@aegis-scan/skills 0.4.0 → 0.5.1

package/ATTRIBUTION.md

@@ -41,6 +41,146 @@ rule applies to any incoming updates — no stripping of upstream
 attribution, no removal of AEGIS-added headers, no paper-over of
 upstream format variance.
 
+## Offensive skills — matty69v/Bug-Bounty-Agents (selective fork)
+
+A subset of skills under `skills/offensive/matty-fork/` are forked from
+[matty69v/Bug-Bounty-Agents](https://github.com/matty69v/Bug-Bounty-Agents)
+under MIT License. The upstream is a 43-agent prompt library — AEGIS pulls
+only the five that fill documented coverage gaps and otherwise have no
+overlap with the existing `snailsploit-fork/` content.
+
+- **Upstream author:** matty69v
+- **SPDX:** MIT
+- **Fork-SHA:** `5f8b8301b1bfbbe3aece4f38337cef69d52af0dc`
+- **Fork date:** 2026-05-01
+- **Skill count at fork:** 5 (selective):
+  - `cicd-redteam` (529 lines) — closes CI/CD pipeline analysis gap
+  - `cloud-security` (104 lines) — closes Cloud Security Posture gap (AWS/GCP/Azure)
+  - `container-escape` (172 lines) — closes container/k8s breakout gap
+  - `mobile-pentester` (355 lines) — closes Mobile (APK/IPA) analysis gap
+  - `subdomain-takeover` (152 lines) — closes subdomain-takeover detection gap
+- **Upstream-attribution format:** YAML frontmatter (`name:`, `description:`,
+  `tools:`, `model:`). All five files preserved byte-identically inside the
+  body; AEGIS-local provenance header added above the YAML opener.
+
+### AEGIS-side modifications
+
+- Per-file `<!-- aegis-local: forked … from matty69v/Bug-Bounty-Agents@<sha> -->`
+  HTML header prepended above the YAML frontmatter on each `SKILL.md`.
+- The other 38 upstream skills overlap with existing AEGIS coverage
+  (`snailsploit-fork/`, programmatic scanners, or LLM-DAST-wrappers) and are
+  intentionally NOT forked.
+- Upstream's `_scope-guard.md` is a routing-excluded shared pre-flight prompt
+  that several main agents reference. The five forked skills retain those
+  textual references intact (byte-identical body), but the `_scope-guard.md`
+  itself is NOT shipped — AEGIS skill-loader requires kebab-case names that
+  cannot start with an underscore. Operators can fetch the upstream file
+  directly from the source repo if needed; AEGIS' own `--confirm` gate +
+  `evaluateActiveModeAuthorization()` (see `packages/cli/src/active-mode-
+  disclaimer.ts`) provides the equivalent enforced safety floor.
+
+### Why selective rather than full fork
+
+The upstream `_scope-guard.md` model is prompt-level (advisory, agent-
+referenced). AEGIS' active-mode disclaimer + `--confirm` gate is CLI-level
+(enforced, Commander.js-validated). Pulling all 43 agents would bloat the
+skill catalog with content that either duplicates AEGIS' programmatic
+checks or duplicates `snailsploit-fork/` coverage. The five selected fill
+documented gaps that no other AEGIS surface covers today.
+
+## Offensive skills — pikpikcu/airecon (full skill-pack fork)
+
+All skills under `skills/offensive/airecon-fork/` are forked from
+[pikpikcu/airecon](https://github.com/pikpikcu/airecon) under MIT License.
+Upstream is an autonomous AI-driven pentesting agent; AEGIS pulls only the
+methodology skill-pack (.md files under `airecon/proxy/skills/`), not the
+Python runtime, Docker orchestration, JSON data files, or proxy/MCP scaffolding.
+
+- **Upstream author:** pikpikcu — https://github.com/pikpikcu
+- **Upstream repo:** https://github.com/pikpikcu/airecon
+- **SPDX:** MIT (`Copyright (c) 2026 pikpikcu`)
+- **Fork-SHA:** `9a21453459d87eefb012ea355c79b593d0d3c0cc`
+- **Fork date:** 2026-05-04
+- **Skill count at fork:** 141 (full upstream skills/ tree as of fork SHA)
+- **Categories pulled:** ctf, frameworks, payloads, postexploit, protocols, reconnaissance, technologies, tools, vulnerabilities (9 of 9)
+
+### Slug-naming convention
+
+Upstream layout is `airecon/proxy/skills/<category>/<...>/<file>.md`.
+AEGIS-side layout is flat `skills/offensive/airecon-fork/<slug>/SKILL.md`
+where `<slug>` = upstream relative-path with `/` and `_` mapped to `-`,
+lowercased. Examples:
+
+- `airecon/proxy/skills/postexploit/linux_privesc.md` -> `postexploit-linux-privesc`
+- `airecon/proxy/skills/ctf/crypto/modern-ciphers.md` -> `ctf-crypto-modern-ciphers`
+- `airecon/proxy/skills/vulnerabilities/idor.md` -> `vulnerabilities-idor`
+
+This flattens the 2-level upstream tree into AEGIS' 1-level
+`<source>/<name>/SKILL.md` loader convention while preserving full
+upstream provenance via the path-derived slug.
+
+### Overlap with existing forks
+
+Four upstream skills overlap by topic with `matty-fork/`:
+- `postexploit-container-escape` (vs matty `container-escape`)
+- `technologies-cicd-attacks` (vs matty `cicd-redteam`)
+- `technologies-cloud-security` (vs matty `cloud-security`)
+- `vulnerabilities-subdomain-takeover` (vs matty `subdomain-takeover`)
+
+Both forks ship — slug-prefixing under `airecon-fork/` keeps them
+independent. Operators select which to load via the skill-loader; no
+content is merged across upstream sources (do-not-remove rule applies).
+
+### Skill-pack scope (what is + what is NOT shipped)
+
+**Shipped (.md only):** 141 SKILL.md files preserving upstream content
+byte-identically, with the AEGIS aegis-local header on line 1.
+
+**Not shipped:** Python runtime under `airecon/`, Docker/Kali/Caido
+orchestration under `airecon/containers/`, JSON data files under
+`airecon/proxy/data/` (separately extractable to scanner-data dirs in a
+future cycle), phase prompts under `airecon/proxy/prompts/` (agent-runtime-
+specific), shell installers under `scripts/`. The skill-loader contract
+is `.md`-only by CI invariant (`packages/skills/skills/` markdown-only),
+so these are excluded by design.
+
+### Companion repo `airecon-dataset`
+
+pikpikcu also maintains a companion `airecon-dataset` repo (~1.09M training
+records). License of that repo is **not yet verified**; no content from it
+is integrated into AEGIS. If a future cycle wants to pull dataset-derived
+patterns into scanner data, that repo's license must be checked first.
+
+## Defensive skills — permoon/multi-model-redteam (architecture red-team)
+
+Skills under `skills/defensive/permoon-fork/` are forked from
+[permoon/multi-model-redteam](https://github.com/permoon/multi-model-redteam),
+a multi-model architecture-design-review framework.
+
+- **Upstream author:** Hector (https://github.com/permoon)
+- **SPDX:** MIT (LICENSE) + CC0 (`prompts/` directory, per upstream README)
+- **Fork-SHA:** `17b7f4dc40e9ec086efe2cbcc27954549fd53f2d`
+- **Fork date:** 2026-05-14
+- **Skill count at fork:** 3 prompts adopted as standalone SKILL.md files
+  (`multi-model-system-prompt`, `multi-model-consolidation`,
+  `multi-model-severity`)
+
+The prompts walk a single model — or three models orchestrated in
+parallel by the upstream framework — through architecture-design
+review against five failure dimensions (hidden assumptions, dependency
+failures, boundary inputs, misuse paths, rollback / blast radius)
+with structured TRIGGER / IMPACT / DETECTABILITY scenarios per
+dimension. Defensive methodology; no active probing. The AEGIS
+adoption surfaces each prompt as a standalone skill that any
+AEGIS-compatible agent can invoke regardless of how many models the
+operator actually runs.
+
+The upstream framework also ships `redteam.sh` (bash orchestrator
+across Claude / Codex / Gemini CLIs) which AEGIS does NOT adopt --
+that part of the upstream is operator-deploy tooling rather than a
+skill-pack-shape asset, and replicating it would duplicate existing
+AEGIS multi-agent orchestration patterns.
+
 ## Defensive skills — AEGIS-native
 
