@aegis-scan/skills 0.1.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/ATTRIBUTION.md +75 -0
- package/CHANGELOG.md +129 -0
- package/LICENSE +21 -0
- package/README.md +123 -0
- package/dist/bin.d.ts +3 -0
- package/dist/bin.d.ts.map +1 -0
- package/dist/bin.js +122 -0
- package/dist/bin.js.map +1 -0
- package/dist/commands/info.d.ts +5 -0
- package/dist/commands/info.d.ts.map +1 -0
- package/dist/commands/info.js +75 -0
- package/dist/commands/info.js.map +1 -0
- package/dist/commands/install.d.ts +7 -0
- package/dist/commands/install.d.ts.map +1 -0
- package/dist/commands/install.js +87 -0
- package/dist/commands/install.js.map +1 -0
- package/dist/commands/list.d.ts +7 -0
- package/dist/commands/list.d.ts.map +1 -0
- package/dist/commands/list.js +82 -0
- package/dist/commands/list.js.map +1 -0
- package/dist/index.d.ts +13 -0
- package/dist/index.d.ts.map +1 -0
- package/dist/index.js +13 -0
- package/dist/index.js.map +1 -0
- package/dist/skills-loader.d.ts +23 -0
- package/dist/skills-loader.d.ts.map +1 -0
- package/dist/skills-loader.js +213 -0
- package/dist/skills-loader.js.map +1 -0
- package/package.json +63 -0
- package/skills/defensive/README.md +9 -0
- package/skills/mitre-mapped/README.md +10 -0
- package/skills/offensive/snailsploit-fork/advanced-redteam/SKILL.md +148 -0
- package/skills/offensive/snailsploit-fork/ai-security/SKILL.md +592 -0
- package/skills/offensive/snailsploit-fork/basic-exploitation/SKILL.md +10783 -0
- package/skills/offensive/snailsploit-fork/bug-identification/SKILL.md +1256 -0
- package/skills/offensive/snailsploit-fork/crash-analysis/SKILL.md +12466 -0
- package/skills/offensive/snailsploit-fork/deserialization/SKILL.md +185 -0
- package/skills/offensive/snailsploit-fork/edr-evasion/SKILL.md +1806 -0
- package/skills/offensive/snailsploit-fork/exploit-dev-course/SKILL.md +428 -0
- package/skills/offensive/snailsploit-fork/exploit-development/SKILL.md +699 -0
- package/skills/offensive/snailsploit-fork/fast-checking/SKILL.md +487 -0
- package/skills/offensive/snailsploit-fork/file-upload/SKILL.md +822 -0
- package/skills/offensive/snailsploit-fork/fuzzing/SKILL.md +340 -0
- package/skills/offensive/snailsploit-fork/fuzzing-course/SKILL.md +2105 -0
- package/skills/offensive/snailsploit-fork/graphql/SKILL.md +209 -0
- package/skills/offensive/snailsploit-fork/idor/SKILL.md +608 -0
- package/skills/offensive/snailsploit-fork/initial-access/SKILL.md +1528 -0
- package/skills/offensive/snailsploit-fork/jwt/SKILL.md +276 -0
- package/skills/offensive/snailsploit-fork/keylogger-arch/SKILL.md +197 -0
- package/skills/offensive/snailsploit-fork/mitigations/SKILL.md +1351 -0
- package/skills/offensive/snailsploit-fork/oauth/SKILL.md +366 -0
- package/skills/offensive/snailsploit-fork/open-redirect/SKILL.md +487 -0
- package/skills/offensive/snailsploit-fork/osint/SKILL.md +399 -0
- package/skills/offensive/snailsploit-fork/osint-methodology/SKILL.md +434 -0
- package/skills/offensive/snailsploit-fork/parameter-pollution/SKILL.md +595 -0
- package/skills/offensive/snailsploit-fork/race-condition/SKILL.md +881 -0
- package/skills/offensive/snailsploit-fork/rce/SKILL.md +1069 -0
- package/skills/offensive/snailsploit-fork/request-smuggling/SKILL.md +773 -0
- package/skills/offensive/snailsploit-fork/shellcode/SKILL.md +477 -0
- package/skills/offensive/snailsploit-fork/sqli/SKILL.md +372 -0
- package/skills/offensive/snailsploit-fork/ssrf/SKILL.md +830 -0
- package/skills/offensive/snailsploit-fork/ssti/SKILL.md +349 -0
- package/skills/offensive/snailsploit-fork/vuln-classes/SKILL.md +1229 -0
- package/skills/offensive/snailsploit-fork/waf-bypass/SKILL.md +820 -0
- package/skills/offensive/snailsploit-fork/windows-boundaries/SKILL.md +15153 -0
- package/skills/offensive/snailsploit-fork/windows-mitigations/SKILL.md +14546 -0
- package/skills/offensive/snailsploit-fork/xss/SKILL.md +784 -0
- package/skills/offensive/snailsploit-fork/xxe/SKILL.md +996 -0
- package/skills/ops/README.md +6 -0
|
@@ -0,0 +1,87 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* `aegis-skills install` — copy every SKILL.md into a skill-target
|
|
3
|
+
* directory so Claude Code (and compatible agents) can auto-load them.
|
|
4
|
+
*
|
|
5
|
+
* Default target: `$HOME/.claude/skills/user/aegis-skills/`. Namespaced
|
|
6
|
+
* under `aegis-skills/` so `--force` reinstalls cleanly without
|
|
7
|
+
* disturbing unrelated skill trees the operator may have in the same
|
|
8
|
+
* parent directory.
|
|
9
|
+
*
|
|
10
|
+
* Flags:
|
|
11
|
+
* --to <dir> Override the target directory.
|
|
12
|
+
* --force Overwrite existing files at the target. Without
|
|
13
|
+
* --force, refuses to overwrite and exits 1 with a
|
|
14
|
+
* pointer.
|
|
15
|
+
* --dry-run Print what would be copied without writing anything.
|
|
16
|
+
*/
|
|
17
|
+
import { homedir } from 'node:os';
|
|
18
|
+
import { existsSync, mkdirSync, readFileSync, writeFileSync, } from 'node:fs';
|
|
19
|
+
import { dirname, join, resolve } from 'node:path';
|
|
20
|
+
import { loadAllSkills } from '../skills-loader.js';
|
|
21
|
+
export function runInstall(options = {}) {
|
|
22
|
+
const targetRoot = resolveTargetDir(options.to);
|
|
23
|
+
let skills;
|
|
24
|
+
try {
|
|
25
|
+
skills = loadAllSkills();
|
|
26
|
+
}
|
|
27
|
+
catch (err) {
|
|
28
|
+
console.error(`Error: ${err.message}`);
|
|
29
|
+
return 2;
|
|
30
|
+
}
|
|
31
|
+
// Establish which on-disk files already exist under the target — we
|
|
32
|
+
// refuse to overwrite unless --force is set.
