@blamejs/exceptd-skills 0.10.0 → 0.10.2

package/lib/framework-gap.js

@@ -160,7 +160,23 @@ function gapReport(frameworkIds, threatScenario, controlGaps, cveCatalog = {}) {
 
   const frameworkResults = {};
   for (const id of frameworkIds) {
-    const frameworkGaps = relevantGaps.filter(([, g]) => g.framework?.includes(id));
+    // Match a framework filter ID against catalog entries by:
+    //   - exact match against gap.framework (e.g. "NIST SP 800-53 Rev 5")
+    //   - normalized substring match (strip case + spaces + hyphens, e.g. user
+    //     passing "nist-800-53" matches catalog "NIST SP 800-53 Rev 5")
+    //   - normalized prefix match on the gap KEY (e.g. user "nist-800-53"
+    //     matches keys "NIST-800-53-SI-2", "NIST-800-53-SC-8")
+    // This makes the named-framework filter behave the same way `all` does
+    // when extracting per-framework subsets.
+    const normalize = (s) => String(s).toLowerCase().replace(/[\s_-]/g, '');
+    const idNorm = normalize(id);
+    const frameworkGaps = relevantGaps.filter(([key, g]) => {
+      if (!g.framework) return false;
+      if (g.framework === id) return true;
+      if (normalize(g.framework).includes(idNorm)) return true;
+      if (normalize(key).startsWith(idNorm)) return true;
+      return false;
+    });
     frameworkResults[id] = {
       gap_count: frameworkGaps.length,
       gaps: frameworkGaps.map(([key, g]) => ({

package/lib/playbook-runner.js

@@ -122,9 +122,16 @@ function preflight(playbook, runOpts = {}) {
   for (const pc of meta.preconditions || []) {
     const submitted = runOpts.precondition_checks?.[pc.id];
     if (submitted === undefined) {
-      issues.push({ kind: 'precondition_unverified', id: pc.id, check: pc.check, on_fail: pc.on_fail });
+      const submission_hint = `Submit precondition_checks in your evidence JSON, e.g. { "precondition_checks": { "${pc.id}": true } }. The runner lifts this into runOpts before the gate evaluates.`;
+      issues.push({ kind: 'precondition_unverified', id: pc.id, check: pc.check, on_fail: pc.on_fail, submission_hint });
       if (pc.on_fail === 'halt') {
-        return { ok: false, blocked_by: 'precondition', reason: `Precondition ${pc.id} (${pc.check}) not verified by host AI; on_fail=halt.`, issues };
+        return {
+          ok: false,
+          blocked_by: 'precondition',
+          reason: `Precondition ${pc.id} (${pc.check}) not verified by host AI; on_fail=halt.`,
+          remediation: submission_hint,
+          issues
+        };
       }
       continue;
     }
@@ -199,6 +206,21 @@ function look(playbookId, directiveId, runOpts = {}) {
     playbook_id: playbookId,
     directive_id: directiveId,
     air_gap_mode: airGap,
+    // Preconditions are surfaced here so the host AI can verify them with its
+    // own probes (Bash:test -f /proc/version, etc.) and declare the results
+    // back through submission.precondition_checks. Without this list, the AI
+    // is blind to the gate and run() will halt with a precondition_unverified
+    // failure the AI can't diagnose. See AGENTS.md Hard Rule context.
+    preconditions: (playbook._meta.preconditions || []).map(pc => ({
+      id: pc.id,
+      description: pc.description,
+      check: pc.check,
+      on_fail: pc.on_fail
+    })),
+    precondition_submission_shape: {
+      hint: 'Include precondition_checks: { "<precondition-id>": true|false } in your submission JSON. The runner lifts it into runOpts before evaluating the gate.',
+      example: { precondition_checks: { 'linux-platform': true, 'uname-available': true } }
+    },
     artifacts: (l.artifacts || []).map(a => ({
       ...a,
       // Surface the air-gap alternative as the primary source when air_gap_mode
@@ -259,8 +281,19 @@ function detect(playbookId, directiveId, agentSubmission = {}) {
   const hasDeterministicHit = hits.some(r => r.deterministic);
   const hasHighConfHit = hits.some(r => r.confidence === 'high' || r.confidence === 'deterministic');
 
+  // Agent override: if signals.detection_classification is explicitly set to
+  // one of the four legal values, honor it. Engine computes its own
+  // classification as a fallback. Use the override when the agent has run the
+  // full false_positive_profile checks and reached an explicit verdict —
+  // engine-computed classification can't represent "I saw the indicators and
+  // confirmed they're all benign" without this override.
+  const override = (agentSubmission.signals && agentSubmission.signals.detection_classification);
+  const validOverrides = new Set(['detected', 'inconclusive', 'not_detected', 'clean']);
+
   let classification;
-  if (hasDeterministicHit || hasHighConfHit) {
+  if (override && validOverrides.has(override)) {
+    classification = override === 'clean' ? 'not_detected' : override;
+  } else if (hasDeterministicHit || hasHighConfHit) {
     classification = 'detected';
   } else if (hits.length === 0 && indicatorResults.every(r => r.verdict === 'miss')) {
     classification = 'not_detected';
@@ -293,10 +326,20 @@ function analyze(playbookId, directiveId, detectResult, agentSignals = {}) {
 