 All skills under `skills/defensive/aegis-native/` are AEGIS-original
@@ -109,6 +249,18 @@ This avoids:
 - Duplicate maintenance burden when the upstream package is the
   single source of truth
 
+### `Chachamaru127/claude-code-harness` — concept-only adoption (no fork, no install)
+
+- **Upstream:** https://github.com/Chachamaru127/claude-code-harness
+- **License:** MIT
+- **Adoption mode:** **concept-only** — AEGIS adopts two patterns from this project's design but ships zero copied code or assets:
+  1. **Plans.md as a Live Working-Plan SSOT** — adapted into `aegis-orchestrator/SKILL.md` as the format for `.aegis/Plans.md`. AEGIS-specific: integrated into the existing 8-skill foundation cluster lifecycle (orchestrator initializes, specialist skills update, handover-writer summarizes), uses pure markdown, no Go binary or `/harness-*` verb-commands.
+  2. **`harness doctor --residue` stale-reference detection** — adapted into `aegis-quality-gates/SKILL.md` as Gate 10 (residue-check). AEGIS-specific: pure shell + grep methodology integrated as a gate of the existing 10-gate verifier sequence (was 9-gate pre-adoption), with the AEGIS classes of residue documented (stale commit-SHAs in handovers, broken markdown cross-links in shipped SKILL.md, orphan path references, phantom `_INDEX.md` skill rows, dead `<!-- aegis-local: -->` provenance refs). The motivating bug-class: handover docs that cite commit-SHAs invalidated by a `git rebase`.
+
+- **What was NOT adopted:** the Go-native runtime engine, the 5 `/harness-plan|work|review|release|setup` verb-commands, the 13 R01-R13 declarative guardrails, the 3-agent worker/reviewer/scaffolder split, the marketplace plugin distribution. AEGIS already has equivalents for or alternatives to each (repo rulesets, scrub-gates, supply-chain CI gates, 8 specialist foundation skills, npm direct distribution).
+
+- **Why concept-only and not fork or mandate:** the two adopted patterns are **methodology**, not code — they fit AEGIS's existing skill-cluster architecture verbatim once described in markdown. Forking would buy nothing (no shared code paths) and adding a mandate would burden users with installing a tool they don't need. Documenting the inspiration in this file + the relevant SKILL.md sections preserves attribution while staying lean.
+
 ### `supabase/agent-skills` — Postgres + Supabase development best-practices
 
 - **Upstream:** https://github.com/supabase/agent-skills
@@ -146,6 +298,58 @@ This avoids:
   ensures they always pull the freshest Supabase-team-maintained
   guidance.
 