|
|
33
|
+
const plannedTargets = skills.map((s) => join(targetRoot, s.relativePath));
|
|
34
|
+
const existing = plannedTargets.filter((p) => existsSync(p));
|
|
35
|
+
if (existing.length > 0 && options.force !== true) {
|
|
36
|
+
console.error(`Error: ${existing.length} file(s) already exist under ${targetRoot}.`);
|
|
37
|
+
console.error('Pass --force to overwrite, or choose a different --to directory.');
|
|
38
|
+
if (existing.length <= 5) {
|
|
39
|
+
for (const p of existing)
|
|
40
|
+
console.error(` ${p}`);
|
|
41
|
+
}
|
|
42
|
+
else {
|
|
43
|
+
for (const p of existing.slice(0, 3))
|
|
44
|
+
console.error(` ${p}`);
|
|
45
|
+
console.error(` … and ${existing.length - 3} more`);
|
|
46
|
+
}
|
|
47
|
+
return 1;
|
|
48
|
+
}
|
|
49
|
+
if (options.dryRun === true) {
|
|
50
|
+
console.log(`(dry-run) would install ${skills.length} skill(s) under ${targetRoot}`);
|
|
51
|
+
for (const skill of skills) {
|
|
52
|
+
console.log(` ${skill.id.padEnd(40)} → ${join(targetRoot, skill.relativePath)}`);
|
|
53
|
+
}
|
|
54
|
+
return 0;
|
|
55
|
+
}
|
|
56
|
+
let written = 0;
|
|
57
|
+
for (const skill of skills) {
|
|
58
|
+
const targetPath = join(targetRoot, skill.relativePath);
|
|
59
|
+
try {
|
|
60
|
+
mkdirSync(dirname(targetPath), { recursive: true });
|
|
61
|
+
const content = readFileSync(skill.absolutePath, 'utf-8');
|
|
62
|
+
writeFileSync(targetPath, content, 'utf-8');
|
|
63
|
+
written += 1;
|
|
64
|
+
}
|
|
65
|
+
catch (err) {
|
|
66
|
+
console.error(`Error writing ${targetPath}: ${err.message}`);
|
|
67
|
+
return 2;
|
|
68
|
+
}
|
|
69
|
+
}
|
|
70
|
+
console.log(`Installed ${written} skill(s) into ${targetRoot}`);
|
|
71
|
+
console.log('');
|
|
72
|
+
console.log('Next steps:');
|
|
73
|
+
console.log(` aegis-skills list # browse the installed catalog`);
|
|
74
|
+
console.log(` aegis-skills info <skill-name> # inspect one skill`);
|
|
75
|
+
console.log('');
|
|
76
|
+
console.log('Your AI agent (Claude Code, Codex, Cursor, etc) will auto-load');
|
|
77
|
+
console.log('each skill based on its frontmatter trigger-phrases on the next');
|
|
78
|
+
console.log('session. See README for the full quickstart.');
|
|
79
|
+
return 0;
|
|
80
|
+
}
|
|
81
|
+
function resolveTargetDir(override) {
|
|
82
|
+
if (override && override.trim().length > 0) {
|
|
83
|
+
return resolve(process.cwd(), override);
|
|
84
|
+
}
|
|
85
|
+
return join(homedir(), '.claude', 'skills', 'user', 'aegis-skills');
|
|
86
|
+
}
|
|
87
|
+
//# sourceMappingURL=install.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"install.js","sourceRoot":"","sources":["../../src/commands/install.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;GAeG;AACH,OAAO,EAAE,OAAO,EAAE,MAAM,SAAS,CAAC;AAClC,OAAO,EACL,UAAU,EACV,SAAS,EACT,YAAY,EACZ,aAAa,GACd,MAAM,SAAS,CAAC;AACjB,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AACnD,OAAO,EAAE,aAAa,EAAoB,MAAM,qBAAqB,CAAC;AAQtE,MAAM,UAAU,UAAU,CAAC,UAA0B,EAAE;IACrD,MAAM,UAAU,GAAG,gBAAgB,CAAC,OAAO,CAAC,EAAE,CAAC,CAAC;IAEhD,IAAI,MAAqB,CAAC;IAC1B,IAAI,CAAC;QACH,MAAM,GAAG,aAAa,EAAE,CAAC;IAC3B,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,OAAO,CAAC,KAAK,CAAC,UAAW,GAAa,CAAC,OAAO,EAAE,CAAC,CAAC;QAClD,OAAO,CAAC,CAAC;IACX,CAAC;IAED,oEAAoE;IACpE,6CAA6C;IAC7C,MAAM,cAAc,GAAG,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,IAAI,CAAC,UAAU,EAAE,CAAC,CAAC,YAAY,CAAC,CAAC,CAAC;IAC3E,MAAM,QAAQ,GAAG,cAAc,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,CAAC;IAC7D,IAAI,QAAQ,CAAC,MAAM,GAAG,CAAC,IAAI,OAAO,CAAC,KAAK,KAAK,IAAI,EAAE,CAAC;QAClD,OAAO,CAAC,KAAK,CACX,UAAU,QAAQ,CAAC,MAAM,gCAAgC,UAAU,GAAG,CACvE,CAAC;QACF,OAAO,CAAC,KAAK,CAAC,kEAAkE,CAAC,CAAC;QAClF,IAAI,QAAQ,CAAC,MAAM,IAAI,CAAC,EAAE,CAAC;YACzB,KAAK,MAAM,CAAC,IAAI,QAAQ;gBAAE,OAAO,CAAC,KAAK,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC;QACpD,CAAC;aAAM,CAAC;YACN,KAAK,MAAM,CAAC,IAAI,QAAQ,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC;gBAAE,OAAO,CAAC,KAAK,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC;YAC9D,OAAO,CAAC,KAAK,CAAC,WAAW,QAAQ,CAAC,MAAM,GAAG,CAAC,OAAO,CAAC,CAAC;QACvD,CAAC;QACD,OAAO,CAAC,CAAC;IACX,CAAC;IAED,IAAI,OAAO,CAAC,MAAM,KAAK,IAAI,EAAE,CAAC;QAC5B,OAAO,CAAC,GAAG,CAAC,2BAA2B,MAAM,CAAC,MAAM,mBAAmB,UAAU,EAAE,CAAC,CAAC;QACrF,KAAK,MAAM,KAAK,IAAI,MAAM,EAAE,CAAC;YAC3B,OAAO,CAAC,GAAG,CAAC,KAAK,KAAK,CAAC,EAAE,CAAC,MAAM,CAAC,EAAE,CAAC,MAAM,IAAI,CAAC,UAAU,EAAE,KAAK,CAAC,YAAY,CAAC,EAAE,CAAC,CAAC;QACpF,CAAC;QACD,OAAO,CAAC,CAAC;IACX,CAAC;IAED,IAAI,OAAO,GAAG,CAAC,CAAC;IAChB,KAAK,MAAM,KAAK,IAAI,MAAM,EAAE,CAAC;QAC3B,MAAM,UAAU,GAAG,IAAI,CAAC,UAAU,EAAE,KAAK,CAAC,YAAY,CAAC,CAAC;QACxD,IAAI,CAAC;YACH,SAAS,CAAC,OAAO,CAAC,UAAU,CAAC,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;YACpD,MAAM,OAAO,GAAG,YAAY,CAAC,KAAK,CAAC,YAAY,EAAE,OAAO,CAAC,CAAC;YAC1D,aAAa,CAAC,UAAU,EAAE,OAAO,EAAE,OAAO,CAAC,CAAC;YAC5C,OAAO,IAAI,CAAC,CAAC;QACf,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,OAAO,CAAC,KAAK,CAAC,iBAAiB,UAAU,KAAM,GAAa,CAAC,OAAO,EAAE,CAAC,CAAC;YACxE,OAAO,CAAC,CAAC;QACX,CAAC;IACH,CAAC;IAED,OAAO,CAAC,GAAG,CAAC,aAAa,OAAO,kBAAkB,UAAU,EAAE,CAAC,CAAC;IAChE,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;IAChB,OAAO,CAAC,GAAG,CAAC,aAAa,CAAC,CAAC;IAC3B,OAAO,CAAC,GAAG,CAAC,iEAAiE,CAAC,CAAC;IAC/E,OAAO,CAAC,GAAG,CAAC,sDAAsD,CAAC,CAAC;IACpE,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;IAChB,OAAO,CAAC,GAAG,CAAC,gEAAgE,CAAC,CAAC;IAC9E,OAAO,CAAC,GAAG,CAAC,iEAAiE,CAAC,CAAC;IAC/E,OAAO,CAAC,GAAG,CAAC,8CAA8C,CAAC,CAAC;IAC5D,OAAO,CAAC,CAAC;AACX,CAAC;AAED,SAAS,gBAAgB,CAAC,QAA4B;IACpD,IAAI,QAAQ,IAAI,QAAQ,CAAC,IAAI,EAAE,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC3C,OAAO,OAAO,CAAC,OAAO,CAAC,GAAG,EAAE,EAAE,QAAQ,CAAC,CAAC;IAC1C,CAAC;IACD,OAAO,IAAI,CAAC,OAAO,EAAE,EAAE,SAAS,EAAE,QAAQ,EAAE,MAAM,EAAE,cAAc,CAAC,CAAC;AACtE,CAAC"}
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"list.d.ts","sourceRoot":"","sources":["../../src/commands/list.ts"],"names":[],"mappings":"AAYA,MAAM,WAAW,WAAW;IAC1B,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,IAAI,CAAC,EAAE,OAAO,CAAC;CAChB;AAID,wBAAgB,OAAO,CAAC,OAAO,GAAE,WAAgB,GAAG,MAAM,CA6DzD"}
|
|
@@ -0,0 +1,82 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* `aegis-skills list` — print every skill grouped by category and source.
