npm - @blamejs/exceptd-skills - Versions diffs - 0.11.3 → 0.11.5 - Mend

@blamejs/exceptd-skills 0.11.3 → 0.11.5

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (8) hide show

package/CHANGELOG.md CHANGED Viewed

@@ -1,5 +1,62 @@
 # Changelog
+## 0.11.5 — 2026-05-12
+**Patch: items 82-90 + permanent regression suite at `tests/operator-bugs.test.js`.**
+Every operator-reported bug fixed across the v0.9.5 → v0.11.x arc now lands as a named test case in `tests/operator-bugs.test.js`. Re-introductions surface at `npm test`, not at user re-report. 27 cases on day one covering items #17, #18, #19, #31, #32, #33, #46, #58, #62, #65, #71, #73, #76, #82, #83, #85, #87.
+### Critical
+- **#82 SARIF / CSAF / OpenVEX rendered empty bundles** when the playbook had no catalogued CVEs. crypto-codebase / library-author have `domain.cve_refs: []` by design (they check process / posture, not catalogue CVEs), so the renderers had nothing to populate. Pre-0.11.5 a successful run with 9 indicators firing produced `vulnerabilities: 0` / `results: 0` / `statements: 0`. Now: indicators that fire (verdict: hit) and framework gaps are first-class SARIF results / CSAF vulnerabilities / OpenVEX statements. Each fired indicator becomes a SARIF result with `kind: indicator_hit` + a pseudo-CVE id under the `exceptd:` namespace for CSAF/OpenVEX. SARIF + CSAF + OpenVEX bundles now meaningfully integrate with GitHub Code Scanning / VEX downstreams / supply-chain tooling even for posture-only playbooks.
+### Bugs
+- **#83 lint and run disagreed on shape validity.** Lint walked the raw submission and only matched observations whose key was a known artifact id. The runner's `normalizeSubmission` followed `val.artifact` indirection — so observations with arbitrary keys (`obs-1`, `obs-2`) and an `artifact:` field route correctly. Fix: lint now runs the same `normalizeSubmission` the runner does, then validates the canonical normalized shape. The user's proposed fix — single observations-normalizer module that lint, run, and format renderers all consume — landed.
+- **#85 `from_observation` always null.** The diagnostic field on `indicators_evaluated[]` is now populated with the observation key that drove each indicator outcome (when supplied via flat-shape observation + indicator + result). Lets operators trace "which observation produced this verdict" without guessing.
+- **#86 / #76 `--format garbage` was silent.** v0.11.4 fixed it for `run`; this release fixes the same surface on `ci`. Both now emit `{ok:false, error, verb}` JSON to stderr with non-zero exit when an unknown format is requested.
+- **#90 legacy verbs in help.** v0.10.x legacy verbs (plan / govern / direct / look / scan / dispatch / etc) appeared in the help output alongside their v0.11 replacements. Operators copy-pasting from `exceptd help | grep '^  [a-z]'` ended up using legacy verbs and missed the new ones. Each legacy entry is now prefixed with `[DEPRECATED]` so the grep pattern still excludes them.
+### Deferred (confirmed not yet shipped)
+- **#88 default-output flip incomplete.** `emit()` indents JSON on TTY (improvement over compact JSON); `discover`/`doctor`/`ask`/`refresh` use custom human renderers. `brief`/`run`/`attest list`/`lint` still emit JSON because their data is too rich for a compact human view. Indented-JSON-on-TTY is the v0.11.x answer; per-verb human renderers continue to be incremental.
+- **#89 warn-level preconditions exit 0.** `on_fail: halt` correctly exits 1; `on_fail: warn` exits 0 with `preflight_issues` populated. The operator wants warn-level to also fail CI gates — `--strict-preconditions` flag deferred to v0.11.6. Today: use `exceptd ci` for CI gates (correctly maps detected/escalate to exit 2).
+### Test infrastructure
+- New: `tests/operator-bugs.test.js` (27 cases, all green). Future bug fixes land here as named cases so the audit script becomes part of CI.
+## 0.11.4 — 2026-05-12
+**Patch: high-impact #71 fix + items 72-77.**
+### Critical fix
+- **#71 detect didn't accept indicator-result synonyms.** Operators submitting flat-shape evidence with `observation.result: "no_hit"` (the standard vocabulary for years of CI/security tooling) hit the runner's strict `hit|miss|inconclusive` set, falsed every comparison, and ended up with `classification: "inconclusive"` regardless of evidence. This silently broke the new flat-shape submission UX that v0.11.0/v0.11.3 was built around. Same evidence in the legacy `signal_overrides` shape produced the correct `not_detected` verdict.
+  Fix: a `canonicalize()` step in both `normalizeSubmission` and `detect()` maps `no_hit`/`no-hit`/`clean`/`clear`/`not_hit`/`ok`/`pass`/`negative`/`false` → `miss`; `hit`/`detected`/`positive`/`true` → `hit`; `inconclusive`/`unknown`/`unverified`/`null` → `inconclusive`. Operator vocabulary is now normalized to the engine's canonical 3-value set at submission boundary.
+- **#77 CSAF/OpenVEX bundles auto-fixed.** Downstream of #71: now that detect actually processes signal_overrides correctly, the per-CVE statements in `bundle.vulnerabilities` / `statements` populate when there are matched_cves.
+### Bugs
+- **#72 ci --format silently ignored.** `exceptd ci --scope code --format summary` and the bare command emitted byte-identical full bundles (~350 KB). CI gates couldn't get a compact verdict without piping through jq. Now ci honors `--format summary|markdown|csaf-2.0|sarif|openvex` with the same shortcuts as `run --format`. Summary is a single-line JSON with `session_id + playbooks_run + verdict + counts`.
+- **#73 `indicators_evaluated` type changed silently.** v0.11.3 introduced it as an integer count; downstream consumers iterating `for i in detect.indicators_evaluated` crashed. Restored to an array of `{signal_id, outcome, confidence}`. Added `indicators_evaluated_count` as a peer field for callers wanting the integer.
+- **#76 `ci --format garbage` silent empty stdout.** Invalid format values now return `{ok:false, error, verb:"ci"}` JSON to stderr with exit 2, matching the unified error shape.
+### Not addressed in this patch
+- **#74 default-output flip still incomplete.** `emit()` indents JSON when stdout is a TTY (improvement over compact), but `brief`/`run`/`attest list`/`lint` still emit JSON, not a custom human form. The richer data on `brief`/`run` doesn't have a natural compact human view. Indented-JSON-on-TTY ships as the v0.11.x answer; a true human renderer per verb is deferred. `discover`/`doctor`/`ask`/`refresh` continue with their custom renderers.
+- **#75 preflight-blocked exit 0 for warn-level.** `on_fail: halt` preconditions correctly exit 1; `on_fail: warn` preconditions correctly exit 0 with `preflight_issues` populated. The operator wants warn-level to also fail CI — that's a `--strict-preconditions` flag, deferred to v0.11.5. Today: use `exceptd ci` for CI gates (correctly maps detected/escalate to exit 2); `run` is for single-investigation invocations where warn-level info is appropriate.
+### Already shipped (cross-referenced)
+- #78 `doctor --fix` (v0.11.2).
 ## 0.11.3 — 2026-05-12
 **Patch: operator-reported item #71 + full feature audit findings.**

