security",
     "cost-estimation",
-    "github-actions"
+    "github-actions",
+    "copilot-agents"
   ],
   "agents": ".github/agents/",
   "skills": ".github/skills/"

website/docs/skills/azure-rest-api-reference.md

@@ -16,7 +16,7 @@ description: "Look up Azure REST API and ARM template reference documentation fo
 | Property | Value |
 |----------|-------|
 | **Skill Directory** | `.github/skills/azure-rest-api-reference/` |
-| **Phase** | Operations |
+| **Phase** | Pre-Deploy |
 | **User Invocable** | ✅ Yes |
 | **Usage** | `/azure-rest-api-reference Resource type (e.g., Microsoft.Web/sites, Microsoft.Storage/storageAccounts)` |