|
|
3
|
+
*
|
|
4
|
+
* Flags:
|
|
5
|
+
* --category <name> Filter to a single category: offensive / defensive
|
|
6
|
+
* / mitre-mapped / ops / all (default).
|
|
7
|
+
* --source <name> Filter to a single source-namespace within a
|
|
8
|
+
* category (e.g. snailsploit-fork). Default: all.
|
|
9
|
+
* --json Machine-readable output for scripts or tests.
|
|
10
|
+
*/
|
|
11
|
+
import { loadAllSkills } from '../skills-loader.js';
|
|
12
|
+
const VALID_CATEGORIES = new Set(['all', 'offensive', 'defensive', 'mitre-mapped', 'ops']);
|
|
13
|
+
export function runList(options = {}) {
|
|
14
|
+
const categoryFilter = (options.category ?? 'all').toLowerCase();
|
|
15
|
+
if (!VALID_CATEGORIES.has(categoryFilter)) {
|
|
16
|
+
console.error(`Error: --category must be one of ${[...VALID_CATEGORIES].join(', ')}`);
|
|
17
|
+
return 1;
|
|
18
|
+
}
|
|
19
|
+
let skills;
|
|
20
|
+
try {
|
|
21
|
+
skills = loadAllSkills();
|
|
22
|
+
}
|
|
23
|
+
catch (err) {
|
|
24
|
+
console.error(`Error: ${err.message}`);
|
|
25
|
+
return 2;
|
|
26
|
+
}
|
|
27
|
+
if (categoryFilter !== 'all') {
|
|
28
|
+
skills = skills.filter((s) => s.category === categoryFilter);
|
|
29
|
+
}
|
|
30
|
+
if (options.source) {
|
|
31
|
+
skills = skills.filter((s) => s.source === options.source);
|
|
32
|
+
}
|
|
33
|
+
if (options.json) {
|
|
34
|
+
const payload = skills.map((s) => ({
|
|
35
|
+
id: s.id,
|
|
36
|
+
category: s.category,
|
|
37
|
+
source: s.source,
|
|
38
|
+
name: s.name,
|
|
39
|
+
title: s.title,
|
|
40
|
+
upstream: s.upstreamSourceUrl,
|
|
41
|
+
}));
|
|
42
|
+
process.stdout.write(JSON.stringify(payload, null, 2) + '\n');
|
|
43
|
+
return 0;
|
|
44
|
+
}
|
|
45
|
+
if (skills.length === 0) {
|
|
46
|
+
console.log(`(no skills found for filter category=${categoryFilter}${options.source ? ` source=${options.source}` : ''})`);
|
|
47
|
+
console.log('');
|
|
48
|
+
console.log('Available categories — see README for coming-soon placeholders.');
|
|
49
|
+
return 0;
|
|
50
|
+
}
|
|
51
|
+
const byCategory = groupBy(skills, (s) => s.category);
|
|
52
|
+
const categories = [...byCategory.keys()].sort();
|
|
53
|
+
for (const category of categories) {
|
|
54
|
+
const groupSkills = byCategory.get(category);
|
|
55
|
+
console.log(`## ${category} (${groupSkills.length})`);
|
|
56
|
+
const bySource = groupBy(groupSkills, (s) => s.source || '(uncategorized)');
|
|
57
|
+
const sources = [...bySource.keys()].sort();
|
|
58
|
+
for (const source of sources) {
|
|
59
|
+
const sourceSkills = bySource.get(source);
|
|
60
|
+
console.log(` source: ${source} (${sourceSkills.length})`);
|
|
61
|
+
for (const skill of sourceSkills) {
|
|
62
|
+
console.log(` ${skill.name.padEnd(24)} ${skill.title}`);
|
|
63
|
+
}
|
|
64
|
+
}
|
|
65
|
+
console.log('');
|
|
66
|
+
}
|
|
67
|
+
console.log(`Total: ${skills.length} skill(s).`);
|
|
68
|
+
return 0;
|
|
69
|
+
}
|
|
70
|
+
function groupBy(items, key) {
|
|
71
|
+
const out = new Map();
|
|
72
|
+
for (const item of items) {
|
|
73
|
+
const k = key(item);
|
|
74
|
+
const existing = out.get(k);
|
|
75
|
+
if (existing)
|
|
76
|
+
existing.push(item);
|
|
77
|
+
else
|
|
78
|
+
out.set(k, [item]);
|
|
79
|
+
}
|
|
80
|
+
return out;
|
|
81
|
+
}
|
|
82
|
+
//# sourceMappingURL=list.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"list.js","sourceRoot":"","sources":["../../src/commands/list.ts"],"names":[],"mappings":"AAAA;;;;;;;;;GASG;AACH,OAAO,EAAE,aAAa,EAAoB,MAAM,qBAAqB,CAAC;AAQtE,MAAM,gBAAgB,GAAG,IAAI,GAAG,CAAC,CAAC,KAAK,EAAE,WAAW,EAAE,WAAW,EAAE,cAAc,EAAE,KAAK,CAAC,CAAC,CAAC;AAE3F,MAAM,UAAU,OAAO,CAAC,UAAuB,EAAE;IAC/C,MAAM,cAAc,GAAG,CAAC,OAAO,CAAC,QAAQ,IAAI,KAAK,CAAC,CAAC,WAAW,EAAE,CAAC;IACjE,IAAI,CAAC,gBAAgB,CAAC,GAAG,CAAC,cAAc,CAAC,EAAE,CAAC;QAC1C,OAAO,CAAC,KAAK,CAAC,oCAAoC,CAAC,GAAG,gBAAgB,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QACtF,OAAO,CAAC,CAAC;IACX,CAAC;IAED,IAAI,MAAqB,CAAC;IAC1B,IAAI,CAAC;QACH,MAAM,GAAG,aAAa,EAAE,CAAC;IAC3B,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,OAAO,CAAC,KAAK,CAAC,UAAW,GAAa,CAAC,OAAO,EAAE,CAAC,CAAC;QAClD,OAAO,CAAC,CAAC;IACX,CAAC;IAED,IAAI,cAAc,KAAK,KAAK,EAAE,CAAC;QAC7B,MAAM,GAAG,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,cAAc,CAAC,CAAC;IAC/D,CAAC;IACD,IAAI,OAAO,CAAC,MAAM,EAAE,CAAC;QACnB,MAAM,GAAG,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,MAAM,KAAK,OAAO,CAAC,MAAM,CAAC,CAAC;IAC7D,CAAC;IAED,IAAI,OAAO,CAAC,IAAI,EAAE,CAAC;QACjB,MAAM,OAAO,GAAG,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;YACjC,EAAE,EAAE,CAAC,CAAC,EAAE;YACR,QAAQ,EAAE,CAAC,CAAC,QAAQ;YACpB,MAAM,EAAE,CAAC,CAAC,MAAM;YAChB,IAAI,EAAE,CAAC,CAAC,IAAI;YACZ,KAAK,EAAE,CAAC,CAAC,KAAK;YACd,QAAQ,EAAE,CAAC,CAAC,iBAAiB;SAC9B,CAAC,CAAC,CAAC;QACJ,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,SAAS,CAAC,OAAO,EAAE,IAAI,EAAE,CAAC,CAAC,GAAG,IAAI,CAAC,CAAC;QAC9D,OAAO,CAAC,CAAC;IACX,CAAC;IAED,IAAI,MAAM,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACxB,OAAO,CAAC,GAAG,CAAC,wCAAwC,cAAc,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,WAAW,OAAO,CAAC,MAAM,EAAE,CAAC,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC;QAC3H,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;QAChB,OAAO,CAAC,GAAG,CAAC,iEAAiE,CAAC,CAAC;QAC/E,OAAO,CAAC,CAAC;IACX,CAAC;IAED,MAAM,UAAU,GAAG,OAAO,CAAC,MAAM,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC;IACtD,MAAM,UAAU,GAAG,CAAC,GAAG,UAAU,CAAC,IAAI,EAAE,CAAC,CAAC,IAAI,EAAE,CAAC;IACjD,KAAK,MAAM,QAAQ,IAAI,UAAU,EAAE,CAAC;QAClC,MAAM,WAAW,GAAG,UAAU,CAAC,GAAG,CAAC,QAAQ,CAAE,CAAC;QAC9C,OAAO,CAAC,GAAG,CAAC,MAAM,QAAQ,KAAK,WAAW,CAAC,MAAM,GAAG,CAAC,CAAC;QACtD,MAAM,QAAQ,GAAG,OAAO,CAAC,WAAW,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,MAAM,IAAI,iBAAiB,CAAC,CAAC;QAC5E,MAAM,OAAO,GAAG,CAAC,GAAG,QAAQ,CAAC,IAAI,EAAE,CAAC,CAAC,IAAI,EAAE,CAAC;QAC5C,KAAK,MAAM,MAAM,IAAI,OAAO,EAAE,CAAC;YAC7B,MAAM,YAAY,GAAG,QAAQ,CAAC,GAAG,CAAC,MAAM,CAAE,CAAC;YAC3C,OAAO,CAAC,GAAG,CAAC,aAAa,MAAM,KAAK,YAAY,CAAC,MAAM,GAAG,CAAC,CAAC;YAC5D,KAAK,MAAM,KAAK,IAAI,YAAY,EAAE,CAAC;gBACjC,OAAO,CAAC,GAAG,CAAC,OAAO,KAAK,CAAC,IAAI,CAAC,MAAM,CAAC,EAAE,CAAC,IAAI,KAAK,CAAC,KAAK,EAAE,CAAC,CAAC;YAC7D,CAAC;QACH,CAAC;QACD,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;IAClB,CAAC;IAED,OAAO,CAAC,GAAG,CAAC,UAAU,MAAM,CAAC,MAAM,YAAY,CAAC,CAAC;IACjD,OAAO,CAAC,CAAC;AACX,CAAC;AAED,SAAS,OAAO,CAAO,KAAmB,EAAE,GAAgB;IAC1D,MAAM,GAAG,GAAG,IAAI,GAAG,EAAU,CAAC;IAC9B,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE,CAAC;QACzB,MAAM,CAAC,GAAG,GAAG,CAAC,IAAI,CAAC,CAAC;QACpB,MAAM,QAAQ,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;QAC5B,IAAI,QAAQ;YAAE,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;;YAC7B,GAAG,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,IAAI,CAAC,CAAC,CAAC;IAC1B,CAAC;IACD,OAAO,GAAG,CAAC;AACb,CAAC"}
|
package/dist/index.d.ts
ADDED
|
@@ -0,0 +1,13 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* `@aegis-scan/skills` programmatic entry point.
|
|
3
|
+
*
|
|
4
|
+
* Re-exports the skill-loader plus the three CLI handlers so
|
|
5
|
+
* downstream tooling (e.g. a future aegis-scan plugin, a wizard-cli
|
|
6
|
+
* brief-generator hook, or direct agent-SDK invocations) can build
|
|
7
|
+
* on the same introspection surface without shelling out to the bin.
|
|
8
|
+
*/
|
|
9
|
+
export { loadAllSkills, resolveSkillsRoot, type LoadedSkill, } from './skills-loader.js';
|
|
10
|
+
export { runList, type ListOptions } from './commands/list.js';
|
|
11
|
+
export { runInfo, type InfoOptions } from './commands/info.js';
|
|
12
|
+
export { runInstall, type InstallOptions } from './commands/install.js';
|
|
13
|
+
//# sourceMappingURL=index.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AACH,OAAO,EACL,aAAa,EACb,iBAAiB,EACjB,KAAK,WAAW,GACjB,MAAM,oBAAoB,CAAC;AAE5B,OAAO,EAAE,OAAO,EAAE,KAAK,WAAW,EAAE,MAAM,oBAAoB,CAAC;AAC/D,OAAO,EAAE,OAAO,EAAE,KAAK,WAAW,EAAE,MAAM,oBAAoB,CAAC;AAC/D,OAAO,EAAE,UAAU,EAAE,KAAK,cAAc,EAAE,MAAM,uBAAuB,CAAC"}
|
package/dist/index.js
ADDED
|
@@ -0,0 +1,13 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* `@aegis-scan/skills` programmatic entry point.
|
|
3
|
+
*
|
|
4
|
+
* Re-exports the skill-loader plus the three CLI handlers so
|
|
5
|
+
* downstream tooling (e.g. a future aegis-scan plugin, a wizard-cli
|
|
6
|
+
* brief-generator hook, or direct agent-SDK invocations) can build
|
|
7
|
+
* on the same introspection surface without shelling out to the bin.
|
|
8
|
+
*/
|
|
9
|
+
export { loadAllSkills, resolveSkillsRoot, } from './skills-loader.js';
|
|
10
|
+
export { runList } from './commands/list.js';
|
|
11
|
+
export { runInfo } from './commands/info.js';
|
|
12
|
+
export { runInstall } from './commands/install.js';
|
|
13
|
+
//# sourceMappingURL=index.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AACH,OAAO,EACL,aAAa,EACb,iBAAiB,GAElB,MAAM,oBAAoB,CAAC;AAE5B,OAAO,EAAE,OAAO,EAAoB,MAAM,oBAAoB,CAAC;AAC/D,OAAO,EAAE,OAAO,EAAoB,MAAM,oBAAoB,CAAC;AAC/D,OAAO,EAAE,UAAU,EAAuB,MAAM,uBAAuB,CAAC"}
|
|
@@ -0,0 +1,23 @@
|
|
|
1
|
+
export interface LoadedSkill {
|
|
2
|
+
/** Skill id in `<category>-<name>` form, unique per package. */
|
|
3
|
+
id: string;
|
|
4
|
+
/** Category from the parent directory (`offensive`, `defensive`, etc). */
|
|
5
|
+
category: string;
|
|
6
|
+
/** Source-namespace directory (`snailsploit-fork`, future: `anthropic-pick`, etc). */
|
|
7
|
+
source: string;
|
|
8
|
+
/** Skill name from the leaf directory (e.g. `sqli`, `xss`). */
|
|
9
|
+
name: string;
|
|
10
|
+
/** Skill title taken from the first `# ` heading after any frontmatter. */
|
|
11
|
+
title: string;
|
|
12
|
+
/** Short description extracted from YAML frontmatter or `## Description` body. */
|
|
13
|
+
description: string;
|
|
14
|
+
/** Upstream source-url from `## Metadata > Source:` bullet, or null if YAML-only. */
|
|
15
|
+
upstreamSourceUrl: string | null;
|
|
16
|
+
/** Absolute on-disk path to the `SKILL.md` file. */
|
|
17
|
+
absolutePath: string;
|
|
18
|
+
/** Path relative to the package's `skills/` root, stable across install layouts. */
|
|
19
|
+
relativePath: string;
|
|
20
|
+
}
|
|
21
|
+
export declare function resolveSkillsRoot(): string;
|
|
22
|
+
export declare function loadAllSkills(root?: string): LoadedSkill[];
|
|
23
|
+
//# sourceMappingURL=skills-loader.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"skills-loader.d.ts","sourceRoot":"","sources":["../src/skills-loader.ts"],"names":[],"mappings":"AAsBA,MAAM,WAAW,WAAW;IAC1B,gEAAgE;IAChE,EAAE,EAAE,MAAM,CAAC;IACX,0EAA0E;IAC1E,QAAQ,EAAE,MAAM,CAAC;IACjB,sFAAsF;IACtF,MAAM,EAAE,MAAM,CAAC;IACf,+DAA+D;IAC/D,IAAI,EAAE,MAAM,CAAC;IACb,2EAA2E;IAC3E,KAAK,EAAE,MAAM,CAAC;IACd,kFAAkF;IAClF,WAAW,EAAE,MAAM,CAAC;IACpB,qFAAqF;IACrF,iBAAiB,EAAE,MAAM,GAAG,IAAI,CAAC;IACjC,oDAAoD;IACpD,YAAY,EAAE,MAAM,CAAC;IACrB,oFAAoF;IACpF,YAAY,EAAE,MAAM,CAAC;CACtB;AAED,wBAAgB,iBAAiB,IAAI,MAAM,CAc1C;AAED,wBAAgB,aAAa,CAAC,IAAI,GAAE,MAA4B,GAAG,WAAW,EAAE,CA6B/E"}
|
|
@@ -0,0 +1,213 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Skill-loader — walks the `skills/` tree, reads each `SKILL.md` frontmatter,
|
|
3
|
+
* and returns a structured list for the CLI to render or copy.
|
|
4
|
+
*
|
|
5
|
+
* Two layouts are supported, matching the published-vs-monorepo resolution
|
|
6
|
+
* pattern already in use by `@aegis-wizard/cli`:
|
|
7
|
+
*
|
|
8
|
+
* 1. Installed layout — after `npm install`, `dist/bin.js` sits next to
|
|
9
|
+
* `dist/…` and the `skills/` tree lives at `<pkg-root>/skills/`.
|
|
10
|
+
* From `dist/` that is one `..` step up then into `skills/`.
|
|
11
|
+
*
|
|
12
|
+
* 2. Monorepo-dev layout — when tests run from the source tree under
|
|
13
|
+
* vitest, `src/` is the anchor and `skills/` lives one directory up.
|
|
14
|
+
*
|
|
15
|
+
* The installed layout is tried first. The monorepo layout is the
|
|
16
|
+
* dev-loop fallback. If neither resolves, an error with both searched
|
|
17
|
+
* paths surfaces.
|
|
18
|
+
*/
|
|
19
|
+
import { readdirSync, readFileSync, existsSync, statSync } from 'node:fs';
|
|
20
|
+
import { dirname, join, resolve } from 'node:path';
|
|
21
|
+
import { fileURLToPath } from 'node:url';
|
|
22
|
+
export function resolveSkillsRoot() {
|
|
23
|
+
const here = dirname(fileURLToPath(import.meta.url));
|
|
24
|
+
const installed = resolve(here, '..', 'skills');
|
|
25
|
+
if (existsSync(installed) && statSync(installed).isDirectory()) {
|
|
26
|
+
return installed;
|
|
27
|
+
}
|
|
28
|
+
const monorepo = resolve(here, '..', '..', 'skills');
|
|
29
|
+
if (existsSync(monorepo) && statSync(monorepo).isDirectory()) {
|
|
30
|
+
return monorepo;
|
|
31
|
+
}
|
|
32
|
+
throw new Error(`Skill directory not found. Searched:\n ${installed}\n ${monorepo}\n` +
|
|
33
|
+
'This is a packaging bug in @aegis-scan/skills — please file an issue.');
|
|
34
|
+
}
|
|
35
|
+
export function loadAllSkills(root = resolveSkillsRoot()) {
|
|
36
|
+
const out = [];
|
|
37
|
+
const categories = safeReaddirDirs(root);
|
|
38
|
+
for (const category of categories) {
|
|
39
|
+
const categoryDir = join(root, category);
|
|
40
|
+
// Each category either contains per-source namespace dirs (offensive/
|
|
41
|
+
// holds snailsploit-fork/…) or holds a single placeholder README
|
|
42
|
+
// pending future content. Skip everything that is not a directory of
|
|
43
|
+
// directories that hold a SKILL.md file.
|
|
44
|
+
const children = safeReaddirDirs(categoryDir);
|
|
45
|
+
for (const child of children) {
|
|
46
|
+
const childPath = join(categoryDir, child);
|
|
47
|
+
const grandChildren = safeReaddirDirs(childPath);
|
|
48
|
+
if (grandChildren.length === 0) {
|
|
49
|
+
// `category/child/SKILL.md` layout — no source-namespace.
|
|
50
|
+
const skill = tryLoadSkill(root, categoryDir, category, '', child, childPath);
|
|
51
|
+
if (skill)
|
|
52
|
+
out.push(skill);
|
|
53
|
+
continue;
|
|
54
|
+
}
|
|
55
|
+
// `category/source/name/SKILL.md` layout (the v0.1.0 structure).
|
|
56
|
+
for (const name of grandChildren) {
|
|
57
|
+
const skillDir = join(childPath, name);
|
|
58
|
+
const skill = tryLoadSkill(root, categoryDir, category, child, name, skillDir);
|
|
59
|
+
if (skill)
|
|
60
|
+
out.push(skill);
|
|
61
|
+
}
|
|
62
|
+
}
|
|
63
|
+
}
|
|
64
|
+
out.sort((a, b) => a.id.localeCompare(b.id));
|
|
65
|
+
return out;
|
|
66
|
+
}
|
|
67
|
+
function safeReaddirDirs(dir) {
|
|
68
|
+
try {
|
|
69
|
+
return readdirSync(dir)
|
|
70
|
+
.filter((entry) => !entry.startsWith('.'))
|
|
71
|
+
.filter((entry) => statSync(join(dir, entry)).isDirectory());
|
|
72
|
+
}
|
|
73
|
+
catch {
|
|
74
|
+
return [];
|
|
75
|
+
}
|
|
76
|
+
}
|
|
77
|
+
function tryLoadSkill(root, _categoryDir, category, source, name, skillDir) {
|
|
78
|
+
const skillFile = join(skillDir, 'SKILL.md');
|
|
79
|
+
if (!existsSync(skillFile))
|
|
80
|
+
return null;
|
|
81
|
+
const raw = readFileSync(skillFile, 'utf-8');
|
|
82
|
+
const { title, description, upstreamSourceUrl } = parseFrontmatter(raw, name);
|
|
83
|
+
const id = source ? `${category}-${source}-${name}` : `${category}-${name}`;
|
|
84
|
+
const rel = skillFile.startsWith(root) ? skillFile.slice(root.length + 1) : skillFile;
|
|
85
|
+
return {
|
|
86
|
+
id,
|
|
87
|
+
category,
|
|
88
|
+
source,
|
|
89
|
+
name,
|
|
90
|
+
title,
|
|
91
|
+
description,
|
|
92
|
+
upstreamSourceUrl,
|
|
93
|
+
absolutePath: skillFile,
|
|
94
|
+
relativePath: rel,
|
|
95
|
+
};
|
|
96
|
+
}
|
|
97
|
+
function parseFrontmatter(raw, fallbackName) {
|
|
98
|
+
// Skip any leading aegis-local HTML header and blank lines so frontmatter
|
|
99
|
+
// parsing starts at the first semantic line of the upstream content.
|
|
100
|
+
const withoutHeader = stripLeadingHeader(raw);
|
|
101
|
+
// Try YAML frontmatter first (--- … ---). When present, remove it from
|
|
102
|
+
// the body before subsequent heading/paragraph extraction — otherwise a
|
|
103
|
+
// YAML-description that contains a `# ` character, or the YAML block's
|
|
104
|
+
// own delimiters, can confuse the H1-matcher.
|
|
105
|
+
const yaml = extractYamlFrontmatter(withoutHeader);
|
|
106
|
+
let description = '';
|
|
107
|
+
let yamlName = '';
|
|
108
|
+
let body = withoutHeader;
|
|
109
|
+
if (yaml) {
|
|
110
|
+
yamlName = extractScalarField(yaml, 'name');
|
|
111
|
+
description = extractScalarField(yaml, 'description');
|
|
112
|
+
body = stripYamlFrontmatter(withoutHeader);
|
|
113
|
+
}
|
|
114
|
+
// Extract the first `# ` heading of the post-frontmatter body as the
|
|
115
|
+
// rendered title. Falls back to the YAML-declared name, then to the
|
|
116
|
+
// leaf directory name.
|
|
117
|
+
const title = extractFirstH1(body) || yamlName || fallbackName;
|
|
118
|
+
// Look for an upstream Source URL in a `## Metadata` / `- Source:` style
|
|
119
|
+
// bullet. Five upstream files use YAML-only and have no Source URL; return
|
|
120
|
+
// null in that case.