+## OSINT skills — elementalsouls/Claude-OSINT
+
+All skills under `skills/osint/` are forked from
+[elementalsouls/Claude-OSINT](https://github.com/elementalsouls/Claude-OSINT)
+under MIT License (with offensive-security ethical-use notice).
+
+- **Upstream author:** Cyanide (elementalsouls)
+- **SPDX:** MIT
+- **Fork-SHA:** `ea42241d068e8112da0e4e28006207125c835c2e`
+- **Fork date:** 2026-05-01
+- **Skill count at fork:** 2 (`offensive-osint`, `osint-methodology`)
+- **Upstream-attribution format:** YAML frontmatter (`name:`, `description:`,
+  `version:`, `triggers:`). Both files preserved byte-identically inside the
+  body; AEGIS-local provenance header added above the YAML opener.
+
+### AEGIS-side modifications
+
+- Per-file `<!-- aegis-local: forked … from elementalsouls/Claude-OSINT@<sha> -->`
+  HTML header prepended above the YAML frontmatter on both `SKILL.md` files.
+- `offensive-osint/SKILL.md` carries an additional **PORT-NOTE** inside its
+  fork header explaining that the upstream `secret_scan.py` helper script is
+  NOT shipped (`@aegis-scan/skills` enforces a markdown-only invariant via
+  CI). The helper is scheduled for port to a TypeScript scanner module under
+  **F-EXTERNAL-SECRETS-1** (planned v0.18.x). Until then, operators run
+  AEGIS' existing `gitleaks` / `trufflehog` wrappers, or fetch the helper
+  directly from the upstream repository.
+- `offensive-osint/README.md` *Loading*, *Helper script*, *Self-test* and
+  *License* sections updated to reflect the AEGIS package layout (no manual
+  `cp` of `scripts/secret_scan.py` since the script is not shipped; smoke
+  tests referenced as upstream-only pending F-SKILL-SYNC-CI-1).
+- `osint-methodology/README.md` *Self-test* and *License* sections updated
+  similarly.
+- Upstream `LICENSE` and `tests/smoke-test-prompts.md` are NOT shipped — the
+  AEGIS root `LICENSE` covers all of `@aegis-scan/skills`, and the smoke
+  tests will land under `packages/skills/__tests__/skill-prompts/` when the
+  skill-validation CI is built (F-SKILL-SYNC-CI-1).
+
+### Why a separate top-level category instead of merging into `offensive/`
+
+`osint/` is intel-gathering tradecraft (collection + correlation + scoring),
+distinct from `offensive/` which encodes exploit-side red-team patterns
+(SSRF / SQLi / XSS / RCE / etc.). The `snailsploit-fork/` already contains
+much smaller `osint/` (399 lines) and `osint-methodology/` (434 lines)
+skills that overlap topically but are subset by content. Both kept side-by-
+side: the `snailsploit-fork/` versions remain available for operators who
+prefer the lighter checklist style; the `osint/` top-level category
+provides the operational arsenal (~5,800 lines of probe paths, regexes,
+validators, identity-fabric methodology, vendor fingerprints) that the
+`snailsploit-fork/` intentionally does not include. Frontmatter `name:`
+collisions across categories are acceptable — Claude Code skill-routing
+keys on path-relative identifiers, not the bare `name:` field.
+
 ## Future external cherry-pick candidates
 
 The `skills/` tree is also designed to grow across sources via

package/CHANGELOG.md

@@ -8,9 +8,49 @@ and quality-audit completion, not by a fixed schedule.
 
 ---
 
-## [Unreleased]
+## [0.5.0] — 2026-05-01 — "External-research extension: NEW osint/ category + 5 selective offensive skills"
 
