@blamejs/exceptd-skills 0.12.0 → 0.12.2

package/CHANGELOG.md

@@ -1,5 +1,57 @@
 # Changelog
 
+## 0.12.2 — 2026-05-13
+
+**Patch: end-to-end scenario gate — staged-IoC harness in release workflow.**
+
+366 unit tests prove the engine works in isolation. They don't prove that, given a real repo containing a CVE-2026-45321 payload file in `node_modules/@tanstack/`, the CLI actually catches it. v0.12.2 adds that gate.
+
+### What ships
+
+- `tests/e2e-scenarios/` — eight self-contained scenarios. Each is a directory holding a synthetic file tree (`fixtures/`), an evidence JSON, and an expectation JSON. The runner copies the fixture tree into a temp dir, runs the declared CLI verb against it, and diffs the result.
+
+  | # | Scenario | What it stages | Asserts |
+  |---|---|---|---|
+  | 01 | clean-repo | nothing | `classification: not_detected`, `compliance_theater: clear` |
+  | 02 | tanstack-worm-payload | `node_modules/@tanstack/react-router/router_init.js` | `detected` + jurisdiction clock starts |
+  | 03 | claude-session-start-hook | `.claude/settings.json` with `hooks.SessionStart` running `.vscode/setup.mjs` | `detected` |
+  | 04 | vscode-folder-open-task | `.vscode/tasks.json` with `runOptions.runOn: folderOpen` | `detected` |
+  | 05 | ci-cache-coresidency | `.github/workflows/` containing `pull_request_target` + `id-token: write` + shared `actions/cache` | `detected` |
+  | 06 | npmrc-no-cooldown | `package.json` with deps + no `.npmrc` cooldown | `inconclusive` (hardening recommendation) |
+  | 07 | cve-curation | invoke `refresh --curate` on a real human-curated entry | refusal with `human-curated` error |
+  | 08 | refresh-advisory | invoke `refresh --advisory` against an offline GHSA fixture | draft seed emitted, exit 3 |
+
+- `scripts/run-e2e-scenarios.js` — iterates scenarios, supports `--filter=<regex>` + `--json`. Returns non-zero on any failure.
+- `docker/test.Dockerfile` — new `e2e` target so the harness runs identically in CI containers and on a developer host (`npm run test:docker:e2e`).
+- `npm run test:e2e` — local invocation (no Docker required).
+
+### Release-workflow integration
+
+`.github/workflows/release.yml` now runs `npm run test:e2e` immediately after `npm run predeploy` and before `npm pack` / `npm publish`. A regression that breaks any playbook's detection layer — even one that passes every unit test — blocks the publish.
+
+### Coverage matrix
+
+| Surface | Covered |
+|---|---|
+| `run sbom` with real IoC fixtures | scenarios 01-06 |
+| `refresh --advisory` (offline fixture path) | scenario 08 |
+| `refresh --curate` (human-curated refusal path) | scenario 07 |
+| Exit-code semantics (0 / 2 / 3) | every scenario asserts `expect_exit` |
+| `phases.detect.classification` + `phases.close.jurisdiction_notifications` | scenarios 02-05 |
+
+Surface gaps to add in subsequent patches: `ai-run --stream` (JSONL contract), `attest verify` + `attest diff` against staged attestations, `doctor` with mock signature failures, `discover` against staged cwds.
+
+## 0.12.1 — 2026-05-13
+
+**Patch: README + website docs for the v0.12.0 freshness surface.**
+
+v0.12.0 shipped the GHSA source + `refresh --advisory` + `refresh --curate` but the README operator section + the website still showed the v0.11.x command set. v0.12.1 brings the docs into line:
+
+- README: refresh command reference now lists `--network`, `--advisory <CVE-or-GHSA-ID>`, `--curate <CVE-ID>`, `--prefetch`, and the `ghsa` source. Operator section command examples updated. New `EXCEPTD_GHSA_FIXTURE` + `EXCEPTD_REGISTRY_FIXTURE` env vars documented.
+- Website: "nightly upstream refresh" feature card extended to mention GHSA as the minutes-old disclosure path (vs days for KEV / NVD). Operator persona card command list updated to show the advisory + curate workflow.
+
+No CLI / catalog / playbook changes — pure docs.
+
 ## 0.12.0 — 2026-05-13
 
 **Minor: catalog freshness from minutes-old disclosures, not days.**

package/README.md

@@ -132,11 +132,11 @@ No clone, no signing keys, no Node 24 required for assistants that read directly
 You want to refresh CVE/RFC data, run currency checks, or generate reports. Install + invoke via `npx` (no global install needed):
 
 ```bash
-npx @blamejs/exceptd-skills prefetch          # warm local cache of upstream data
-npx @blamejs/exceptd-skills refresh --from-cache --swarm
-npx @blamejs/exceptd-skills validate-cves --from-cache --no-fail
-npx @blamejs/exceptd-skills currency
-npx @blamejs/exceptd-skills report executive
+npx @blamejs/exceptd-skills doctor                                # health check
+npx @blamejs/exceptd-skills refresh --apply --swarm               # pull KEV/NVD/EPSS/RFC/GHSA + apply
+npx @blamejs/exceptd-skills refresh --advisory CVE-2026-45321     # seed one CVE draft from GHSA
+npx @blamejs/exceptd-skills refresh --curate CVE-2026-45321       # surface editorial questions for a draft
+npx @blamejs/exceptd-skills refresh --network                     # swap data/ from latest signed npm tarball
 ```
 
 For frequent use, install globally to skip the `npx` resolution every time:
@@ -146,14 +146,18 @@ npm install -g @blamejs/exceptd-skills
 exceptd help
 ```
 
-Air-gapped operation: run `exceptd prefetch` on a connected host, copy the resulting `.cache/upstream/` to the airgap, run `exceptd refresh --from-cache <path> --apply` over there. The vendored upstream snapshots replace every network call.
+Air-gapped operation: run `exceptd refresh --prefetch` on a connected host, copy the resulting `.cache/upstream/` to the airgap, run `exceptd refresh --from-cache <path> --apply` over there. The vendored upstream snapshots replace every network call.
+
+Fresh-disclosure workflow (v0.12.0): the nightly auto-PR job pulls KEV / NVD / EPSS / IETF / **GHSA** (added in v0.12.0). KEV typically takes days; NVD ~10 days; GHSA fires within hours of disclosure and covers npm + PyPI + Maven + Go + NuGet + …. New CVE IDs land as drafts (`_auto_imported: true`, `_draft: true`) that the catalog validator treats as warnings, not errors — operators get the fresh entry immediately, editorial review (framework gaps, IoCs, ATLAS/ATT&CK refs) follows via `exceptd refresh --curate <CVE-ID>`. For "I want this CVE today, not tomorrow": `exceptd refresh --advisory <CVE-or-GHSA-ID> --apply`.
 
 Optional env vars for higher rate budgets:
 
 | Variable | Purpose |
 |---|---|
 | `NVD_API_KEY` | Lifts NVD 2.0 from 5 → 50 requests per 30s window. Free key at <https://nvd.nist.gov/developers/request-an-api-key>. |
-| `GITHUB_TOKEN` | Lifts GitHub Releases (used for ATLAS / ATT&CK / D3FEND / CWE pin checks) from 60 → 5000 requests per hour. |
+| `GITHUB_TOKEN` | Lifts GitHub Releases + GHSA from 60 → 5000 requests per hour. |
+| `EXCEPTD_GHSA_FIXTURE` | Path to a JSON fixture matching the api.github.com/advisories shape. For offline tests + air-gap workflows. |
+| `EXCEPTD_REGISTRY_FIXTURE` | Path to a JSON fixture matching the npm registry response. Used by `doctor --registry-check` + `run --upstream-check` + `refresh --network` for offline testing. |
 
 ### 3. Maintainer (extend / sign / publish)
 
@@ -275,9 +279,24 @@ exceptd refresh                       Refresh upstream catalogs + indexes.
                                       Replaces prefetch + refresh + build-indexes.
   --apply                             Write diffs back + rebuild indexes.
   --from-cache [<dir>]                Read from prefetch cache.
-  --no-network                        Dry-run.
+  --prefetch                          Populate the offline cache (alias for
+                                      --no-network).
+  --network                           (v0.11.14) Fetch latest signed catalog
+                                      snapshot from npm tarball, verify against
+                                      local public.pem, swap data/ in place.
+  --advisory <CVE-or-GHSA-ID>         (v0.12.0) Seed a single catalog entry from
+                                      GitHub Advisory Database. Writes a draft
+                                      flagged _auto_imported. --apply commits it.
+  --curate <CVE-ID>                   (v0.12.0) Emit editorial questions + ranked
+                                      candidates (ATLAS/ATT&CK/CWE/framework) for
+                                      a draft catalog entry.
   --indexes-only                      Rebuild data/_indexes/*.json only.
 
+Sources (default = all): kev | epss | nvd | rfc | pins | ghsa (v0.12.0).
+GHSA covers npm, PyPI, Maven, Go, NuGet, etc. New CVE IDs land as drafts
+that the catalog validator treats as warnings, not errors — editorial
+review (framework gaps, IoCs, ATLAS/ATT&CK refs) is still required.
+
 exceptd skill <name>                  Show context for one skill.
 exceptd framework-gap <FW> <ref>      One framework + one CVE/scenario, JSON
                                       or human. (Operates outside the seven-

package/data/_indexes/_meta.json

@@ -1,10 +1,10 @@
 {
   "schema_version": "1.1.0",
-  "generated_at": "2026-05-13T02:34:42.448Z",
+  "generated_at": "2026-05-13T02:49:16.936Z",
   "generator": "scripts/build-indexes.js",
   "source_count": 49,
   "source_hashes": {
-    "manifest.json": "31cfbef4aa2a73ae93de1837209c958f5318fadbfc4481f06459617048fec44c",
+    "manifest.json": "c607b3254ea45ed898b325a4bacbfc1076d2669e813e2d4dcbbd9d6ab0cf73ec",
     "data/atlas-ttps.json": "1500b5830dab070c4252496964a8c0948e1052a656e2c7c6e1efaf0350645e13",
     "data/cve-catalog.json": "e9a3a4ce988caa051e50a467f1cd9c0dcbf9e8f6f3e9522610baf196217b7bdc",
     "data/cwe-catalog.json": "c3367d469b4b3d31e4c56397dd7a8305a0be338ecd85afa27804c0c9ce12157b",

package/keys/public.pem

@@ -1,3 +1,3 @@
 -----BEGIN PUBLIC KEY-----
-MCowBQYDK2VwAyEA8r4wi/onMuK7+R3naEBpBUU8LDfUlt0D67FKS7IpRp4=
+MCowBQYDK2VwAyEALm7uQSdGjE9NSorvxoDnbqolbQaRXyGrgb82J5gUHhA=
 -----END PUBLIC KEY-----

package/manifest-snapshot.json

@@ -1,6 +1,6 @@
 {
   "_comment": "Auto-generated by scripts/refresh-manifest-snapshot.js — do not hand-edit. Public skill surface used by check-manifest-snapshot.js to detect breaking removals.",
-  "_generated_at": "2026-05-13T02:31:32.493Z",
+  "_generated_at": "2026-05-13T02:48:32.579Z",
   "atlas_version": "5.1.0",
   "skill_count": 38,
   "skills": [

package/manifest.json

@@ -1,6 +1,6 @@
 {
   "name": "exceptd-security",
-  "version": "0.12.0",
+  "version": "0.12.2",
   "description": "AI security skills grounded in mid-2026 threat reality, not stale framework documentation",
   "homepage": "https://exceptd.com",
   "license": "Apache-2.0",
@@ -52,7 +52,7 @@
       ],
       "last_threat_review": "2026-05-01",
       "signature": "Xk593pj7my6wPJbQBE47khpIUrPsp6N1lW7cE2T/VPPF5T+8C1yGKc9B8VphD7Q08yWFcbwF6HoWpA/+4uG9DA==",
-      "signed_at": "2026-05-13T02:31:32.071Z",
+      "signed_at": "2026-05-13T02:48:32.136Z",
       "cwe_refs": [
         "CWE-125",
         "CWE-362",
@@ -116,7 +116,7 @@
       ],
       "last_threat_review": "2026-05-01",
       "signature": "nOgUu+LK9fy6ASTCoRGtx3ttgjZCl7WIkKu2wu06JEKVSpL2cKU3ex2tmVAvv11LBmpTH+b/0zvqXlzcxzHnCw==",
-      "signed_at": "2026-05-13T02:31:32.073Z",
+      "signed_at": "2026-05-13T02:48:32.138Z",
       "cwe_refs": [
         "CWE-1039",
         "CWE-1426",
@@ -179,7 +179,7 @@
       ],
       "last_threat_review": "2026-05-01",
       "signature": "7FH1J9PlOyvcRCzRmggmenX9fIR0pi/veXihb3TeStcq1Rpuz1KHdOcJLqA9su4t2goYukKKCXHV6hx8hzplAA==",
-      "signed_at": "2026-05-13T02:31:32.073Z",
+      "signed_at": "2026-05-13T02:48:32.138Z",
       "cwe_refs": [
         "CWE-22",
         "CWE-345",
@@ -225,7 +225,7 @@
       "framework_gaps": [],
       "last_threat_review": "2026-05-01",
       "signature": "FqTRjHfEgw56pyHnyWzNtnhzDMEePBtmuamtW/iyX+h4yqbvP4Fyr7NRjRs3EgqT4j7oHuEZhV9Jt6ZTBgN4AA==",
-      "signed_at": "2026-05-13T02:31:32.073Z"
+      "signed_at": "2026-05-13T02:48:32.138Z"
     },
     {
       "name": "compliance-theater",
@@ -256,7 +256,7 @@
       ],
       "last_threat_review": "2026-05-01",
       "signature": "3fN4yotiIIq76PVTHwozCu28TzDZvWule6vX8SXUT3XXbIBSuvAO0M/euvc3pw3TdZ2UNf78dI18lOCNdJ0aAg==",
-      "signed_at": "2026-05-13T02:31:32.074Z"
+      "signed_at": "2026-05-13T02:48:32.139Z"
     },
     {
       "name": "exploit-scoring",
@@ -285,7 +285,7 @@
       ],
       "last_threat_review": "2026-05-01",
       "signature": "yZfpk4lQMRXegj2ADWjMmZTchUN6Lxpv587O/0JMzbNkXQtD6FrSAQOBWjx8S7uQ/sTntxgGN7aQQDLxL9RWAA==",
-      "signed_at": "2026-05-13T02:31:32.074Z"
+      "signed_at": "2026-05-13T02:48:32.139Z"
     },
     {
       "name": "rag-pipeline-security",
@@ -322,7 +322,7 @@
       ],
       "last_threat_review": "2026-05-01",
       "signature": "ABHkoqee67KdUyDZ3bvF+/DNxjGhPR/ehT6pfOnmUIMmkcQFHpZ0OUVXKiFUANaLgKLP1vg0VEmHOoxpNA3vAA==",
-      "signed_at": "2026-05-13T02:31:32.075Z",
+      "signed_at": "2026-05-13T02:48:32.140Z",
       "cwe_refs": [
         "CWE-1395",
         "CWE-1426"
@@ -379,7 +379,7 @@
       ],
       "last_threat_review": "2026-05-01",
       "signature": "+Nd/2tgBnW+mEGX84QvkgR2To2J7kA+lB63BsADDKeCXeebFv6Vo9H1P4vyUkKHfe4fP0ndpy3agIZcUO/e/Dg==",
-      "signed_at": "2026-05-13T02:31:32.075Z",
+      "signed_at": "2026-05-13T02:48:32.140Z",
       "d3fend_refs": [
         "D3-CA",
         "D3-CSPP",
@@ -414,7 +414,7 @@
       "framework_gaps": [],
       "last_threat_review": "2026-05-01",
       "signature": "VMNGFvowXLbBjZp5nvWloKkqyqHKhnSzbVRU3gX9quOZJHH56w2M4id+oDsXIjR0CfRRb7eXl/so0Hq4xLBuBQ==",
-      "signed_at": "2026-05-13T02:31:32.075Z",
+      "signed_at": "2026-05-13T02:48:32.140Z",
       "cwe_refs": [
         "CWE-1188"
       ]
@@ -442,7 +442,7 @@
       "framework_gaps": [],
       "last_threat_review": "2026-05-01",
       "signature": "5MaJs7gPCuFlK4oAttLulAPOA1noeV+xD/UqVWaVyRedXZgebBGKjnlE2t1qmTugvxlNIfeAnBZapk+Wz3VAAg==",
-      "signed_at": "2026-05-13T02:31:32.075Z"
+      "signed_at": "2026-05-13T02:48:32.141Z"
     },
     {
       "name": "global-grc",
@@ -474,7 +474,7 @@
       "framework_gaps": [],
       "last_threat_review": "2026-05-01",
       "signature": "S/YXUpI/mcG2FpdUTgMsccWBtTaR5A4Ph4QFQw31S9w9Hn/z3sOFHLkb1B5YSwlg+mMOtSIxMdet1eLGSZkTDg==",
-      "signed_at": "2026-05-13T02:31:32.076Z"
+      "signed_at": "2026-05-13T02:48:32.141Z"
     },
     {
       "name": "zeroday-gap-learn",
@@ -501,7 +501,7 @@
       "framework_gaps": [],
       "last_threat_review": "2026-05-01",
       "signature": "AKS+JsmhhBtytY2eIMuydjkZOYprWCmQ+RqxyxcVG9XcEI29ZSM/JbVIINQHozFl7OPPrOu1ouiTnk7LOJ86Bg==",
-      "signed_at": "2026-05-13T02:31:32.076Z"
+      "signed_at": "2026-05-13T02:48:32.141Z"
     },
     {
       "name": "pqc-first",
@@ -553,7 +553,7 @@
       ],
       "last_threat_review": "2026-05-01",
       "signature": "oEkK5bLS/G5RIHnxlNFJYdzhTJbKZnkJv+W4iS9UJ/uszZHgZGoxygELPc4kn3FowV5eE988SQYG4WKlXtNzCg==",
-      "signed_at": "2026-05-13T02:31:32.077Z",
+      "signed_at": "2026-05-13T02:48:32.142Z",
       "cwe_refs": [
         "CWE-327"
       ],
@@ -600,7 +600,7 @@
       ],
       "last_threat_review": "2026-05-01",
       "signature": "nPV6YTo1rsNH49qUnZpfoNLEQZXuLNyV05QMUOgXKHYeVDjotYpWhLgyVXlRhjV/fStiA2sWQ0MOnEJ4FBIfDg==",
-      "signed_at": "2026-05-13T02:31:32.077Z"
+      "signed_at": "2026-05-13T02:48:32.142Z"
     },
     {
       "name": "security-maturity-tiers",
@@ -637,7 +637,7 @@
       ],
       "last_threat_review": "2026-05-01",
       "signature": "7rirSEONz6O9Yyf46eTyuwkGizCj9FRcNHe5p7Qz6nhJoZQRW5FwW7n9opL0WlbIw8FDBYn1f22zgNUV87L5AQ==",
-      "signed_at": "2026-05-13T02:31:32.077Z",
+      "signed_at": "2026-05-13T02:48:32.143Z",
       "cwe_refs": [
         "CWE-1188"
       ]
@@ -672,7 +672,7 @@
       "framework_gaps": [],
       "last_threat_review": "2026-05-11",
       "signature": "+evehnd2wSBb8uMTlTr5/aTN4bfLjsKzZJk/+OMLMOJrjCt+OuMU7EQC6xMUGeSc4cPEGajghDvq3xVaacV2Dw==",
-      "signed_at": "2026-05-13T02:31:32.078Z"
+      "signed_at": "2026-05-13T02:48:32.143Z"
     },
     {
       "name": "attack-surface-pentest",
@@ -743,7 +743,7 @@
         "PTES revision incorporating AI-surface enumeration"
       ],
       "signature": "KHOXxloAYf7xqXjm2BaL3HVAZOmb7rMiMh20H/oaIkjN0WD1CnKCrRGPJn867uSFhCh/timkXolaiqD1L/h8Dg==",
-      "signed_at": "2026-05-13T02:31:32.078Z"
+      "signed_at": "2026-05-13T02:48:32.143Z"
     },
     {
       "name": "fuzz-testing-strategy",
@@ -803,7 +803,7 @@
         "OSS-Fuzz-Gen / AI-assisted harness generation becoming the default expectation for OSS maintainers"
       ],
       "signature": "+ELdD+1AY5DymBitH7wU65CS60NY1nDoLowJAFn7cE5Gr/5jy9BTkyxsm7PEXaSlXWMOkTf/HQ+uyzyxUVD/Bw==",
-      "signed_at": "2026-05-13T02:31:32.078Z"
+      "signed_at": "2026-05-13T02:48:32.143Z"
     },
     {
       "name": "dlp-gap-analysis",
@@ -878,7 +878,7 @@
         "Quebec Law 25, India DPDPA, KSA PDPL enforcement actions naming AI-tool prompt data as in-scope personal information"
       ],
       "signature": "8tFAhXAS8zZN3SUOdn+ZIu7lQ48JMOyBQ8SaObR3L/fDyFmDhufqleY2VzI3yigqlT/D4Y8FYxZHKmzXiALjDw==",
-      "signed_at": "2026-05-13T02:31:32.079Z"
+      "signed_at": "2026-05-13T02:48:32.144Z"
     },
     {
       "name": "supply-chain-integrity",
@@ -955,7 +955,7 @@
         "OpenSSF model-signing — emerging Sigstore-based signing standard for ML model weights; track for production adoption"
       ],
       "signature": "YhvlD+6gdFGg7P6QtpWeb0n54/Ujlxc7I6o/bXtpkfPiy/JY4OJo5xdreb+mbytHkasmUErL5LsDtTCAVq0QAA==",
-      "signed_at": "2026-05-13T02:31:32.079Z"
+      "signed_at": "2026-05-13T02:48:32.144Z"
     },
     {
       "name": "defensive-countermeasure-mapping",
@@ -1012,7 +1012,7 @@
       ],
       "last_threat_review": "2026-05-11",
       "signature": "AMdLkDx/e3ESI4NAnJhhcaas+Ru8VjrSn6v6RBbmmzoLCGo/vFxGraa1p/qF9udhVG+DdkbwHfbfKK5Im19KDw==",
-      "signed_at": "2026-05-13T02:31:32.079Z"
+      "signed_at": "2026-05-13T02:48:32.145Z"
     },
     {
       "name": "identity-assurance",
@@ -1079,7 +1079,7 @@
       "d3fend_refs": [],
       "last_threat_review": "2026-05-11",
       "signature": "pSMHKkyWoZvRIuVtN7Vue51sP5MIy9lSaQa2YSAMhxjptx81cUnPt3S11/Tb9Ea1/eluMNQ+5F25eF2njr4mBQ==",
-      "signed_at": "2026-05-13T02:31:32.079Z"
+      "signed_at": "2026-05-13T02:48:32.145Z"
     },
     {
       "name": "ot-ics-security",
@@ -1135,7 +1135,7 @@
       "d3fend_refs": [],
       "last_threat_review": "2026-05-11",
       "signature": "qjky+ZTX1DP7uRRMQZq7S7P9/uaJEoB1dy4RZ1l37Q4OO3k2ryfL+7o0Cgm/piuafJfH+dqUeNCRrVefj4r8Dw==",
-      "signed_at": "2026-05-13T02:31:32.080Z"
+      "signed_at": "2026-05-13T02:48:32.146Z"
     },
     {
       "name": "coordinated-vuln-disclosure",
@@ -1187,7 +1187,7 @@
         "NYDFS 23 NYCRR 500 amendments potentially adding explicit CVD program requirements"
       ],
       "signature": "F86Zl/I+dBzHYRUuGWsjDQI2F/I/vhzwZUFMqhNfKUzRbMf6mafOX2APCPYTp3eP1DvvvfL3Yc0hb1R5Q4nOAg==",
-      "signed_at": "2026-05-13T02:31:32.080Z"
+      "signed_at": "2026-05-13T02:48:32.146Z"
     },
     {
       "name": "threat-modeling-methodology",
@@ -1237,7 +1237,7 @@
         "PASTA v2 updates incorporating AI/ML application threats"
       ],
       "signature": "D/4d5NcJScNH58ADXsSrVzTmLSWZpUZTdyhtDkJlC0twSMNczOiDsXgYFitBaZgGdv5nVd00viR45mNrsaZ4BQ==",
-      "signed_at": "2026-05-13T02:31:32.081Z"
+      "signed_at": "2026-05-13T02:48:32.147Z"
     },
     {
       "name": "webapp-security",
@@ -1311,7 +1311,7 @@
       "d3fend_refs": [],
       "last_threat_review": "2026-05-11",
       "signature": "UOXaUtpcFjXyDQ70z2PaGu6K3pABtXp+7YzO6eGVGpN1CxXpPq/xW/CnTng6B7wk9WSsqD0OORBJp4VCjiVfAQ==",
-      "signed_at": "2026-05-13T02:31:32.081Z"
+      "signed_at": "2026-05-13T02:48:32.147Z"
     },
     {
       "name": "ai-risk-management",
@@ -1361,7 +1361,7 @@
       "d3fend_refs": [],
       "last_threat_review": "2026-05-11",
       "signature": "IVKygsrFjiM64fQVbd2PT6jDjs6fm5nKwJSqGfK53gG0S9wdHC4QYuh+LWlI/2ftvIKjjedLQ6FRyTrqpDEuDw==",
-      "signed_at": "2026-05-13T02:31:32.081Z"
+      "signed_at": "2026-05-13T02:48:32.147Z"
     },
     {
       "name": "sector-healthcare",
@@ -1421,7 +1421,7 @@
       "d3fend_refs": [],
       "last_threat_review": "2026-05-11",
       "signature": "P+CdSu8ZJCNUU4nTa09Voh2PcYF3y/AFJn4v7cjVIGo9FbbqO7MwvGN7cJ+aSRs2/3NMUXX4eupcODslxYyJDw==",
-      "signed_at": "2026-05-13T02:31:32.082Z"
+      "signed_at": "2026-05-13T02:48:32.148Z"
     },
     {
       "name": "sector-financial",
@@ -1502,7 +1502,7 @@
         "TIBER-EU framework v2.0 alignment with DORA TLPT RTS (JC 2024/40); cross-recognition with CBEST and iCAST"
       ],
       "signature": "zpEfh181Sc0b0cvRf/31Ir1f8lD4V5tehTogO3TJMxdKmXu06IAK7hrhBcLA/jFBv3xDDwrWW3sHzChVhWDeDA==",
-      "signed_at": "2026-05-13T02:31:32.082Z"
+      "signed_at": "2026-05-13T02:48:32.148Z"
     },
     {
       "name": "sector-federal-government",
@@ -1571,7 +1571,7 @@
         "Australia PSPF 2024 revision and ISM quarterly updates — track for Essential Eight Maturity Level requirements for federal entities"
       ],
       "signature": "7NpQlPu1DkpY9f+Frv/LLBHWUUe/qTM80c+xeYDxOzweXhvJGE/dnDCjglYHTjxT82L9cVxzBezvLEne20UpBg==",
-      "signed_at": "2026-05-13T02:31:32.082Z"
+      "signed_at": "2026-05-13T02:48:32.148Z"
     },
     {
       "name": "sector-energy",
@@ -1636,7 +1636,7 @@
         "ICS-CERT advisory feed (https://www.cisa.gov/news-events/cybersecurity-advisories/ics-advisories) for vendor CVEs in Siemens, Rockwell, Schneider Electric, ABB, GE Vernova, Hitachi Energy, AVEVA / OSIsoft PI"
       ],
       "signature": "4rhyHN5HykK7MQUmhvaTeDGj6Qf5swDd5ry8foh4KBvTkRKxTI/XyxconFGm5FASnySGPLMxX6m4JZAq5wiNBg==",
-      "signed_at": "2026-05-13T02:31:32.083Z"
+      "signed_at": "2026-05-13T02:48:32.149Z"
     },
     {
       "name": "api-security",
@@ -1705,7 +1705,7 @@
       "d3fend_refs": [],
       "last_threat_review": "2026-05-11",
       "signature": "hS1izPhETclITK7fp6R67dhy+wFDti/YsJ2M5I1gDjeWZYK41WuxeYSyt5xEHbCr3WCGDFJe77jkK1MWkxk2BA==",
-      "signed_at": "2026-05-13T02:31:32.083Z"
+      "signed_at": "2026-05-13T02:48:32.149Z"
     },
     {
       "name": "cloud-security",
@@ -1786,7 +1786,7 @@
         "CISA KEV additions for cloud-control-plane CVEs (IMDSv1 abuses, federation token mishandling, cross-tenant boundary failures); CISA Cybersecurity Advisories for cross-cloud advisories"
       ],
       "signature": "kuatqNZoRnv+oeyrxbnk+m37JRBIgRAWnDp0/IYLnoBOybiG09RzLILJraxjhvdSNCgo7WXTeBO3Y6a3Ji9MAA==",
-      "signed_at": "2026-05-13T02:31:32.083Z"
+      "signed_at": "2026-05-13T02:48:32.149Z"
     },
     {
       "name": "container-runtime-security",
@@ -1848,7 +1848,7 @@
       "d3fend_refs": [],
       "last_threat_review": "2026-05-11",
       "signature": "Btb3/7fjPFopFVdxP7+E6n322gnAAwd7OPrnuqatq6c1rXTD9aXKxiBeCmWxs8zYbIbE/lFoe9R2g6uTp8ZDBg==",
-      "signed_at": "2026-05-13T02:31:32.084Z"
+      "signed_at": "2026-05-13T02:48:32.150Z"
     },
     {
       "name": "mlops-security",
@@ -1919,7 +1919,7 @@
         "MITRE ATLAS v5.2 — track AML.T0010 sub-technique expansion and any new MLOps-pipeline-specific TTPs"
       ],
       "signature": "TBWnlgdllW7K1F10HCJ7p4dbLeS3lyNWm+7mNNtyZu7jB1V5AauG1P7sb1nLLqwKqeGlHS1F0eh/BNiuAvkABg==",
-      "signed_at": "2026-05-13T02:31:32.084Z"
+      "signed_at": "2026-05-13T02:48:32.151Z"
     },
     {
       "name": "incident-response-playbook",
@@ -1981,7 +1981,7 @@
         "NYDFS 23 NYCRR 500.17 amendments tightening ransom-payment 24h disclosure operationalization"
       ],
       "signature": "FVAXpD6sIoOLQSPtZSLLsXQnc2o2hRwiFj4xK8zEWJVkUWGqvAWRrngie7O2DRKIbWqjO5h9EevVYSzhwYHCAA==",
-      "signed_at": "2026-05-13T02:31:32.085Z"
+      "signed_at": "2026-05-13T02:48:32.151Z"
     },
     {
       "name": "email-security-anti-phishing",
@@ -2034,7 +2034,7 @@
       "d3fend_refs": [],
       "last_threat_review": "2026-05-11",
       "signature": "0HDt3Qklee4FQeKoZfwr+8qdq2pVDS0a+c7JxVw1hV/bl8+YTPaPjPTAhQUnbhUCa5cGo7G4MBQ1AifQTMJdDA==",
-      "signed_at": "2026-05-13T02:31:32.085Z"
+      "signed_at": "2026-05-13T02:48:32.152Z"
     },
     {
       "name": "age-gates-child-safety",
@@ -2102,7 +2102,7 @@
         "US state adult-site age-verification laws — 19+ states by mid-2026 (TX HB 18 upheld by SCOTUS June 2025 in Free Speech Coalition v. Paxton); track ongoing challenges in remaining states"
       ],
       "signature": "UyPSKUztZI/daHCRTnAh6ryoKLX4xyjuG+EaNMPRVuCz2gANGl1F/NozDsw7R2koMUwSFoiYTzwqDvo1tpuKAg==",
-      "signed_at": "2026-05-13T02:31:32.085Z"
+      "signed_at": "2026-05-13T02:48:32.152Z"
     }
   ]
 }

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@blamejs/exceptd-skills",
-  "version": "0.12.0",
+  "version": "0.12.2",
   "description": "AI security skills grounded in mid-2026 threat reality, not stale framework documentation. 38 skills, 10 catalogs, 34 jurisdictions, pre-computed indexes, Ed25519-signed.",
   "keywords": [
     "ai-security",
@@ -87,6 +87,8 @@
     "prepublishOnly": "node -e \"if(process.env.EXCEPTD_SKIP_PREPUBLISH_PREDEPLOY!=='1'){const r=require('child_process').spawnSync(process.execPath,['scripts/predeploy.js'],{stdio:'inherit'});if(r.status){process.exit(r.status)}}\" && node lib/validate-package.js",
     "test:docker": "docker build --target predeploy -t exceptd-test:predeploy -f docker/test.Dockerfile . && docker run --rm exceptd-test:predeploy",
     "test:docker:fresh": "docker build --target fresh-bootstrap -t exceptd-test:fresh-bootstrap -f docker/test.Dockerfile . && docker run --rm exceptd-test:fresh-bootstrap",
+    "test:e2e": "node scripts/run-e2e-scenarios.js",
+    "test:docker:e2e": "docker build --target e2e -t exceptd-test:e2e -f docker/test.Dockerfile . && docker run --rm exceptd-test:e2e",
     "scan": "node orchestrator/index.js scan",
     "dispatch": "node orchestrator/index.js dispatch",
     "currency": "node orchestrator/index.js currency",

package/sbom.cdx.json

@@ -1,10 +1,10 @@
 {
   "bomFormat": "CycloneDX",
   "specVersion": "1.6",
-  "serialNumber": "urn:uuid:18c50e92-4147-4656-90ae-5f74bba71443",
+  "serialNumber": "urn:uuid:f4ef44ca-296e-4961-bf84-1231c24d3c05",
   "version": 1,
   "metadata": {
-    "timestamp": "2026-05-13T02:31:32.904Z",
+    "timestamp": "2026-05-13T02:48:32.992Z",
     "tools": [
       {
         "name": "hand-written",
@@ -13,10 +13,10 @@
       }
     ],
     "component": {
-      "bom-ref": "pkg:npm/@blamejs/exceptd-skills@0.12.0",
+      "bom-ref": "pkg:npm/@blamejs/exceptd-skills@0.12.2",
       "type": "application",
       "name": "@blamejs/exceptd-skills",
-      "version": "0.12.0",
+      "version": "0.12.2",
       "description": "AI security skills grounded in mid-2026 threat reality, not stale framework documentation. 38 skills, 10 catalogs, 34 jurisdictions, pre-computed indexes, Ed25519-signed.",
       "licenses": [
         {
@@ -25,11 +25,11 @@
           }
         }
       ],
-      "purl": "pkg:npm/%40blamejs/exceptd-skills@0.12.0",
+      "purl": "pkg:npm/%40blamejs/exceptd-skills@0.12.2",
       "externalReferences": [
         {
           "type": "distribution",
-          "url": "https://www.npmjs.com/package/@blamejs/exceptd-skills/v/0.12.0"
+          "url": "https://www.npmjs.com/package/@blamejs/exceptd-skills/v/0.12.2"
         },
         {
           "type": "vcs",

package/scripts/run-e2e-scenarios.js

@@ -0,0 +1,240 @@
+#!/usr/bin/env node
+"use strict";
+
+/**
+ * scripts/run-e2e-scenarios.js
+ *
+ * Drives the end-to-end scenario harness under tests/e2e-scenarios/. Each
+ * scenario directory stages a synthetic file tree (real IoC patterns the
+ * playbooks check for) + an evidence.json + an expect.json. The runner:
+ *
+ *   1. mkdtemp a working dir
+ *   2. recursive-copy fixtures/ into it
+ *   3. recursive-copy any evidence.json next to scenario.json into it
+ *   4. cd into the working dir
+ *   5. spawnSync the CLI with the scenario's verb + args
+ *   6. parse stdout as JSON
+ *   7. diff against expect.json (path-based assertions)
+ *
+ * Container parity: this script is invoked unchanged inside the Docker
+ * `e2e` target (npm run test:docker:e2e). The container only adds Linux
+ * file-permission realism and Node version pinning; the script itself
+ * runs identically on host + container.
+ *
+ * Release gate: .github/workflows/release.yml runs this BEFORE
+ * `npm publish` so a regression that breaks any playbook detection
+ * blocks the release.
+ *
+ * Zero npm deps. Node 24 stdlib only.
+ */
+
+const fs = require("fs");
+const path = require("path");
+const os = require("os");
+const { spawnSync } = require("child_process");
+
+const ROOT = path.resolve(__dirname, "..");
+const CLI = path.join(ROOT, "bin", "exceptd.js");
+const SCENARIO_DIR = path.join(ROOT, "tests", "e2e-scenarios");
+const FIXTURE_DIR = path.join(ROOT, "tests", "fixtures");
+
+function copyRecursive(src, dst) {
+  const stat = fs.statSync(src);
+  if (stat.isDirectory()) {
+    fs.mkdirSync(dst, { recursive: true });
+    for (const entry of fs.readdirSync(src)) {
+      copyRecursive(path.join(src, entry), path.join(dst, entry));
+    }
+  } else {
+    fs.mkdirSync(path.dirname(dst), { recursive: true });
+    fs.copyFileSync(src, dst);
+  }
+}
+
+function getJsonPath(obj, dotted) {
+  return dotted.split(".").reduce((acc, key) => acc?.[key], obj);
+}
+
+function diffExpect(jsonBody, expect, ctx) {
+  const failures = [];
+  if (expect.json_path_equals) {
+    for (const [p, want] of Object.entries(expect.json_path_equals)) {
+      const got = getJsonPath(jsonBody, p);
+      if (JSON.stringify(got) !== JSON.stringify(want)) {
+        failures.push(`json_path_equals.${p}: want ${JSON.stringify(want)}, got ${JSON.stringify(got)}`);
+      }
+    }
+  }
+  if (expect.json_path_present) {
+    for (const p of expect.json_path_present) {
+      const got = getJsonPath(jsonBody, p);
+      if (got === undefined || got === null) {
+        failures.push(`json_path_present.${p}: missing`);
+      }
+    }
+  }
+  if (expect.json_path_min) {
+    for (const [p, min] of Object.entries(expect.json_path_min)) {
+      const got = getJsonPath(jsonBody, p);
+      if (typeof got !== "number" || got < min) {
+        failures.push(`json_path_min.${p}: want >= ${min}, got ${JSON.stringify(got)}`);
+      }
+    }
+  }
+  if (expect.json_path_match) {
+    for (const [p, regex] of Object.entries(expect.json_path_match)) {
+      const got = getJsonPath(jsonBody, p);
+      if (typeof got !== "string" || !new RegExp(regex).test(got)) {
+        failures.push(`json_path_match.${p}: want match /${regex}/, got ${JSON.stringify(got)}`);
+      }
+    }
+  }
+  if (expect.stderr_must_not_match) {
+    for (const regex of expect.stderr_must_not_match) {
+      if (new RegExp(regex).test(ctx.stderr)) {
+        failures.push(`stderr_must_not_match /${regex}/: stderr contains it`);
+      }
+    }
+  }
+  return failures;
+}
+
+function tryParseJson(s) {
+  if (!s) return null;
+  try { return JSON.parse(s.trim()); } catch { /* ignore */ }
+  // Some verbs may emit trailing logs; pick the LAST complete JSON object on stdout.
