بنقرة واحدة
compliance-rgi
Ensures system interoperability via open standards, documented APIs, and standardized data exchange
التثبيت باستخدام Codex أو Claude انسخ هذا Prompt والصقه في Codex أو Claude أو مساعد آخر ليراجع صفحة Skill ويثبّتها لك.
القائمة
Ensures system interoperability via open standards, documented APIs, and standardized data exchange
التثبيت باستخدام Codex أو Claude انسخ هذا Prompt والصقه في Codex أو Claude أو مساعد آخر ليراجع صفحة Skill ويثبّتها لك.
استنادا إلى تصنيف SOC المهني
Guide users through creating custom VS Code agents with specialized capabilities, tool restrictions, and subagent workflows. Use when users want to create agent modes, define specialized workflows with context isolation, or build multi-stage agent systems with different tool access per stage. Provides structured interview process for comprehensive agent development.
Technology-agnostic, referential-agnostic orchestration framework for all compliance standards (RGAA, RGESN, RGS, RGPD, RGI, W3C-WSG)
Ensures digital accessibility for all users (WCAG 2.1 AA compliance, French RGAA 4.1.2 standard)
Ensures eco-responsible IT practices and minimizes environmental impact
Ensures personal data protection and privacy rights according to GDPR/RGPD
Ensures information security and compliance with French security standards
| name | compliance-rgi |
| description | Ensures system interoperability via open standards, documented APIs, and standardized data exchange |
| category | Interoperability & Standards |
| keywords | RGI, interoperability, APIs, REST, OpenAPI, OAuth 2.0, standards, integration |
| license | MIT |
Référentiel Général d'Interopérabilité (v2.0, December 2015)
STANDARDS-REFERENCE.md and INTEROPERABILITY-PROFILES.mdFirst time? → Read INDEX.md for complete document navigation
Quick eval? → Use QUICK-ASSESSMENT.md (5 minutes)
Detailed audit? → Use CONFORMANCE-CHECKLIST.md (1-2 hours)
Learning standards? → Use STANDARDS-REFERENCE.md (reference)
QUICK-ASSESSMENT.md — 5-minute compliance scoringCONFORMANCE-CHECKLIST.md — 50+ detailed items (formal audit)STANDARDS-REFERENCE.md — All RGI-approved standardsINTEROPERABILITY-PROFILES.md — 5 integration patterns (A2A, A2B, A2C, M2M, OpenData)INDEX.md — Document index and workflowsdocs/compliance/RGI-IMPLEMENTATION.md in your codebaseAnswer these questions to determine what applies:
| Scenario | Political | Legal | Organizational | Semantic | Technical |
|---|---|---|---|---|---|
| Internal API (no external callers) | ✓ | ✓ | ✓ | ✓ | ✓✓ |
| Public-facing API (third-party integrations) | ✓ | ✓ | ✓ | ✓ | ✓✓ |
| Inter-org data exchange (A2A, A2B, A2C) | ✓✓ | ✓✓ | ✓✓ | ✓✓ | ✓✓ |
| Microservice integration (internal, same org) | — | — | — | ✓ | ✓ |
(✓ = verify, ✓✓ = critical)
Must have:
/api/v1/)skip/take/totalcode, message, traceIdShould have (if data is sensitive/shared):
compliance-rgpd SKILLMust have:
Should have:
createdAt, updatedAt, schemaVersion fieldsMust have:
Must have:
# 1. HTTPS/TLS 1.2+ required
curl -i https://api.example.fr/api/v1/users
# ✓ Should respond (not redirect to HTTP)
# 2. OpenAPI documented?
curl https://api.example.fr/api/docs
# ✓ Should show Swagger UI
# 3. Proper status codes?
curl -H "Authorization: Bearer INVALID" https://api.example.fr/api/v1/users
# ✓ Should return 401 (not 500)
# 4. Standard error format?
curl -X POST https://api.example.fr/api/v1/users -d '{invalid json}'
