docs(DX-5378): AGENTS.md, Cursor rules, and project skills

[harshitha-cstk]

Summary

Adds developer-agent documentation and Cursor context for @contentstack/management:

• AGENTS.md — repo overview, stack, commands, test/sanity env notes
• .cursor/rules/ — dev-workflow, javascript, contentstack-javascript-cma, testing, code-review (always apply)
• skills/ — code-review, testing, contentstack-javascript-cma, framework

No runtime code changes.

[github-actions]

🔒 Security Scan Results

ℹ️ Note: Only vulnerabilities with available fixes (upgrades or patches) are counted toward thresholds.

Check Type	Count (with fixes)	Without fixes	Threshold	Result
🔴 Critical Severity	0	0	10	✅ Passed
🟠 High Severity	0	0	25	✅ Passed
🟡 Medium Severity	0	0	500	✅ Passed
🔵 Low Severity	0	0	1000	✅ Passed

⏱️ SLA Breach Summary

✅ No SLA breaches detected. All vulnerabilities are within acceptable time thresholds.

Severity	Breaches (with fixes)	Breaches (no fixes)	SLA Threshold (with/no fixes)	Status
🔴 Critical	0	0	15 / 30 days	✅ Passed
🟠 High	0	0	30 / 120 days	✅ Passed
🟡 Medium	0	0	90 / 365 days	✅ Passed
🔵 Low	0	0	180 / 365 days	✅ Passed

✅ BUILD PASSED - All security checks passed

[github-actions]

Coverage report for commit: 5e4ebbd
File: coverage/clover.xml

Cover ┌─────────────────────────┐ Freq.
   0% │ ░░░░░░░░░░░░░░░░░░░░░░░ │  0.0%
  10% │ ░░░░░░░░░░░░░░░░░░░░░░░ │  0.0%
  20% │ ██░░░░░░░░░░░░░░░░░░░░░ │  2.2%
  30% │ ░░░░░░░░░░░░░░░░░░░░░░░ │  0.0%
  40% │ ░░░░░░░░░░░░░░░░░░░░░░░ │  0.0%
  50% │ ░░░░░░░░░░░░░░░░░░░░░░░ │  0.0%
  60% │ ░░░░░░░░░░░░░░░░░░░░░░░ │  0.0%
  70% │ ██████░░░░░░░░░░░░░░░░░ │  8.7%
  80% │ ███████████████████████ │ 39.1%
  90% │ █████████████░░░░░░░░░░ │ 21.7%
 100% │ █████████████████░░░░░░ │ 28.3%
      └─────────────────────────┘
 *Legend:* █ = Current Distribution 