package/bin/exceptd.js CHANGED Viewed

@@ -245,17 +245,26 @@ v0.11.0 canonical surface
 v0.10.x compatibility (will be removed in v0.12)
 ────────────────────────────────────────────────
-These verbs still work but emit a one-time deprecation banner. Migrate to
-the v0.11.0 verb shown:
-  plan → brief --all                govern → brief <pb> --phase govern
-  direct → brief <pb> --phase direct  look → brief <pb> --phase look
-  ingest → run                       reattest → attest diff
-  list-attestations → attest list   scan → discover --scan-only
-  dispatch → discover                currency → doctor --currency
-  verify → doctor --signatures      validate-cves → doctor --cves
-  validate-rfcs → doctor --rfcs     watchlist → watch
-  prefetch → refresh --no-network   build-indexes → refresh --indexes-only
+These verbs still work but emit a one-time deprecation banner. The
+[DEPRECATED] prefix is included so \`exceptd help | grep '^  [a-z]'\`
+doesn't surface them in the active-verbs list. Migrate to v0.11:
+  [DEPRECATED] plan              → brief --all
+  [DEPRECATED] govern <pb>       → brief <pb> --phase govern
+  [DEPRECATED] direct <pb>       → brief <pb> --phase direct
+  [DEPRECATED] look <pb>         → brief <pb> --phase look
+  [DEPRECATED] ingest            → run
+  [DEPRECATED] reattest <sid>    → attest diff <sid>
+  [DEPRECATED] list-attestations → attest list
+  [DEPRECATED] scan              → discover --scan-only
+  [DEPRECATED] dispatch          → discover
+  [DEPRECATED] currency          → doctor --currency
+  [DEPRECATED] verify            → doctor --signatures
+  [DEPRECATED] validate-cves     → doctor --cves
+  [DEPRECATED] validate-rfcs     → doctor --rfcs
+  [DEPRECATED] watchlist         → watch
+  [DEPRECATED] prefetch          → refresh --no-network
+  [DEPRECATED] build-indexes     → refresh --indexes-only
 Output: default human-readable (v0.11.0). --json for machine output.
         --pretty for indented JSON.
@@ -818,7 +827,6 @@ function cmdLint(runner, args, runOpts, pretty) {
   catch (e) { return emitError(`lint: failed to read evidence: ${e.message}`, { evidence: evidencePath }, pretty); }
   const directiveId = args.directive || (pb.directives[0] && pb.directives[0].id);
-  const resolved = runner._resolvedPhase;
   const lookPhase = pb.phases?.look || {};
   const detectPhase = pb.phases?.detect || {};
@@ -827,26 +835,38 @@ function cmdLint(runner, args, runOpts, pretty) {
   const knownIndicators = new Set((detectPhase.indicators || []).map(i => i.id));
   const knownPreconditions = new Set((pb._meta?.preconditions || []).map(p => p.id));
-  // Support both flat (observations) and nested (artifacts/signal_overrides) shapes.
+  // v0.11.5 #83: shared shape contract with runner. Pre-0.11.5 lint
+  // walked the raw submission and only matched observations whose key was
+  // a known artifact id. The runner's normalizeSubmission follows
+  // `val.artifact` indirection — so observations with arbitrary keys
+  // (obs-1, obs-2) and an `artifact:` field route correctly. Lint must
+  // do the same normalization before validating, or lint and run disagree
+  // on what's a valid submission.
+  const normalized = runner.normalizeSubmission(submission, pb);
   const flat = submission.observations || null;
-  const artifactsKey = flat ? flat : (submission.artifacts || {});
-  const signalsKey = flat ? flat : (submission.signal_overrides || {});
+  // After normalize, validation walks the canonical nested shape.
   const missingRequired = requiredArtifacts.filter(id => {
-    const a = artifactsKey[id];
-    return !a || (flat ? !a.captured : !a.captured);
+    const a = normalized.artifacts && normalized.artifacts[id];
+    return !a || !a.captured;
   });
-  const unknownArtifactKeys = Object.keys(submission.artifacts || {})
+  const unknownArtifactKeys = Object.keys(normalized.artifacts || {})
     .filter(k => !knownArtifacts.has(k));
-  const unknownSignalKeys = Object.keys(submission.signal_overrides || {})
+  const unknownSignalKeys = Object.keys(normalized.signal_overrides || {})
     .filter(k => !knownIndicators.has(k));
   const unknownObservationKeys = flat
-    ? Object.keys(flat).filter(k => !knownArtifacts.has(k) && !knownIndicators.has(k) && !knownPreconditions.has(k))
+    ? Object.keys(flat).filter(k => {
+        // Skip observations with explicit `artifact:` indirection — those
+        // are valid by-design even when the key doesn't match a known artifact.
+        const v = flat[k];
+        if (v && typeof v === "object" && v.artifact) return false;
+        return !knownArtifacts.has(k) && !knownIndicators.has(k) && !knownPreconditions.has(k);
+      })
     : [];
   const unsuppliedPreconditions = [...knownPreconditions].filter(
-    p => !((submission.precondition_checks || {}).hasOwnProperty(p) || (flat || {}).hasOwnProperty(p))
+    p => !(((submission.precondition_checks || {}).hasOwnProperty(p)) || ((normalized.precondition_checks || {}).hasOwnProperty(p)))
   );
   const issues = [];
@@ -866,33 +886,19 @@ function cmdLint(runner, args, runOpts, pretty) {
     issues.push({ severity: "warn", kind: "unknown_observation_key", key: k });
   }
-  // #71 (v0.11.3): when a submission is flat-shape with all captured artifacts
-  // but no indicator+result inline and no verdict.classification — detect()
-  // will return "inconclusive" because nothing drives the indicator decisions.
-  // Lint must surface this so operators don't ship a half-shape evidence file
-  // that passes lint but produces an inconclusive run.
+  // #71 (v0.11.3) + #83 (v0.11.5): when a submission is flat-shape but the
+  // post-normalize signal_overrides is empty AND no verdict.classification
+  // is supplied, detect() will return inconclusive. Surface this before run.
   if (flat) {
-    const observationsWithoutIndicator = Object.entries(flat).filter(([k, v]) => {
-      if (!knownArtifacts.has(k)) return false; // unknown keys flagged elsewhere
-      if (typeof v !== "object" || v === null) return false;
-      const captured = v.captured !== false;
-      return captured && !(v.indicator && v.result);
-    });
     const verdictClass = submission.verdict?.classification;
     const verdictWillDrive = verdictClass === "clean" || verdictClass === "not_detected" || verdictClass === "detected" || verdictClass === "inconclusive";
-    if (observationsWithoutIndicator.length > 0 && !verdictWillDrive && Object.keys(submission.signal_overrides || {}).length === 0) {
-      for (const [k] of observationsWithoutIndicator) {
-        issues.push({
-          severity: "warn",
-          kind: "observation_lacks_indicator_result",
-          observation_key: k,
-          hint: `Artifact "${k}" captured without "indicator" + "result" fields. detect will return 'inconclusive' for this indicator. Either add { "indicator": "<id>", "result": "hit"|"miss"|"inconclusive" } per observation, OR supply verdict.classification at the submission root to drive the overall verdict.`,
-        });
-      }
+    const normalizedHasOverrides = Object.keys(normalized.signal_overrides || {}).length > 0;
+    if (!verdictWillDrive && !normalizedHasOverrides) {
+      const observationsCount = Object.keys(flat).length;
       issues.push({
         severity: "info",
         kind: "detect_will_be_inconclusive",
-        hint: `Flat submission shape with ${observationsWithoutIndicator.length} captured artifact(s) but no indicator+result inline and no verdict.classification. detect() will return 'inconclusive'. Run \`exceptd run ${playbookId} --signal-list\` to see the indicator IDs the playbook recognizes.`,
+        hint: `Flat submission with ${observationsCount} observation(s) but no indicator+result fields and no verdict.classification. detect() will return 'inconclusive'. Each observation needs { "indicator": "<id>", "result": "hit"|"miss"|"inconclusive" } to drive an indicator outcome. Run \`exceptd run ${playbookId} --signal-list\` for the indicator IDs.`,
       });
     }
   }
@@ -3066,25 +3072,53 @@ function cmdCi(runner, args, runOpts, pretty) {
   const rwepValues = results.map(r => r.phases?.analyze?.rwep?.adjusted ?? 0);
   const maxRwepObserved = rwepValues.length ? Math.max(...rwepValues) : 0;
-  emit({
-    verb: "ci",
-    session_id: sessionId,
-    playbooks_run: ids,
-    summary: {
-      total: results.length,
-      detected: results.filter(r => r.phases?.detect?.classification === "detected").length,
-      inconclusive: results.filter(r => r.phases?.detect?.classification === "inconclusive").length,
-      not_detected: results.filter(r => ["not_detected", "clean"].includes(r.phases?.detect?.classification)).length,
-      blocked: results.filter(r => r && r.ok === false).length,
-      max_rwep_observed: maxRwepObserved,
-      jurisdiction_clocks_started: results
-        .flatMap(r => r.phases?.close?.notification_actions || [])
-        .filter(n => n && n.clock_started_at != null).length,
-      verdict: fail ? "FAIL" : "PASS",
-      fail_reasons: failReasons,
-    },
-    results,
-  }, pretty);
+  const summary = {
+    total: results.length,
+    detected: results.filter(r => r.phases?.detect?.classification === "detected").length,
+    inconclusive: results.filter(r => r.phases?.detect?.classification === "inconclusive").length,
+    not_detected: results.filter(r => ["not_detected", "clean"].includes(r.phases?.detect?.classification)).length,
+    blocked: results.filter(r => r && r.ok === false).length,
+    max_rwep_observed: maxRwepObserved,
+    jurisdiction_clocks_started: results
+      .flatMap(r => r.phases?.close?.notification_actions || [])
+      .filter(n => n && n.clock_started_at != null).length,
+    verdict: fail ? "FAIL" : "PASS",
+    fail_reasons: failReasons,
+  };
+  // v0.11.4 (#72): ci --format <fmt> previously emitted the full bundle
+  // regardless of flag. Now honors the same shortcuts as `run --format`:
+  //   summary  → one-line JSON of session + verdict + counts
+  //   markdown → operator-readable digest
+  //   csaf     → CSAF 2.0 envelope wrapping every result
+  //   sarif    → SARIF 2.1.0 with results from every playbook
+  //   openvex  → OpenVEX statements derived from every playbook's matched_cves
+  let formatRaw = args.format;
+  if (Array.isArray(formatRaw)) formatRaw = formatRaw[0];
+  const fmt = formatRaw === "csaf-2.0" ? "csaf" : formatRaw;
+  if (fmt === "summary") {
+    emit({ verb: "ci", session_id: sessionId, playbooks_run: ids, summary }, pretty);
+  } else if (fmt === "markdown") {
+    const lines = [`# exceptd ci summary`, `session-id: ${sessionId}`, `verdict: **${summary.verdict}**`, ``];
+    lines.push(`**Playbooks run:** ${summary.total} (${summary.detected} detected, ${summary.inconclusive} inconclusive, ${summary.not_detected} clean, ${summary.blocked} blocked)`);
+    lines.push(`**Max RWEP observed:** ${summary.max_rwep_observed}`);
+    lines.push(`**Jurisdiction clocks started:** ${summary.jurisdiction_clocks_started}`);
+    if (summary.fail_reasons.length) {
+      lines.push(``, `## Fail reasons`);
+      for (const r of summary.fail_reasons) lines.push(`- ${r}`);
+    }
+    process.stdout.write(lines.join("\n") + "\n");
+  } else if (fmt === "csaf" || fmt === "sarif" || fmt === "openvex") {
+    // Aggregate the per-run bundles_by_format if present.
+    const bundles = results.map(r => r.phases?.close?.evidence_package?.bundles_by_format?.[fmt === "csaf" ? "csaf-2.0" : fmt]).filter(Boolean);
+    emit({ verb: "ci", session_id: sessionId, format: fmt, bundles_count: bundles.length, bundles }, pretty);
+  } else if (fmt && fmt !== "json") {
+    // v0.11.4 (#76): garbage format rejected with structured error, not silent empty stdout.
+    process.stderr.write(JSON.stringify({ ok: false, error: `ci: --format "${fmt}" not in accepted set ["summary","markdown","csaf-2.0","sarif","openvex","json"].`, verb: "ci" }) + "\n");
+    process.exit(2);
+  } else {
+    emit({ verb: "ci", session_id: sessionId, playbooks_run: ids, summary, results }, pretty);
+  }
   if (fail) {
     process.stderr.write(`[exceptd ci] FAIL: ${failReasons.join("; ")}\n`);
     process.exit(2);