   // Match catalogued CVEs from the domain.cve_refs list. The agent submits
   // signal values; engine joins to the catalog for RWEP context.
+  // VEX filter (agentSignals.vex_filter): a set of CVE IDs the operator
+  // has formally declared not_affected via a CycloneDX/OpenVEX statement.
+  // We drop those from matched_cves before scoring, and surface them
+  // separately so the analyze response still records the disposition.
   const cveRefs = playbook.domain.cve_refs || [];
-  const matchedCves = cveRefs
-    .map(id => xref.byCve(id))
-    .filter(r => r.found);
+  const vexFilter = agentSignals.vex_filter instanceof Set ? agentSignals.vex_filter
+    : (Array.isArray(agentSignals.vex_filter) ? new Set(agentSignals.vex_filter) : null);
+  const allMatches = cveRefs.map(id => xref.byCve(id)).filter(r => r.found);
+  const matchedCves = vexFilter
+    ? allMatches.filter(c => !vexFilter.has(c.cve_id))
+    : allMatches;
+  const vexDropped = vexFilter
+    ? allMatches.filter(c => vexFilter.has(c.cve_id)).map(c => c.cve_id)
+    : [];
 
   // RWEP composition: start from the catalogue's per-CVE rwep_score (already
   // baked from KEV + PoC + AI-disc + active-exploitation + blast-radius), then
@@ -321,8 +364,21 @@ function analyze(playbookId, directiveId, detectResult, agentSignals = {}) {
   const blastRadiusScore = agentSignals.blast_radius_score || (blastRubric[0]?.blast_radius_score ?? null);
 
   // compliance_theater_check — engine surfaces the test; agent runs it; we
-  // accept the verdict in agentSignals.theater_verdict.
-  const theaterVerdict = agentSignals.theater_verdict || (an.compliance_theater_check ? 'pending_agent_run' : null);
+  // accept the verdict in agentSignals.theater_verdict. When agent didn't
+  // submit a verdict but the detect phase reached a clear classification,
+  // derive one rather than leaving the field stuck in 'pending_agent_run':
+  //   detect.classification = not_detected → theater_verdict = clear
+  //   detect.classification = detected     → theater_verdict = pending_agent_run
+  //                                          (agent still must run reality_test)
+  //   detect.classification = inconclusive → theater_verdict = pending_agent_run
+  // Aliases 'clean' / 'no_theater' map to 'clear' for ergonomics.
+  let theaterVerdict = agentSignals.theater_verdict;
+  if (theaterVerdict === 'clean' || theaterVerdict === 'no_theater') theaterVerdict = 'clear';
+  if (!theaterVerdict && an.compliance_theater_check) {
+    const cls = detectResult.classification;
+    theaterVerdict = cls === 'not_detected' ? 'clear' : 'pending_agent_run';
+  }
+  theaterVerdict = theaterVerdict || (an.compliance_theater_check ? 'pending_agent_run' : null);
 