-### Added
+Minor bump for the v0.18.0 scanner-family release-cut. Adds NEW `osint/` top-level skill category (2 skills, 5861 lines) and selective fork from a second offensive upstream (5 gap-filling skills, 1322 lines). Skill-count grows from 55 to 62; source-namespaces grow from 2 (`snailsploit-fork`, `aegis-native`) to 4 (+`elementalsouls-fork`, +`matty-fork`).
+
+### Added (NEW category — F-OSINT-SKILL-PACK-1)
+
+- **`skills/osint/`** — NEW top-level category for intel-gathering tradecraft (distinct from `offensive/` exploit-side patterns). Forked from elementalsouls' upstream OSINT pack (MIT, fork-SHA `ea42241d068e8112da0e4e28006207125c835c2e`):
+  - `osint/elementalsouls-fork/offensive-osint/SKILL.md` (4168 lines, 204KB) — operational arsenal: 43+-pattern modern-AI-API-key catalog, 80+-template dork corpus, vendor edge-appliance fingerprints, identity-fabric concrete endpoints, 9 read-only credential validators, 27 attack-path templates.
+  - `osint/elementalsouls-fork/osint-methodology/SKILL.md` (1693 lines, 93KB) — 5-stage recon pipeline, asset-graph discipline, breach × identity correlation, email-security audit, vulnerability prioritization (CVE × EPSS × KEV).
+- PORT-NOTE: upstream `secret_scan.py` helper script NOT shipped (`@aegis-scan/skills` markdown-only CI invariant). Helper queued for port to `packages/scanners/src/recon/external-secret-scan.ts` under F-EXTERNAL-SECRETS-1 (planned v0.18.x).
+
+### Added (selective fork — F-SKILL-PACK-MATTY-1)
+
+- **5 skills under `skills/offensive/matty-fork/`** — selective fork of matty69v's upstream Bug-Bounty-Agents (MIT, fork-SHA `5f8b8301b1bfbbe3aece4f38337cef69d52af0dc`). Pulled 5 of 43 upstream agents that fill documented AEGIS coverage gaps; the other 38 overlap with existing snailsploit-fork content or programmatic scanners and are intentionally not pulled.
+  - `cicd-redteam` (529 lines) — CI/CD pipeline analysis (GH Actions / GitLab CI / Jenkins / Argo / Tekton)
+  - `cloud-security` (104 lines) — CSPM (AWS / GCP / Azure)
+  - `container-escape` (172 lines) — container / k8s breakout
+  - `mobile-pentester` (355 lines) — Mobile (APK / IPA) — OWASP MASTG / MASVS
+  - `subdomain-takeover` (152 lines) — dangling-CNAME detection
+- Upstream's `_scope-guard.md` advisory prompt is NOT shipped — AEGIS skill-loader requires kebab-case names that cannot start with underscore, and the safety floor is already enforced at the CLI gate (`evaluateActiveModeAuthorization()` + `--confirm` in active-mode-disclaimer.ts). The 5 forked skills retain their textual scope-guard references byte-identical (per snailsploit-fork preservation precedent).
+
+### Updated (compliance/aegis-native/brutaler-anwalt → v3.4.0 sync)
+
+- **`brutaler-anwalt` skill enriched** to its current locally-maintained version: 5-persona self-verification (Hunter / Challenger / Synthesizer + Devil's-Advocate + Live-Probe), reconciled v3.4.0 audit-pattern set (Multi-Surface Origin-Regression / File-Storage in Production-Container / DKIM Specific-over-Wildcard + Multi-Selector / Operator-DNS-View Pflicht-Check / Granulare Try-Catch um Persist + Mail-Send), README version sync 3.2.0 → 3.4.0, expanded `references/` tree (+`gesetze/` 11 sub-folders, +`stack-patterns/` 10 sub-folders, +`templates/` 10 example files), shipped `scripts/health-check.sh` with operator-customizable brand-deny-list (reads `scripts/brand-deny-list.local.txt` when present, falls back to placeholder pattern). All shipped content sanitized for OSS — zero brand / personal-name leaks (verified by sanitize-grep + health-check). The skill's `LICENSE` is MIT, matching AEGIS root.
+- **Operator note**: customize `scripts/brand-deny-list.local.txt` (gitignored sibling) with your own internal codenames; the health-check uses it to scan SKILL.md / references / templates for accidental brand bleed before each release.
+
+### Added (Plans.md SSOT pattern)
+
+- **Plans.md — Live Working-Plan SSOT pattern** in `aegis-orchestrator/SKILL.md`. Defines `.aegis/Plans.md` as the single source of truth for in-flight tasks + acceptance criteria + blockers, complementing `state.json` (machine-readable phase) and handover docs (point-in-time snapshots). Lifecycle: orchestrator initializes, specialist skills update, handover-writer summarizes at session-end. AC-discipline: every task carries observable + independently verifiable acceptance criteria; task is DONE only when all AC are checked; blocked tasks keep AC unchanged and document the blocker. Concept adapted from [Chachamaru127/claude-code-harness](https://github.com/Chachamaru127/claude-code-harness) (MIT) — pure markdown integration, no fork, no Go binary, no install.
+
+### Validation
+
+- **Unit tests: 536 / 536** (was 491 — +45 across new sources).
+- **Manifest invariants** updated: EXPECTED_TOTAL 55 → 62; EXPECTED_CATEGORIES adds `osint`; EXPECTED_SOURCES_BY_CATEGORY adds `elementalsouls-fork` (osint) + `matty-fork` (offensive); EXPECTED_NAMES_BY_CATEGORY extends offensive (+5) and adds osint (+2).
+- **Attribution invariants** updated: HEADER_RE_BY_SOURCE +2 entries.
+- **Gate 10 — Residue-Check** added to `aegis-quality-gates/SKILL.md`. Detects stale commit-SHAs in handover docs (caught the v0.4.0 publish-procedure bug where rebase invalidated cited SHAs), broken markdown cross-links in shipped SKILL.md content, orphan path references, phantom `_INDEX.md` skill rows pointing at non-existent paths, dead `<!-- aegis-local: -->` provenance refs. Pure shell + grep methodology — runs in both `--quick` and `--final` modes, plus a new `--residue` operator-on-demand mode for post-rebase / post-merge checks. Concept adapted from claude-code-harness's `harness doctor --residue` (MIT).
+- **Plans.md task-discipline** referenced from `aegis-module-builder/SKILL.md`. Module-builder feature-specs map their acceptance-criteria 1:1 onto the Plans.md AC-checkbox format defined in aegis-orchestrator. Module-build phases 2-6 check off AC as they progress; task moves DONE only when all AC are checked.
+
+### Updated
+
+- `aegis-quality-gates`: description + frontmatter `enforced_quality_gates` bumped from 9 → 10 to reflect the new residue-check gate.
+- `aegis-orchestrator`: bootstrap-checklist extended from 6 to 8 steps (added Plans.md read at step 6, expanded print at step 7).
+- `packages/skills/ATTRIBUTION.md` — new "concept-only" attribution section for claude-code-harness documenting both pattern adoptions, what was NOT adopted, and why concept-only beats fork-or-mandate for methodology adoption.
 