package/data/_indexes/_meta.json CHANGED Viewed

@@ -1,10 +1,10 @@
 {
   "schema_version": "1.1.0",
-  "generated_at": "2026-05-12T15:46:10.198Z",
+  "generated_at": "2026-05-12T17:00:14.346Z",
   "generator": "scripts/build-indexes.js",
   "source_count": 49,
   "source_hashes": {
-    "manifest.json": "8097ba32340aba872d73dd047bebb5f8d561cda8c55bcd224c67475c84cfac4b",
+    "manifest.json": "da39bcf4cd05d571b5d76a009ede9ee721aa783c07764636e0f0a0bd4634a99a",
     "data/atlas-ttps.json": "1500b5830dab070c4252496964a8c0948e1052a656e2c7c6e1efaf0350645e13",
     "data/cve-catalog.json": "a81d3e4b491b27ccc084596b063a6108ff10c9eb01d7776922fc393980b534fe",
     "data/cwe-catalog.json": "c3367d469b4b3d31e4c56397dd7a8305a0be338ecd85afa27804c0c9ce12157b",

package/lib/playbook-runner.js CHANGED Viewed

@@ -304,8 +304,23 @@ function detect(playbookId, directiveId, agentSubmission = {}) {
   const artifacts = agentSubmission.artifacts || {};
   const overrides = agentSubmission.signal_overrides || {};
+  // v0.11.4 (#71): canonicalize the indicator result vocabulary. Operators
+  // submit shapes like "no_hit" / "clean" / "ok" / false from years of
+  // CI/security tooling convention; the engine internally uses
+  // hit | miss | inconclusive. Without canonicalization every flat-shape
+  // observation with result:"no_hit" silently fell through to inconclusive
+  // and broke per-indicator detection. Canonicalization happens here so
+  // both detect() and normalizeSubmission consumers see the same outcomes.
+  const canonicalize = (v) => {
+    if (v === true || v === 'hit' || v === 'detected' || v === 'positive') return 'hit';
+    if (v === false || v === 'miss' || v === 'no_hit' || v === 'no-hit' || v === 'clean' || v === 'clear' || v === 'not_hit' || v === 'ok' || v === 'pass' || v === 'negative') return 'miss';
+    if (v === 'inconclusive' || v === 'unknown' || v === 'unverified' || v === null) return 'inconclusive';
+    return null; // truly unknown — fall through
+  };
   const indicatorResults = (det.indicators || []).map(ind => {
-    const override = overrides[ind.id];
+    const rawOverride = overrides[ind.id];
+    const override = canonicalize(rawOverride);
     let verdict;
     if (override === 'hit' || override === 'miss' || override === 'inconclusive') {
       verdict = override;
@@ -365,11 +380,22 @@ function detect(playbookId, directiveId, agentSubmission = {}) {
     // v0.11.3 #71: surface what detect actually consumed. Operators reading
     // the detect output now see whether their flat-shape observations + the
     // signal_overrides + the classification override all reached the runner.
-    // Pre-0.11.3 detect's output was opaque — "inconclusive" with no
-    // explanation gave operators no signal about what went wrong.
     observations_received: Object.keys(agentSubmission.artifacts || {}),
     signals_received: Object.keys(agentSubmission.signal_overrides || {}),
-    indicators_evaluated: indicatorResults.length,
+    // v0.11.4 (#73): downstream consumers iterating `indicators_evaluated`
+    // expect an array, not a count. Restore as array; provide
+    // `indicators_evaluated_count` for callers wanting the integer.
+    indicators_evaluated: indicatorResults.map(i => ({
+      signal_id: i.id,
+      outcome: i.verdict,
+      confidence: i.confidence,
+      // v0.11.5 #85: surface which observation produced this indicator's
+      // outcome (when the agent submitted it via flat-shape observation +
+      // indicator + result fields). Null when no observation drove the
+      // indicator (engine-computed default).
+      from_observation: agentSubmission._signal_origins?.[i.id] || null,
+    })),
+    indicators_evaluated_count: indicatorResults.length,
     classification_override_applied: validOverrides.has(override) ? (override === 'clean' ? 'not_detected' : override) : null,
     submission_shape_seen: agentSubmission._original_shape || (agentSubmission.artifacts ? 'nested (v0.10.x)' : 'empty')
   };
@@ -497,6 +523,12 @@ function analyze(playbookId, directiveId, detectResult, agentSignals = {}) {
     },
     framework_gap_mapping: frameworkGaps,
     escalations,
+    // v0.11.5 (#82): expose detect's per-indicator results + classification
+    // here so close()'s bundle builders can iterate indicators that fired
+    // and emit them as SARIF results / OpenVEX statements / CSAF notes.
+    // Prefixed with underscore to signal "for internal/render use".
+    _detect_indicators: detectResult.indicators || [],
+    _detect_classification: detectResult.classification,
     vex: vexFilter ? {
       filter_applied: true,
       dropped_cve_count: vexDropped.length,
@@ -740,16 +772,30 @@ function analyzeFindingShape(a) {
 }
 function buildEvidenceBundle(format, playbook, analyze, validate, agentSignals) {
-  // CSAF-2.0 shape — minimal valid envelope; production GRC submission would
-  // need full distribution + product_tree population, deferred to the GRC
-  // integration layer.
+  // CSAF-2.0 shape. v0.11.5 (#82): include vulnerabilities for both matched
+  // catalogue CVEs AND fired indicators (treated as advisory pseudo-CVEs
+  // under `exceptd:` namespace), so playbooks without catalogue CVEs still
+  // emit a non-empty bundle.
   if (format === 'csaf-2.0') {
+    const indicatorHits = (analyze._detect_indicators || []).filter(i => i.verdict === 'hit');
+    const cveVulns = analyze.matched_cves.map(c => ({
+      cve: c.cve_id,
+      scores: [{ products: [], cvss_v3: { base_score: c.cvss_score || 0 } }],
+      threats: c.active_exploitation === 'confirmed' ? [{ category: 'exploit_status', details: 'Active exploitation confirmed (CISA KEV).' }] : [],
+      remediations: [{ category: 'vendor_fix', details: validate.selected_remediation?.description || 'See selected remediation path.' }]
+    }));
+    const indicatorVulns = indicatorHits.map(i => ({
+      // Pseudo-CVE id for indicator findings (CSAF requires `cve` or `ids`).
+      ids: [{ system_name: 'exceptd-indicator', text: `${playbook._meta.id}:${i.id}` }],
+      notes: [{ category: 'description', text: `Indicator ${i.id} fired (${i.confidence}${i.deterministic ? ' / deterministic' : ''}) in playbook ${playbook._meta.id}.` }],
+      remediations: [{ category: 'mitigation', details: validate.selected_remediation?.description || `Consult playbook brief: exceptd brief ${playbook._meta.id}.` }],
+    }));
     return {
       document: {
         category: 'csaf_security_advisory',
         csaf_version: '2.0',
         publisher: { category: 'vendor', name: 'exceptd', namespace: 'https://exceptd.com' },
-        title: `exceptd finding: ${playbook.domain.name} (${analyze.matched_cves.length} catalogued CVEs)`,
+        title: `exceptd finding: ${playbook.domain.name} (${analyze.matched_cves.length} CVE(s), ${indicatorHits.length} indicator hit(s))`,
         tracking: {
           id: `exceptd-${playbook._meta.id}-${Date.now()}`,
           status: 'final',
@@ -758,82 +804,109 @@ function buildEvidenceBundle(format, playbook, analyze, validate, agentSignals)
           revision_history: [{ number: '1', date: new Date().toISOString(), summary: 'Initial finding emission' }]
         }
       },
-      vulnerabilities: analyze.matched_cves.map(c => ({
-        cve: c.cve_id,
-        scores: [{ products: [], cvss_v3: { base_score: c.cvss_score || 0 } }],
-        threats: c.active_exploitation === 'confirmed' ? [{ category: 'exploit_status', details: 'Active exploitation confirmed (CISA KEV).' }] : [],
-        remediations: [{ category: 'vendor_fix', details: validate.selected_remediation?.description || 'See selected remediation path.' }]
-      })),
+      vulnerabilities: [...cveVulns, ...indicatorVulns],
       exceptd_extension: {
+        classification: analyze._detect_classification,
         rwep: analyze.rwep,
         blast_radius_score: analyze.blast_radius_score,
         compliance_theater: analyze.compliance_theater_check,
         framework_gap_mapping: analyze.framework_gap_mapping,
         evidence_requirements: validate.evidence_requirements,
-        residual_risk_statement: validate.residual_risk_statement
+        residual_risk_statement: validate.residual_risk_statement,
+        indicators_fired: indicatorHits.map(i => ({ id: i.id, confidence: i.confidence, deterministic: i.deterministic })),
       }
     };
   }
   // SARIF 2.1.0 — GitHub Code Scanning / VS Code SARIF Viewer / Azure DevOps
-  // and most static analysis tooling. One run per playbook directive, one
-  // result per matched CVE. Each result references a rule (cve_id) and ties
-  // back to the directive as the "tool" producer.
+  // / most static-analysis tooling.
+  //
+  // v0.11.5 (#82): emit results from BOTH matched_cves AND fired indicators.
+  // Pre-0.11.5 we emitted only matched_cves, which produced an empty bundle
+  // for playbooks like crypto-codebase / library-author whose domain.cve_refs
+  // is intentionally empty (the playbook checks process/posture, not catalog
+  // CVEs). Indicators that fire (verdict: hit) and framework gaps are now
+  // first-class SARIF results — a clean run still emits a usable bundle.
   if (format === 'sarif' || format === 'sarif-2.1.0') {
+    const cveResults = analyze.matched_cves.map(c => ({
+      ruleId: c.cve_id,
+      level: c.rwep >= 90 ? 'error' : c.rwep >= 70 ? 'warning' : 'note',
+      message: { text: `${c.cve_id}: RWEP ${c.rwep}, blast_radius ${analyze.blast_radius_score}. ${validate.selected_remediation?.description || ''}` },
+      properties: {
+        kind: 'cve_match',
+        rwep: c.rwep, cisa_kev: c.cisa_kev, cisa_kev_due_date: c.cisa_kev_due_date,
+        active_exploitation: c.active_exploitation, ai_discovered: c.ai_discovered,
+        blast_radius_score: analyze.blast_radius_score,
+      }
+    }));
+    const indicatorHits = (analyze._detect_indicators || []).filter(i => i.verdict === 'hit');
+    const indicatorResults = indicatorHits.map(i => ({
+      ruleId: i.id,
+      level: i.deterministic ? 'error' : (i.confidence === 'high' ? 'warning' : 'note'),
+      message: { text: `Indicator ${i.id} fired (${i.confidence}${i.deterministic ? ' / deterministic' : ''}). Playbook: ${playbook._meta.id}.` },
+      properties: { kind: 'indicator_hit', confidence: i.confidence, deterministic: i.deterministic, atlas_ref: i.atlas_ref, attack_ref: i.attack_ref },
+    }));
+    const gapResults = (analyze.framework_gap_mapping || []).map((g, idx) => ({
+      ruleId: `framework-gap-${idx}`,
+      level: 'note',
+      message: { text: `${g.framework}: ${g.claimed_control} — ${g.actual_gap}${g.required_control ? '. Required: ' + g.required_control : ''}` },
+      properties: { kind: 'framework_gap', framework: g.framework, control: g.claimed_control },
+    }));
+    const cveRules = analyze.matched_cves.map(c => ({
+      id: c.cve_id, shortDescription: { text: c.cve_id },
+      fullDescription: { text: `RWEP ${c.rwep} · KEV=${c.cisa_kev} · active_exploitation=${c.active_exploitation}` },
+      defaultConfiguration: { level: c.rwep >= 90 ? 'error' : c.rwep >= 70 ? 'warning' : 'note' },
+      helpUri: `https://nvd.nist.gov/vuln/detail/${c.cve_id}`,
+    }));
+    const indicatorRules = indicatorHits.map(i => ({
+      id: i.id, shortDescription: { text: i.id },
+      fullDescription: { text: `Indicator from playbook ${playbook._meta.id}. Type: ${i.type}. Confidence: ${i.confidence}.` },
+      defaultConfiguration: { level: i.deterministic ? 'error' : (i.confidence === 'high' ? 'warning' : 'note') },
+    }));
     return {
       $schema: 'https://raw.githubusercontent.com/oasis-tcs/sarif-spec/master/Schemata/sarif-schema-2.1.0.json',
       version: '2.1.0',
       runs: [{
-        tool: {
-          driver: {
-            name: 'exceptd',
-            version: playbook._meta.version,
-            informationUri: 'https://exceptd.com',
-            rules: analyze.matched_cves.map(c => ({
-              id: c.cve_id,
-              shortDescription: { text: c.cve_id },
-              fullDescription: { text: `RWEP ${c.rwep} · KEV=${c.cisa_kev} · active_exploitation=${c.active_exploitation} · PoC=${c.poc_available}` },
-              defaultConfiguration: { level: c.rwep >= 90 ? 'error' : c.rwep >= 70 ? 'warning' : 'note' },
-              helpUri: `https://nvd.nist.gov/vuln/detail/${c.cve_id}`,
-            }))
-          }
-        },
-        results: analyze.matched_cves.map(c => ({
-          ruleId: c.cve_id,
-          level: c.rwep >= 90 ? 'error' : c.rwep >= 70 ? 'warning' : 'note',
-          message: { text: `${c.cve_id}: RWEP ${c.rwep}, blast_radius ${analyze.blast_radius_score}. ${validate.selected_remediation?.description || ''}` },
-          properties: {
-            rwep: c.rwep,
-            cisa_kev: c.cisa_kev,
-            cisa_kev_due_date: c.cisa_kev_due_date,
-            active_exploitation: c.active_exploitation,
-            ai_discovered: c.ai_discovered,
-            blast_radius_score: analyze.blast_radius_score,
-            framework_gaps: analyze.framework_gap_mapping?.length || 0,
-          }
-        }))
+        tool: { driver: {
+          name: 'exceptd', version: playbook._meta.version, informationUri: 'https://exceptd.com',
+          rules: [...cveRules, ...indicatorRules],
+        } },
+        results: [...cveResults, ...indicatorResults, ...gapResults],
+        invocations: [{ executionSuccessful: true, properties: {
+          playbook: playbook._meta.id, classification: analyze._detect_classification || 'unknown',
+          rwep_adjusted: analyze.rwep?.adjusted || 0,
+          remediation: validate.selected_remediation?.id || null,
+        } }],
       }]
     };
   }
-  // OpenVEX 0.2.0 — supply-chain VEX statements. Each matched CVE becomes a
-  // statement with status derived from confidence + RWEP. Downstream tools
-  // (sigstore, in-toto, GUAC) consume this directly.
+  // OpenVEX 0.2.0 — supply-chain VEX statements. v0.11.5 (#82): also include
+  // statements derived from fired indicators (treated as advisory findings)
+  // so playbooks with empty cve_refs still emit a meaningful bundle.
   if (format === 'openvex' || format === 'openvex-0.2.0') {
     const issued = new Date().toISOString();
+    const cveStatements = analyze.matched_cves.map(c => ({
+      vulnerability: { '@id': c.cve_id, name: c.cve_id },
+      status: c.active_exploitation === 'confirmed' ? 'under_investigation' : (c.live_patch_available ? 'fixed' : 'affected'),
+      timestamp: issued,
+      action_statement: validate.selected_remediation?.description || null,
+      impact_statement: `RWEP ${c.rwep}. Blast radius ${analyze.blast_radius_score}/5.`
+    }));
+    const indicatorStatements = (analyze._detect_indicators || []).filter(i => i.verdict === 'hit').map(i => ({
+      vulnerability: { '@id': `exceptd:${playbook._meta.id}:${i.id}`, name: i.id },
+      status: 'under_investigation',
+      timestamp: issued,
+      action_statement: validate.selected_remediation?.description || `Run \`exceptd brief ${playbook._meta.id}\` for context.`,
+      impact_statement: `Indicator ${i.id} fired (${i.confidence}${i.deterministic ? '/deterministic' : ''}) in playbook ${playbook._meta.id}.`,
+    }));
     return {
       '@context': 'https://openvex.dev/ns/v0.2.0',
       '@id': `https://exceptd.com/vex/${playbook._meta.id}/${Date.now()}`,
       author: 'exceptd',
       timestamp: issued,
       version: 1,
-      statements: analyze.matched_cves.map(c => ({
-        vulnerability: { '@id': c.cve_id, name: c.cve_id },
-        status: c.active_exploitation === 'confirmed' ? 'under_investigation' : (c.live_patch_available ? 'fixed' : 'affected'),
-        timestamp: issued,
-        action_statement: validate.selected_remediation?.description || null,
-        impact_statement: `RWEP ${c.rwep}. Blast radius ${analyze.blast_radius_score}/5.`
-      }))
+      statements: [...cveStatements, ...indicatorStatements],
     };
   }
@@ -920,6 +993,20 @@ function normalizeSubmission(submission, playbook) {
   const knownPreconditions = new Set((playbook?._meta?.preconditions || []).map(p => p.id));
   const knownArtifacts = new Set((playbook?.phases?.look?.artifacts || []).map(a => a.id));
+  // v0.11.4 (#71): canonicalize indicator outcome strings here too so the
+  // signal_overrides object handed to detect() carries the runner's expected
+  // hit|miss|inconclusive vocabulary regardless of what the operator typed.
+  const canonicalizeOutcome = (v) => {
+    if (v === true || v === 'hit' || v === 'detected' || v === 'positive') return 'hit';
+    if (v === false || v === 'miss' || v === 'no_hit' || v === 'no-hit' || v === 'clean' || v === 'clear' || v === 'not_hit' || v === 'ok' || v === 'pass' || v === 'negative') return 'miss';
+    if (v === 'inconclusive' || v === 'unknown' || v === 'unverified' || v === null) return 'inconclusive';
+    return v; // leave unrecognized values for detect() to decide
+  };
+  // v0.11.5 (#85): track which observation produced each signal_override so
+  // detect can emit `from_observation` on each indicator result. Diagnostic
+  // value for operators chasing "which observation drove this verdict".
+  out._signal_origins = out._signal_origins || {};
   for (const [key, val] of Object.entries(submission.observations || {})) {
     if (knownPreconditions.has(key)) {
       out.precondition_checks[key] = val === "ok" || val === true || val === "true";
@@ -928,7 +1015,10 @@ function normalizeSubmission(submission, playbook) {
     if (typeof val === "object" && val !== null) {
       const aid = knownArtifacts.has(key) ? key : (val.artifact || key);
       out.artifacts[aid] = { value: val.value, captured: val.captured !== false };
-      if (val.indicator && val.result) out.signal_overrides[val.indicator] = val.result;
+      if (val.indicator && val.result !== undefined) {
+        out.signal_overrides[val.indicator] = canonicalizeOutcome(val.result);
+        out._signal_origins[val.indicator] = key;
+      }
     }
   }

package/manifest-snapshot.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "_comment": "Auto-generated by scripts/refresh-manifest-snapshot.js — do not hand-edit. Public skill surface used by check-manifest-snapshot.js to detect breaking removals.",
-  "_generated_at": "2026-05-12T15:45:10.483Z",
+  "_generated_at": "2026-05-12T16:58:59.224Z",
   "atlas_version": "5.1.0",
   "skill_count": 38,
   "skills": [

package/manifest.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "exceptd-security",
-  "version": "0.11.3",
+  "version": "0.11.5",
   "description": "AI security skills grounded in mid-2026 threat reality, not stale framework documentation",
   "homepage": "https://exceptd.com",
   "license": "Apache-2.0",
@@ -52,7 +52,7 @@
       ],
       "last_threat_review": "2026-05-01",
       "signature": "WprHkO1KOjQtCBj6/EJghBTNyNKJhn7O2HDbAQZPi5jn4flwHpSrtP8LC15a4Unoh+xiIIgGhvTHZIQFHGMpBQ==",
-      "signed_at": "2026-05-12T15:45:10.018Z",
+      "signed_at": "2026-05-12T16:58:58.659Z",
       "cwe_refs": [
         "CWE-125",
         "CWE-362",
@@ -116,7 +116,7 @@
       ],
       "last_threat_review": "2026-05-01",
       "signature": "fg20bOXGRkPUdLmegeXpTM4hnzl/ArgcVc88rItZN5DdsnFnzPgUU1PwCI82zooyj2GfxJHYjxNkq5qd2zNPBg==",
-      "signed_at": "2026-05-12T15:45:10.020Z",
+      "signed_at": "2026-05-12T16:58:58.661Z",
       "cwe_refs": [
         "CWE-1039",
         "CWE-1426",
@@ -179,7 +179,7 @@
       ],
       "last_threat_review": "2026-05-01",
       "signature": "6JuSzkSSFzFHEZ3ANzqjtIbKPOkwJeKhQ+8WAPB4+dTRvDSeg46n3D88XfGaNd2z7pmg/i8p9ZoImQcHFS4BCg==",
-      "signed_at": "2026-05-12T15:45:10.020Z",
+      "signed_at": "2026-05-12T16:58:58.662Z",
       "cwe_refs": [
         "CWE-22",
         "CWE-345",
@@ -225,7 +225,7 @@
       "framework_gaps": [],
       "last_threat_review": "2026-05-01",
       "signature": "PYSw9abiYfW+y7IkY8udJG5LSds2a4rMimlw3rrdD0zE3vunEeV/y7oTmDD4o83OqHSCKNzF/7vMhvd/noqICQ==",
-      "signed_at": "2026-05-12T15:45:10.021Z"
+      "signed_at": "2026-05-12T16:58:58.662Z"
     },
     {
       "name": "compliance-theater",
@@ -256,7 +256,7 @@
       ],
       "last_threat_review": "2026-05-01",
       "signature": "BMFmmJYP3HsHIjUqnhw8E3MiMGZJsI/eDq51we+nxUicZ8nFUQT9DhmRntAqOs6BUnsfiQNNLc/rrsNh8yg1CQ==",
-      "signed_at": "2026-05-12T15:45:10.021Z"
+      "signed_at": "2026-05-12T16:58:58.663Z"
     },
     {
       "name": "exploit-scoring",
@@ -285,7 +285,7 @@
       ],
       "last_threat_review": "2026-05-01",
       "signature": "VGPyDwy5BRlpn1lZthhPB6ytb4ZcU2j0KtCZbaMkyLdMugQJtK2yEuwrsDH4yEtAhTB6/A4B3eSygJckum49Ag==",
-      "signed_at": "2026-05-12T15:45:10.022Z"
+      "signed_at": "2026-05-12T16:58:58.663Z"
     },
     {
       "name": "rag-pipeline-security",
@@ -322,7 +322,7 @@
       ],
       "last_threat_review": "2026-05-01",
       "signature": "XkFGpsNnXBVslkQ48usEu9l1LjPiV2ppW+M4B63zXFBP2Puh52qYCffEPjUHYhoO5bjgTM7yCbK8XF/Dzk5wBw==",
-      "signed_at": "2026-05-12T15:45:10.022Z",
+      "signed_at": "2026-05-12T16:58:58.663Z",
       "cwe_refs": [
         "CWE-1395",
         "CWE-1426"
@@ -379,7 +379,7 @@
       ],
       "last_threat_review": "2026-05-01",
       "signature": "1Xqy7Kxxy6GpTvuYJPdllPzVDRFxb7N6AuxKuoaO4v91CiZLmiXt0sTIWImKJ3p9Eup6rJNDdsY71dolFhHNBA==",
-      "signed_at": "2026-05-12T15:45:10.022Z",
+      "signed_at": "2026-05-12T16:58:58.664Z",
       "d3fend_refs": [
         "D3-CA",
         "D3-CSPP",
@@ -414,7 +414,7 @@
       "framework_gaps": [],
       "last_threat_review": "2026-05-01",
       "signature": "QNLOmAL54S/Cmk4cdO4L2BCGkqZ/FgY4UBsKWtg/EEW+YXF5ev+a8XsUT8q5veuUa2VYcYna7rD1iAnE+2PDBA==",
-      "signed_at": "2026-05-12T15:45:10.023Z",
+      "signed_at": "2026-05-12T16:58:58.664Z",
       "cwe_refs": [
         "CWE-1188"
       ]
@@ -442,7 +442,7 @@
       "framework_gaps": [],
       "last_threat_review": "2026-05-01",
       "signature": "aFHq4cSl3CKchnVITxx+BrAEWD33WtFFJoQtwAug5g9R3/3ABtjaXYGVQaZcdcG1AIZkMoGSPywgLQWDY7ZDCw==",
-      "signed_at": "2026-05-12T15:45:10.023Z"
+      "signed_at": "2026-05-12T16:58:58.664Z"
     },
     {
       "name": "global-grc",
@@ -474,7 +474,7 @@
       "framework_gaps": [],
       "last_threat_review": "2026-05-01",
       "signature": "viCTUWdy6euvd2KTAo6sLvarK/FZkDtYGocxBt0H+fY94kLQGW8K5cSpqIWdUF5NUytSHBCiG4YcSze8P9Z/BQ==",
-      "signed_at": "2026-05-12T15:45:10.023Z"
+      "signed_at": "2026-05-12T16:58:58.665Z"
     },
     {
       "name": "zeroday-gap-learn",
@@ -501,7 +501,7 @@
       "framework_gaps": [],
       "last_threat_review": "2026-05-01",
       "signature": "6PkUaHQi3Hxuqq/Jp4GYckvfqVEofmeT87NUH0T+pwyjlc+xZkoqNPn65f7ldciEPL86JIPi3/dDTKQbIFFBCw==",
-      "signed_at": "2026-05-12T15:45:10.024Z"
+      "signed_at": "2026-05-12T16:58:58.665Z"
     },
     {
       "name": "pqc-first",
@@ -553,7 +553,7 @@
       ],
       "last_threat_review": "2026-05-01",
       "signature": "ZenFTEzWx+DzrSXlNXhbZ70vOdJSXfrnKkAwqMlBf5nlDf38V1/hG4XCKj43snQXWr4mVJOX6ilqFLTYNIjnBw==",
-      "signed_at": "2026-05-12T15:45:10.024Z",
+      "signed_at": "2026-05-12T16:58:58.665Z",
       "cwe_refs": [
         "CWE-327"
       ],
@@ -600,7 +600,7 @@
       ],
       "last_threat_review": "2026-05-01",
       "signature": "ih0vpd2v2zS31JSJv7SnABoya8JlJdrXZXx4rBnrsV3Assj+dbjAP0pQ1HMT/5RX8yTTswRQsg0bJV3qmbJ3Bw==",
-      "signed_at": "2026-05-12T15:45:10.025Z"
+      "signed_at": "2026-05-12T16:58:58.666Z"
     },
     {
       "name": "security-maturity-tiers",
@@ -637,7 +637,7 @@
       ],
       "last_threat_review": "2026-05-01",
       "signature": "Lv8dHiwIqUbNsywCCB/+pYWGF+MHCvxVn1IAvR7Cnif5fy0sICv0N4SVsSb621qAAkHNshpfxqwuhbuQnE1TBA==",
-      "signed_at": "2026-05-12T15:45:10.025Z",
+      "signed_at": "2026-05-12T16:58:58.666Z",
       "cwe_refs": [
         "CWE-1188"
       ]
@@ -672,7 +672,7 @@
       "framework_gaps": [],
       "last_threat_review": "2026-05-11",
       "signature": "BS+wrL28HHYhBpe+v84VLoq9KPBXu6alfG968katfGIoLNYQueaHP931bRmlkrjfeb6qbDf067GWdPEh7nroAw==",
-      "signed_at": "2026-05-12T15:45:10.025Z"
+      "signed_at": "2026-05-12T16:58:58.666Z"
     },
     {
       "name": "attack-surface-pentest",
@@ -743,7 +743,7 @@
         "PTES revision incorporating AI-surface enumeration"
       ],
       "signature": "vLhIYT/CC3IzxMRa+UPeqGSZTvthuwUeTMGNFMm37+TaEk0TtfwPrPyrBJLHw4W6Wt7+pufjHs46X3nTgzoRAg==",
-      "signed_at": "2026-05-12T15:45:10.025Z"
+      "signed_at": "2026-05-12T16:58:58.667Z"
     },
     {
       "name": "fuzz-testing-strategy",
@@ -803,7 +803,7 @@
         "OSS-Fuzz-Gen / AI-assisted harness generation becoming the default expectation for OSS maintainers"
       ],
       "signature": "TOcQLy/427cuf0Lw90J7A0oIeuhUmf9NXb6tOUS5K3SazCKTJujPgYSVAPZOYf1zZrRAY/aq0iqELd5cLyk5DA==",
-      "signed_at": "2026-05-12T15:45:10.026Z"
+      "signed_at": "2026-05-12T16:58:58.667Z"
     },
     {
       "name": "dlp-gap-analysis",
@@ -878,7 +878,7 @@
         "Quebec Law 25, India DPDPA, KSA PDPL enforcement actions naming AI-tool prompt data as in-scope personal information"
       ],
       "signature": "u4IN7escQa5V+OgdtaJXLdvhmNiGZsdmGOvebTLZ30WoImT+WiksvaqSa0POGdbr6HzFkALe2RrZEH9Tr0U6Dg==",
-      "signed_at": "2026-05-12T15:45:10.026Z"
+      "signed_at": "2026-05-12T16:58:58.667Z"
     },
     {
       "name": "supply-chain-integrity",
@@ -955,7 +955,7 @@
         "OpenSSF model-signing — emerging Sigstore-based signing standard for ML model weights; track for production adoption"
       ],
       "signature": "eTGQJ3gnG24WggfwuFNNIFOWV/ttPxTa3pvx9OH28m5KDS1a4ZmOR7K8y01wk/su8bH0ClYYRfoBfKQOtRswAg==",
-      "signed_at": "2026-05-12T15:45:10.026Z"
+      "signed_at": "2026-05-12T16:58:58.667Z"
     },
     {
       "name": "defensive-countermeasure-mapping",
@@ -1012,7 +1012,7 @@
       ],
       "last_threat_review": "2026-05-11",
       "signature": "q7gFLPoqf/8bqATR6gt/nj0EoyUOlfzi+bZ0bT3pC9KW7O6M/ji9fT+AXSGNp6PKd+70ACb3mkMGmWgjLpQXCg==",
-      "signed_at": "2026-05-12T15:45:10.027Z"
+      "signed_at": "2026-05-12T16:58:58.668Z"
     },
     {
       "name": "identity-assurance",
@@ -1079,7 +1079,7 @@
       "d3fend_refs": [],
       "last_threat_review": "2026-05-11",
       "signature": "pX8rhrrzuyG3iRrPORLqTZAjzGdWK/bKPUGJG5WHSZcv4LB0kQXOit4sHG0exdXxI6HY8jyX67QY4r5vEHHACw==",
-      "signed_at": "2026-05-12T15:45:10.027Z"
+      "signed_at": "2026-05-12T16:58:58.668Z"
     },
     {
       "name": "ot-ics-security",
@@ -1135,7 +1135,7 @@
       "d3fend_refs": [],
       "last_threat_review": "2026-05-11",
       "signature": "ypb8kNZQRdyu5mWeveB7sjCjNKXS1yXvjDJv88muzwhOs/a4Fu/Gb532js5NKyy+eCw/emrphpTZaL8R9a2lBA==",
-      "signed_at": "2026-05-12T15:45:10.027Z"
+      "signed_at": "2026-05-12T16:58:58.668Z"
     },
     {
       "name": "coordinated-vuln-disclosure",
@@ -1187,7 +1187,7 @@
         "NYDFS 23 NYCRR 500 amendments potentially adding explicit CVD program requirements"
       ],
       "signature": "346Lt+277ycRNsyAOGwLSONi4awgxKy3hP9G+BWjwaa8ySmTeqbYsbyyhtxjeohk9bV2SF+Hl2q4JdSvc/2qCQ==",
-      "signed_at": "2026-05-12T15:45:10.027Z"
+      "signed_at": "2026-05-12T16:58:58.668Z"
     },
     {
       "name": "threat-modeling-methodology",
@@ -1237,7 +1237,7 @@
         "PASTA v2 updates incorporating AI/ML application threats"
       ],
       "signature": "ewTvG5vu3ngFHyXgBur5vSKDFQsOZx0x79djGMricl7LCvQf5//OG6LZKXa+AOuEq58prRS+HgzrFA1DiTfeCQ==",
-      "signed_at": "2026-05-12T15:45:10.028Z"
+      "signed_at": "2026-05-12T16:58:58.669Z"
     },
     {
       "name": "webapp-security",
@@ -1311,7 +1311,7 @@
       "d3fend_refs": [],
       "last_threat_review": "2026-05-11",
       "signature": "ZHjbKu0Em92Kimr2esL1g93mf9TmcsChBhVEMWf/lFrjeLcg8nyHEIcDstIZ3FWYgc6MQNHnc3Rup3Xp/Za1Cw==",
-      "signed_at": "2026-05-12T15:45:10.028Z"
+      "signed_at": "2026-05-12T16:58:58.669Z"
     },
     {
       "name": "ai-risk-management",
@@ -1361,7 +1361,7 @@
       "d3fend_refs": [],
       "last_threat_review": "2026-05-11",
       "signature": "1KRxjCbAX0Rs5NTOioi1w/f1SOzDQrtRoXjTDtzEwJ+d1QzFf9cqmBlp0uXmGpL0bzEaHWIctjigSychmoL2Dw==",
-      "signed_at": "2026-05-12T15:45:10.028Z"
+      "signed_at": "2026-05-12T16:58:58.670Z"
     },
     {
       "name": "sector-healthcare",
@@ -1421,7 +1421,7 @@
       "d3fend_refs": [],
       "last_threat_review": "2026-05-11",
       "signature": "eiajFh7w7d4g+/crGalTtw9Qsu0deVsdHkdthZSy595ifGmgu0zaFD8usKThbPhOdUCCclTYkZYz5GalQmkhCw==",
-      "signed_at": "2026-05-12T15:45:10.029Z"
+      "signed_at": "2026-05-12T16:58:58.670Z"
     },
     {
       "name": "sector-financial",
@@ -1502,7 +1502,7 @@
         "TIBER-EU framework v2.0 alignment with DORA TLPT RTS (JC 2024/40); cross-recognition with CBEST and iCAST"
       ],
       "signature": "iSZR/fYESQVyjkcqj+O+yzU0BQfaELH5s7WizzUTWvDPDTD2ZyOnZTT1r/Zfx2l4mbPmVeFGWdYnnVFTk/i3Aw==",
-      "signed_at": "2026-05-12T15:45:10.029Z"
+      "signed_at": "2026-05-12T16:58:58.670Z"
     },
     {
       "name": "sector-federal-government",
@@ -1571,7 +1571,7 @@
         "Australia PSPF 2024 revision and ISM quarterly updates — track for Essential Eight Maturity Level requirements for federal entities"
       ],
       "signature": "Wjdo5YXEL8XeNZkaEueG1DOUoyalstNPzQkxD/cwP5iMrJWg/Ly+sC0Oluuqm3aU7d63z55PrbGQCJD0XVZqBg==",
-      "signed_at": "2026-05-12T15:45:10.029Z"
+      "signed_at": "2026-05-12T16:58:58.671Z"
     },
     {
       "name": "sector-energy",
@@ -1636,7 +1636,7 @@
         "ICS-CERT advisory feed (https://www.cisa.gov/news-events/cybersecurity-advisories/ics-advisories) for vendor CVEs in Siemens, Rockwell, Schneider Electric, ABB, GE Vernova, Hitachi Energy, AVEVA / OSIsoft PI"
       ],
       "signature": "c/l7dOHe0Zj6Ag3abUaEie6o0f8M4rhY5aPI9/wG4z6FDue9PzCVw8vUGoITFgg89g97lMfy2C3CE2PegQoFCw==",
-      "signed_at": "2026-05-12T15:45:10.030Z"
+      "signed_at": "2026-05-12T16:58:58.671Z"
     },
     {
       "name": "api-security",
@@ -1705,7 +1705,7 @@
       "d3fend_refs": [],
       "last_threat_review": "2026-05-11",
       "signature": "9FgcJvYeo07QxQ+mnVRQk4jYLDMO/AVSXMs8cueO2f/qMOTQmrhBMVhj5ze7hzvXpGkp7EK/3Q1XKqde61JMAg==",
-      "signed_at": "2026-05-12T15:45:10.030Z"
+      "signed_at": "2026-05-12T16:58:58.671Z"
     },
     {
       "name": "cloud-security",
@@ -1786,7 +1786,7 @@
         "CISA KEV additions for cloud-control-plane CVEs (IMDSv1 abuses, federation token mishandling, cross-tenant boundary failures); CISA Cybersecurity Advisories for cross-cloud advisories"
       ],
       "signature": "xRA0XZf7VPtuBtbsm41bay9yBLphw/hlL3YxIUrpko5g9ldM3oJe9o1qSwzIj/wSnQSI29qqPpNsnlks+HEOCA==",
-      "signed_at": "2026-05-12T15:45:10.030Z"
+      "signed_at": "2026-05-12T16:58:58.672Z"
     },
     {
       "name": "container-runtime-security",
@@ -1848,7 +1848,7 @@
       "d3fend_refs": [],
       "last_threat_review": "2026-05-11",
       "signature": "GcU50DStuN1gU/Evm/sFRgeieQbqffVp12rgbGnasRX89Q7kM4ltFXB+bgCXHIvICzYb78hPIifWQb9UVupWBQ==",
-      "signed_at": "2026-05-12T15:45:10.031Z"
+      "signed_at": "2026-05-12T16:58:58.672Z"
     },
     {
       "name": "mlops-security",
@@ -1919,7 +1919,7 @@
         "MITRE ATLAS v5.2 — track AML.T0010 sub-technique expansion and any new MLOps-pipeline-specific TTPs"
       ],
       "signature": "onIazpFoL1t4PMNRsoF06ggnl7BzCKjt0x+ZmVfWfyt1V06DgllsrbN3AAz4+g4jW2Sc71q0vIFKfwEUWpGVAQ==",
-      "signed_at": "2026-05-12T15:45:10.031Z"
+      "signed_at": "2026-05-12T16:58:58.672Z"
     },
     {
       "name": "incident-response-playbook",
@@ -1981,7 +1981,7 @@
         "NYDFS 23 NYCRR 500.17 amendments tightening ransom-payment 24h disclosure operationalization"
       ],
       "signature": "P0Yv4CtqbnBNP6nSIxQUYYHL7T7ci+iE7iE2UXVfnMPeWVdKG2nvRePjBXc3JZTLima1Txn/I5ocDNhLTIeUAQ==",
-      "signed_at": "2026-05-12T15:45:10.031Z"
+      "signed_at": "2026-05-12T16:58:58.673Z"
     },
     {
       "name": "email-security-anti-phishing",
@@ -2034,7 +2034,7 @@
       "d3fend_refs": [],
       "last_threat_review": "2026-05-11",
       "signature": "2pv81lLRbazpHqundCANb3YiLB4lkVsYctIDvI8rxSvHxhPS9jYXqmAoB5APSdDuOaew6XqpfZOehQUj9WmyBw==",
-      "signed_at": "2026-05-12T15:45:10.032Z"
+      "signed_at": "2026-05-12T16:58:58.673Z"
     },
     {
       "name": "age-gates-child-safety",
@@ -2102,7 +2102,7 @@
         "US state adult-site age-verification laws — 19+ states by mid-2026 (TX HB 18 upheld by SCOTUS June 2025 in Free Speech Coalition v. Paxton); track ongoing challenges in remaining states"
       ],
       "signature": "BJ/YYnGVXeSBaR9oWAVrcNX7Wz+kE8R4CghX6+XEI/qY89fyrkKNNwo2veqqf49wffJhHVJ1wTp8ZDECjNp+Dw==",
-      "signed_at": "2026-05-12T15:45:10.032Z"
+      "signed_at": "2026-05-12T16:58:58.673Z"
     }
   ]
 }

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@blamejs/exceptd-skills",
-  "version": "0.11.3",
+  "version": "0.11.5",
   "description": "AI security skills grounded in mid-2026 threat reality, not stale framework documentation. 38 skills, 10 catalogs, 34 jurisdictions, pre-computed indexes, Ed25519-signed.",
   "keywords": [
     "ai-security",

package/sbom.cdx.json CHANGED Viewed

@@ -1,10 +1,10 @@
 {
   "bomFormat": "CycloneDX",
   "specVersion": "1.6",
-  "serialNumber": "urn:uuid:bc8a18f6-0f9a-4701-9673-d234acd23435",
+  "serialNumber": "urn:uuid:396b0919-1153-402c-9438-12692eb441ce",
   "version": 1,
   "metadata": {
-    "timestamp": "2026-05-12T15:45:10.912Z",
+    "timestamp": "2026-05-12T16:58:59.686Z",
     "tools": [
       {
         "name": "hand-written",
@@ -13,10 +13,10 @@
       }
     ],
     "component": {
-      "bom-ref": "pkg:npm/@blamejs/exceptd-skills@0.11.3",
+      "bom-ref": "pkg:npm/@blamejs/exceptd-skills@0.11.5",
       "type": "application",
       "name": "@blamejs/exceptd-skills",
-      "version": "0.11.3",
+      "version": "0.11.5",
       "description": "AI security skills grounded in mid-2026 threat reality, not stale framework documentation. 38 skills, 10 catalogs, 34 jurisdictions, pre-computed indexes, Ed25519-signed.",
       "licenses": [
         {
@@ -25,11 +25,11 @@
           }
         }
       ],
-      "purl": "pkg:npm/%40blamejs/exceptd-skills@0.11.3",
+      "purl": "pkg:npm/%40blamejs/exceptd-skills@0.11.5",
       "externalReferences": [
         {
           "type": "distribution",
-          "url": "https://www.npmjs.com/package/@blamejs/exceptd-skills/v/0.11.3"
+          "url": "https://www.npmjs.com/package/@blamejs/exceptd-skills/v/0.11.5"
         },
         {
           "type": "vcs",