@aegis-scan/skills 0.2.0 → 0.2.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +12 -0
- package/dist/bin.js +1 -1
- package/dist/commands/list.d.ts.map +1 -1
- package/dist/commands/list.js +9 -2
- package/dist/commands/list.js.map +1 -1
- package/package.json +1 -1
- package/sbom.cdx.json +1 -1
package/CHANGELOG.md
CHANGED
|
@@ -12,6 +12,18 @@ and quality-audit completion, not by a fixed schedule.
|
|
|
12
12
|
|
|
13
13
|
---
|
|
14
14
|
|
|
15
|
+
## [0.2.1] — 2026-04-28 — "list --category compliance hotfix"
|
|
16
|
+
|
|
17
|
+
### Fixed
|
|
18
|
+
|
|
19
|
+
- **`aegis-skills list --category compliance` was rejected** by the CLI's hardcoded `VALID_CATEGORIES` whitelist in `packages/skills/src/commands/list.ts:19`. The whitelist still listed only the four pre-v0.2.0 categories (`offensive`, `defensive`, `mitre-mapped`, `ops`) and mismatched the actual on-disk category set, so callers filtering to the new `compliance` category got `Error: --category must be one of …` instead of the brutaler-anwalt entry. Added `compliance` to the whitelist + updated the JSDoc + updated the `--help` text in `bin.ts`. The unit-tests already covered category-filter happy-path on the existing categories; this hotfix relies on the post-publish manual smoke (`npx -y @aegis-scan/skills@0.2.1 list --category compliance` returns brutaler-anwalt) for evidence.
|
|
20
|
+
|
|
21
|
+
### Meta
|
|
22
|
+
|
|
23
|
+
- Same-day patch on top of `0.2.0`. The bug was caught by a post-publish manual install + run, not by source-side tests — class-lesson logged: every new category-string surface needs an end-to-end CLI smoke before tag-push, not just a manifest-test.
|
|
24
|
+
|
|
25
|
+
---
|
|
26
|
+
|
|
15
27
|
## [0.2.0] — 2026-04-27 — "four-category-population + compliance with brutaler-anwalt"
|
|
16
28
|
|
|
17
29
|
### Added — four category populations (defensive / mitre-mapped / ops / compliance)
|
package/dist/bin.js
CHANGED
|
@@ -34,7 +34,7 @@ Commands:
|
|
|
34
34
|
Default target: ~/.claude/skills/user/aegis-skills/
|
|
35
35
|
|
|
36
36
|
List options:
|
|
37
|
-
--category <cat> Filter to offensive / defensive / mitre-mapped / ops / all
|
|
37
|
+
--category <cat> Filter to offensive / defensive / mitre-mapped / ops / compliance / all
|
|
38
38
|
--source <src> Filter to one source-namespace (e.g. snailsploit-fork)
|
|
39
39
|
--json Machine-readable output
|
|
40
40
|
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"list.d.ts","sourceRoot":"","sources":["../../src/commands/list.ts"],"names":[],"mappings":"AAYA,MAAM,WAAW,WAAW;IAC1B,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,IAAI,CAAC,EAAE,OAAO,CAAC;CAChB;
|
|
1
|
+
{"version":3,"file":"list.d.ts","sourceRoot":"","sources":["../../src/commands/list.ts"],"names":[],"mappings":"AAYA,MAAM,WAAW,WAAW;IAC1B,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,IAAI,CAAC,EAAE,OAAO,CAAC;CAChB;AAWD,wBAAgB,OAAO,CAAC,OAAO,GAAE,WAAgB,GAAG,MAAM,CA6DzD"}
|
package/dist/commands/list.js
CHANGED
|
@@ -3,13 +3,20 @@
|
|
|
3
3
|
*
|
|
4
4
|
* Flags:
|
|
5
5
|
* --category <name> Filter to a single category: offensive / defensive
|
|
6
|
-
* / mitre-mapped / ops / all (default).
|
|
6
|
+
* / mitre-mapped / ops / compliance / all (default).
|
|
7
7
|
* --source <name> Filter to a single source-namespace within a
|
|
8
8
|
* category (e.g. snailsploit-fork). Default: all.
|
|
9
9
|
* --json Machine-readable output for scripts or tests.
