npm - @blamejs/exceptd-skills - Versions diffs - 0.12.24 → 0.12.26 - Mend

@blamejs/exceptd-skills 0.12.24 → 0.12.26

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (51) hide show

package/AGENTS.md +12 -4
package/CHANGELOG.md +127 -0
package/data/_indexes/_meta.json +44 -43
package/data/_indexes/activity-feed.json +54 -47
package/data/_indexes/catalog-summaries.json +20 -20
package/data/_indexes/chains.json +561 -6
package/data/_indexes/currency.json +19 -10
package/data/_indexes/frequency.json +207 -55
package/data/_indexes/handoff-dag.json +4 -0
package/data/_indexes/jurisdiction-clocks.json +2 -2
package/data/_indexes/jurisdiction-map.json +25 -12
package/data/_indexes/section-offsets.json +490 -396
package/data/_indexes/stale-content.json +14 -2
package/data/_indexes/summary-cards.json +57 -3
package/data/_indexes/token-budget.json +129 -74
package/data/_indexes/trigger-table.json +66 -0
package/data/_indexes/xref.json +58 -8
package/data/atlas-ttps.json +528 -19
package/data/attack-techniques.json +198 -84
package/data/cve-catalog.json +1309 -9
package/data/exploit-availability.json +300 -10
package/data/framework-control-gaps.json +557 -1
package/data/global-frameworks.json +44 -19
package/data/rfc-references.json +94 -1
package/data/zeroday-lessons.json +475 -13
package/lib/schemas/cve-catalog.schema.json +24 -3
package/manifest-snapshot.json +68 -2
package/manifest-snapshot.sha256 +1 -1
package/manifest.json +145 -59
package/package.json +1 -1
package/sbom.cdx.json +7 -7
package/skills/ai-attack-surface/skill.md +11 -2
package/skills/ai-c2-detection/skill.md +3 -1
package/skills/ai-risk-management/skill.md +3 -1
package/skills/api-security/skill.md +4 -0
package/skills/attack-surface-pentest/skill.md +1 -0
package/skills/container-runtime-security/skill.md +3 -1
package/skills/dlp-gap-analysis/skill.md +1 -1
package/skills/exploit-scoring/skill.md +2 -2
package/skills/incident-response-playbook/skill.md +1 -1
package/skills/kernel-lpe-triage/skill.md +6 -1
package/skills/mcp-agent-trust/skill.md +7 -2
package/skills/mlops-security/skill.md +1 -1
package/skills/rag-pipeline-security/skill.md +4 -2
package/skills/sector-financial/skill.md +1 -1
package/skills/sector-telecom/skill.md +259 -0
package/skills/skill-update-loop/skill.md +1 -1
package/skills/supply-chain-integrity/skill.md +3 -1
package/skills/threat-model-currency/skill.md +1 -1
package/skills/webapp-security/skill.md +2 -0
package/skills/zeroday-gap-learn/skill.md +2 -2

package/AGENTS.md CHANGED Viewed

@@ -28,7 +28,13 @@ Also read [CONTEXT.md](CONTEXT.md) for a complete orientation to the skill syste
 11. **No-MVP ban** — A half-implemented skill is worse than no skill. Every shipped skill has: complete frontmatter, all required body sections, real data deps populated, a compliance theater check, and a concrete output format. Partial skills are not merged — they are finished or removed.
-12. **External data version pinning** — Every reference to external data (MITRE ATLAS, NIST frameworks, CISA KEV, IETF RFCs and Internet-Drafts) must pin to a specific version. When a new version is released: (a) audit for breaking changes (renamed TTPs, replaced RFCs, deprecated controls), (b) bump `last_threat_review` in all affected skills, (c) update `_meta` version fields in the relevant `data/*.json` file, (d) update `last_verified` on affected `data/rfc-references.json` entries, (e) never silently inherit version changes. Frameworks lag RFCs; RFCs lag attacker innovation — skills must track lag at every layer. Current pinned ATLAS version: v5.1.0 (November 2025). The IETF RFC / Internet-Draft catalog lives at `data/rfc-references.json`; each entry tracks status, errata count, replaces / replaced-by, and `last_verified`.
+12. **External data version pinning** — Every reference to external data (MITRE ATLAS, MITRE ATT&CK, NIST frameworks, CISA KEV, IETF RFCs and Internet-Drafts) must pin to a specific version. When a new version is released: (a) audit for breaking changes (renamed TTPs, tactic-split moves, replaced RFCs, deprecated controls), (b) bump `last_threat_review` in all affected skills, (c) update `_meta` version fields in the relevant `data/*.json` file, (d) update `last_verified` on affected `data/rfc-references.json` entries, (e) never silently inherit version changes. Frameworks lag RFCs; RFCs lag attacker innovation — skills must track lag at every layer.
+    **Pinned ATLAS version: v5.4.0 (February 2026), Secure AI v2 layer (May 2026). Audit cadence: monthly** (ATLAS now ships monthly per CTID; the Secure AI v2 layered set and per-technique maturity classification are tracked separately in `data/atlas-ttps.json` via the `secure_ai_v2_layer` and `maturity` fields).
+    **Pinned ATT&CK version: v19.0 (April 2026). Audit cadence: semi-annual** (April and October releases). v19 split Defense Evasion (TA0005) into Stealth (TA0005) and Defense Impairment (TA0112) — affected entries in `data/attack-techniques.json` carry `tactic_moved_from` for traceability. v18 introduced Detection Strategies (DSxxxx) as first-class objects; record applicable strategy IDs on entries where canonical strategies exist.
+    The IETF RFC / Internet-Draft catalog lives at `data/rfc-references.json`; each entry tracks status, errata count, replaces / replaced-by, and `last_verified`.
 13. **Skill integrity verification** — Every skill in `manifest.json` carries an Ed25519 `signature` (base64) and a `signed_at` timestamp covering its `skill.md` content. `lib/verify.js` checks each signature against the public key at `keys/public.pem` before any skill is loaded by the orchestrator. Tampered or unsigned skills are rejected. The private key at `.keys/private.pem` is gitignored and never enters the repo. Run `node lib/verify.js` (or `npm run verify`) before shipping; sign new or changed skills with `npm run bootstrap` for first-run, or `node lib/sign.js sign-all` after content changes.
@@ -178,8 +184,8 @@ Right: "41% of 2025 zero-days were discovered by attackers using AI-assisted rev
 Wrong: adding a new CVE to `data/cve-catalog.json` without completing all required fields.
 Right: every new entry requires all fields defined in the CVE catalog schema. Partial entries fail the schema validation in `lib/scoring.js`.
-**DR-7: Stale ATLAS version**
-The current pinned version is MITRE ATLAS v5.1.0 (November 2025). When ATLAS updates: audit all TTP IDs for changes, bump `last_threat_review` in affected skills, update `_meta.atlas_version` in data files. Never silently upgrade.
+**DR-7: Stale ATLAS / ATT&CK version**
+Current pinned ATLAS version: **v5.4.0 (February 2026)** with the **CTID Secure AI v2 layer (May 2026)**. ATLAS audit cadence is **monthly** (CTID now ships monthly). Current pinned ATT&CK version: **v19.0 (April 2026)**, semi-annual cadence (April + October). When either source updates: audit all TTP IDs for changes (including v19's Defense Evasion → Stealth / Defense Impairment split), bump `last_threat_review` in affected skills, update `_meta` version fields in `data/atlas-ttps.json` and `data/attack-techniques.json`. Never silently upgrade.
 **DR-8: Missing zero-day learning loop**
 Wrong: adding a new entry to `data/cve-catalog.json` without running the learning loop.
@@ -291,7 +297,8 @@ Maintainers convert approved requests into skill files. The contributor is credi
 - [ ] All new CVEs have complete `data/cve-catalog.json` entries
 - [ ] All new CVEs have `data/zeroday-lessons.json` entries
 - [ ] All skill `data_deps` resolve to existing files
-- [ ] All ATLAS refs are valid v5.1.0 IDs (current pinned version)
+- [ ] All ATLAS refs are valid v5.4.0 IDs (current pinned version); Secure AI v2 layer flags + maturity present on AI-pipeline entries
+- [ ] All ATT&CK refs are valid v19.0 IDs (current pinned version); post-split tactics (Stealth / Defense Impairment) used where applicable
 - [ ] All framework control IDs resolve in `data/framework-control-gaps.json`
 - [ ] No skill body contains placeholder language (TODO, TBD, coming soon, placeholder)
 - [ ] No skill uses CVSS as sole risk metric
@@ -340,6 +347,7 @@ Maintainers convert approved requests into skill files. The contributor is credi
 | financial security, banking, dora, psd2 sca, swift cscf, nydfs, ffiec, mas trm, apra cps 234, tiber-eu, cbest | sector-financial |
 | federal cyber, fedramp, cmmc, eo 14028, nist 800-171, cui, fisma, m-22-09 zero trust, omb m-24-04, cisa bod/ed | sector-federal-government |
 | energy security, electric grid, nerc cip, tsa pipeline, awwa, nccs-g, aescsf, der security, inverter, smart meter | sector-energy |
+| telecom security, 5g core, salt typhoon, volt typhoon, gnb integrity, lawful intercept, calea, fcc cpni, gsma nesas, ss7, diameter, gtp, 3gpp ts 33.501, o-ran, n6 n9 isolation | sector-telecom |
 | api security, owasp api top 10, bola, bfla, mass assignment, api gateway, graphql, grpc, websocket, mcp transport | api-security |
 | cloud security, cspm, cwpp, cnapp, csa ccm, aws, azure, gcp, workload identity, cloud iam, multi-cloud | cloud-security |
 | container security, kubernetes, cis k8s, pod security standards, kyverno, gatekeeper, falco, tetragon, admission policy | container-runtime-security |

package/CHANGELOG.md CHANGED Viewed

@@ -1,5 +1,132 @@
 # Changelog
+## 0.12.26 — 2026-05-15
+**Patch: sector-telecom skill ships, with supporting framework-gap and ATLAS catalog scaffolding. Closes the cycle 8 LLL P1 finding that the unmodeled RWEP signal from Salt Typhoon-class campaigns was the highest gap in the catalog.**
+### New skill: `sector-telecom`
+Telecom and 5G security skill covering Salt Typhoon and Volt Typhoon TTPs, CALEA / IPA-LI gateway compromise, signaling-protocol abuse (SS7, Diameter, GTP), 5G N6 / N9 isolation, gNB / DU / CU integrity attestation, OEM-equipment supply-chain compromise, and AI-RAN / O-RAN security.
+The skill walks the seven-phase contract with telecom-specific jurisdictional clocks (FCC 47 CFR 64.2011 4-business-day rule, NIS2 Art. 23 24h initial, DORA Art. 19 4h for financial-touching incidents, UK TSA 2021 + Ofcom, AU SOCI / TSSR, JP MIC, IN CERT-In 6h, SG IMDA TCCSCoP, NZ TICSA, CA Bill C-26), evidence capture for LI provisioning audit logs / gNB firmware hashes / NMS access logs / signaling-flow statistics / cross-PLMN exchange patterns / eUICC SIM-swap events / 5GC slice-isolation tests / OEM remote-support tunnel inventory / NESAS deployment posture, and the standard analyze → validate → close phases against the new framework-gap entries.
+Compliance Theater Check enumerates seven posture-vs-actual tests specific to telecom: CPNI annual certification, GSMA NESAS deployment vs runtime, OEM firmware verification chain, 3GPP TR 33.926 deployment posture, ITU-T X.805 validation, signaling firewall PLMN-list refresh cadence, and LI-gateway MFA scope.
+Manifest skill count 38 → 39.
+### Catalog scaffolding to support the skill
+Nine telecom-specific framework-gap entries added to `data/framework-control-gaps.json` (totals 78 → 87 entries):
+- **FCC-CPNI-4.1** — 47 CFR 64.2009(e) CPNI annual certification + operational compliance, gap against Salt Typhoon LI-system vector
+- **FCC-Cyber-Incident-Notification-2024** — 47 CFR 64.2011 4-business-day rule, gap against LI-only compromise (no PII exfil) + signaling abuse + slow-roll campaign timing
+- **NIS2-Annex-I-Telecom** — telecom as essential entity, gap against LI-gateway access controls + OEM firmware attestation + AI-RAN coverage
+- **DORA-Art-21-Telecom-ICT** — ICT third-party risk through telecom services, gap against telecom-financial cadence misalignment + slice-isolation
+- **UK-CAF-B5** — resilient networks principle, gap against signaling-anomaly + gNB attestation + slice-isolation outcome tests
+- **AU-ISM-1556** — privileged-user MFA, gap against telecom NMS service accounts + LI-gateway operator credentials + OEM remote-support tunnels
+- **GSMA-NESAS-Deployment** — NESAS product-time vs operator-attested-runtime posture gap
+- **3GPP-TR-33.926** — SCAS submission-time test gap against post-deployment adversary-modified firmware + cross-spec N6/N9 isolation testing gap
+- **ITU-T-X.805** — 2003 reference architecture gap against modern Salt Typhoon / signaling abuse / slice-isolation threat models
+One ATLAS technique added to `data/atlas-ttps.json`:
+- **AML.T0040 Tool / Plugin Compromise** — anchors the AI-RAN xApp / rApp + MCP-class plugin attack class. Real-world instances: CVE-2026-30623 (Anthropic MCP SDK stdio command-injection), three Pwn2Own Berlin 2026 collisions (Viettel Claude Code, STARLabs LM Studio, Compass OpenAI Codex). `secure_ai_v2_layer: true`, `maturity: high`.
+Total ATLAS entries: 29 → 30.
+### RFC reverse-reference
+`data/rfc-references.json` RFC-9622 (TAPS Architecture) `skills_referencing` array gains `sector-telecom` (paired with the existing `webapp-security` reference) to satisfy the manifest forward-reference invariant.
+### AGENTS.md Quick Skill Reference
+Adds the `sector-telecom` row to the skill trigger table.
+Test count: 1051 pass (5 skipped). Predeploy gates: 14/14. Skills: 39/39 signed; manifest envelope signed.
+## 0.12.25 — 2026-05-15
+**Data-refresh release: catalog freshness, Hard Rule #7 AI-discovery posture, ATLAS v5.4 + ATT&CK v19 standards bumps, Pwn2Own Berlin 2026 forward-watch, NGINX Rift, framework deltas (PCI 4.0.1 / HIPAA 2026 NPRM / EU AI Act ITS / DORA RTS).**
+### CVE catalog adds (20)
+Twenty CVE entries added with paired `data/exploit-availability.json` records, all marked `_draft: true` + `_auto_imported: true` for editorial review:
+- **NGINX Rift CVE-2026-42945** — heap buffer overflow in `ngx_http_rewrite_module` (18-year-old code), CVSS 9.2 v4, unauthenticated RCE, AI-discovered by depthfirst autonomous analysis platform. Disclosed 2026-05-13; patches in nginx 1.30.1 / 1.31.0 / Plus R32 P6 / R36 P4. Public PoC. Live-patch workaround: replace unnamed PCRE captures (`$1`-`$9`) with named captures in rewrite directives. KEV-watch entry queued.
+- **LiteLLM CVE-2026-30623** — Anthropic MCP SDK stdio command-injection (April 2026 advisory). Patches in LiteLLM proxy + downstream consumers.
+- **CVE-2026-20182 Cisco SD-WAN** — auth-bypass → admin (CISA KEV-listed 2026-05-14).
+- **CVE-2024-21626 Leaky Vessels (runc)** — `/proc/self/fd` container escape. KEV-listed.
+- **CVE-2024-3094 xz-utils / liblzma backdoor** — supply-chain trust-anchor compromise. KEV-listed.
+- **CVE-2024-3154 CRI-O kernel-module load** on container creation.
+- **CVE-2024-40635 containerd** — integer overflow → IP mask leak.
+- **CVE-2023-43472 MLflow** — path-traversal arbitrary file read.
+- **CVE-2020-10148 SolarWinds Orion / SUNBURST** — auth-bypass primary supply-chain compromise.
+- **CVE-2023-3519 Citrix NetScaler** — unauthenticated RCE. KEV-listed.
+- **CVE-2024-1709 ConnectWise ScreenConnect** — auth-bypass. KEV-listed.
+- **CVE-2025-12686 Synology BeeStation** — unauth RCE (Pwn2Own Ireland 2025).
+- **CVE-2025-62847 / CVE-2025-62848 / CVE-2025-62849 QNAP QTS/QuTS hero** — Pwn2Own Ireland 2025 chain (three separate entries, all patched).
+- **CVE-2025-59389 QNAP Hyper Data Protector** — critical RCE (Summoning Team / Sina Kheirkhah at Pwn2Own Ireland 2025).
+- **CVE-2025-11837 QNAP Malware Remover** — code-injection in a security tool (high theater-detection value: a security product is itself the attack surface).
+- **MAL-2026-TANSTACK-MINI Mini Shai-Hulud** — TeamPCP-attributed worm chain (TanStack + node-ipc + Mistral AI + UiPath + Guardrails AI, May 2026).
+- **MAL-2026-ANTHROPIC-MCP-STDIO** — STDIO command-injection class disclosed by Ox Security spanning 30+ MCP servers.
+- **CVE-2026-GTIG-AI-2FA placeholder** — Google GTIG first documented AI-built in-the-wild zero-day exploit (May 2026), semantic-logic 2FA bypass.
+### Hard Rule #7 — AI-discovery posture
+- **AI-discovery rate raised from 10% → 33%** by promoting `ai_discovered: true` on Copy Fail (CVE-2026-31431, already true), NGINX Rift, and the GTIG zero-day; tracks toward the 41% reference rate cited in AGENTS.md. Catalog entries with speculative AI attribution (Fragnesia, Dirty Frag pair) explicitly classified as `human_researcher` with `ai_discovery_notes` recording the rationale.
+- **`zeroday-lessons.json` schema additions** — `ai_discovered_zeroday` (bool), `ai_discovery_source` (enum: vendor_research / bug_bounty_ai_augmented / academic_ai_fuzzing / threat_actor_ai_built / human_researcher / unknown), `ai_discovery_date` (ISO), `ai_assist_factor` (low/moderate/high/very_high). All 10 existing entries backfilled with the new fields.
+- **`exploit-availability.json` `ai_assist_factor` ladder** backfilled across all entries with the same enum.
+- **`cve-catalog.json` schema tightened** — `ai_discovered` is boolean-only (was `["boolean", "string"]`; RWEP scoring treated truthy strings as positive, masking malformed entries). `ai_assisted_weaponization` is now required (paired with `ai_discovered`). New optional `ai_discovery_source` / `ai_discovery_date` / `ai_discovery_notes` fields.
+- **CVE-2025-53773 cross-file consistency** reconciled — `ai_assisted_weaponization: true` (cve-catalog) vs `ai_discovery_confirmed: false` + `ai_tool_enabled: true` (exploit-availability) is a real semantic distinction (development-time AI assistance vs discovery-time AI involvement vs tool-aided exploitation); both files now carry `ai_discovery_source: "unknown"` + a clarifying `ai_discovery_notes` block.
