npm - @blamejs/exceptd-skills - Versions diffs - 0.12.24 → 0.12.25 - Mend

@blamejs/exceptd-skills 0.12.24 → 0.12.25

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (46) hide show

package/AGENTS.md +12 -4
package/CHANGELOG.md +83 -0
package/data/_indexes/_meta.json +31 -31
package/data/_indexes/activity-feed.json +45 -45
package/data/_indexes/catalog-summaries.json +19 -19
package/data/_indexes/chains.json +320 -0
package/data/_indexes/currency.json +9 -9
package/data/_indexes/frequency.json +39 -2
package/data/_indexes/jurisdiction-clocks.json +2 -2
package/data/_indexes/jurisdiction-map.json +3 -1
package/data/_indexes/section-offsets.json +396 -396
package/data/_indexes/summary-cards.json +3 -3
package/data/_indexes/token-budget.json +73 -73
package/data/atlas-ttps.json +491 -19
package/data/attack-techniques.json +198 -84
package/data/cve-catalog.json +1309 -9
package/data/exploit-availability.json +300 -10
package/data/framework-control-gaps.json +395 -1
package/data/global-frameworks.json +44 -19
package/data/rfc-references.json +93 -1
package/data/zeroday-lessons.json +475 -13
package/lib/schemas/cve-catalog.schema.json +24 -3
package/manifest-snapshot.json +1 -1
package/manifest-snapshot.sha256 +1 -1
package/manifest.json +59 -59
package/package.json +1 -1
package/sbom.cdx.json +6 -6
package/skills/ai-attack-surface/skill.md +11 -2
package/skills/ai-c2-detection/skill.md +3 -1
package/skills/ai-risk-management/skill.md +3 -1
package/skills/api-security/skill.md +4 -0
package/skills/attack-surface-pentest/skill.md +1 -0
package/skills/container-runtime-security/skill.md +3 -1
package/skills/dlp-gap-analysis/skill.md +1 -1
package/skills/exploit-scoring/skill.md +2 -2
package/skills/incident-response-playbook/skill.md +1 -1
package/skills/kernel-lpe-triage/skill.md +6 -1
package/skills/mcp-agent-trust/skill.md +7 -2
package/skills/mlops-security/skill.md +1 -1
package/skills/rag-pipeline-security/skill.md +4 -2
package/skills/sector-financial/skill.md +1 -1
package/skills/skill-update-loop/skill.md +1 -1
package/skills/supply-chain-integrity/skill.md +3 -1
package/skills/threat-model-currency/skill.md +1 -1
package/skills/webapp-security/skill.md +2 -0
package/skills/zeroday-gap-learn/skill.md +2 -2

package/skills/rag-pipeline-security/skill.md CHANGED Viewed

@@ -37,14 +37,16 @@ d3fend_refs:
   - D3-FAPA
   - D3-IOPR
   - D3-NTA
-last_threat_review: "2026-05-13"
+forward_watch:
+  - Pwn2Own Berlin 2026 (disclosed 2026-05-14, embargo ends 2026-08-12) — Chroma vector DB CWE-190 + CWE-362 chain by haehae; impacts RAG vector store integrity (integer overflow + race condition); track patch and downstream RAG pipeline advisory
+last_threat_review: "2026-05-15"
 ---
 # RAG Pipeline Security Assessment
 ## Threat Context (mid-2026)
-Retrieval-Augmented Generation (RAG) pipelines introduce a unique attack surface that exists at the intersection of traditional data security and AI-specific vulnerabilities. No current compliance framework has adequate controls for this attack surface. The threats in this skill are not theoretical — they have been demonstrated in research and observed in production incidents.
+Retrieval-Augmented Generation (RAG) pipelines introduce a unique attack surface that exists at the intersection of traditional data security and AI-specific vulnerabilities. No current compliance framework has adequate controls for this attack surface. The threats in this skill are not theoretical — they have been demonstrated in research and observed in production incidents. Operational context: 41% of 2025 zero-days were AI-discovered (GTIG 2025); the first AI-built in-the-wild zero-day surfaced 2026-05-11 (GTIG AI 2FA-bypass), and Fragnesia (CVE-2026-46300, 2026-05-13) is the canonical AI-driven autonomous-discovery anchor (Zellic agentic auditor, 18-year-old Linux kernel primitive). RAG corpus trust posture should align to CTID Secure AI v2 (2026-05-06, replaces v1) — embedding-store integrity is in-scope.
 A RAG pipeline has five attack surfaces:

package/skills/sector-financial/skill.md CHANGED Viewed

@@ -73,7 +73,7 @@ forward_watch:
   - BCB Resolução BCB 85 (cyber policy for FIs) and Brazil PIX fraud-typology updates
   - OSFI B-13 (Technology and Cyber Risk Management) post-2024 examination findings
   - TIBER-EU framework v2.0 alignment with DORA TLPT RTS (JC 2024/40); cross-recognition with CBEST and iCAST
-last_threat_review: "2026-05-11"
+last_threat_review: "2026-05-15"
 ---
 # Sector — Financial Services Cybersecurity (mid-2026)