   // framework_gap_mapping — engine emits the mapping verbatim; analyze does
   // not compute new gaps here, just attaches the playbook-declared ones.
@@ -340,9 +396,31 @@ function analyze(playbookId, directiveId, detectResult, agentSignals = {}) {
     phase: 'analyze',
     playbook_id: playbookId,
     directive_id: directiveId,
+    // Hard Rule #1 (AGENTS.md): every CVE reference must carry CVSS + KEV +
+    // PoC + AI-discovery + active-exploitation + patch/live-patch availability.
+    // Pull every required field from the catalog entry; null is only emitted
+    // when the catalog itself lacks the value, never when we just forgot to
+    // forward it. EPSS is included because validate-cves --live populates it.
     matched_cves: matchedCves.map(c => ({
-      cve_id: c.cve_id, rwep: c.rwep_score, cisa_kev: c.cisa_kev,
-      active_exploitation: c.active_exploitation, ai_discovered: c.ai_discovered
+      cve_id: c.cve_id,
+      rwep: c.rwep_score,
+      cvss_score: c.entry?.cvss_score ?? null,
+      cvss_vector: c.entry?.cvss_vector ?? null,
+      cisa_kev: c.cisa_kev,
+      cisa_kev_date: c.entry?.cisa_kev_date ?? null,
+      cisa_kev_due_date: c.entry?.cisa_kev_due_date ?? null,
+      poc_available: c.entry?.poc_available ?? null,
+      ai_discovered: c.ai_discovered,
+      ai_assisted_weaponization: c.entry?.ai_assisted_weaponization ?? null,
+      active_exploitation: c.active_exploitation,
+      patch_available: c.entry?.patch_available ?? null,
+      patch_required_reboot: c.entry?.patch_required_reboot ?? null,
+      live_patch_available: c.entry?.live_patch_available ?? null,
+      epss_score: c.entry?.epss_score ?? null,
+      epss_date: c.entry?.epss_date ?? null,
+      atlas_refs: c.atlas_refs,
+      attack_refs: c.attack_refs,
+      affected_versions: c.entry?.affected_versions ?? null,
     })),
     rwep: { base: baseRwep, adjusted: adjustedRwep, breakdown: rwepBreakdown, threshold: directive ? resolvedPhase(playbook, directiveId, 'direct').rwep_threshold : null },
     blast_radius_score: blastRadiusScore,
@@ -355,10 +433,44 @@ function analyze(playbookId, directiveId, detectResult, agentSignals = {}) {
       verdict_text: theaterVerdict === 'theater' ? an.compliance_theater_check?.theater_verdict_if_gap : null
     },
     framework_gap_mapping: frameworkGaps,
-    escalations
+    escalations,
+    vex: vexFilter ? {
+      filter_applied: true,
+      dropped_cve_count: vexDropped.length,
+      dropped_cves: vexDropped,
+      note: vexDropped.length
+        ? `${vexDropped.length} CVE(s) dropped from analyze because the operator-supplied VEX statement marks them not_affected / resolved / false_positive. They remain in cve-catalog.json; the disposition lives in the VEX file.`
+        : "VEX filter supplied; zero matches dropped (no CVEs in domain.cve_refs matched the VEX not-affected set)."
+    } : null
   };
 }
 
+/**
+ * Extract a set of "not affected" CVE IDs from a VEX document. Supports
+ * CycloneDX VEX (analysis.state in {not_affected, resolved, false_positive})
+ * and OpenVEX (statements[].status === "not_affected"). Returns a Set<string>.
+ */
+function vexFilterFromDoc(doc) {
+  const out = new Set();
+  if (!doc || typeof doc !== 'object') return out;
+
+  // CycloneDX shape
+  for (const v of (doc.vulnerabilities || [])) {
+    const state = v.analysis && v.analysis.state;
+    if (state === 'not_affected' || state === 'resolved' || state === 'false_positive') {
+      if (v.id) out.add(v.id);
+    }
+  }
+  // OpenVEX shape
+  for (const s of (doc.statements || [])) {
+    if (s.status === 'not_affected' || s.status === 'fixed') {
+      const id = s.vulnerability && (s.vulnerability['@id'] || s.vulnerability.name || s.vulnerability);
+      if (typeof id === 'string') out.add(id);
+    }
+  }
+  return out;
+}
+
 // --- phase 6: validate ---
 
 function validate(playbookId, directiveId, analyzeResult, agentSignals = {}) {
@@ -797,7 +909,9 @@ function plan(opts = {}) {
       return {
         id,
         domain: pb.domain,
+        scope: pb._meta.scope || null,
         threat_currency_score: pb._meta.threat_currency_score,
+        air_gap_mode: !!pb._meta.air_gap_mode,
         directives: pb.directives.map(d => ({ id: d.id, title: d.title, applies_to: d.applies_to }))
       };
     })
@@ -817,6 +931,7 @@ module.exports = {
   validate,
   close,
   run,
+  vexFilterFromDoc,
   // internal helpers exposed for tests
   _resolvedPhase: resolvedPhase,
   _deepMerge: deepMerge,

package/lib/schemas/playbook.schema.json

@@ -36,6 +36,11 @@
         },
         "owner": { "type": "string", "description": "GitHub handle or team responsible for currency." },
         "air_gap_mode": { "type": "boolean", "description": "When true, all artifact collection and lookups use offline fallbacks. No network." },
+        "scope": {
+          "type": "string",
+          "description": "Primary investigation scope. Drives CLI auto-detect + --scope filtering. system = host/kernel/packages/sysctl; code = repo walk / lockfiles / IaC; service = network APIs / MCP / AI providers; cross-cutting = pure-analyze correlation layer.",
+          "enum": ["system", "code", "service", "cross-cutting"]
+        },
         "preconditions": {
           "type": "array",
           "description": "Must hold before the playbook runs.",

package/manifest-snapshot.json

@@ -1,6 +1,6 @@
 {
   "_comment": "Auto-generated by scripts/refresh-manifest-snapshot.js — do not hand-edit. Public skill surface used by check-manifest-snapshot.js to detect breaking removals.",
-  "_generated_at": "2026-05-12T05:39:54.946Z",
+  "_generated_at": "2026-05-12T13:48:57.281Z",
   "atlas_version": "5.1.0",
   "skill_count": 38,
   "skills": [

package/manifest.json

@@ -1,6 +1,6 @@
 {
   "name": "exceptd-security",
-  "version": "0.10.0",
+  "version": "0.10.2",
   "description": "AI security skills grounded in mid-2026 threat reality, not stale framework documentation",
   "homepage": "https://exceptd.com",
   "license": "Apache-2.0",
@@ -52,7 +52,7 @@
       ],
       "last_threat_review": "2026-05-01",
       "signature": "WprHkO1KOjQtCBj6/EJghBTNyNKJhn7O2HDbAQZPi5jn4flwHpSrtP8LC15a4Unoh+xiIIgGhvTHZIQFHGMpBQ==",
-      "signed_at": "2026-05-12T05:39:54.542Z",
+      "signed_at": "2026-05-12T13:48:56.849Z",
       "cwe_refs": [
         "CWE-125",
         "CWE-362",
@@ -116,7 +116,7 @@
       ],
       "last_threat_review": "2026-05-01",
       "signature": "fg20bOXGRkPUdLmegeXpTM4hnzl/ArgcVc88rItZN5DdsnFnzPgUU1PwCI82zooyj2GfxJHYjxNkq5qd2zNPBg==",
-      "signed_at": "2026-05-12T05:39:54.544Z",
+      "signed_at": "2026-05-12T13:48:56.851Z",
       "cwe_refs": [
         "CWE-1039",
         "CWE-1426",
@@ -179,7 +179,7 @@
       ],
       "last_threat_review": "2026-05-01",
       "signature": "6JuSzkSSFzFHEZ3ANzqjtIbKPOkwJeKhQ+8WAPB4+dTRvDSeg46n3D88XfGaNd2z7pmg/i8p9ZoImQcHFS4BCg==",
-      "signed_at": "2026-05-12T05:39:54.544Z",
+      "signed_at": "2026-05-12T13:48:56.851Z",
       "cwe_refs": [
         "CWE-22",
         "CWE-345",
@@ -225,7 +225,7 @@
       "framework_gaps": [],
       "last_threat_review": "2026-05-01",
       "signature": "PYSw9abiYfW+y7IkY8udJG5LSds2a4rMimlw3rrdD0zE3vunEeV/y7oTmDD4o83OqHSCKNzF/7vMhvd/noqICQ==",
-      "signed_at": "2026-05-12T05:39:54.545Z"
+      "signed_at": "2026-05-12T13:48:56.851Z"
     },
     {
       "name": "compliance-theater",
@@ -256,7 +256,7 @@
       ],
       "last_threat_review": "2026-05-01",
       "signature": "BMFmmJYP3HsHIjUqnhw8E3MiMGZJsI/eDq51we+nxUicZ8nFUQT9DhmRntAqOs6BUnsfiQNNLc/rrsNh8yg1CQ==",
-      "signed_at": "2026-05-12T05:39:54.545Z"
+      "signed_at": "2026-05-12T13:48:56.852Z"
     },
     {
       "name": "exploit-scoring",
@@ -285,7 +285,7 @@
       ],
       "last_threat_review": "2026-05-01",
       "signature": "VGPyDwy5BRlpn1lZthhPB6ytb4ZcU2j0KtCZbaMkyLdMugQJtK2yEuwrsDH4yEtAhTB6/A4B3eSygJckum49Ag==",
-      "signed_at": "2026-05-12T05:39:54.546Z"
+      "signed_at": "2026-05-12T13:48:56.853Z"
     },
     {
       "name": "rag-pipeline-security",
@@ -322,7 +322,7 @@
       ],
       "last_threat_review": "2026-05-01",
       "signature": "XkFGpsNnXBVslkQ48usEu9l1LjPiV2ppW+M4B63zXFBP2Puh52qYCffEPjUHYhoO5bjgTM7yCbK8XF/Dzk5wBw==",
-      "signed_at": "2026-05-12T05:39:54.546Z",
+      "signed_at": "2026-05-12T13:48:56.853Z",
       "cwe_refs": [
         "CWE-1395",
         "CWE-1426"
@@ -379,7 +379,7 @@
       ],
       "last_threat_review": "2026-05-01",
       "signature": "1Xqy7Kxxy6GpTvuYJPdllPzVDRFxb7N6AuxKuoaO4v91CiZLmiXt0sTIWImKJ3p9Eup6rJNDdsY71dolFhHNBA==",
-      "signed_at": "2026-05-12T05:39:54.546Z",
+      "signed_at": "2026-05-12T13:48:56.853Z",
       "d3fend_refs": [
         "D3-CA",
         "D3-CSPP",
@@ -414,7 +414,7 @@
       "framework_gaps": [],
       "last_threat_review": "2026-05-01",
       "signature": "QNLOmAL54S/Cmk4cdO4L2BCGkqZ/FgY4UBsKWtg/EEW+YXF5ev+a8XsUT8q5veuUa2VYcYna7rD1iAnE+2PDBA==",
-      "signed_at": "2026-05-12T05:39:54.546Z",