+- **GTIG canonical case** (first AI-built ITW zero-day, 2026-05-11) + **NGINX Rift AI-discovery anchor** added to seven AI-class skills (ai-attack-surface, ai-risk-management, zeroday-gap-learn, exploit-scoring, ai-c2-detection, mcp-agent-trust, rag-pipeline-security). The skills now reference the 41% AI-discovery rate explicitly per Hard Rule #7 vocabulary.
+- **CTID Secure AI v2 (2026-05-06)** references added to the same five AI-class skills.
+### Standards version bumps
+- **ATLAS v5.1.0 → v5.4.0** + CTID Secure AI v2 layer (May 2026). `data/atlas-ttps.json` entry count 15 → 29. Existing entries gain `secure_ai_v2_layer` + `maturity` fields per CTID's classification. New AI-attack techniques: AML.T0097-T0108 plus sub-techniques.
+- **MITRE ATT&CK v17 → v19.0**. `data/attack-techniques.json` entry count 79 → 91. Defense Evasion (TA0005) split into Stealth (TA0005, retained for non-impair techniques) + Defense Impairment (TA0112). `T1562.001`, `T1562.006`, `T1027` carry a `tactic_moved_from` annotation. Detection Strategies (DSxxxx — v18 first-class addition) populated on every technique cited by skills.
+- **AGENTS.md Hard Rule #12 + DR-7 + Pre-Ship Checklist** split into separate ATLAS-monthly and ATT&CK-semi-annual cadence pins (cycle 7 LLL recommendation; ATLAS now ships monthly per CTID, ATT&CK ships twice yearly).
+- **15 skills' `last_threat_review` dates bumped to 2026-05-15** where ATLAS / ATT&CK refs changed.
+### Framework deltas
+- **PCI DSS 4.0.1** (active 2025-03-31): four control-gap entries added (Req 6.4.3 payment-page scripts, Req 11.6.1 change/tamper detection, Req 12.3.3 cipher-suite inventory, Req 12.10.7 PAN-exposure escalation).
+- **HIPAA Security Rule 2026 NPRM** (HHS-OCR-0945-AA82): four entries covering proposed 164.308 / 164.310 / 164.312 / 164.314 amendments. Marked "Final rule pending Q3 2026" — citations refresh on next release.
+- **EU AI Act implementing standards**: four entries for Art. 53 GPAI provider obligations, Art. 55 systemic-risk, Annex IX conformity assessment, GPAI Code of Practice (signed Feb 2026; full application 2026-08-02).
+- **DORA RTS/ITS**: four entries for subcontracting RTS (EU 2025/420, active 2026-01-17), threat-led-pen-test ITS (active 2026-Q3), incident-classification thresholds RTS, and critical-third-party-provider oversight implementing acts.
+- **`data/global-frameworks.json`** `EU.frameworks.DORA` and `EU.frameworks.EU_AI_ACT` refreshed with 2026 implementing-measures blocks + expanded `framework_gaps` + `ai_coverage` + `theater_risk` fields.
+### RFC + ATLAS orphans
+- **7 RFC orphans added** to `data/rfc-references.json`: RFC 7644 (SCIM 2.0), RFC 8460 (SMTP-TLS-RPT), RFC 8617 (ARC), RFC 8705 (mTLS OAuth), RFC 9112 (HTTP/1.1 revised), RFC 9449 (DPoP), RFC 9622 (TAPS Architecture). Each cited by ≥1 shipped skill (Hard Rule #4 closure).
+- **1 ATLAS orphan**: AML.T0001 (Victim Research / Reconnaissance) — referenced by `defensive-countermeasure-mapping` skill but not in `data/atlas-ttps.json` pre-v0.12.25.
+### Pwn2Own Berlin 2026 forward-watch
+Fifteen forward-watch entries placed across nine skills' `forward_watch:` frontmatter arrays (no aggregate `data/forward-watch.json` exists; project tracks in skill frontmatter only):
+- **NGINX Rift CVE-2026-42945** — KEV-listing prediction window 14 days from disclosure (2026-05-27 estimated)
+- **LiteLLM** 3-bug chain (k3vg3n) + full SSRF + Code Injection (Out Of Bounds) — embargo ends 2026-08-12
+- **LM Studio** 5-bug chain (STARLabs SG)
+- **OpenAI Codex** CWE-150 improper neutralization (Compass Security)
+- **Chroma vector DB** CWE-190 + CWE-362 chain
+- **NVIDIA Megatron Bridge** ×2 (overly-permissive allowed list + path traversal)
+- **NV Container Toolkit** container escape ($50K, chompie/IBM X-Force XOR)
+- **Windows 11 LPE ×3** (DEVCORE Improper Access Control, Marcin Wiązowski heap overflow, Kentaro Kawane GMO double Use-After-Free)
+- **RHEL race-condition LPE** (chompie/IBM X-Force XOR)
+- **Claude Code MCP collision** (Viettel Cyber Security — scored as collision, indicating a public MCP-class CVE is in flight)
+- **Microsoft Edge** 4-bug sandbox escape (Orange Tsai/DEVCORE) — out-of-current-playbook scope, tracked for completeness
+### Catalog scoring
+- **RWEP scoring divergence on 10 new entries reconciled** with `scoreCustom()` formula. Pre-correction the stored scores diverged by 10-38 points from the formula (most extreme: NGINX Rift stored 78, formula 40 — patch + live-patch availability + zero observed exploitation walks the score down despite the AI-discovery bonus). All entries now within ±5 of formula.
+### Deferred to v0.12.26
+- **`sector-telecom` skill** — drafted (370 LOC, Salt Typhoon / Volt Typhoon / 5G core / lawful-intercept abuse / signaling-protocol attacks / OEM supply chain) but the body lint surfaced 13 issues (3 missing required sections, atlas_refs and framework_gaps referencing entries not yet in catalog, placeholder language). Folding into v0.12.26 with the proper catalog scaffolding rather than rushing a half-complete skill.
+Test count: 1051 pass (5 skipped). Predeploy gates: 14/14. Skills: 38/38 signed; manifest envelope signed.