# ✓ Should return: { "error": { "code": "...", "message": "...", "traceId": "..." } }
# 5. Pagination?
curl https://api.example.fr/api/v1/users?skip=0&take=20
# ✓ Should return: { "items": [...], "paging": { "skip": 0, "take": 20, "total": N } }
| Need | Standard | Example |
|---|---|---|
| Secure transport | TLS 1.2+ | https:// (not http) |
| API documentation | OpenAPI 3.0 | /api/docs endpoint |
| Auth (external APIs) | OAuth 2.0 | Bearer token (JWT) |
| User identity (federation) | OpenID Connect | FranceConnect integration |
| Data format | JSON | UTF-8, ISO 8601 dates |
| Unique IDs | UUID v4 | 550e8400-e29b-41d4-a716-446655440000 |
| Countries/languages | ISO standards | FR, fr |
| DateTime | ISO 8601 | 2024-04-01T10:30:00Z |
| Async messaging | AMQP | RabbitMQ, SMTP, webhooks |
| Geospatial | GeoJSON, WGS 84 | If location data used |
For exhaustive standards list, see STANDARDS-REFERENCE.md
import {
Controller,
Get,
Post,
Put,
Delete,
Query,
Param,
HttpCode,
Body,
} from '@nestjs/common'
import { ApiOperation, ApiResponse, ApiTags } from '@nestjs/swagger'
@ApiTags('Resources')
@Controller('api/v1/resources')
export class ResourceController {
@Get()
@ApiOperation({ summary: 'List resources' })
@ApiResponse({ status: 200, description: 'List with pagination' })
async list(@Query('skip') skip = 0, @Query('take') take = 20) {
return { items: [], paging: { skip, take, total: 0 } }
}
@Get(':id')
@ApiOperation({ summary: 'Get resource by ID' })
@ApiResponse({ status: 200, description: 'Found' })
@ApiResponse({ status: 404, description: 'Not found' })
async getOne(@Param('id') id: string) {
// Must use UUID, not sequential ID
return this.service.findById(id)
}
@Post()
@HttpCode(201)
@ApiOperation({ summary: 'Create resource' })
@ApiResponse({ status: 201, description: 'Created' })
async create(@Body() dto: CreateResourceDto) {
return this.service.create(dto)
}
@Put(':id')
@ApiOperation({ summary: 'Update resource' })
@ApiResponse({ status: 200, description: 'Updated' })
async update(@Param('id') id: string, @Body() dto: UpdateResourceDto) {
return this.service.update(id, dto)
}
@Delete(':id')
@HttpCode(204)
@ApiOperation({ summary: 'Delete resource' })
async delete(@Param('id') id: string) {}
}
// All endpoints should return this format on error
{
"error": {
"code": "RESOURCE_NOT_FOUND", // Machine-readable code
"message": "Resource with ID 123...", // User-readable message
"httpStatus": 404, // HTTP status
"timestamp": "2024-04-01T10:30:00Z", // ISO 8601
"traceId": "abc-123-def" // For support/debugging
}
}
{
"id": "550e8400-e29b-41d4-a716-446655440000", // UUID v4
"createdAt": "2024-04-01T10:30:00Z", // ISO 8601
"firstName": "Jean",
"country": "FR", // ISO 3166-1 (2-letter)
"language": "fr", // ISO 639-1 (2-letter)
"amount": 100.5,
"currency": "EUR" // ISO 4217
}
@Get(':userId/export')
@UseGuards(AuthGuard)
async exportPersonalData(@Param('userId') userId: string) {
const data = await this.service.getAllPersonalData(userId)
return {
data,
exported: new Date().toISOString(),
schema_version: '1.0'
}
}
// Client requests token
POST /oauth/token
client_id=my-app&
client_secret=secret&
grant_type=client_credentials&
scope=read:resources
// Response
{
"access_token": "eyJhbGc...",
"token_type": "Bearer",
"expires_in": 3600,
"scope": "read:resources"
}
// Usage: Authorization: Bearer eyJhbGc...
// Event occurs → POST to registered webhooks
POST https://partner-system.fr/webhooks/resource
Authorization: Bearer signature="..."
Content-Type: application/json
{
"event": "resource.created",
"data": { /* resource object */ },
"timestamp": "2024-04-01T10:30:00Z",
"deliveryAttempt": 1
}
// Partner responds with 2xx = success
// Otherwise: retry with exponential backoff (max 3 attempts)
STANDARDS-REFERENCE.md: Complete list of all RGI standards by category (network, transport, APIs, data formats, identifiers)INTEROPERABILITY-PROFILES.md: 5 integration patterns (A2A, A2B, A2C, M2M, OpenData) with specific standards for eachCONFORMANCE-CHECKLIST.md: 50+ detailed checklist items by level (use for exhaustive assessment)docs/compliance/RGI-IMPLEMENTATION.md in your codebase for platform-specific guidanceSTANDARDS-REFERENCE.md, etc.) for exhaustive requirementsCONFORMANCE-CHECKLIST.md for formal assessment❌ Don't:
✅ Do: