@blamejs/exceptd-skills 0.12.13 → 0.12.15

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (87) hide show
  1. package/CHANGELOG.md +150 -0
  2. package/bin/exceptd.js +147 -9
  3. package/data/_indexes/_meta.json +45 -45
  4. package/data/_indexes/activity-feed.json +4 -4
  5. package/data/_indexes/catalog-summaries.json +29 -29
  6. package/data/_indexes/chains.json +3238 -3210
  7. package/data/_indexes/frequency.json +3 -0
  8. package/data/_indexes/jurisdiction-map.json +5 -3
  9. package/data/_indexes/section-offsets.json +712 -685
  10. package/data/_indexes/theater-fingerprints.json +1 -1
  11. package/data/_indexes/token-budget.json +355 -340
  12. package/data/atlas-ttps.json +144 -129
  13. package/data/attack-techniques.json +319 -76
  14. package/data/cve-catalog.json +515 -475
  15. package/data/cwe-catalog.json +1081 -759
  16. package/data/exploit-availability.json +63 -15
  17. package/data/framework-control-gaps.json +867 -843
  18. package/data/rfc-references.json +276 -276
  19. package/keys/EXPECTED_FINGERPRINT +1 -0
  20. package/lib/auto-discovery.js +21 -4
  21. package/lib/cross-ref-api.js +39 -6
  22. package/lib/cve-curation.js +18 -5
  23. package/lib/lint-skills.js +6 -1
  24. package/lib/playbook-runner.js +742 -78
  25. package/lib/refresh-external.js +40 -22
  26. package/lib/refresh-network.js +193 -17
  27. package/lib/scoring.js +20 -7
  28. package/lib/source-ghsa.js +219 -37
  29. package/lib/source-osv.js +381 -122
  30. package/lib/validate-catalog-meta.js +64 -9
  31. package/lib/validate-cve-catalog.js +56 -18
  32. package/lib/validate-indexes.js +88 -37
  33. package/lib/verify.js +72 -0
  34. package/manifest-snapshot.json +1 -1
  35. package/manifest-snapshot.sha256 +1 -0
  36. package/manifest.json +73 -73
  37. package/orchestrator/dispatcher.js +21 -1
  38. package/orchestrator/event-bus.js +52 -8
  39. package/orchestrator/index.js +279 -20
  40. package/orchestrator/pipeline.js +63 -2
  41. package/orchestrator/scanner.js +32 -10
  42. package/orchestrator/scheduler.js +150 -17
  43. package/package.json +3 -1
  44. package/sbom.cdx.json +7 -7
  45. package/scripts/check-manifest-snapshot.js +32 -0
  46. package/scripts/check-sbom-currency.js +65 -3
  47. package/scripts/check-test-coverage.js +142 -19
  48. package/scripts/predeploy.js +83 -39
  49. package/scripts/refresh-manifest-snapshot.js +55 -4
  50. package/scripts/validate-vendor-online.js +169 -0
  51. package/scripts/verify-shipped-tarball.js +106 -3
  52. package/skills/ai-attack-surface/skill.md +18 -10
  53. package/skills/ai-c2-detection/skill.md +7 -2
  54. package/skills/ai-risk-management/skill.md +5 -4
  55. package/skills/api-security/skill.md +3 -3
  56. package/skills/attack-surface-pentest/skill.md +5 -5
  57. package/skills/cloud-security/skill.md +1 -1
  58. package/skills/compliance-theater/skill.md +8 -8
  59. package/skills/container-runtime-security/skill.md +1 -1
  60. package/skills/dlp-gap-analysis/skill.md +5 -1
  61. package/skills/email-security-anti-phishing/skill.md +1 -1
  62. package/skills/exploit-scoring/skill.md +18 -18
  63. package/skills/framework-gap-analysis/skill.md +6 -6
  64. package/skills/global-grc/skill.md +3 -2
  65. package/skills/identity-assurance/skill.md +2 -2
  66. package/skills/incident-response-playbook/skill.md +4 -4
  67. package/skills/kernel-lpe-triage/skill.md +21 -2
  68. package/skills/mcp-agent-trust/skill.md +17 -10
  69. package/skills/mlops-security/skill.md +2 -1
  70. package/skills/ot-ics-security/skill.md +1 -1
  71. package/skills/policy-exception-gen/skill.md +3 -3