 ## 0.12.24 — 2026-05-15
 **Patch: security defenses, exit-code centralisation, bundle correctness, air-gap honesty, cache integrity, error-message UX, test-infra hardening, doc reconciliation.**

package/data/_indexes/_meta.json CHANGED Viewed

@@ -1,89 +1,90 @@
 {
   "schema_version": "1.1.0",
-  "generated_at": "2026-05-15T18:45:49.423Z",
+  "generated_at": "2026-05-15T22:17:17.497Z",
   "generator": "scripts/build-indexes.js",
-  "source_count": 50,
+  "source_count": 51,
   "source_hashes": {
-    "manifest.json": "557bf7b459de4fb6af3d0bbad86626bf76581f44e31c30e240682ca87dbb9f69",
-    "data/atlas-ttps.json": "20339e0ae3cd89c06f1385be31c50f408f827edc2e8ab8aef026ade3bcf0a917",
-    "data/attack-techniques.json": "6db08a8e8a4d03d9309b1d185112de7f3c9595d2cd3d24566b7ce0b3b8aa5d1a",
-    "data/cve-catalog.json": "7936ba3c8f27156235bf327830e8f1a684658865e97f089aed98b2a7cdbb88ef",
+    "manifest.json": "492f8548ab8dc7d8edba1666d07c401d77e9459e356e3c30283888c73be6f005",
+    "data/atlas-ttps.json": "db52a797f6ba7c9a61fd7b1225ebbc268ddf21abe29a106c4246c2ed2e617b86",
+    "data/attack-techniques.json": "6b45448aa42cc6664376c93da73356624708e935c12589ee8c776a10215bce3a",
+    "data/cve-catalog.json": "a2acad16f5e3856b07019fa00110e9dcb38ec5cc71b318d0e164bfcba7f4f644",
     "data/cwe-catalog.json": "19893d2a7139d86ff3fcf296b0e6cda10e357727a1d1ffb56af282104e99157a",
     "data/d3fend-catalog.json": "d219520c8d3eb61a270b25ea60f64721035e98a8d5d51d1a4e1f1140d9a586f9",
     "data/dlp-controls.json": "8ea8d907aea0a2cfd772b048a62122a322ba3284a5c36a272ad5e9d392564cb5",
-    "data/exploit-availability.json": "4875c20756731f5608efd76c591a47794a97d4528ad8a903f0925aa92d26d08a",
-    "data/framework-control-gaps.json": "182417e662e36cd75a4c74f91c650131b58067fc412878094ff71eff3c1053cb",
-    "data/global-frameworks.json": "84fd19061f052e4ccf66308a7b8d3fd38e00325e97e9e5e19e4d9b302c128957",
-    "data/rfc-references.json": "c0b684e586269bdb6864c55ae0e802742c6c103e81c7fff1613796bd460e727b",
-    "data/zeroday-lessons.json": "3925954a2abae0e7331b17690839d230041e9dc0c1efb14770e3fc0e3b0ce00b",
-    "skills/kernel-lpe-triage/skill.md": "dd0a10ef35ba63bbf1ce7e4c1c41c97ab7d6ac00c0c862907bf67fc54989a00c",
-    "skills/ai-attack-surface/skill.md": "922a36632ebb6026c97369168046972f9cd6e634c09fcb97facc830bebe25558",
-    "skills/mcp-agent-trust/skill.md": "c604074050a75c401d50d2d495129022ab4bd2fd5c1ca66bb648c26bc9bde301",
+    "data/exploit-availability.json": "a9eeda95d24b56c28a0d0178fc601b531653e2ba7dc857160b35ad23ad6c7471",
+    "data/framework-control-gaps.json": "e87790cae8839dc5d73632d7d875d12cffa2ad741a9002ec7851e1ae04df54c4",
+    "data/global-frameworks.json": "0168825497e03f079274c9da2e5529310a2ba5bd7c7da7c93acd0b66ed845b8a",
+    "data/rfc-references.json": "863f1ad7a36c020d11eb7bffea49ca1df89b10d43f3986118cdc5a5712308115",
+    "data/zeroday-lessons.json": "d960e5f8ca7a83c10194cd60207e13046a7eee1b8793e2f3de79475db283f800",
+    "skills/kernel-lpe-triage/skill.md": "8e94bfd38d6db47342fbbe95a0c8df8f7c38743982c13e9de6a1c59cd3783d33",
+    "skills/ai-attack-surface/skill.md": "13e543fc92b9b27cdb647dce96a9eeb44919e0fa92ec41e8265a9981a23e7b79",
+    "skills/mcp-agent-trust/skill.md": "3cec1dce668deec44cb7330e165e89cee8379dd90833519004d566baf72c038c",
     "skills/framework-gap-analysis/skill.md": "573a097ceb4c952fe7ab3db765c942d06cc8e90f7cda3c42928db35cdcd7cf7b",
     "skills/compliance-theater/skill.md": "367cde42553dfb59b0cb6e8afb6e88be28ec0ab73682ea3a9d397ca0068753bc",
-    "skills/exploit-scoring/skill.md": "25e47862de36e0c832b68c4deaac3ef01bbaf34e190790e6bc30e0a02f32d1f9",
-    "skills/rag-pipeline-security/skill.md": "78f00a39e66f08da2894e28eeedb32137295ca019eba7110ab28282d613a97eb",
-    "skills/ai-c2-detection/skill.md": "095cab9daa072bfabc87152aea1b61ccd6da8f531753b05c181629f04014b5ca",
+    "skills/exploit-scoring/skill.md": "4213724d59d33d8fe768b3ce58edc3aed25c0f06031183542937a14d538ea94d",
+    "skills/rag-pipeline-security/skill.md": "fc027d5e101a9934b402ed4086b9cbb8b2ee6b86f00e1feb54fe15a2018d89fc",
+    "skills/ai-c2-detection/skill.md": "cdfbc086ed2b755a9d3170d66d0c33519478b693fb59944ac95a1749beb5c810",
     "skills/policy-exception-gen/skill.md": "79db45ba722a6dd9bba25bf84e0b52cf659b56b662193cef80a8273337e41df9",
-    "skills/threat-model-currency/skill.md": "4badf98c3d8ca5f5c9854cbb25ed994491c39a88ff1aa354b72c50e59a7d3261",
+    "skills/threat-model-currency/skill.md": "d1cf822c1e8a81466dc49e81b19f42d863c82bd8f8c878215a738e6ae9112fc5",
     "skills/global-grc/skill.md": "e0487de49679172347653d8c191d1f269193de6f444f6b0c6396d326e45bd72e",
-    "skills/zeroday-gap-learn/skill.md": "086df0fe792c80ca864da6917958bf3df7be5ba02df1c5894972a69353306ee6",
+    "skills/zeroday-gap-learn/skill.md": "5caa007d8c95f49ded22db581fd447f735c713b60866d18f5371457b0a60778b",
     "skills/pqc-first/skill.md": "a5eb776e1ea3bb422a4c18a3bdf39ad2ec1651b3c25e65c89428ba319141b275",
-    "skills/skill-update-loop/skill.md": "95268eb083a22b164661c14db401f5c57995fdd1ca86b35fb399b0c8419c4273",
+    "skills/skill-update-loop/skill.md": "48617511ee8efdb257e9caee543009150f0638380ad92882b62021c7eb2f9d16",
     "skills/security-maturity-tiers/skill.md": "817f0bca44297d03fb206c446fbf3f93aa3a64c309d6ef5efd046e6e47874030",