 - **External-skills mandate-without-fork integration** with [supabase/agent-skills](https://github.com/supabase/agent-skills) (MIT). Two upstream skills (`supabase` + `supabase-postgres-best-practices`) are now declared **mandatory complements** to the AEGIS-native security layer for any project using Supabase or Postgres. Installation via the upstream's own distribution channel (`npx skills add supabase/agent-skills -g -y`) — not re-shipped here. Rationale: upstream is actively maintained by the Supabase team with frequent updates the AEGIS team has no special insight into, so fork-mode would freeze content at a fork-SHA + create unnecessary quarterly upstream-sync work for content that benefits from staying current.
   - `ATTRIBUTION.md` — new "Required external skills (mandatory complement, not forked)" section documenting the rationale, install command, and license-compatibility chain.
@@ -19,7 +59,12 @@ and quality-audit completion, not by a fixed schedule.
   - `skills/defensive/aegis-native/tenant-isolation-defense/SKILL.md` — new "Complementary external skill (mandatory)" section pointing to upstream `supabase` and `supabase-postgres-best-practices` skills.
   - AEGIS repository root — new `AGENTS.md` documents the repo-wide mandate for AI coding-agents working in this repo and the layer-split between AEGIS-native security and upstream Supabase dev/perf coverage.
 
-This establishes a second integration-pattern alongside the existing fork-mode (used by `skills/offensive/snailsploit-fork/`): mandate-without-fork. Future external sources will pick per-source based on stability and maintenance-economics.
+### Notes
+
+- This [Unreleased] entry establishes **three external-source integration-patterns** that AEGIS now uses, picked per-source based on stability + maintenance-economics:
+  1. **Fork-mode** (`snailsploit-fork`) — content forked into `skills/<category>/<source>/` with attribution headers; quarterly upstream-sync.
+  2. **Mandate-without-fork** (`supabase/agent-skills`) — install via upstream's own distribution channel; cross-reference from AEGIS skills.
+  3. **Concept-only adoption** (`Chachamaru127/claude-code-harness`) — methodology adapted into existing AEGIS skills via prose; zero code, zero install, attribution preserved in this CHANGELOG + ATTRIBUTION.md.
 
 ---
 

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@aegis-scan/skills",
-  "version": "0.4.0",
+  "version": "0.5.1",
   "description": "AEGIS Skills — opt-in skill library for Claude Code and compatible AI agents. Offensive red-team methodology from curated sources, attribution preserved per-file. Multi-source-ready architecture with placeholder directories for future defensive (AEGIS-native) and MITRE-mapped extensions. Third sibling in the AEGIS full-repertoire toolkit alongside @aegis-scan/cli and @aegis-wizard/cli.",
   "license": "MIT",
   "author": "RideMatch1 <230386010+RideMatch1@users.noreply.github.com>",