|
|
121
|
+
const upstreamSourceUrl = extractUpstreamSourceUrl(body);
|
|
122
|
+
// If description is still empty, fall back to the first non-empty paragraph
|
|
123
|
+
// after the title.
|
|
124
|
+
if (!description) {
|
|
125
|
+
description = extractFirstParagraph(body, title) || '';
|
|
126
|
+
}
|
|
127
|
+
return {
|
|
128
|
+
title: title.trim(),
|
|
129
|
+
description: description.trim(),
|
|
130
|
+
upstreamSourceUrl,
|
|
131
|
+
};
|
|
132
|
+
}
|
|
133
|
+
function stripYamlFrontmatter(body) {
|
|
134
|
+
return body.replace(/^---\r?\n[\s\S]*?\r?\n---\r?\n?/u, '');
|
|
135
|
+
}
|
|
136
|
+
function stripLeadingHeader(raw) {
|
|
137
|
+
// Remove the aegis-local HTML comment if present plus any blank lines
|
|
138
|
+
// immediately following. Works whether the comment occupies one line or
|
|
139
|
+
// spans a couple.
|
|
140
|
+
const lines = raw.split(/\r?\n/);
|
|
141
|
+
let i = 0;
|
|
142
|
+
while (i < lines.length && /^<!--/.test(lines[i])) {
|
|
143
|
+
while (i < lines.length && !/-->/.test(lines[i]))
|
|
144
|
+
i++;
|
|
145
|
+
i++; // consume the line containing -->
|
|
146
|
+
while (i < lines.length && lines[i].trim() === '')
|
|
147
|
+
i++;
|
|
148
|
+
}
|
|
149
|
+
return lines.slice(i).join('\n');
|
|
150
|
+
}
|
|
151
|
+
function extractYamlFrontmatter(body) {
|
|
152
|
+
const match = /^---\r?\n([\s\S]*?)\r?\n---/u.exec(body);
|
|
153
|
+
return match ? match[1] : null;
|
|
154
|
+
}
|
|
155
|
+
function extractScalarField(yaml, field) {
|
|
156
|
+
// Minimal YAML-scalar extraction for `name: value` and `description: "value"`.
|
|
157
|
+
// Does not support nested objects or multi-line block-scalars — sufficient
|
|
158
|
+
// for the shape produced by the upstream skill authors.
|
|
159
|
+
const re = new RegExp(`^${field}\\s*:\\s*(.*)$`, 'm');
|
|
160
|
+
const m = re.exec(yaml);
|
|
161
|
+
if (!m)
|
|
162
|
+
return '';
|
|
163
|
+
let value = m[1].trim();
|
|
164
|
+
if (value.startsWith('"') && value.endsWith('"'))
|
|
165
|
+
value = value.slice(1, -1);
|
|
166
|
+
if (value.startsWith("'") && value.endsWith("'"))
|
|
167
|
+
value = value.slice(1, -1);
|
|
168
|
+
return value;
|
|
169
|
+
}
|
|
170
|
+
function extractFirstH1(body) {
|
|
171
|
+
// Walk lines and track code-fence state so `# comment` inside a bash
|
|
172
|
+
// or similar code-block is not mistaken for a markdown H1 heading.
|
|
173
|
+
// Five upstream files (jwt, osint, shellcode, sqli, fuzzing) use
|
|
174
|
+
// YAML-only frontmatter and then dive straight into prose sections
|
|
175
|
+
// where the first `# ` is a genuine top-level heading, but some of
|
|
176
|
+
// those also embed bash code blocks earlier in the narrative, so
|
|
177
|
+
// naive `^#\s+` regex picks the wrong line.
|
|
178
|
+
const lines = body.split(/\r?\n/);
|
|
179
|
+
let inFence = false;
|
|
180
|
+
for (const line of lines) {
|
|
181
|
+
if (/^\s*```/.test(line)) {
|
|
182
|
+
inFence = !inFence;
|
|
183
|
+
continue;
|
|
184
|
+
}
|
|
185
|
+
if (inFence)
|
|
186
|
+
continue;
|
|
187
|
+
const m = /^#\s+(.+)$/.exec(line);
|
|
188
|
+
if (m)
|
|
189
|
+
return m[1].trim();
|
|
190
|
+
}
|
|
191
|
+
return '';
|
|
192
|
+
}
|
|
193
|
+
function extractFirstParagraph(body, title) {
|
|
194
|
+
const afterTitle = title ? body.split(`# ${title}`)[1] ?? body : body;
|
|
195
|
+
const para = afterTitle
|
|
196
|
+
.split(/\r?\n\s*\r?\n/)
|
|
197
|
+
.map((p) => p.trim())
|
|
198
|
+
.find((p) => p.length > 0 && !p.startsWith('#') && !p.startsWith('---'));
|
|
199
|
+
return para ? para.split(/\r?\n/).join(' ').slice(0, 400) : '';
|
|
200
|
+
}
|
|
201
|
+
function extractUpstreamSourceUrl(body) {
|
|
202
|
+
// Match `- Source: https://…` or `- **Source**: https://…` inside a
|
|
203
|
+
// `## Metadata` section. Only returns URLs matching the known upstream
|
|
204
|
+
// hosts (SnailSploit or sahar042) to avoid false positives from unrelated
|
|
205
|
+
// Source-labeled content elsewhere in the skill.
|
|
206
|
+
const metaIdx = body.indexOf('## Metadata');
|
|
207
|
+
if (metaIdx < 0)
|
|
208
|
+
return null;
|
|
209
|
+
const segment = body.slice(metaIdx, metaIdx + 2000);
|
|
210
|
+
const match = /-\s+\*?\*?Source\*?\*?\s*:\s*(https?:\/\/github\.com\/(?:SnailSploit|sahar042)\/[^\s)]+)/u.exec(segment);
|
|
211
|
+
return match ? match[1] : null;
|
|
212
|
+
}
|
|
213
|
+