+      "signed_at": "2026-05-12T13:48:56.853Z",
       "cwe_refs": [
         "CWE-1188"
       ]
@@ -442,7 +442,7 @@
       "framework_gaps": [],
       "last_threat_review": "2026-05-01",
       "signature": "aFHq4cSl3CKchnVITxx+BrAEWD33WtFFJoQtwAug5g9R3/3ABtjaXYGVQaZcdcG1AIZkMoGSPywgLQWDY7ZDCw==",
-      "signed_at": "2026-05-12T05:39:54.547Z"
+      "signed_at": "2026-05-12T13:48:56.854Z"
     },
     {
       "name": "global-grc",
@@ -474,7 +474,7 @@
       "framework_gaps": [],
       "last_threat_review": "2026-05-01",
       "signature": "viCTUWdy6euvd2KTAo6sLvarK/FZkDtYGocxBt0H+fY94kLQGW8K5cSpqIWdUF5NUytSHBCiG4YcSze8P9Z/BQ==",
-      "signed_at": "2026-05-12T05:39:54.547Z"
+      "signed_at": "2026-05-12T13:48:56.854Z"
     },
     {
       "name": "zeroday-gap-learn",
@@ -501,7 +501,7 @@
       "framework_gaps": [],
       "last_threat_review": "2026-05-01",
       "signature": "6PkUaHQi3Hxuqq/Jp4GYckvfqVEofmeT87NUH0T+pwyjlc+xZkoqNPn65f7ldciEPL86JIPi3/dDTKQbIFFBCw==",
-      "signed_at": "2026-05-12T05:39:54.547Z"
+      "signed_at": "2026-05-12T13:48:56.854Z"
     },
     {
       "name": "pqc-first",
@@ -553,7 +553,7 @@
       ],
       "last_threat_review": "2026-05-01",
       "signature": "ZenFTEzWx+DzrSXlNXhbZ70vOdJSXfrnKkAwqMlBf5nlDf38V1/hG4XCKj43snQXWr4mVJOX6ilqFLTYNIjnBw==",
-      "signed_at": "2026-05-12T05:39:54.548Z",
+      "signed_at": "2026-05-12T13:48:56.855Z",
       "cwe_refs": [
         "CWE-327"
       ],
@@ -600,7 +600,7 @@
       ],
       "last_threat_review": "2026-05-01",
       "signature": "ih0vpd2v2zS31JSJv7SnABoya8JlJdrXZXx4rBnrsV3Assj+dbjAP0pQ1HMT/5RX8yTTswRQsg0bJV3qmbJ3Bw==",
-      "signed_at": "2026-05-12T05:39:54.548Z"
+      "signed_at": "2026-05-12T13:48:56.855Z"
     },
     {
       "name": "security-maturity-tiers",
@@ -637,7 +637,7 @@
       ],
       "last_threat_review": "2026-05-01",
       "signature": "Lv8dHiwIqUbNsywCCB/+pYWGF+MHCvxVn1IAvR7Cnif5fy0sICv0N4SVsSb621qAAkHNshpfxqwuhbuQnE1TBA==",
-      "signed_at": "2026-05-12T05:39:54.549Z",
+      "signed_at": "2026-05-12T13:48:56.856Z",
       "cwe_refs": [
         "CWE-1188"
       ]
@@ -672,7 +672,7 @@
       "framework_gaps": [],
       "last_threat_review": "2026-05-11",
       "signature": "BS+wrL28HHYhBpe+v84VLoq9KPBXu6alfG968katfGIoLNYQueaHP931bRmlkrjfeb6qbDf067GWdPEh7nroAw==",
-      "signed_at": "2026-05-12T05:39:54.549Z"
+      "signed_at": "2026-05-12T13:48:56.856Z"
     },
     {
       "name": "attack-surface-pentest",
@@ -743,7 +743,7 @@
         "PTES revision incorporating AI-surface enumeration"
       ],
       "signature": "vLhIYT/CC3IzxMRa+UPeqGSZTvthuwUeTMGNFMm37+TaEk0TtfwPrPyrBJLHw4W6Wt7+pufjHs46X3nTgzoRAg==",
-      "signed_at": "2026-05-12T05:39:54.549Z"
+      "signed_at": "2026-05-12T13:48:56.856Z"
     },
     {
       "name": "fuzz-testing-strategy",
@@ -803,7 +803,7 @@
         "OSS-Fuzz-Gen / AI-assisted harness generation becoming the default expectation for OSS maintainers"
       ],
       "signature": "TOcQLy/427cuf0Lw90J7A0oIeuhUmf9NXb6tOUS5K3SazCKTJujPgYSVAPZOYf1zZrRAY/aq0iqELd5cLyk5DA==",
-      "signed_at": "2026-05-12T05:39:54.549Z"
+      "signed_at": "2026-05-12T13:48:56.857Z"
     },
     {
       "name": "dlp-gap-analysis",
@@ -878,7 +878,7 @@
         "Quebec Law 25, India DPDPA, KSA PDPL enforcement actions naming AI-tool prompt data as in-scope personal information"
       ],
       "signature": "u4IN7escQa5V+OgdtaJXLdvhmNiGZsdmGOvebTLZ30WoImT+WiksvaqSa0POGdbr6HzFkALe2RrZEH9Tr0U6Dg==",
-      "signed_at": "2026-05-12T05:39:54.550Z"
+      "signed_at": "2026-05-12T13:48:56.857Z"
     },
     {
       "name": "supply-chain-integrity",
@@ -955,7 +955,7 @@