     "skills/researcher/skill.md": "51d03d9eaea52d2bbbdd67709035db494d44819ce58931ca025cab3025c9fad7",
-    "skills/attack-surface-pentest/skill.md": "8d404f6662d9bc3765d716ec7b38e302f17574a2267245fd68eeedfdbf212f42",
+    "skills/attack-surface-pentest/skill.md": "3c42af04a5db79ce10c952f4bc7c9216116e77d38e6d57feb1f1c13678c94e53",
     "skills/fuzz-testing-strategy/skill.md": "83b1929a0d1e09a58908b91125ebc91ff14323ab9acc9bab6c4b04903b69b837",
-    "skills/dlp-gap-analysis/skill.md": "11a299cdcf8902e22b8662e55369da9d8b5ae804edf237412df0ddbe684a04d0",
-    "skills/supply-chain-integrity/skill.md": "32c8c31b07caedf6146ab548a67a25408d9ae6ca1365edc6703782a3265de108",
+    "skills/dlp-gap-analysis/skill.md": "eed1a5de55a9200e6f5c8ac49b0240b54d30b895ce40ccce9d286f5d9b40f664",
+    "skills/supply-chain-integrity/skill.md": "2f9bc5d5f0b70bf468d02a71ced718b50196e6139dfb1424d31cbe017d422027",
     "skills/defensive-countermeasure-mapping/skill.md": "e62c71ba3be2b4d0f7dfa529fec007cba6bee3013f76b93756e3e6310f2d22ab",
     "skills/identity-assurance/skill.md": "6fd734d5cf8eed031537c9ccb1ad11c09ec4e88d31c45d86046a2154a6770990",
     "skills/ot-ics-security/skill.md": "d239ed497816e00ad14568e9fcca68ffdc7cb0c2a2cbd4960b35fab2065cce31",
     "skills/coordinated-vuln-disclosure/skill.md": "c96fd2254abf8a29819f8175da85094bea1afe589fecc92abcf1289b30895030",
     "skills/threat-modeling-methodology/skill.md": "d57d1acc46851d4f1580858c60a90cc20732ca8a5a46da2c50e71c9bdf4cc0b4",
-    "skills/webapp-security/skill.md": "407bd726f7d4e2c21825b4caa5ab489cfc8b56ebab5b90071ea944c6ed0350c5",
-    "skills/ai-risk-management/skill.md": "4c46cce244bf22cf3814fcd8836da3725bc0c44f573846e49039827045096340",
+    "skills/webapp-security/skill.md": "69b16f51ce79cbebd15120d6a0de1c116439bc4739c7dcaa0ecd451614038ad5",
+    "skills/ai-risk-management/skill.md": "10d31ca594449e1fef4c34ea45448ab30a6ffdc2fe1faf4ccaf0a1dd05d67774",
     "skills/sector-healthcare/skill.md": "97b4486419ab4480266bf2e938564d52bb1cdd70faae09697f695772adf02029",
-    "skills/sector-financial/skill.md": "db728a79cbd2ad149c45b34c0466452df7f4321ca968595042323b23ef7649f4",
+    "skills/sector-financial/skill.md": "eec3ce95f36a0f70532aac2f658ad6fb350233dd49c7d95da91144e6c4c4d16c",
     "skills/sector-federal-government/skill.md": "48c3c019502c8b758598331dbad8a9b121f8dd3dc6fc68bfaf506eba7e3843e5",
     "skills/sector-energy/skill.md": "875799aa2ad88744b646583fef0a3399abd42a979541dc99bf39825a5ef48ce9",
-    "skills/api-security/skill.md": "3ee3edd244a9240e42138edbec339ca28e01a662dfb83317af2d758ce355fb7a",
+    "skills/sector-telecom/skill.md": "3489410b0905cbf6b392ea7f7cde35ccd4b03de0d22d2d1b0c671e46d70962c9",
+    "skills/api-security/skill.md": "302f7f6a071b856cc55a4cb5f0bc3f8566e31b5ebca58ca3bd78a91d4b6665ca",
     "skills/cloud-security/skill.md": "e0574c153aefbb0fc4581c78bc2d708ab7c49d6b5a45a985e51967b8ea740eb9",
-    "skills/container-runtime-security/skill.md": "921a7ac163e04fe8415986b0f54c1b3c8c4656576d72ccb6665dff3869c63003",
-    "skills/mlops-security/skill.md": "e3bb447033ec94b5ddc621e4b3c3ca7e971cde51584ab9653fb121a899a0eb81",
-    "skills/incident-response-playbook/skill.md": "c1033410b479f33a7a0e60a75ad02965fb70ba88f57203fa36e9c2418789e098",
+    "skills/container-runtime-security/skill.md": "f06260f0c468d6a4f0409294899017edab45c98d71db1fedd7a630fe6a7bf53a",
+    "skills/mlops-security/skill.md": "e6a296fc67724aa3b026c0039f44867b44cf0926eade4fe616bfd0a4c77310bf",
+    "skills/incident-response-playbook/skill.md": "8ef7ce1246dc1329b6df3cc9de8d79d35e2c02c703dcef20f35b312b1c24fd52",
     "skills/email-security-anti-phishing/skill.md": "b5a7693b3ddbd6cd83303d092bc5e324db431245d25c4945d9f65fcffa1995e7",
     "skills/age-gates-child-safety/skill.md": "c741d7dca9da0abb09bdebb8a02e803ce4ae9fb9a6904fb8df3ec19cae83917d"
   },
-  "skill_count": 38,
+  "skill_count": 39,
   "catalog_count": 11,
   "index_stats": {
     "xref_entries": {
       "cwe_refs": 34,
       "d3fend_refs": 20,
-      "framework_gaps": 49,
-      "atlas_refs": 9,
-      "attack_refs": 30,
-      "rfc_refs": 19,
+      "framework_gaps": 58,
+      "atlas_refs": 10,
+      "attack_refs": 32,
+      "rfc_refs": 20,
       "dlp_refs": 0
     },
-    "trigger_table_entries": 453,
-    "chains_cve_entries": 9,
+    "trigger_table_entries": 475,
+    "chains_cve_entries": 27,
     "chains_cwe_entries": 55,
     "jurisdictions_indexed": 29,
-    "handoff_dag_nodes": 38,
-    "summary_cards": 38,
-    "section_offsets_skills": 38,
-    "token_budget_total_approx": 355238,
+    "handoff_dag_nodes": 39,
+    "summary_cards": 39,
+    "section_offsets_skills": 39,
+    "token_budget_total_approx": 362735,
     "recipes": 8,
     "jurisdiction_clocks": 29,
     "did_ladders": 8,
     "theater_fingerprints": 7,
     "currency_action_required": 0,
     "frequency_fields": 7,
-    "activity_feed_events": 50,
+    "activity_feed_events": 51,
     "catalog_summaries": 11,
-    "stale_content_findings": 1
+    "stale_content_findings": 3
   },
   "invalidation_note": "If any source file in source_hashes has a different SHA-256 than recorded here, the indexes are stale. Re-run `npm run build-indexes`."