  72. package/skills/pqc-first/skill.md +1 -1
  73. package/skills/rag-pipeline-security/skill.md +7 -3
  74. package/skills/researcher/skill.md +20 -3
  75. package/skills/sector-energy/skill.md +1 -1
  76. package/skills/sector-federal-government/skill.md +1 -1
  77. package/skills/sector-financial/skill.md +3 -3
  78. package/skills/sector-healthcare/skill.md +2 -2
  79. package/skills/security-maturity-tiers/skill.md +7 -7
  80. package/skills/skill-update-loop/skill.md +19 -3
  81. package/skills/supply-chain-integrity/skill.md +1 -1
  82. package/skills/threat-model-currency/skill.md +11 -11
  83. package/skills/threat-modeling-methodology/skill.md +3 -3
  84. package/skills/webapp-security/skill.md +1 -1
  85. package/skills/zeroday-gap-learn/skill.md +51 -7
  86. package/vendor/blamejs/_PROVENANCE.json +4 -1
  87. package/vendor/blamejs/worker-pool.js +38 -0
package/data/exploit-availability.json CHANGED
@@ -16,6 +16,25 @@
16
16
  "note": "Per-entry last_verified governs decay. Skills depending on this catalog must check entry freshness before high-stakes use."
17
17
  }
18
18
  },
19
+ "CVE-2025-53773": {
20
+ "poc_status": "demonstrated",
21
+ "poc_description": "Demonstrated in controlled environment — adversarial instructions in PR description field trigger code execution via GitHub Copilot interaction.",
22
+ "weaponization_stage": "demonstrated",
23
+ "ai_discovery_confirmed": false,
24
+ "ai_tool_enabled": true,
25
+ "exploit_complexity": "low",
26
+ "last_verified": "2026-05-01",
27
+ "verification_source": "NVD, GitHub Security Advisory"
28
+ },
29
+ "CVE-2026-30615": {
30
+ "poc_status": "partial",
31
+ "poc_description": "Conceptual exploit demonstrated — malicious MCP server → zero-interaction RCE via AI client vulnerability in Windsurf.",
32
+ "weaponization_stage": "partial",
33
+ "ai_discovery_confirmed": false,
34
+ "exploit_complexity": "low_once_mcp_server_installed",
35
+ "last_verified": "2026-05-01",
36
+ "verification_source": "NVD, Windsurf vendor advisory"
37
+ },
19
38
  "CVE-2026-31431": {
20
39
  "poc_status": "public",
21
40
  "poc_description": "Single-stage deterministic root escalation script, reported as 732 bytes. No race condition. Requires unprivileged local code execution.",
@@ -27,6 +46,30 @@
27
46
  "last_verified": "2026-05-01",
28
47
  "verification_source": "NVD references, CISA KEV listing, researcher disclosures"
29
48
  },
49
+ "CVE-2026-39884": {
50
+ "poc_status": "public",
51
+ "poc_description": "GHSA-4xqg-gf5c-ghwq publishes argv-injection PoC: invoke port_forward MCP tool with resourceName containing space-delimited kubectl flags (--address=0.0.0.0, -n kube-system). Attacker-controllable flags reach kubectl via .split(' ') concatenation.",
52
+ "weaponization_stage": "partially_weaponized",
53
+ "ai_discovery_confirmed": false,
54
+ "ai_assisted_weaponization": false,
55
+ "exploit_complexity": "low",
56
+ "complexity_notes": "Requires upstream prompt-injection vector (RAG / PR / issue) to deliver the tainted resourceName to the AI assistant; pure-MCP-server exploitation impractical without an LLM-mediated step.",
57
+ "active_exploitation": "suspected",
58
+ "last_verified": "2026-05-13",
59
+ "verification_source": "NVD, Flux159 GHSA-4xqg-gf5c-ghwq"
60
+ },
61
+ "CVE-2026-42208": {
62
+ "poc_status": "public",
63
+ "poc_description": "GHSA-r75f-5x8p-qvmc documents the SQL injection sink shape — crafted Authorization header reaches the vulnerable query via error-handling paths. CISA KEV listing 2026-05-08 confirms in-wild exploitation.",