//# sourceMappingURL=skills-loader.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"skills-loader.js","sourceRoot":"","sources":["../src/skills-loader.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;GAiBG;AACH,OAAO,EAAE,WAAW,EAAE,YAAY,EAAE,UAAU,EAAE,QAAQ,EAAE,MAAM,SAAS,CAAC;AAC1E,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AACnD,OAAO,EAAE,aAAa,EAAE,MAAM,UAAU,CAAC;AAuBzC,MAAM,UAAU,iBAAiB;IAC/B,MAAM,IAAI,GAAG,OAAO,CAAC,aAAa,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC;IACrD,MAAM,SAAS,GAAG,OAAO,CAAC,IAAI,EAAE,IAAI,EAAE,QAAQ,CAAC,CAAC;IAChD,IAAI,UAAU,CAAC,SAAS,CAAC,IAAI,QAAQ,CAAC,SAAS,CAAC,CAAC,WAAW,EAAE,EAAE,CAAC;QAC/D,OAAO,SAAS,CAAC;IACnB,CAAC;IACD,MAAM,QAAQ,GAAG,OAAO,CAAC,IAAI,EAAE,IAAI,EAAE,IAAI,EAAE,QAAQ,CAAC,CAAC;IACrD,IAAI,UAAU,CAAC,QAAQ,CAAC,IAAI,QAAQ,CAAC,QAAQ,CAAC,CAAC,WAAW,EAAE,EAAE,CAAC;QAC7D,OAAO,QAAQ,CAAC;IAClB,CAAC;IACD,MAAM,IAAI,KAAK,CACb,2CAA2C,SAAS,OAAO,QAAQ,IAAI;QACrE,uEAAuE,CAC1E,CAAC;AACJ,CAAC;AAED,MAAM,UAAU,aAAa,CAAC,OAAe,iBAAiB,EAAE;IAC9D,MAAM,GAAG,GAAkB,EAAE,CAAC;IAC9B,MAAM,UAAU,GAAG,eAAe,CAAC,IAAI,CAAC,CAAC;IACzC,KAAK,MAAM,QAAQ,IAAI,UAAU,EAAE,CAAC;QAClC,MAAM,WAAW,GAAG,IAAI,CAAC,IAAI,EAAE,QAAQ,CAAC,CAAC;QACzC,sEAAsE;QACtE,iEAAiE;QACjE,qEAAqE;QACrE,yCAAyC;QACzC,MAAM,QAAQ,GAAG,eAAe,CAAC,WAAW,CAAC,CAAC;QAC9C,KAAK,MAAM,KAAK,IAAI,QAAQ,EAAE,CAAC;YAC7B,MAAM,SAAS,GAAG,IAAI,CAAC,WAAW,EAAE,KAAK,CAAC,CAAC;YAC3C,MAAM,aAAa,GAAG,eAAe,CAAC,SAAS,CAAC,CAAC;YACjD,IAAI,aAAa,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;gBAC/B,0DAA0D;gBAC1D,MAAM,KAAK,GAAG,YAAY,CAAC,IAAI,EAAE,WAAW,EAAE,QAAQ,EAAE,EAAE,EAAE,KAAK,EAAE,SAAS,CAAC,CAAC;gBAC9E,IAAI,KAAK;oBAAE,GAAG,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;gBAC3B,SAAS;YACX,CAAC;YACD,iEAAiE;YACjE,KAAK,MAAM,IAAI,IAAI,aAAa,EAAE,CAAC;gBACjC,MAAM,QAAQ,GAAG,IAAI,CAAC,SAAS,EAAE,IAAI,CAAC,CAAC;gBACvC,MAAM,KAAK,GAAG,YAAY,CAAC,IAAI,EAAE,WAAW,EAAE,QAAQ,EAAE,KAAK,EAAE,IAAI,EAAE,QAAQ,CAAC,CAAC;gBAC/E,IAAI,KAAK;oBAAE,GAAG,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;YAC7B,CAAC;QACH,CAAC;IACH,CAAC;IACD,GAAG,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC,aAAa,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;IAC7C,OAAO,GAAG,CAAC;AACb,CAAC;AAED,SAAS,eAAe,CAAC,GAAW;IAClC,IAAI,CAAC;QACH,OAAO,WAAW,CAAC,GAAG,CAAC;aACpB,MAAM,CAAC,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC,KAAK,CAAC,UAAU,CAAC,GAAG,CAAC,CAAC;aACzC,MAAM,CAAC,CAAC,KAAK,EAAE,EAAE,CAAC,QAAQ,CAAC,IAAI,CAAC,GAAG,EAAE,KAAK,CAAC,CAAC,CAAC,WAAW,EAAE,CAAC,CAAC;IACjE,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,EAAE,CAAC;IACZ,CAAC;AACH,CAAC;AAED,SAAS,YAAY,CACnB,IAAY,EACZ,YAAoB,EACpB,QAAgB,EAChB,MAAc,EACd,IAAY,EACZ,QAAgB;IAEhB,MAAM,SAAS,GAAG,IAAI,CAAC,QAAQ,EAAE,UAAU,CAAC,CAAC;IAC7C,IAAI,CAAC,UAAU,CAAC,SAAS,CAAC;QAAE,OAAO,IAAI,CAAC;IACxC,MAAM,GAAG,GAAG,YAAY,CAAC,SAAS,EAAE,OAAO,CAAC,CAAC;IAC7C,MAAM,EAAE,KAAK,EAAE,WAAW,EAAE,iBAAiB,EAAE,GAAG,gBAAgB,CAAC,GAAG,EAAE,IAAI,CAAC,CAAC;IAC9E,MAAM,EAAE,GAAG,MAAM,CAAC,CAAC,CAAC,GAAG,QAAQ,IAAI,MAAM,IAAI,IAAI,EAAE,CAAC,CAAC,CAAC,GAAG,QAAQ,IAAI,IAAI,EAAE,CAAC;IAC5E,MAAM,GAAG,GAAG,SAAS,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC,KAAK,CAAC,IAAI,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC;IACtF,OAAO;QACL,EAAE;QACF,QAAQ;QACR,MAAM;QACN,IAAI;QACJ,KAAK;QACL,WAAW;QACX,iBAAiB;QACjB,YAAY,EAAE,SAAS;QACvB,YAAY,EAAE,GAAG;KAClB,CAAC;AACJ,CAAC;AAQD,SAAS,gBAAgB,CAAC,GAAW,EAAE,YAAoB;IACzD,0EAA0E;IAC1E,qEAAqE;IACrE,MAAM,aAAa,GAAG,kBAAkB,CAAC,GAAG,CAAC,CAAC;IAE9C,uEAAuE;IACvE,wEAAwE;IACxE,uEAAuE;IACvE,8CAA8C;IAC9C,MAAM,IAAI,GAAG,sBAAsB,CAAC,aAAa,CAAC,CAAC;IACnD,IAAI,WAAW,GAAG,EAAE,CAAC;IACrB,IAAI,QAAQ,GAAG,EAAE,CAAC;IAClB,IAAI,IAAI,GAAG,aAAa,CAAC;IACzB,IAAI,IAAI,EAAE,CAAC;QACT,QAAQ,GAAG,kBAAkB,CAAC,IAAI,EAAE,MAAM,CAAC,CAAC;QAC5C,WAAW,GAAG,kBAAkB,CAAC,IAAI,EAAE,aAAa,CAAC,CAAC;QACtD,IAAI,GAAG,oBAAoB,CAAC,aAAa,CAAC,CAAC;IAC7C,CAAC;IAED,qEAAqE;IACrE,oEAAoE;IACpE,uBAAuB;IACvB,MAAM,KAAK,GAAG,cAAc,CAAC,IAAI,CAAC,IAAI,QAAQ,IAAI,YAAY,CAAC;IAE/D,yEAAyE;IACzE,2EAA2E;IAC3E,qBAAqB;IACrB,MAAM,iBAAiB,GAAG,wBAAwB,CAAC,IAAI,CAAC,CAAC;IAEzD,4EAA4E;IAC5E,mBAAmB;IACnB,IAAI,CAAC,WAAW,EAAE,CAAC;QACjB,WAAW,GAAG,qBAAqB,CAAC,IAAI,EAAE,KAAK,CAAC,IAAI,EAAE,CAAC;IACzD,CAAC;IAED,OAAO;QACL,KAAK,EAAE,KAAK,CAAC,IAAI,EAAE;QACnB,WAAW,EAAE,WAAW,CAAC,IAAI,EAAE;QAC/B,iBAAiB;KAClB,CAAC;AACJ,CAAC;AAED,SAAS,oBAAoB,CAAC,IAAY;IACxC,OAAO,IAAI,CAAC,OAAO,CAAC,kCAAkC,EAAE,EAAE,CAAC,CAAC;AAC9D,CAAC;AAED,SAAS,kBAAkB,CAAC,GAAW;IACrC,sEAAsE;IACtE,wEAAwE;IACxE,kBAAkB;IAClB,MAAM,KAAK,GAAG,GAAG,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;IACjC,IAAI,CAAC,GAAG,CAAC,CAAC;IACV,OAAO,CAAC,GAAG,KAAK,CAAC,MAAM,IAAI,OAAO,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;QAClD,OAAO,CAAC,GAAG,KAAK,CAAC,MAAM,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;YAAE,CAAC,EAAE,CAAC;QACtD,CAAC,EAAE,CAAC,CAAC,kCAAkC;QACvC,OAAO,CAAC,GAAG,KAAK,CAAC,MAAM,IAAI,KAAK,CAAC,CAAC,CAAC,CAAC,IAAI,EAAE,KAAK,EAAE;YAAE,CAAC,EAAE,CAAC;IACzD,CAAC;IACD,OAAO,KAAK,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;AACnC,CAAC;AAED,SAAS,sBAAsB,CAAC,IAAY;IAC1C,MAAM,KAAK,GAAG,8BAA8B,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IACxD,OAAO,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC;AACjC,CAAC;AAED,SAAS,kBAAkB,CAAC,IAAY,EAAE,KAAa;IACrD,+EAA+E;IAC/E,2EAA2E;IAC3E,wDAAwD;IACxD,MAAM,EAAE,GAAG,IAAI,MAAM,CAAC,IAAI,KAAK,gBAAgB,EAAE,GAAG,CAAC,CAAC;IACtD,MAAM,CAAC,GAAG,EAAE,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IACxB,IAAI,CAAC,CAAC;QAAE,OAAO,EAAE,CAAC;IAClB,IAAI,KAAK,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;IACxB,IAAI,KAAK,CAAC,UAAU,CAAC,GAAG,CAAC,IAAI,KAAK,CAAC,QAAQ,CAAC,GAAG,CAAC;QAAE,KAAK,GAAG,KAAK,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC;IAC7E,IAAI,KAAK,CAAC,UAAU,CAAC,GAAG,CAAC,IAAI,KAAK,CAAC,QAAQ,CAAC,GAAG,CAAC;QAAE,KAAK,GAAG,KAAK,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC;IAC7E,OAAO,KAAK,CAAC;AACf,CAAC;AAED,SAAS,cAAc,CAAC,IAAY;IAClC,qEAAqE;IACrE,mEAAmE;IACnE,iEAAiE;IACjE,mEAAmE;IACnE,mEAAmE;IACnE,iEAAiE;IACjE,4CAA4C;IAC5C,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;IAClC,IAAI,OAAO,GAAG,KAAK,CAAC;IACpB,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE,CAAC;QACzB,IAAI,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;YACzB,OAAO,GAAG,CAAC,OAAO,CAAC;YACnB,SAAS;QACX,CAAC;QACD,IAAI,OAAO;YAAE,SAAS;QACtB,MAAM,CAAC,GAAG,YAAY,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QAClC,IAAI,CAAC;YAAE,OAAO,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;IAC5B,CAAC;IACD,OAAO,EAAE,CAAC;AACZ,CAAC;AAED,SAAS,qBAAqB,CAAC,IAAY,EAAE,KAAa;IACxD,MAAM,UAAU,GAAG,KAAK,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,KAAK,KAAK,EAAE,CAAC,CAAC,CAAC,CAAC,IAAI,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC;IACtE,MAAM,IAAI,GAAG,UAAU;SACpB,KAAK,CAAC,eAAe,CAAC;SACtB,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;SACpB,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,MAAM,GAAG,CAAC,IAAI,CAAC,CAAC,CAAC,UAAU,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC,CAAC,UAAU,CAAC,KAAK,CAAC,CAAC,CAAC;IAC3E,OAAO,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;AACjE,CAAC;AAED,SAAS,wBAAwB,CAAC,IAAY;IAC5C,oEAAoE;IACpE,uEAAuE;IACvE,0EAA0E;IAC1E,iDAAiD;IACjD,MAAM,OAAO,GAAG,IAAI,CAAC,OAAO,CAAC,aAAa,CAAC,CAAC;IAC5C,IAAI,OAAO,GAAG,CAAC;QAAE,OAAO,IAAI,CAAC;IAC7B,MAAM,OAAO,GAAG,IAAI,CAAC,KAAK,CAAC,OAAO,EAAE,OAAO,GAAG,IAAI,CAAC,CAAC;IACpD,MAAM,KAAK,GACT,2FAA2F,CAAC,IAAI,CAC9F,OAAO,CACR,CAAC;IACJ,OAAO,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC;AACjC,CAAC"}
|
package/package.json
ADDED
|
@@ -0,0 +1,63 @@
|
|
|
1
|
+
{
|
|
2
|
+
"name": "@aegis-scan/skills",
|
|
3
|
+
"version": "0.1.1",
|
|
4
|
+
"description": "AEGIS Skills — opt-in skill library for Claude Code and compatible AI agents. Offensive red-team methodology from curated sources, attribution preserved per-file. Multi-source-ready architecture with placeholder directories for future defensive (AEGIS-native) and MITRE-mapped extensions. Third sibling in the AEGIS full-repertoire toolkit alongside @aegis-scan/cli and @aegis-wizard/cli.",
|
|
5
|
+
"license": "MIT",
|
|
6
|
+
"author": "RideMatch1 <230386010+RideMatch1@users.noreply.github.com>",
|
|
7
|
+
"homepage": "https://github.com/RideMatch1/a.e.g.i.s#readme",
|
|
8
|
+
"repository": {
|
|
9
|
+
"type": "git",
|
|
10
|
+
"url": "git+https://github.com/RideMatch1/a.e.g.i.s.git",
|
|
11
|
+
"directory": "packages/skills"
|
|
12
|
+
},
|
|
13
|
+
"bugs": {
|
|
14
|
+
"url": "https://github.com/RideMatch1/a.e.g.i.s/issues"
|
|
15
|
+
},
|
|
16
|
+
"keywords": [
|
|
17
|
+
"claude-code",
|
|
18
|
+
"claude-skills",
|
|
19
|
+
"agent-skills",
|
|
20
|
+
"agentskills",
|
|
21
|
+
"security",
|
|
22
|
+
"cybersecurity",
|
|
23
|
+
"red-team",
|
|
24
|
+
"pentesting",
|
|
25
|
+
"bug-bounty",
|
|
26
|
+
"ctf",
|
|
27
|
+
"defensive-security",
|
|
28
|
+
"aegis",
|
|
29
|
+
"institutional-grade"
|
|
30
|
+
],
|
|
31
|
+
"engines": {
|
|
32
|
+
"node": ">=20"
|
|
33
|
+
},
|
|
34
|
+
"publishConfig": {
|
|
35
|
+
"access": "public",
|
|
36
|
+
"provenance": true
|
|
37
|
+
},
|
|
38
|
+
"files": [
|
|
39
|
+
"dist",
|
|
40
|
+
"skills",
|
|
41
|
+
"README.md",
|
|
42
|
+
"LICENSE",
|
|
43
|
+
"ATTRIBUTION.md",
|
|
44
|
+
"CHANGELOG.md"
|
|
45
|
+
],
|
|
46
|
+
"type": "module",
|
|
47
|
+
"bin": {
|
|
48
|
+
"aegis-skills": "dist/bin.js"
|
|
49
|
+
},
|
|
50
|
+
"main": "dist/index.js",
|
|
51
|
+
"devDependencies": {
|
|
52
|
+
"@types/node": "^22.0.0",
|
|
53
|
+
"typescript": "^5.8.0",
|
|
54
|
+
"vitest": "^3.1.0"
|
|
55
|
+
},
|
|
56
|
+
"scripts": {
|
|
57
|
+
"build": "tsc",
|
|
58
|
+
"lint": "tsc --noEmit",
|
|
59
|
+
"test": "vitest run --passWithNoTests",
|
|
60
|
+
"dev": "tsc --watch",
|
|
61
|
+
"clean": "rm -rf dist"
|
|
62
|
+
}
|
|
63
|
+
}
|
|
@@ -0,0 +1,9 @@
|
|
|
1
|
+
# Defensive Skills
|
|
2
|
+
|
|
3
|
+
Reserved for AEGIS-native defensive skill modules in `skills-v0.2+`.
|
|
4
|
+
Mirrors wizard-cli security patterns into SKILL.md format for agent
|
|
5
|
+
consumption. Content lands in a future release.
|
|
6
|
+
|
|
7
|
+
The broader skill-ecosystem roadmap is maintained in the repository's
|
|
8
|
+
internal planning tree; ask the maintainer for access if you are
|
|
9
|
+
contributing to the defensive-skills effort.
|
|
@@ -0,0 +1,10 @@
|
|
|
1
|
+
# MITRE-Mapped Skills
|
|
2
|
+
|
|
3
|
+
Reserved for cherry-picked skills from an upstream cybersecurity
|
|
4
|
+
framework-mapped skills source, with MITRE ATT&CK / D3FEND / NIST
|
|
5
|
+
CSF mappings applied. Target: `skills-v0.2`.
|
|
6
|
+
|
|
7
|
+
Per-skill quality-audit is required before integration. The upstream-
|
|
8
|
+
source details and integration-matrix are tracked in the repository's
|
|
9
|
+
internal planning tree; ask the maintainer for access if you are
|
|
10
|
+
contributing to the framework-mapped-skills effort.
|