package/skills/skill-update-loop/skill.md CHANGED Viewed

@@ -32,7 +32,7 @@ forward_watch:
   - AI/MCP platform CVEs (GitHub Security Advisories, OSV database)
   - Framework publication updates (NIST SP updates, ISO amendments, NIS2 implementing acts)
   - IETF RFC publications and draft status changes (datatracker.ietf.org, rfc-editor.org); run `npm run validate-rfcs` quarterly
-last_threat_review: "2026-05-11"
+last_threat_review: "2026-05-15"
 ---
 # Skill Update Loop

package/skills/supply-chain-integrity/skill.md CHANGED Viewed

@@ -54,6 +54,8 @@ forward_watch:
   - SPDX 3.1 — AI profile maturation, dataset provenance schema stabilization
   - EU CRA (Regulation 2024/2847) — implementing acts for technical documentation and SBOM submission expected through 2027
   - OpenSSF model-signing — emerging Sigstore-based signing standard for ML model weights; track for production adoption
+  - Pwn2Own Berlin 2026 (disclosed 2026-05-14, embargo ends 2026-08-12) — NVIDIA Megatron Bridge overly permissive allowed list by Satoki Tsuji; AI training-stack supply-chain exposure; track patch and SBOM-attestation impact
+  - Pwn2Own Berlin 2026 (disclosed 2026-05-14, embargo ends 2026-08-12) — NVIDIA Megatron Bridge path traversal by haehae; AI training-stack file-system trust boundary; track patch and SBOM-attestation impact
 cwe_refs:
   - CWE-1357
   - CWE-1395
@@ -64,7 +66,7 @@ d3fend_refs:
   - D3-CBAN
   - D3-EAL
   - D3-EHB
-last_threat_review: "2026-05-13"
+last_threat_review: "2026-05-15"
 ---
 # Supply-Chain Integrity Assessment

package/skills/threat-model-currency/skill.md CHANGED Viewed

@@ -22,7 +22,7 @@ forward_watch:
   - New CISA KEV entries in kernel/AI/supply chain categories
   - New MCP or agent protocol security disclosures
   - Emerging malware families using AI for evasion
-last_threat_review: "2026-05-14"
+last_threat_review: "2026-05-15"
 ---
 # Threat Model Currency Assessment

package/skills/webapp-security/skill.md CHANGED Viewed

@@ -68,6 +68,8 @@ d3fend_refs:
   - D3-CSPP
   - D3-EAL
   - D3-MFA
+forward_watch:
+  - NGINX Rift CVE-2026-42945 (disclosed 2026-05-13, source depthfirst) — KEV-watch predicted CISA KEV listing by 2026-05-29; AI-assisted discovery angle; track for active-exploitation confirmation and patch advisory affecting front-door web app deployments
 last_threat_review: "2026-05-11"
 ---

package/skills/zeroday-gap-learn/skill.md CHANGED Viewed

@@ -23,7 +23,7 @@ forward_watch:
   - New ATLAS TTP additions in each ATLAS release
   - Framework updates that close previously open gaps
   - Vendor advisories for MCP/AI tool supply chain CVEs
-last_threat_review: "2026-05-14"
+last_threat_review: "2026-05-15"
 ---
 # Zero-Day Learning Loop
@@ -44,7 +44,7 @@ The `atlas_refs`, `attack_refs`, and `framework_gaps` arrays are intentionally e
 The zero-day learning cycle has compressed. The frameworks have not.
-- **41% of 2025 zero-days were discovered by attackers using AI-assisted reverse engineering** (AGENTS.md DR-5). Copy Fail (CVE-2026-31431) was AI-found in approximately one hour. The historical learning rhythm — researcher disclosure → industry analysis → framework update cycle measured in quarters or years — is incompatible with AI-discovery cadence measured in weeks.
+- **41% of 2025 zero-days were discovered by attackers using AI-assisted reverse engineering** (AGENTS.md DR-5 / GTIG 2025). Copy Fail (CVE-2026-31431) was AI-found in approximately one hour; Fragnesia (CVE-2026-46300, 2026-05-13) is the canonical 2026 anchor case — Zellic's agentic code-auditing tool surfaced an 18-year-old Linux kernel page-cache primitive in load-bearing OSS. The first documented AI-built in-the-wild zero-day surfaced 2026-05-11 (GTIG AI 2FA-bypass case). The exceptd catalog's 2026 AI-discovery rate now stands at 40% (4/10), tracking the GTIG reference. The historical learning rhythm — researcher disclosure → industry analysis → framework update cycle measured in quarters or years — is incompatible with AI-discovery cadence measured in weeks. CTID Secure AI v2 (2026-05-06) replaces v1 as the alignment target for the learning-loop outputs.
 - **The compounding consequence**: when a zero-day is announced, the relevant question is no longer "when will the patch ship?" but "what control, if it had existed, would have stopped this, and how do we add that control to the next thousand systems before the AI-generated variant lands?" Without a running learning loop, every novel TTP becomes a one-off incident response rather than a control-system improvement.
 - **AI-acceleration also compresses variant generation.** A single disclosed primitive (Copy Fail's deterministic page-cache CoW; SesameOp's AI-API C2 channel) can be re-applied by AI tooling to adjacent code paths within days. Frameworks that only respond to specific CVE-IDs miss the class-level lesson entirely.
 - **Compliance frameworks do not include zero-day learning as a required control category.** The "learn from incidents" language in NIST CSF 2.0 IMPROVE and ISO 27001:2022 A.5.7 is process-only, no required artifact. An org can be fully compliant while patching every CVE and learning nothing.