+  const lines = s.trim().split("\n");
+  for (let i = lines.length - 1; i >= 0; i--) {
+    try { return JSON.parse(lines[i]); } catch { /* keep looking */ }
+  }
+  return null;
+}
+
+function runScenario(scenarioPath) {
+  const name = path.basename(scenarioPath);
+  const scenarioFile = path.join(scenarioPath, "scenario.json");
+  if (!fs.existsSync(scenarioFile)) {
+    return { name, skipped: true, reason: "no scenario.json" };
+  }
+  const scenario = JSON.parse(fs.readFileSync(scenarioFile, "utf8"));
+  const expect = fs.existsSync(path.join(scenarioPath, "expect.json"))
+    ? JSON.parse(fs.readFileSync(path.join(scenarioPath, "expect.json"), "utf8"))
+    : {};
+
+  // Stage temp working dir
+  const work = fs.mkdtempSync(path.join(os.tmpdir(), `e2e-${name}-`));
+  try {
+    const fixturesDir = path.join(scenarioPath, "fixtures");
+    if (fs.existsSync(fixturesDir)) copyRecursive(fixturesDir, work);
+    const evidenceSrc = path.join(scenarioPath, "evidence.json");
+    if (fs.existsSync(evidenceSrc)) {
+      fs.copyFileSync(evidenceSrc, path.join(work, "evidence.json"));
+    }
+
+    // Resolve env. @@FIXTURE@@ in env values expands to ROOT/tests/fixtures.
+    const env = { ...process.env, EXCEPTD_DEPRECATION_SHOWN: "1", EXCEPTD_UNSIGNED_WARNED: "1" };
+    if (scenario.env) {
+      for (const [k, v] of Object.entries(scenario.env)) {
+        env[k] = String(v).replace(/@@FIXTURE@@/g, FIXTURE_DIR);
+      }
+    }
+
+    // Resolve args
+    const args = (scenario.args || []).slice();
+
+    // Verb routing. `refresh` + `refresh-curate` are not the same as `run` —
+    // the dispatcher in bin/exceptd.js handles the translation, so we just
+    // pass the verb + args verbatim. `refresh-curate` is the internal name
+    // for `refresh --curate`; surfaced here for test directness.
+    const verb = scenario.verb;
+    let cmd, cmdArgs;
+    if (verb === "refresh-curate") {
+      // Invoke the curation helper directly. Production path is via the
+      // dispatcher in bin/exceptd.js (which dispatches refresh --curate).
+      cmd = process.execPath;
+      cmdArgs = [path.join(ROOT, "lib", "cve-curation.js"), ...args];
+    } else {
+      cmd = process.execPath;
+      cmdArgs = [CLI, verb, ...args];
+    }
+
+    const res = spawnSync(cmd, cmdArgs, {
+      cwd: work,
+      encoding: "utf8",
+      env,
+      timeout: 60000,
+    });
+
+    const stdout = res.stdout || "";
+    const stderr = res.stderr || "";
+    const status = res.status;
+    const body = tryParseJson(stdout);
+
+    const failures = [];
+    if (typeof scenario.expect_exit === "number" && status !== scenario.expect_exit) {
+      failures.push(`exit: want ${scenario.expect_exit}, got ${status}`);
+    }
+    if (!body && (expect.json_path_equals || expect.json_path_present || expect.json_path_min || expect.json_path_match)) {
+      failures.push(`stdout did not parse as JSON; first 200 chars: ${stdout.slice(0, 200)}`);
+    }
+    if (body) failures.push(...diffExpect(body, expect, { stdout, stderr, status }));
+
+    return {
+      name,
+      description: scenario.description || "",
+      ok: failures.length === 0,
+      exit_status: status,
+      failures,
+      stdout_preview: stdout.slice(0, 200),
+      stderr_preview: stderr.slice(0, 200),
+    };
+  } finally {
+    fs.rmSync(work, { recursive: true, force: true });
+  }
+}
+
+function main() {
+  const filter = process.argv.find(a => a.startsWith("--filter="));
+  const filterRe = filter ? new RegExp(filter.slice("--filter=".length)) : null;
+  const json = process.argv.includes("--json");
+
+  const scenarios = fs.readdirSync(SCENARIO_DIR)
+    .filter(d => /^\d+-/.test(d))
+    .filter(d => !filterRe || filterRe.test(d))
+    .map(d => path.join(SCENARIO_DIR, d))
+    .sort();
+
+  const results = [];
+  for (const s of scenarios) {
+    results.push(runScenario(s));
+  }
+
+  const failed = results.filter(r => !r.ok && !r.skipped);
+  const passed = results.filter(r => r.ok);
+  const skipped = results.filter(r => r.skipped);
+
+  if (json) {
+    process.stdout.write(JSON.stringify({
+      verb: "e2e",
+      total: results.length,
+      passed: passed.length,
+      failed: failed.length,
+      skipped: skipped.length,
+      results,
+    }, null, 2) + "\n");
+  } else {
+    for (const r of results) {
+      const tag = r.skipped ? "SKIP" : r.ok ? "PASS" : "FAIL";
+      process.stdout.write(`${tag}  ${r.name}\n`);
+      if (!r.ok && !r.skipped) {
+        for (const f of r.failures) process.stdout.write(`        - ${f}\n`);
+        if (r.stderr_preview) process.stdout.write(`        stderr: ${r.stderr_preview}\n`);
+      }
+    }
+    process.stdout.write(`\n${passed.length}/${results.length} scenarios passed${failed.length ? `, ${failed.length} failed` : ""}${skipped.length ? `, ${skipped.length} skipped` : ""}.\n`);
+  }
+
+  process.exit(failed.length === 0 ? 0 : 1);
+}
+
+main();