64
+ "weaponization_stage": "fully_weaponized",
65
+ "ai_discovery_confirmed": false,
66
+ "ai_assisted_weaponization": false,
67
+ "exploit_complexity": "low",
68
+ "complexity_notes": "Curl-able exploit — POST /chat/completions with SQLi payload in Authorization header. No auth required.",
69
+ "active_exploitation": "confirmed",
70
+ "last_verified": "2026-05-13",
71
+ "verification_source": "NVD, CISA KEV, BerriAI GHSA-r75f-5x8p-qvmc"
72
+ },
30
73
  "CVE-2026-43284": {
31
74
  "poc_status": "public",
32
75
  "poc_description": "Chain component — exploits ESP/IPsec subsystem. Requires combination with CVE-2026-43500 or independent gadget chain.",
@@ -45,23 +88,28 @@
45
88
  "last_verified": "2026-05-01",
46
89
  "verification_source": "NVD references, researcher (Hyunwoo Kim) disclosure"
47
90
  },
48
- "CVE-2025-53773": {
49
- "poc_status": "demonstrated",
50
- "poc_description": "Demonstrated in controlled environmentadversarial instructions in PR description field trigger code execution via GitHub Copilot interaction.",
51
- "weaponization_stage": "demonstrated",
91
+ "CVE-2026-45321": {
92
+ "poc_status": "public",
93
+ "poc_description": "84 malicious versions published across 42 @tanstack/* packages 2026-05-11 the worm itself IS the PoC. Payload analysis published by multiple researchers within 20 minutes; SHA-256 anchors and C2 infrastructure documented in cve-catalog.json iocs block.",
94
+ "weaponization_stage": "fully_weaponized",
52
95
  "ai_discovery_confirmed": false,
53
- "ai_tool_enabled": true,
54
- "exploit_complexity": "low",
55
- "last_verified": "2026-05-01",
56
- "verification_source": "NVD, GitHub Security Advisory"
96
+ "ai_assisted_weaponization": false,
97
+ "exploit_complexity": "high",
98
+ "complexity_notes": "Chain requires upstream maintainer to have pull_request_target plus cache plus id-token:write — present in TanStack but not universally. Downstream consumers experience the chain as a low-complexity install of a yanked-but-cached version.",
99
+ "active_exploitation": "confirmed",
100
+ "last_verified": "2026-05-13",
101
+ "verification_source": "NVD, npmjs.com advisories, TanStack security advisory 2026-05-11"
57
102
  },
58
- "CVE-2026-30615": {
59
- "poc_status": "partial",
60
- "poc_description": "Conceptual exploit demonstrated malicious MCP server zero-interaction RCE via AI client vulnerability in Windsurf.",
61
- "weaponization_stage": "partial",
103
+ "MAL-2026-3083": {
104
+ "poc_status": "public",
105
+ "poc_description": "Orphan commit b1e4b1f3aad0d489ab0e9208031c67402bbb8480 still readable on GitHub. The .pth-file install-time payload mechanism is documented; exfiltration domain igotnofriendsonlineorirl-imgonnakmslmao.skyhanni.cloud was live during the 8h exposure window (2026-04-24 22:20Z through 2026-04-25 ~06:30Z).",
106
+ "weaponization_stage": "fully_weaponized",
62
107
  "ai_discovery_confirmed": false,
63
- "exploit_complexity": "low_once_mcp_server_installed",
64
- "last_verified": "2026-05-01",
65
- "verification_source": "NVD, Windsurf vendor advisory"
108
+ "ai_assisted_weaponization": false,
109
+ "exploit_complexity": "low",
110
+ "complexity_notes": "Primitive is GitHub Actions script injection via ${{ github.event.comment.body }} in a run: step. Anyone with a GitHub account can comment on a public PR.",
111
+ "active_exploitation": "confirmed",
112
+ "last_verified": "2026-05-13",
113
+ "verification_source": "OSV.dev MAL-2026-3083, Snyk SNYK-PYTHON-ELEMENTARYDATA-16316110, StepSecurity forensic writeup, Elementary Data incident report"
66
114
  }
67
115
  }