package/sbom.cdx.json

@@ -1 +1 @@
-{"bomFormat":"CycloneDX","specVersion":"1.6","serialNumber":"urn:uuid:b093e1cf-2e77-446b-afa4-a3739edff36a","version":1,"metadata":{"timestamp":"2026-04-28T13:28:27Z","tools":{"components":[{"group":"@cyclonedx","name":"cdxgen","version":"12.1.4","purl":"pkg:npm/%40cyclonedx/cdxgen@12.1.4","type":"application","bom-ref":"pkg:npm/@cyclonedx/cdxgen@12.1.4","publisher":"OWASP Foundation","authors":[{"name":"OWASP Foundation"}]}]},"authors":[{"name":"OWASP Foundation"}],"lifecycles":[{"phase":"build"}],"component":{"name":"skills","group":"@aegis-scan","version":"0.4.0","description":"AEGIS Skills — opt-in skill library for Claude Code and compatible AI agents. Offensive red-team methodology from curated sources, attribution preserved per-file. Multi-source-ready architecture with placeholder directories for future defensive (AEGIS-native) and MITRE-mapped extensions. Third sibling in the AEGIS full-repertoire toolkit alongside @aegis-scan/cli and @aegis-wizard/cli.","purl":"pkg:npm/%40aegis-scan/skills@0.4.0","bom-ref":"pkg:npm/@aegis-scan/skills@0.4.0","author":"RideMatch1 <230386010+RideMatch1@users.noreply.github.com>","type":"application","licenses":[{"license":{"id":"MIT","url":"https://opensource.org/licenses/MIT"}}],"externalReferences":[{"type":"vcs","url":"https://github.com/RideMatch1/a.e.g.i.s#readme"},{"type":"vcs","url":"git+https://github.com/RideMatch1/a.e.g.i.s.git"}]},"properties":[{"name":"cdx:bom:componentTypes","value":"npm"},{"name":"cdx:bom:componentNamespaces","value":"@types"},{"name":"cdx:bom:componentSrcFiles","value":"packages/skills/node_modules/@types/node/package.json\\npackages/skills/node_modules/typescript/package.json\\npackages/skills/node_modules/vitest/package.json"}]},"components":[{"authors":[{"name":"Anthony Fu <anthonyfu117@hotmail.com>"}],"group":"","name":"vitest","version":"3.2.4","description":"Next generation testing framework powered by Vite","scope":"optional","licenses":[{"license":{"id":"MIT","url":"https://opensource.org/licenses/MIT"}}],"purl":"pkg:npm/vitest@3.2.4","externalReferences":[{"type":"vcs","url":"https://github.com/vitest-dev/vitest#readme"},{"type":"vcs","url":"git+https://github.com/vitest-dev/vitest.git"}],"type":"framework","bom-ref":"pkg:npm/vitest@3.2.4","properties":[{"name":"SrcFile","value":"packages/skills/node_modules/vitest/package.json"}],"evidence":{"identity":[{"field":"purl","confidence":0.7,"methods":[{"technique":"manifest-analysis","confidence":0.7,"value":"packages/skills/node_modules/vitest/package.json"}],"concludedValue":"packages/skills/node_modules/vitest/package.json"}]},"tags":["framework"]},{"authors":[{"name":"Microsoft Corp."}],"group":"","name":"typescript","version":"5.9.3","description":"TypeScript is a language for application scale JavaScript development","scope":"optional","licenses":[{"license":{"id":"Apache-2.0","url":"https://opensource.org/licenses/Apache-2.0"}}],"purl":"pkg:npm/typescript@5.9.3","externalReferences":[{"type":"website","url":"https://www.typescriptlang.org/"},{"type":"vcs","url":"https://github.com/microsoft/TypeScript.git"}],"type":"library","bom-ref":"pkg:npm/typescript@5.9.3","properties":[{"name":"SrcFile","value":"packages/skills/node_modules/typescript/package.json"}],"evidence":{"identity":[{"field":"purl","confidence":0.7,"methods":[{"technique":"manifest-analysis","confidence":0.7,"value":"packages/skills/node_modules/typescript/package.json"}],"concludedValue":"packages/skills/node_modules/typescript/package.json"}]}},{"group":"@types","name":"node","version":"22.19.17","description":"TypeScript definitions for node","scope":"optional","licenses":[{"license":{"id":"MIT","url":"https://opensource.org/licenses/MIT"}}],"purl":"pkg:npm/%40types/node@22.19.17","externalReferences":[{"type":"vcs","url":"https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/node"},{"type":"vcs","url":"https://github.com/DefinitelyTyped/DefinitelyTyped.git"}],"type":"library","bom-ref":"pkg:npm/@types/node@22.19.17","properties":[{"name":"SrcFile","value":"packages/skills/node_modules/@types/node/package.json"}],"evidence":{"identity":[{"field":"purl","confidence":0.7,"methods":[{"technique":"manifest-analysis","confidence":0.7,"value":"packages/skills/node_modules/@types/node/package.json"}],"concludedValue":"packages/skills/node_modules/@types/node/package.json"}]}}],"dependencies":[],"annotations":[{"bom-ref":"metadata-annotations","subjects":["pkg:npm/@aegis-scan/skills@0.4.0"],"annotator":{"component":{"group":"@cyclonedx","name":"cdxgen","version":"12.1.4","purl":"pkg:npm/%40cyclonedx/cdxgen@12.1.4","type":"application","bom-ref":"pkg:npm/@cyclonedx/cdxgen@12.1.4","publisher":"OWASP Foundation","authors":[{"name":"OWASP Foundation"}]}},"timestamp":"2026-04-28T13:28:27Z","text":"This Software Bill-of-Materials (SBOM) document was created on Tuesday, April 28, 2026 with cdxgen. The data was captured during the build lifecycle phase. The document describes an application named 'skills' with version '0.4.0'. The package type in this SBOM is npm with a single purl namespace '@types' described under components. The components were identified from 3 source files."}]}