|
|
10
10
|
*/
|
|
11
11
|
import { loadAllSkills } from '../skills-loader.js';
|
|
12
|
-
const VALID_CATEGORIES = new Set([
|
|
12
|
+
const VALID_CATEGORIES = new Set([
|
|
13
|
+
'all',
|
|
14
|
+
'offensive',
|
|
15
|
+
'defensive',
|
|
16
|
+
'mitre-mapped',
|
|
17
|
+
'ops',
|
|
18
|
+
'compliance',
|
|
19
|
+
]);
|
|
13
20
|
export function runList(options = {}) {
|
|
14
21
|
const categoryFilter = (options.category ?? 'all').toLowerCase();
|
|
15
22
|
if (!VALID_CATEGORIES.has(categoryFilter)) {
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"list.js","sourceRoot":"","sources":["../../src/commands/list.ts"],"names":[],"mappings":"AAAA;;;;;;;;;GASG;AACH,OAAO,EAAE,aAAa,EAAoB,MAAM,qBAAqB,CAAC;AAQtE,MAAM,gBAAgB,GAAG,IAAI,GAAG,CAAC,
|
|
1
|
+
{"version":3,"file":"list.js","sourceRoot":"","sources":["../../src/commands/list.ts"],"names":[],"mappings":"AAAA;;;;;;;;;GASG;AACH,OAAO,EAAE,aAAa,EAAoB,MAAM,qBAAqB,CAAC;AAQtE,MAAM,gBAAgB,GAAG,IAAI,GAAG,CAAC;IAC/B,KAAK;IACL,WAAW;IACX,WAAW;IACX,cAAc;IACd,KAAK;IACL,YAAY;CACb,CAAC,CAAC;AAEH,MAAM,UAAU,OAAO,CAAC,UAAuB,EAAE;IAC/C,MAAM,cAAc,GAAG,CAAC,OAAO,CAAC,QAAQ,IAAI,KAAK,CAAC,CAAC,WAAW,EAAE,CAAC;IACjE,IAAI,CAAC,gBAAgB,CAAC,GAAG,CAAC,cAAc,CAAC,EAAE,CAAC;QAC1C,OAAO,CAAC,KAAK,CAAC,oCAAoC,CAAC,GAAG,gBAAgB,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QACtF,OAAO,CAAC,CAAC;IACX,CAAC;IAED,IAAI,MAAqB,CAAC;IAC1B,IAAI,CAAC;QACH,MAAM,GAAG,aAAa,EAAE,CAAC;IAC3B,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,OAAO,CAAC,KAAK,CAAC,UAAW,GAAa,CAAC,OAAO,EAAE,CAAC,CAAC;QAClD,OAAO,CAAC,CAAC;IACX,CAAC;IAED,IAAI,cAAc,KAAK,KAAK,EAAE,CAAC;QAC7B,MAAM,GAAG,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,cAAc,CAAC,CAAC;IAC/D,CAAC;IACD,IAAI,OAAO,CAAC,MAAM,EAAE,CAAC;QACnB,MAAM,GAAG,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,MAAM,KAAK,OAAO,CAAC,MAAM,CAAC,CAAC;IAC7D,CAAC;IAED,IAAI,OAAO,CAAC,IAAI,EAAE,CAAC;QACjB,MAAM,OAAO,GAAG,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;YACjC,EAAE,EAAE,CAAC,CAAC,EAAE;YACR,QAAQ,EAAE,CAAC,CAAC,QAAQ;YACpB,MAAM,EAAE,CAAC,CAAC,MAAM;YAChB,IAAI,EAAE,CAAC,CAAC,IAAI;YACZ,KAAK,EAAE,CAAC,CAAC,KAAK;YACd,QAAQ,EAAE,CAAC,CAAC,iBAAiB;SAC9B,CAAC,CAAC,CAAC;QACJ,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,SAAS,CAAC,OAAO,EAAE,IAAI,EAAE,CAAC,CAAC,GAAG,IAAI,CAAC,CAAC;QAC9D,OAAO,CAAC,CAAC;IACX,CAAC;IAED,IAAI,MAAM,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACxB,OAAO,CAAC,GAAG,CAAC,wCAAwC,cAAc,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,WAAW,OAAO,CAAC,MAAM,EAAE,CAAC,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC;QAC3H,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;QAChB,OAAO,CAAC,GAAG,CAAC,iEAAiE,CAAC,CAAC;QAC/E,OAAO,CAAC,CAAC;IACX,CAAC;IAED,MAAM,UAAU,GAAG,OAAO,CAAC,MAAM,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC;IACtD,MAAM,UAAU,GAAG,CAAC,GAAG,UAAU,CAAC,IAAI,EAAE,CAAC,CAAC,IAAI,EAAE,CAAC;IACjD,KAAK,MAAM,QAAQ,IAAI,UAAU,EAAE,CAAC;QAClC,MAAM,WAAW,GAAG,UAAU,CAAC,GAAG,CAAC,QAAQ,CAAE,CAAC;QAC9C,OAAO,CAAC,GAAG,CAAC,MAAM,QAAQ,KAAK,WAAW,CAAC,MAAM,GAAG,CAAC,CAAC;QACtD,MAAM,QAAQ,GAAG,OAAO,CAAC,WAAW,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,MAAM,IAAI,iBAAiB,CAAC,CAAC;QAC5E,MAAM,OAAO,GAAG,CAAC,GAAG,QAAQ,CAAC,IAAI,EAAE,CAAC,CAAC,IAAI,EAAE,CAAC;QAC5C,KAAK,MAAM,MAAM,IAAI,OAAO,EAAE,CAAC;YAC7B,MAAM,YAAY,GAAG,QAAQ,CAAC,GAAG,CAAC,MAAM,CAAE,CAAC;YAC3C,OAAO,CAAC,GAAG,CAAC,aAAa,MAAM,KAAK,YAAY,CAAC,MAAM,GAAG,CAAC,CAAC;YAC5D,KAAK,MAAM,KAAK,IAAI,YAAY,EAAE,CAAC;gBACjC,OAAO,CAAC,GAAG,CAAC,OAAO,KAAK,CAAC,IAAI,CAAC,MAAM,CAAC,EAAE,CAAC,IAAI,KAAK,CAAC,KAAK,EAAE,CAAC,CAAC;YAC7D,CAAC;QACH,CAAC;QACD,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;IAClB,CAAC;IAED,OAAO,CAAC,GAAG,CAAC,UAAU,MAAM,CAAC,MAAM,YAAY,CAAC,CAAC;IACjD,OAAO,CAAC,CAAC;AACX,CAAC;AAED,SAAS,OAAO,CAAO,KAAmB,EAAE,GAAgB;IAC1D,MAAM,GAAG,GAAG,IAAI,GAAG,EAAU,CAAC;IAC9B,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE,CAAC;QACzB,MAAM,CAAC,GAAG,GAAG,CAAC,IAAI,CAAC,CAAC;QACpB,MAAM,QAAQ,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;QAC5B,IAAI,QAAQ;YAAE,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;;YAC7B,GAAG,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,IAAI,CAAC,CAAC,CAAC;IAC1B,CAAC;IACD,OAAO,GAAG,CAAC;AACb,CAAC"}
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@aegis-scan/skills",
|
|
3
|
-
"version": "0.2.
|
|
3
|
+
"version": "0.2.1",
|
|
4
4
|
"description": "AEGIS Skills — opt-in skill library for Claude Code and compatible AI agents. Offensive red-team methodology from curated sources, attribution preserved per-file. Multi-source-ready architecture with placeholder directories for future defensive (AEGIS-native) and MITRE-mapped extensions. Third sibling in the AEGIS full-repertoire toolkit alongside @aegis-scan/cli and @aegis-wizard/cli.",
|
|
5
5
|
"license": "MIT",
|
|
6
6
|
"author": "RideMatch1 <230386010+RideMatch1@users.noreply.github.com>",
|
package/sbom.cdx.json
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"bomFormat":"CycloneDX","specVersion":"1.6","serialNumber":"urn:uuid:
|
|
1
|
+
{"bomFormat":"CycloneDX","specVersion":"1.6","serialNumber":"urn:uuid:848849d7-299c-4763-a265-0a1f52806494","version":1,"metadata":{"timestamp":"2026-04-27T22:06:16Z","tools":{"components":[{"group":"@cyclonedx","name":"cdxgen","version":"12.1.4","purl":"pkg:npm/%40cyclonedx/cdxgen@12.1.4","type":"application","bom-ref":"pkg:npm/@cyclonedx/cdxgen@12.1.4","publisher":"OWASP Foundation","authors":[{"name":"OWASP Foundation"}]}]},"authors":[{"name":"OWASP Foundation"}],"lifecycles":[{"phase":"build"}],"component":{"name":"skills","group":"@aegis-scan","version":"0.2.1","description":"AEGIS Skills — opt-in skill library for Claude Code and compatible AI agents. Offensive red-team methodology from curated sources, attribution preserved per-file. Multi-source-ready architecture with placeholder directories for future defensive (AEGIS-native) and MITRE-mapped extensions. Third sibling in the AEGIS full-repertoire toolkit alongside @aegis-scan/cli and @aegis-wizard/cli.","purl":"pkg:npm/%40aegis-scan/skills@0.2.1","bom-ref":"pkg:npm/@aegis-scan/skills@0.2.1","author":"RideMatch1 <230386010+RideMatch1@users.noreply.github.com>","type":"application","licenses":[{"license":{"id":"MIT","url":"https://opensource.org/licenses/MIT"}}],"externalReferences":[{"type":"vcs","url":"https://github.com/RideMatch1/a.e.g.i.s#readme"},{"type":"vcs","url":"git+https://github.com/RideMatch1/a.e.g.i.s.git"}]},"properties":[{"name":"cdx:bom:componentTypes","value":"npm"},{"name":"cdx:bom:componentNamespaces","value":"@types"},{"name":"cdx:bom:componentSrcFiles","value":"packages/skills/node_modules/@types/node/package.json\\npackages/skills/node_modules/typescript/package.json\\npackages/skills/node_modules/vitest/package.json"}]},"components":[{"authors":[{"name":"Anthony Fu <anthonyfu117@hotmail.com>"}],"group":"","name":"vitest","version":"3.2.4","description":"Next generation testing framework powered by Vite","scope":"optional","licenses":[{"license":{"id":"MIT","url":"https://opensource.org/licenses/MIT"}}],"purl":"pkg:npm/vitest@3.2.4","externalReferences":[{"type":"vcs","url":"https://github.com/vitest-dev/vitest#readme"},{"type":"vcs","url":"git+https://github.com/vitest-dev/vitest.git"}],"type":"framework","bom-ref":"pkg:npm/vitest@3.2.4","properties":[{"name":"SrcFile","value":"packages/skills/node_modules/vitest/package.json"}],"evidence":{"identity":[{"field":"purl","confidence":0.7,"methods":[{"technique":"manifest-analysis","confidence":0.7,"value":"packages/skills/node_modules/vitest/package.json"}],"concludedValue":"packages/skills/node_modules/vitest/package.json"}]},"tags":["framework"]},{"authors":[{"name":"Microsoft Corp."}],"group":"","name":"typescript","version":"5.9.3","description":"TypeScript is a language for application scale JavaScript development","scope":"optional","licenses":[{"license":{"id":"Apache-2.0","url":"https://opensource.org/licenses/Apache-2.0"}}],"purl":"pkg:npm/typescript@5.9.3","externalReferences":[{"type":"website","url":"https://www.typescriptlang.org/"},{"type":"vcs","url":"https://github.com/microsoft/TypeScript.git"}],"type":"library","bom-ref":"pkg:npm/typescript@5.9.3","properties":[{"name":"SrcFile","value":"packages/skills/node_modules/typescript/package.json"}],"evidence":{"identity":[{"field":"purl","confidence":0.7,"methods":[{"technique":"manifest-analysis","confidence":0.7,"value":"packages/skills/node_modules/typescript/package.json"}],"concludedValue":"packages/skills/node_modules/typescript/package.json"}]}},{"group":"@types","name":"node","version":"22.19.17","description":"TypeScript definitions for node","scope":"optional","licenses":[{"license":{"id":"MIT","url":"https://opensource.org/licenses/MIT"}}],"purl":"pkg:npm/%40types/node@22.19.17","externalReferences":[{"type":"vcs","url":"https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/node"},{"type":"vcs","url":"https://github.com/DefinitelyTyped/DefinitelyTyped.git"}],"type":"library","bom-ref":"pkg:npm/@types/node@22.19.17","properties":[{"name":"SrcFile","value":"packages/skills/node_modules/@types/node/package.json"}],"evidence":{"identity":[{"field":"purl","confidence":0.7,"methods":[{"technique":"manifest-analysis","confidence":0.7,"value":"packages/skills/node_modules/@types/node/package.json"}],"concludedValue":"packages/skills/node_modules/@types/node/package.json"}]}}],"dependencies":[],"annotations":[{"bom-ref":"metadata-annotations","subjects":["pkg:npm/@aegis-scan/skills@0.2.1"],"annotator":{"component":{"group":"@cyclonedx","name":"cdxgen","version":"12.1.4","purl":"pkg:npm/%40cyclonedx/cdxgen@12.1.4","type":"application","bom-ref":"pkg:npm/@cyclonedx/cdxgen@12.1.4","publisher":"OWASP Foundation","authors":[{"name":"OWASP Foundation"}]}},"timestamp":"2026-04-27T22:06:16Z","text":"This Software Bill-of-Materials (SBOM) document was created on Monday, April 27, 2026 with cdxgen. The data was captured during the build lifecycle phase. The document describes an application named 'skills' with version '0.2.1'. The package type in this SBOM is npm with a single purl namespace '@types' described under components. The components were identified from 3 source files."}]}
|