         "OpenSSF model-signing — emerging Sigstore-based signing standard for ML model weights; track for production adoption"
       ],
       "signature": "eTGQJ3gnG24WggfwuFNNIFOWV/ttPxTa3pvx9OH28m5KDS1a4ZmOR7K8y01wk/su8bH0ClYYRfoBfKQOtRswAg==",
-      "signed_at": "2026-05-12T05:39:54.550Z"
+      "signed_at": "2026-05-12T13:48:56.857Z"
     },
     {
       "name": "defensive-countermeasure-mapping",
@@ -1012,7 +1012,7 @@
       ],
       "last_threat_review": "2026-05-11",
       "signature": "q7gFLPoqf/8bqATR6gt/nj0EoyUOlfzi+bZ0bT3pC9KW7O6M/ji9fT+AXSGNp6PKd+70ACb3mkMGmWgjLpQXCg==",
-      "signed_at": "2026-05-12T05:39:54.550Z"
+      "signed_at": "2026-05-12T13:48:56.857Z"
     },
     {
       "name": "identity-assurance",
@@ -1079,7 +1079,7 @@
       "d3fend_refs": [],
       "last_threat_review": "2026-05-11",
       "signature": "pX8rhrrzuyG3iRrPORLqTZAjzGdWK/bKPUGJG5WHSZcv4LB0kQXOit4sHG0exdXxI6HY8jyX67QY4r5vEHHACw==",
-      "signed_at": "2026-05-12T05:39:54.550Z"
+      "signed_at": "2026-05-12T13:48:56.858Z"
     },
     {
       "name": "ot-ics-security",
@@ -1135,7 +1135,7 @@
       "d3fend_refs": [],
       "last_threat_review": "2026-05-11",
       "signature": "ypb8kNZQRdyu5mWeveB7sjCjNKXS1yXvjDJv88muzwhOs/a4Fu/Gb532js5NKyy+eCw/emrphpTZaL8R9a2lBA==",
-      "signed_at": "2026-05-12T05:39:54.551Z"
+      "signed_at": "2026-05-12T13:48:56.858Z"
     },
     {
       "name": "coordinated-vuln-disclosure",
@@ -1187,7 +1187,7 @@
         "NYDFS 23 NYCRR 500 amendments potentially adding explicit CVD program requirements"
       ],
       "signature": "346Lt+277ycRNsyAOGwLSONi4awgxKy3hP9G+BWjwaa8ySmTeqbYsbyyhtxjeohk9bV2SF+Hl2q4JdSvc/2qCQ==",
-      "signed_at": "2026-05-12T05:39:54.551Z"
+      "signed_at": "2026-05-12T13:48:56.858Z"
     },
     {
       "name": "threat-modeling-methodology",
@@ -1237,7 +1237,7 @@
         "PASTA v2 updates incorporating AI/ML application threats"
       ],
       "signature": "ewTvG5vu3ngFHyXgBur5vSKDFQsOZx0x79djGMricl7LCvQf5//OG6LZKXa+AOuEq58prRS+HgzrFA1DiTfeCQ==",
-      "signed_at": "2026-05-12T05:39:54.551Z"
+      "signed_at": "2026-05-12T13:48:56.859Z"
     },
     {
       "name": "webapp-security",
@@ -1311,7 +1311,7 @@
       "d3fend_refs": [],
       "last_threat_review": "2026-05-11",
       "signature": "ZHjbKu0Em92Kimr2esL1g93mf9TmcsChBhVEMWf/lFrjeLcg8nyHEIcDstIZ3FWYgc6MQNHnc3Rup3Xp/Za1Cw==",
-      "signed_at": "2026-05-12T05:39:54.552Z"
+      "signed_at": "2026-05-12T13:48:56.859Z"
     },
     {
       "name": "ai-risk-management",
@@ -1361,7 +1361,7 @@
       "d3fend_refs": [],
       "last_threat_review": "2026-05-11",
       "signature": "1KRxjCbAX0Rs5NTOioi1w/f1SOzDQrtRoXjTDtzEwJ+d1QzFf9cqmBlp0uXmGpL0bzEaHWIctjigSychmoL2Dw==",
-      "signed_at": "2026-05-12T05:39:54.552Z"
+      "signed_at": "2026-05-12T13:48:56.859Z"
     },
     {
       "name": "sector-healthcare",
@@ -1421,7 +1421,7 @@
       "d3fend_refs": [],
       "last_threat_review": "2026-05-11",
       "signature": "eiajFh7w7d4g+/crGalTtw9Qsu0deVsdHkdthZSy595ifGmgu0zaFD8usKThbPhOdUCCclTYkZYz5GalQmkhCw==",
-      "signed_at": "2026-05-12T05:39:54.552Z"
+      "signed_at": "2026-05-12T13:48:56.860Z"
     },
     {
       "name": "sector-financial",
@@ -1502,7 +1502,7 @@
         "TIBER-EU framework v2.0 alignment with DORA TLPT RTS (JC 2024/40); cross-recognition with CBEST and iCAST"
       ],
       "signature": "iSZR/fYESQVyjkcqj+O+yzU0BQfaELH5s7WizzUTWvDPDTD2ZyOnZTT1r/Zfx2l4mbPmVeFGWdYnnVFTk/i3Aw==",
-      "signed_at": "2026-05-12T05:39:54.553Z"
+      "signed_at": "2026-05-12T13:48:56.860Z"
     },
     {
       "name": "sector-federal-government",
@@ -1571,7 +1571,7 @@