 }

package/data/_indexes/activity-feed.json CHANGED Viewed

@@ -2,24 +2,71 @@
   "_meta": {
     "schema_version": "1.0.0",
     "note": "Per-artifact 'last changed' feed sorted descending by date. Skill events from manifest.last_threat_review; catalog events from data/<catalog>.json _meta.last_updated.",
-    "event_count": 50
+    "event_count": 51
   },
   "events": [
     {
-      "date": "2026-05-13",
+      "date": "2026-05-15",
+      "type": "skill_review",
+      "artifact": "sector-telecom",
+      "path": "skills/sector-telecom/skill.md",
+      "note": "Telecom and 5G security for mid-2026 — Salt Typhoon, Volt Typhoon, CALEA / IPA-LI gateway compromise, signaling-protocol abuse (SS7 / Diameter / GTP), 5G N6 / N9 isolation, gNB / DU / CU integrity, OEM-equipment supply-chain compromise, AI-RAN / O-RAN security"
+    },
+    {
+      "date": "2026-05-15",
       "type": "catalog_update",
       "artifact": "data/atlas-ttps.json",
       "path": "data/atlas-ttps.json",
       "schema_version": "1.0.0",
-      "entry_count": 15
+      "entry_count": 30
     },
     {
-      "date": "2026-05-13",
+      "date": "2026-05-15",
       "type": "catalog_update",
       "artifact": "data/attack-techniques.json",
       "path": "data/attack-techniques.json",
       "schema_version": "1.0.0",
-      "entry_count": 79
+      "entry_count": 91
+    },
+    {
+      "date": "2026-05-15",
+      "type": "catalog_update",
+      "artifact": "data/exploit-availability.json",
+      "path": "data/exploit-availability.json",
+      "schema_version": "1.1.0",
+      "entry_count": 30
+    },
+    {
+      "date": "2026-05-15",
+      "type": "catalog_update",
+      "artifact": "data/framework-control-gaps.json",
+      "path": "data/framework-control-gaps.json",
+      "schema_version": "1.0.0",
+      "entry_count": 87
+    },
+    {
+      "date": "2026-05-15",
+      "type": "catalog_update",
+      "artifact": "data/global-frameworks.json",
+      "path": "data/global-frameworks.json",
+      "schema_version": "1.3.0",
+      "entry_count": 35
+    },
+    {
+      "date": "2026-05-15",
+      "type": "catalog_update",
+      "artifact": "data/rfc-references.json",
+      "path": "data/rfc-references.json",
+      "schema_version": "1.0.0",
+      "entry_count": 38
+    },
+    {
+      "date": "2026-05-15",
+      "type": "catalog_update",
+      "artifact": "data/zeroday-lessons.json",
+      "path": "data/zeroday-lessons.json",
+      "schema_version": "1.1.0",
+      "entry_count": 15
     },
     {
       "date": "2026-05-13",
@@ -27,7 +74,7 @@
       "artifact": "data/cve-catalog.json",
       "path": "data/cve-catalog.json",
       "schema_version": "1.0.0",
-      "entry_count": 10
+      "entry_count": 30
     },
     {
       "date": "2026-05-13",
@@ -45,14 +92,6 @@
       "schema_version": "1.0.0",
       "entry_count": 28
     },
-    {
-      "date": "2026-05-13",
-      "type": "catalog_update",
-      "artifact": "data/zeroday-lessons.json",
-      "path": "data/zeroday-lessons.json",
-      "schema_version": "1.0.0",
-      "entry_count": 10
-    },
     {
       "date": "2026-05-11",
       "type": "skill_review",
@@ -222,22 +261,6 @@
       "schema_version": "1.0.0",
       "entry_count": 22
     },
-    {
-      "date": "2026-05-11",
-      "type": "catalog_update",
-      "artifact": "data/global-frameworks.json",
-      "path": "data/global-frameworks.json",
-      "schema_version": "1.3.0",
-      "entry_count": 35
-    },
-    {
-      "date": "2026-05-11",
-      "type": "catalog_update",
-      "artifact": "data/rfc-references.json",
-      "path": "data/rfc-references.json",
-      "schema_version": "1.0.0",
-      "entry_count": 31
-    },
     {
       "date": "2026-05-01",
       "type": "skill_review",
@@ -343,28 +366,12 @@
       "path": "skills/security-maturity-tiers/skill.md",
       "note": "Three-tier implementation roadmap — MVP (ship this week), Practical (scalable today), Overkill (defense-in-depth)"
     },
-    {
-      "date": "2026-05-01",
-      "type": "catalog_update",
-      "artifact": "data/exploit-availability.json",
-      "path": "data/exploit-availability.json",
-      "schema_version": "1.0.0",
-      "entry_count": 10
-    },
-    {
-      "date": "2026-05-01",
-      "type": "catalog_update",
-      "artifact": "data/framework-control-gaps.json",
-      "path": "data/framework-control-gaps.json",
-      "schema_version": "1.0.0",
-      "entry_count": 62
-    },
     {
       "date": "2026-05-01",
       "type": "manifest_review",
       "artifact": "manifest.json",
       "path": "manifest.json",
-      "note": "manifest threat_review_date — 38 skills, 11 catalogs"
+      "note": "manifest threat_review_date — 39 skills, 11 catalogs"
     }
   ]
 }

package/data/_indexes/catalog-summaries.json CHANGED Viewed

@@ -9,7 +9,7 @@
       "path": "data/atlas-ttps.json",
       "purpose": "MITRE ATLAS TTPs (AML.T0xxx) cited by skills, with tactic, name, description. Pinned to ATLAS v5.1.0 (November 2025).",
       "schema_version": "1.0.0",
-      "last_updated": "2026-05-13",
+      "last_updated": "2026-05-15",
       "tlp": "CLEAR",
       "source_confidence_default": "A1",
       "freshness_policy": {
@@ -18,29 +18,29 @@
         "rebuild_after_days": 365,
         "note": "Per-entry last_verified governs decay. Skills depending on this catalog must check entry freshness before high-stakes use."