+{"bomFormat":"CycloneDX","specVersion":"1.6","serialNumber":"urn:uuid:c5ddd6fa-6966-4fc7-8d54-527af50a71ca","version":1,"metadata":{"timestamp":"2026-05-16T08:07:16Z","tools":{"components":[{"group":"@cyclonedx","name":"cdxgen","version":"12.1.5","purl":"pkg:npm/%40cyclonedx/cdxgen@12.1.5","type":"application","bom-ref":"pkg:npm/@cyclonedx/cdxgen@12.1.5","publisher":"OWASP Foundation","authors":[{"name":"OWASP Foundation"}]}]},"authors":[{"name":"OWASP Foundation"}],"lifecycles":[{"phase":"build"}],"component":{"name":"skills","group":"@aegis-scan","version":"0.5.1","description":"AEGIS Skills — opt-in skill library for Claude Code and compatible AI agents. Offensive red-team methodology from curated sources, attribution preserved per-file. Multi-source-ready architecture with placeholder directories for future defensive (AEGIS-native) and MITRE-mapped extensions. Third sibling in the AEGIS full-repertoire toolkit alongside @aegis-scan/cli and @aegis-wizard/cli.","purl":"pkg:npm/%40aegis-scan/skills@0.5.1","bom-ref":"pkg:npm/@aegis-scan/skills@0.5.1","author":"RideMatch1 <230386010+RideMatch1@users.noreply.github.com>","type":"application","licenses":[{"license":{"id":"MIT","url":"https://opensource.org/licenses/MIT"}}],"externalReferences":[{"type":"vcs","url":"https://github.com/RideMatch1/a.e.g.i.s#readme"},{"type":"vcs","url":"git+https://github.com/RideMatch1/a.e.g.i.s.git"}]},"properties":[{"name":"cdx:bom:componentTypes","value":"npm"},{"name":"cdx:bom:componentNamespaces","value":"@types"},{"name":"cdx:bom:componentSrcFiles","value":"packages/skills/node_modules/@types/node/package.json\\npackages/skills/node_modules/typescript/package.json\\npackages/skills/node_modules/vitest/package.json"}]},"components":[{"authors":[{"name":"Anthony Fu <anthonyfu117@hotmail.com>"}],"group":"","name":"vitest","version":"3.2.4","description":"Next generation testing framework powered by Vite","scope":"optional","licenses":[{"license":{"id":"MIT","url":"https://opensource.org/licenses/MIT"}}],"purl":"pkg:npm/vitest@3.2.4","externalReferences":[{"type":"vcs","url":"https://github.com/vitest-dev/vitest#readme"},{"type":"vcs","url":"git+https://github.com/vitest-dev/vitest.git"}],"type":"framework","bom-ref":"pkg:npm/vitest@3.2.4","properties":[{"name":"SrcFile","value":"packages/skills/node_modules/vitest/package.json"}],"evidence":{"identity":[{"field":"purl","confidence":0.7,"methods":[{"technique":"manifest-analysis","confidence":0.7,"value":"packages/skills/node_modules/vitest/package.json"}],"concludedValue":"packages/skills/node_modules/vitest/package.json"}]},"tags":["framework"]},{"authors":[{"name":"Microsoft Corp."}],"group":"","name":"typescript","version":"5.9.3","description":"TypeScript is a language for application scale JavaScript development","scope":"optional","licenses":[{"license":{"id":"Apache-2.0","url":"https://opensource.org/licenses/Apache-2.0"}}],"purl":"pkg:npm/typescript@5.9.3","externalReferences":[{"type":"website","url":"https://www.typescriptlang.org/"},{"type":"vcs","url":"https://github.com/microsoft/TypeScript.git"}],"type":"library","bom-ref":"pkg:npm/typescript@5.9.3","properties":[{"name":"SrcFile","value":"packages/skills/node_modules/typescript/package.json"}],"evidence":{"identity":[{"field":"purl","confidence":0.7,"methods":[{"technique":"manifest-analysis","confidence":0.7,"value":"packages/skills/node_modules/typescript/package.json"}],"concludedValue":"packages/skills/node_modules/typescript/package.json"}]}},{"group":"@types","name":"node","version":"22.19.17","description":"TypeScript definitions for node","scope":"optional","licenses":[{"license":{"id":"MIT","url":"https://opensource.org/licenses/MIT"}}],"purl":"pkg:npm/%40types/node@22.19.17","externalReferences":[{"type":"vcs","url":"https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/node"},{"type":"vcs","url":"https://github.com/DefinitelyTyped/DefinitelyTyped.git"}],"type":"library","bom-ref":"pkg:npm/@types/node@22.19.17","properties":[{"name":"SrcFile","value":"packages/skills/node_modules/@types/node/package.json"}],"evidence":{"identity":[{"field":"purl","confidence":0.7,"methods":[{"technique":"manifest-analysis","confidence":0.7,"value":"packages/skills/node_modules/@types/node/package.json"}],"concludedValue":"packages/skills/node_modules/@types/node/package.json"}]}}],"dependencies":[],"annotations":[{"bom-ref":"metadata-annotations","subjects":["pkg:npm/@aegis-scan/skills@0.5.1"],"annotator":{"component":{"group":"@cyclonedx","name":"cdxgen","version":"12.1.5","purl":"pkg:npm/%40cyclonedx/cdxgen@12.1.5","type":"application","bom-ref":"pkg:npm/@cyclonedx/cdxgen@12.1.5","publisher":"OWASP Foundation","authors":[{"name":"OWASP Foundation"}]}},"timestamp":"2026-05-16T08:07:16Z","text":"This Software Bill-of-Materials (SBOM) document was created on Saturday, May 16, 2026 with cdxgen. The data was captured during the build lifecycle phase. The document describes an application named 'skills' with version '0.5.1'. The package type in this SBOM is npm with a single purl namespace '@types' described under components. The components were identified from 3 source files."}]}