         "Australia PSPF 2024 revision and ISM quarterly updates — track for Essential Eight Maturity Level requirements for federal entities"
       ],
       "signature": "Wjdo5YXEL8XeNZkaEueG1DOUoyalstNPzQkxD/cwP5iMrJWg/Ly+sC0Oluuqm3aU7d63z55PrbGQCJD0XVZqBg==",
-      "signed_at": "2026-05-12T05:39:54.553Z"
+      "signed_at": "2026-05-12T13:48:56.861Z"
     },
     {
       "name": "sector-energy",
@@ -1636,7 +1636,7 @@
         "ICS-CERT advisory feed (https://www.cisa.gov/news-events/cybersecurity-advisories/ics-advisories) for vendor CVEs in Siemens, Rockwell, Schneider Electric, ABB, GE Vernova, Hitachi Energy, AVEVA / OSIsoft PI"
       ],
       "signature": "c/l7dOHe0Zj6Ag3abUaEie6o0f8M4rhY5aPI9/wG4z6FDue9PzCVw8vUGoITFgg89g97lMfy2C3CE2PegQoFCw==",
-      "signed_at": "2026-05-12T05:39:54.553Z"
+      "signed_at": "2026-05-12T13:48:56.861Z"
     },
     {
       "name": "api-security",
@@ -1705,7 +1705,7 @@
       "d3fend_refs": [],
       "last_threat_review": "2026-05-11",
       "signature": "9FgcJvYeo07QxQ+mnVRQk4jYLDMO/AVSXMs8cueO2f/qMOTQmrhBMVhj5ze7hzvXpGkp7EK/3Q1XKqde61JMAg==",
-      "signed_at": "2026-05-12T05:39:54.554Z"
+      "signed_at": "2026-05-12T13:48:56.861Z"
     },
     {
       "name": "cloud-security",
@@ -1786,7 +1786,7 @@
         "CISA KEV additions for cloud-control-plane CVEs (IMDSv1 abuses, federation token mishandling, cross-tenant boundary failures); CISA Cybersecurity Advisories for cross-cloud advisories"
       ],
       "signature": "xRA0XZf7VPtuBtbsm41bay9yBLphw/hlL3YxIUrpko5g9ldM3oJe9o1qSwzIj/wSnQSI29qqPpNsnlks+HEOCA==",
-      "signed_at": "2026-05-12T05:39:54.554Z"
+      "signed_at": "2026-05-12T13:48:56.862Z"
     },
     {
       "name": "container-runtime-security",
@@ -1848,7 +1848,7 @@
       "d3fend_refs": [],
       "last_threat_review": "2026-05-11",
       "signature": "GcU50DStuN1gU/Evm/sFRgeieQbqffVp12rgbGnasRX89Q7kM4ltFXB+bgCXHIvICzYb78hPIifWQb9UVupWBQ==",
-      "signed_at": "2026-05-12T05:39:54.554Z"
+      "signed_at": "2026-05-12T13:48:56.862Z"
     },
     {
       "name": "mlops-security",
@@ -1919,7 +1919,7 @@
         "MITRE ATLAS v5.2 — track AML.T0010 sub-technique expansion and any new MLOps-pipeline-specific TTPs"
       ],
       "signature": "onIazpFoL1t4PMNRsoF06ggnl7BzCKjt0x+ZmVfWfyt1V06DgllsrbN3AAz4+g4jW2Sc71q0vIFKfwEUWpGVAQ==",
-      "signed_at": "2026-05-12T05:39:54.555Z"
+      "signed_at": "2026-05-12T13:48:56.863Z"
     },
     {
       "name": "incident-response-playbook",
@@ -1981,7 +1981,7 @@
         "NYDFS 23 NYCRR 500.17 amendments tightening ransom-payment 24h disclosure operationalization"
       ],
       "signature": "P0Yv4CtqbnBNP6nSIxQUYYHL7T7ci+iE7iE2UXVfnMPeWVdKG2nvRePjBXc3JZTLima1Txn/I5ocDNhLTIeUAQ==",
-      "signed_at": "2026-05-12T05:39:54.555Z"
+      "signed_at": "2026-05-12T13:48:56.863Z"
     },
     {
       "name": "email-security-anti-phishing",
@@ -2034,7 +2034,7 @@
       "d3fend_refs": [],
       "last_threat_review": "2026-05-11",
       "signature": "2pv81lLRbazpHqundCANb3YiLB4lkVsYctIDvI8rxSvHxhPS9jYXqmAoB5APSdDuOaew6XqpfZOehQUj9WmyBw==",
-      "signed_at": "2026-05-12T05:39:54.555Z"
+      "signed_at": "2026-05-12T13:48:56.863Z"
     },
     {
       "name": "age-gates-child-safety",
@@ -2102,7 +2102,7 @@
         "US state adult-site age-verification laws — 19+ states by mid-2026 (TX HB 18 upheld by SCOTUS June 2025 in Free Speech Coalition v. Paxton); track ongoing challenges in remaining states"
       ],
       "signature": "BJ/YYnGVXeSBaR9oWAVrcNX7Wz+kE8R4CghX6+XEI/qY89fyrkKNNwo2veqqf49wffJhHVJ1wTp8ZDECjNp+Dw==",
-      "signed_at": "2026-05-12T05:39:54.556Z"
+      "signed_at": "2026-05-12T13:48:56.864Z"
     }
   ]
 }

