{"id":51061053,"url":"https://github.com/marianfoo/sap-api-policy-skill","last_synced_at":"2026-06-23T02:01:06.981Z","repository":{"id":362091971,"uuid":"1254645172","full_name":"marianfoo/sap-api-policy-skill","owner":"marianfoo","description":"Agent skill (npx skills) for evidence-based SAP API Policy alignment assessments — sourced, confidence-rated, never legal advice.","archived":false,"fork":false,"pushed_at":"2026-06-02T13:53:40.000Z","size":81,"stargazers_count":7,"open_issues_count":0,"forks_count":1,"subscribers_count":0,"default_branch":"main","last_synced_at":"2026-06-16T21:31:53.298Z","etag":null,"topics":["agent-skill","ai-agents","claude","compliance","mcp","model-context-protocol","sap","sap-api-policy","sap-btp"],"latest_commit_sha":null,"homepage":null,"language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/marianfoo.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":"AGENTS.md","dco":null,"cla":null}},"created_at":"2026-05-30T20:42:05.000Z","updated_at":"2026-06-06T23:34:37.000Z","dependencies_parsed_at":null,"dependency_job_id":null,"html_url":"https://github.com/marianfoo/sap-api-policy-skill","commit_stats":null,"previous_names":["marianfoo/sap-api-policy-skill"],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/marianfoo/sap-api-policy-skill","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/marianfoo%2Fsap-api-policy-skill","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/marianfoo%2Fsap-api-policy-skill/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/marianfoo%2Fsap-api-policy-skill/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/marianfoo%2Fsap-api-policy-skill/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/marianfoo","download_url":"https://codeload.github.com/marianfoo/sap-api-policy-skill/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/marianfoo%2Fsap-api-policy-skill/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":34672250,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-05-26T15:22:16.424Z","status":"online","status_checked_at":"2026-06-23T02:00:07.161Z","response_time":65,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["agent-skill","ai-agents","claude","compliance","mcp","model-context-protocol","sap","sap-api-policy","sap-btp"],"created_at":"2026-06-23T02:01:05.869Z","updated_at":"2026-06-23T02:01:06.974Z","avatar_url":"https://github.com/marianfoo.png","language":"Python","funding_links":[],"categories":[],"sub_categories":[],"readme":"# SAP API Policy Evidence Skill\n\nAn [agent skill](https://github.com/vercel-labs/skills) that assesses whether a given **SAP API\nusage scenario aligns with the SAP API Policy** (v.4.2026a + FAQ) and returns an **evidence-based,\nsourced technical assessment** with a confidence level — by gathering live evidence from official SAP\nsources (SAP Help, Business Accelerator Hub, SAP Notes, Architecture Center, released-object data)\nvia MCP servers.\n\n\u003e **Not legal advice, not a final SAP compliance decision.** Only SAP, your contract, or SAP\n\u003e support/account/legal can give a binding answer. This skill gets as close as the evidence allows,\n\u003e labels its confidence, and routes legal/commercial/roadmap questions to SAP rather than answering\n\u003e them.\n\n## Install\n\nCross-agent via the [`skills`](https://github.com/vercel-labs/skills) CLI (works with Claude Code,\nCursor, Codex, and others):\n\n```bash\n# install just this skill (use your own owner/repo if you fork it)\nnpx skills add marianfoo/sap-api-policy-skill --skill sap-api-policy-evidence\n\n# or install everything in the repo\nnpx skills add marianfoo/sap-api-policy-skill\n\n# globally, across all projects\nnpx skills add -g marianfoo/sap-api-policy-skill --skill sap-api-policy-evidence\n```\n\nManual install (no CLI): copy `skills/sap-api-policy-evidence/` into your agent's skills directory\n(e.g. `~/.claude/skills/` for Claude Code) — see **[MCP_SETUP.md](MCP_SETUP.md) → \"Using the skill\"**.\n\n## Prerequisite: the SAP MCP servers\n\nThe skill gathers evidence through SAP MCP servers — set them up once (most are `npx`-installable, SAP\nDocs has a hosted URL):\n\n| Server | Install | Role |\n| --- | --- | --- |\n| SAP Docs | hosted URL or `mcp-sap-docs` | SAP Help, Architecture Center, released-object status |\n| SAP API Hub | `npx -y sap-api-hub-mcp` | prove Published-API status / version / specs |\n| SAP Notes | `sap-note-search-mcp` (node) | \"not permitted\" / deprecated / successor notes |\n| SAP Roadmap | `npx -y sap-roadmap-mcp` | future replacement APIs (planning only) |\n| ARC-1 | `npx -y arc-1@latest` | live-system release state / custom-API checks |\n\nThe three authenticated servers (API Hub, Roadmap, Notes) and their shared SAP login module live in\none repo — [`sap-mcp-servers`](https://github.com/marianfoo/sap-mcp-servers) (npm workspaces) — but\neach is still published to npm individually, so the `npx -y` forms above work as-is.\n\nFull setup (auth, MFA, portable config, per-client usage): **[MCP_SETUP.md](MCP_SETUP.md)**. The skill\ndegrades gracefully if some are missing and says which were unavailable; **SAP API Hub + an\nauthenticated SAP Notes session are what let assessments reach `high` confidence.**\n\n## What it covers\n\nPublished-API vs internal/private status · \"Documented Use\" · third-party tools / iPaaS / RPA ·\nagentic \u0026 generative-AI / MCP access · bulk extraction \u0026 replication · custom Z/Y OData \u0026 RFC/BAPI\nwrappers \u0026 Clean Core · ADT developer-tooling boundaries (FAQ Q33) · ODP-RFC and other \"not\npermitted\" interfaces · partner Integration Certification · RISE remediation · an **inventory/scan\nmode** (\"which of these APIs are allowed?\").\n\n## Example prompts\n\n- *Decisive:* \"Is it allowed under SAP's API policy to extract data from our BW/4HANA into Snowflake\n  nightly via ODP-RFC through a third-party ETL tool?\"\n- *Should be aligned:* \"We sync ~500 Shopify orders/day into S/4HANA Cloud via the standard Sales\n  Order OData API using Boomi — OK under the 2026 API policy?\"\n- *Scan a list:* \"Which of these are OK to keep using: API_SALES_ORDER_SRV, RFC_READ_TABLE,\n  SD_SALESDOCUMENT_CREATE, ODP-RFC, I_SalesDocument?\"\n\n## Repo layout\n\n```\nskills/sap-api-policy-evidence/   the skill — SKILL.md + references/ + agents/openai.yaml\nevals/evals.json                  22 scenario evals (the test suite)\ntests/skill_static_checks.py      contract checks (fixed labels, required refs, URLs)\nMCP_SETUP.md                      MCP server setup + how to consume the skill\nCLAUDE.md                         contributor/maintainer guide (how to edit + validate the skill)\n.cursor/mcp.json.example          portable MCP client config — copy to .cursor/mcp.json and fill in\n```\n\n## Validation\n\nThe skill was hardened over 6 eval iterations across 22 scenarios spanning every policy branch plus\nadversarial over/under-flag, legal-wall, and scan-mode probes. It returns a fixed verdict label\n(`Likely aligned` / `Likely not aligned` / `Needs SAP confirmation` / `Not assessable from provided\nfacts`), a single confidence level, cited sources, and the non-legal disclaimer.\n\n## License\n\nMIT — see [LICENSE](LICENSE).\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmarianfoo%2Fsap-api-policy-skill","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fmarianfoo%2Fsap-api-policy-skill","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmarianfoo%2Fsap-api-policy-skill/lists"}