package/skills/compliance/aegis-native/brutaler-anwalt/.claude-plugin/plugin.json

@@ -0,0 +1,108 @@
+{
+  "_schema_note": "Kein offizielles Plugin-JSON-Schema von Anthropic veroeffentlicht (Stand 2026-05). Hook-Matcher-Syntax basiert auf empirischer Pruefung der Claude-Code-Docs. Bei Schema-Veroeffentlichung: $schema-Feld nachziehen.",
+  "name": "brutaler-anwalt",
+  "version": "4.3.0",
+  "description": "Adversarial DE/EU Compliance-Auditor mit 5-Persona-Self-Verification (Hunter / Challenger / Synthesizer / Devil's-Advocate / Live-Probe) fuer DSGVO/UWG/AGB/Impressum/Cookies/AVV/NIS2/AI-Act/Branchen-/Straf-/Steuerrecht. Sachlich-praezise Schadens-Diagnose mit %-Wahrscheinlichkeit + EUR-Range + Abmahn-Simulation. Universalskill — branchenagnostisch fuer SaaS/Webseiten/Apps/Vertraege. KEINE Rechtsberatung i.S.d. RDG.",
+  "author": {
+    "name": "AEGIS / brutaler-anwalt maintainers",
+    "url": "https://github.com/RideMatch1/a.e.g.i.s"
+  },
+  "homepage": "https://github.com/RideMatch1/a.e.g.i.s",
+  "repository": "https://github.com/RideMatch1/a.e.g.i.s",
+  "license": "MIT",
+  "keywords": [
+    "dsgvo",
+    "gdpr",
+    "compliance",
+    "audit",
+    "datenschutz",
+    "uwg",
+    "abmahnung",
+    "agb",
+    "impressum",
+    "cookie",
+    "consent",
+    "ai-act",
+    "nis2",
+    "dsa",
+    "tdddg",
+    "ddg",
+    "germany",
+    "eu",
+    "legal-audit",
+    "vibecoded"
+  ],
+  "category": "Compliance",
+  "interface": {
+    "displayName": "brutaler-anwalt",
+    "shortDescription": "Adversarial DE/EU Compliance-Auditor (DSGVO/UWG/AI-Act/Branchenrecht).",
+    "longDescription": "Brutaler-anwalt fuehrt einen 5-Persona-Multi-Verification-Audit gegen DSGVO/UWG/AI-Act/NIS2/Branchen-/Straf-/Steuerrecht. Output: %-Wahrscheinlichkeit + EUR-Schadens-Range + Abmahn-Simulation. v4.3.0 fuegt Hook-basierte On-Demand-KB-Routing + WebFetch-Tier-1-Allowlist + PostWrite-Quality-Gates hinzu. KEINE Rechtsberatung i.S.d. RDG §2 (BGH I ZR 113/20 Smartlaw).",
+    "developerName": "AEGIS",
+    "category": "Compliance",
+    "capabilities": ["Interactive", "Audit", "Read"],
+    "websiteURL": "https://github.com/RideMatch1/a.e.g.i.s",
+    "defaultPrompt": [
+      "Audit diese DSGVO-Datenschutzerklaerung gegen Art. 13 / 14 / 15 DSGVO + Drittland-Pflichten.",
+      "Pruefe Cookie-Banner gegen § 25 TDDDG + EuGH Planet49 (C-673/17).",
+      "Check Impressum nach § 5 DDG fuer Vollstaendigkeit + Anbieterkennzeichnung.",
+      "Bewerte Abmahn-Risiko fuer fehlenden BFSG-Compliance-Stand (Stichtag 28.06.2025).",
+      "Auditiere AVV gegen Art. 28 DSGVO + Schrems-II-Drittland-Risiko.",
+      "Simuliere Abmahn-Schadenshoehe fuer Google-Fonts-Embed ohne Consent (BGH-Folge-Az.)."
+    ],
+    "brandColor": "#1F2937"
+  },
+  "hooks": {
+    "SessionStart": [
+      {
+        "matcher": "*",
+        "hooks": [
+          {
+            "type": "command",
+            "command": "python3 ${CLAUDE_PLUGIN_ROOT}/hooks/session_start.py"
+          }
+        ]
+      }
+    ],
+    "UserPromptSubmit": [
+      {
+        "matcher": "*",
+        "hooks": [
+          {
+            "type": "command",
+            "command": "python3 ${CLAUDE_PLUGIN_ROOT}/hooks/prompt_submit.py"
+          }
+        ]
+      }
+    ],
+    "PostToolUse": [
+      {
+        "matcher": "Write|Edit|MultiEdit",
+        "hooks": [
+          {
+            "type": "command",
+            "command": "python3 ${CLAUDE_PLUGIN_ROOT}/hooks/post_write.py"
+          }
+        ]
+      }
+    ]
+  },
+  "commands": [
+    {
+      "name": "anwalt:cold-start",
+      "description": "Einmaliges Practice-Profile-Interview (Branche / Stack / B2B-B2C / EU-Land). Schreibt .brutaler-anwalt/profile.md. Jeder folgende Audit liest dieses Profil zuerst. Spart 10 Min Re-Discovery pro Audit."
+    },
+    {
+      "name": "anwalt:audit",
+      "description": "Vollstaendiger 5-Persona-Compliance-Audit der aktuellen Codebase. Output: BRUTALER-AUDIT.md mit Findings (%-Wahrscheinlichkeit + EUR-Range + Az.-Beleg)."
+    },
+    {
+      "name": "anwalt:simulate",
+      "description": "Abmahn-Simulation auf vorhandene Findings. Generiert Streitwert-Range + modifizierte Unterlassungserklaerung."
+    },
+    {
+      "name": "anwalt:health",
+      "description": "Skill-Health-Check (References vollstaendig, Az.-Provenance OK, Hooks executable, Plugin-Manifest valid)."
+    }
+  ],
+  "disclaimer": "Diese Analyse ist keine Rechtsberatung im Sinne von § 2 RDG (BGH I ZR 113/20 Smartlaw, 09.09.2021) und ersetzt keinen zugelassenen Rechtsanwalt fuer IT-/Datenschutzrecht. Die Skill-Outputs sind technisch-indikative Hinweise auf Compliance-Risiken zur internen Vorpruefung — nicht zur Beratung Dritter."
+}