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@blamejs/exceptd-skills",
-  "version": "0.10.0",
+  "version": "0.10.2",
   "description": "AI security skills grounded in mid-2026 threat reality, not stale framework documentation. 38 skills, 10 catalogs, 34 jurisdictions, pre-computed indexes, Ed25519-signed.",
   "keywords": [
     "ai-security",

package/sbom.cdx.json

@@ -1,10 +1,10 @@
 {
   "bomFormat": "CycloneDX",
   "specVersion": "1.6",
-  "serialNumber": "urn:uuid:7ad6ee8c-6fb3-4eee-b37d-d9b770e964b6",
+  "serialNumber": "urn:uuid:2b2f295c-38c8-41a6-8821-59d2cf412800",
   "version": 1,
   "metadata": {
-    "timestamp": "2026-05-12T05:38:55.099Z",
+    "timestamp": "2026-05-12T13:48:57.728Z",
     "tools": [
       {
         "name": "hand-written",
@@ -13,10 +13,10 @@
       }
     ],
     "component": {
-      "bom-ref": "pkg:npm/@blamejs/exceptd-skills@0.10.0",
+      "bom-ref": "pkg:npm/@blamejs/exceptd-skills@0.10.2",
       "type": "application",
       "name": "@blamejs/exceptd-skills",
-      "version": "0.10.0",
+      "version": "0.10.2",
       "description": "AI security skills grounded in mid-2026 threat reality, not stale framework documentation. 38 skills, 10 catalogs, 34 jurisdictions, pre-computed indexes, Ed25519-signed.",
       "licenses": [
         {
@@ -25,11 +25,11 @@
           }
         }
       ],
-      "purl": "pkg:npm/%40blamejs/exceptd-skills@0.10.0",
+      "purl": "pkg:npm/%40blamejs/exceptd-skills@0.10.2",
       "externalReferences": [
         {
           "type": "distribution",
-          "url": "https://www.npmjs.com/package/@blamejs/exceptd-skills/v/0.10.0"
+          "url": "https://www.npmjs.com/package/@blamejs/exceptd-skills/v/0.10.2"
         },
         {
           "type": "vcs",