       },
-      "entry_count": 15,
+      "entry_count": 30,
       "sample_keys": [
+        "AML.T0001",
+        "AML.T0040",
         "AML.T0010",
         "AML.T0016",
-        "AML.T0017",
-        "AML.T0018",
-        "AML.T0020"
+        "AML.T0017"
       ]
     },
     "attack-techniques.json": {
       "path": "data/attack-techniques.json",
       "purpose": null,
       "schema_version": "1.0.0",
-      "last_updated": "2026-05-13",
+      "last_updated": "2026-05-15",
       "tlp": "CLEAR",
       "source_confidence_default": "A1",
       "freshness_policy": {
         "default_review_cadence_days": 90,
         "stale_after_days": 180,
         "rebuild_after_days": 365,
-        "note": "Catalog must be rebuilt against the upstream ATT&CK release whenever MITRE publishes a new version. AGENTS.md hard rule #8 requires the bump to be intentional, not silent."
+        "note": "Catalog must be rebuilt against the upstream ATT&CK release whenever MITRE publishes a new version. AGENTS.md external-data version-pinning rule requires the bump to be intentional, not silent. ATT&CK ships semi-annually (April + October); audit on each release for tactic moves, technique splits, and new Detection Strategies."
       },
-      "entry_count": 79,
+      "entry_count": 91,
       "sample_keys": [
         "T0001",
         "T0017",
@@ -62,7 +62,7 @@
         "rebuild_after_days": 365,
         "note": "Per-entry last_verified governs decay. Skills depending on this catalog must check entry freshness before high-stakes use."
       },
-      "entry_count": 10,
+      "entry_count": 30,
       "sample_keys": [
         "CVE-2025-53773",
         "CVE-2026-30615",
@@ -140,8 +140,8 @@
     "exploit-availability.json": {
       "path": "data/exploit-availability.json",
       "purpose": "Per-CVE exploit availability: PoC public status, weaponization signal, AI-assist status, blast-radius. Project-curated (B2 Admiralty confidence) with source citations.",
-      "schema_version": "1.0.0",
-      "last_updated": "2026-05-01",
+      "schema_version": "1.1.0",
+      "last_updated": "2026-05-15",
       "tlp": "CLEAR",
       "source_confidence_default": "B2",
       "freshness_policy": {
@@ -150,7 +150,7 @@
         "rebuild_after_days": 365,
         "note": "Per-entry last_verified governs decay. Skills depending on this catalog must check entry freshness before high-stakes use."
       },
-      "entry_count": 10,
+      "entry_count": 30,
       "sample_keys": [
         "CVE-2025-53773",
         "CVE-2026-30615",
@@ -163,7 +163,7 @@
       "path": "data/framework-control-gaps.json",
       "purpose": "Per-control framework gap declarations: SI-2, A.8.8, PCI 6.3.3, etc. Each entry names the control, the lag, the evidence CVE, and remediation guidance.",
       "schema_version": "1.0.0",
-      "last_updated": "2026-05-01",
+      "last_updated": "2026-05-15",
       "tlp": "CLEAR",
       "source_confidence_default": "A1",
       "freshness_policy": {
@@ -172,7 +172,7 @@
         "rebuild_after_days": 365,
         "note": "Per-entry last_verified governs decay. Skills depending on this catalog must check entry freshness before high-stakes use."
       },
-      "entry_count": 62,
+      "entry_count": 87,
       "sample_keys": [
         "ALL-AI-PIPELINE-INTEGRITY",
         "ALL-MCP-TOOL-TRUST",
@@ -185,7 +185,7 @@
       "path": "data/global-frameworks.json",
       "purpose": "Multi-jurisdiction framework registry: 34 jurisdictions × applicable frameworks × patch_sla / notification_sla / critical_controls / framework_gaps. Cross-cutting authority for jurisdiction-clocks index.",
       "schema_version": "1.3.0",
-      "last_updated": "2026-05-11",
+      "last_updated": "2026-05-15",
       "tlp": "CLEAR",
       "source_confidence_default": "A1",
       "freshness_policy": {
@@ -207,7 +207,7 @@
       "path": "data/rfc-references.json",
       "purpose": "IETF RFCs + active Internet-Drafts cited by skills (TLS, IPsec, PQ crypto migration, HTTP/3, CT). Cross-validated against IETF Datatracker via validate-rfcs.",
       "schema_version": "1.0.0",
-      "last_updated": "2026-05-11",
+      "last_updated": "2026-05-15",
       "tlp": "CLEAR",
       "source_confidence_default": "A1",
       "freshness_policy": {
@@ -216,7 +216,7 @@
         "rebuild_after_days": 365,
         "note": "Per-entry last_verified governs decay. Skills depending on this catalog must check entry freshness before high-stakes use."
       },
-      "entry_count": 31,
+      "entry_count": 38,
       "sample_keys": [
         "RFC-4301",
         "RFC-4303",
@@ -228,8 +228,8 @@
     "zeroday-lessons.json": {
       "path": "data/zeroday-lessons.json",
       "purpose": "Distilled lessons from notable zero-days and campaigns (SesameOp, Copy Fail, Dirty Frag, Copilot RCE, Windsurf MCP). Each entry: technique, distinguishing characteristic, what it means for the framework lag.",
-      "schema_version": "1.0.0",
-      "last_updated": "2026-05-13",
+      "schema_version": "1.1.0",
+      "last_updated": "2026-05-15",
       "tlp": "CLEAR",
       "source_confidence_default": "B2",
       "freshness_policy": {
@@ -238,7 +238,7 @@
         "rebuild_after_days": 365,
         "note": "Per-entry last_verified governs decay. Skills depending on this catalog must check entry freshness before high-stakes use."
       },
-      "entry_count": 10,
+      "entry_count": 15,
       "sample_keys": [
         "CVE-2026-31431",
         "CVE-2025-53773",