Summary - Lines: 82.31% | Methods: 95.93% | Branches: 65.34%

Files	Lines	Methods	Branches
lib
contentstack.js	100.00%	100.00%	100.00%
contentstackClient.js	83.02%	92.86%	69.49%
contentstackCollection.js	94.12%	100.00%	86.96%
entity.js	76.22%	100.00%	61.34%
lib/core
Util.js	77.68%	94.44%	61.65%
concurrency-queue.js	71.84%	72.22%	62.02%
contentstackError.js	100.00%	100.00%	100.00%
contentstackHTTPClient.js	85.71%	92.31%	80.00%
errorMessages.js	100.00%	100.00%	71.43%
oauthHandler.js	90.85%	100.00%	67.14%
pkceStorage.js	100.00%	100.00%	94.12%
lib/organization
index.js	72.73%	100.00%	48.68%
lib/organization/teams
index.js	89.47%	100.00%	61.11%
lib/organization/teams/stackRoleMappings
index.js	78.57%	100.00%	47.50%
lib/organization/teams/teamUsers
index.js	100.00%	100.00%	87.50%
lib/query
index.js	73.91%	100.00%	56.25%
lib/stack/asset/folders
index.js	100.00%	100.00%	94.44%
lib/stack/asset
index.js	86.42%	100.00%	72.34%
lib/stack/auditlog
index.js	91.67%	100.00%	69.70%
lib/stack/branch
compare.js	68.18%	100.00%	56.67%
index.js	91.11%	100.00%	68.18%
mergeQueue.js	83.33%	100.00%	57.89%
lib/stack/branchAlias
index.js	79.31%	100.00%	58.54%
lib/stack/contentType/entry
index.js	83.04%	100.00%	57.43%
lib/stack/contentType/entry/variants
index.js	79.31%	100.00%	58.97%
lib/stack/contentType
index.js	84.85%	100.00%	67.57%
lib/stack/deliveryToken
index.js	95.24%	80.00%	85.00%
lib/stack/deliveryToken/previewToken
index.js	21.43%	25.00%	7.14%
lib/stack/environment
index.js	100.00%	100.00%	94.74%
lib/stack/extension
index.js	93.88%	100.00%	80.95%
lib/stack/globalField
index.js	91.67%	100.00%	80.77%
lib/stack
index.js	80.66%	92.86%	67.74%
lib/stack/label
index.js	100.00%	100.00%	93.33%
lib/stack/locale
index.js	100.00%	100.00%	94.74%
lib/stack/managementToken
index.js	100.00%	100.00%	89.47%
lib/stack/release
index.js	80.00%	100.00%	58.33%
lib/stack/roles
index.js	100.00%	100.00%	94.12%
lib/stack/taxonomy
index.js	79.01%	100.00%	52.94%
lib/stack/taxonomy/terms
index.js	78.57%	100.00%	56.41%
lib/stack/variantGroup
index.js	81.58%	100.00%	57.14%
lib/stack/variantGroup/variants
index.js	77.50%	100.00%	52.00%
lib/stack/variants
index.js	76.32%	100.00%	50.00%
lib/stack/webhook
index.js	84.48%	100.00%	63.64%
lib/stack/workflow
index.js	83.64%	100.00%	66.10%
lib/stack/workflow/publishRules
index.js	100.00%	100.00%	94.74%
lib/user
index.js	91.43%	100.00%	73.08%

_{🤖 comment via lucassabreu/comment-coverage-clover}

[aniket-shikhare-cstk]

Hi @harshitha-cstk

skills/testing/SKILL.md — Sanity test env variables

The Sanity tests section currently lists only EMAIL, PASSWORD, HOST, and ORGANIZATION. Several other env vars are needed for full coverage; without them, the related tests are skipped.

Suggestion: Expand the env vars section along these lines:

• Env: Variables are documented in test/sanity-check/utility/testSetup.js.
  • Required (core): EMAIL, PASSWORD, HOST, ORGANIZATION — without these, setup fails.
  • Required for specific suites (tests skip when missing):
    • OAuth: CLIENT_ID, APP_ID, REDIRECT_URI
    • 2FA: TFA_EMAIL, TFA_PASSWORD
    • MFA: MFA_SECRET
    • Team / stack share: MEMBER_EMAIL
    • DAM 2.0: DAM_2_0_ENABLED=true
  • Config: PERSONALIZE_HOST, DELETE_DYNAMIC_RESOURCES (have defaults).
  • For custom regions, set HOST to the target API host.

[github-actions]

🔒 Security Scan Results

ℹ️ Note: Only vulnerabilities with available fixes (upgrades or patches) are counted toward thresholds.

Check Type	Count (with fixes)	Without fixes	Threshold	Result
🔴 Critical Severity	0	0	10	✅ Passed
🟠 High Severity	0	0	25	✅ Passed
🟡 Medium Severity	0	0	500	✅ Passed
🔵 Low Severity	0	0	1000	✅ Passed

⏱️ SLA Breach Summary

✅ No SLA breaches detected. All vulnerabilities are within acceptable time thresholds.

Severity	Breaches (with fixes)	Breaches (no fixes)	SLA Threshold (with/no fixes)	Status
🔴 Critical	0	0	15 / 30 days	✅ Passed
🟠 High	0	0	30 / 120 days	✅ Passed
🟡 Medium	0	0	90 / 365 days	✅ Passed
🔵 Low	0	0	180 / 365 days	✅ Passed

✅ BUILD PASSED - All security checks passed