@blamejs/exceptd-skills 0.12.24 → 0.12.26
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/AGENTS.md +12 -4
- package/CHANGELOG.md +127 -0
- package/data/_indexes/_meta.json +44 -43
- package/data/_indexes/activity-feed.json +54 -47
- package/data/_indexes/catalog-summaries.json +20 -20
- package/data/_indexes/chains.json +561 -6
- package/data/_indexes/currency.json +19 -10
- package/data/_indexes/frequency.json +207 -55
- package/data/_indexes/handoff-dag.json +4 -0
- package/data/_indexes/jurisdiction-clocks.json +2 -2
- package/data/_indexes/jurisdiction-map.json +25 -12
- package/data/_indexes/section-offsets.json +490 -396
- package/data/_indexes/stale-content.json +14 -2
- package/data/_indexes/summary-cards.json +57 -3
- package/data/_indexes/token-budget.json +129 -74
- package/data/_indexes/trigger-table.json +66 -0
- package/data/_indexes/xref.json +58 -8
- package/data/atlas-ttps.json +528 -19
- package/data/attack-techniques.json +198 -84
- package/data/cve-catalog.json +1309 -9
- package/data/exploit-availability.json +300 -10
- package/data/framework-control-gaps.json +557 -1
- package/data/global-frameworks.json +44 -19
- package/data/rfc-references.json +94 -1
- package/data/zeroday-lessons.json +475 -13
- package/lib/schemas/cve-catalog.schema.json +24 -3
- package/manifest-snapshot.json +68 -2
- package/manifest-snapshot.sha256 +1 -1
- package/manifest.json +145 -59
- package/package.json +1 -1
- package/sbom.cdx.json +7 -7
- package/skills/ai-attack-surface/skill.md +11 -2
- package/skills/ai-c2-detection/skill.md +3 -1
- package/skills/ai-risk-management/skill.md +3 -1
- package/skills/api-security/skill.md +4 -0
- package/skills/attack-surface-pentest/skill.md +1 -0
- package/skills/container-runtime-security/skill.md +3 -1
- package/skills/dlp-gap-analysis/skill.md +1 -1
- package/skills/exploit-scoring/skill.md +2 -2
- package/skills/incident-response-playbook/skill.md +1 -1
- package/skills/kernel-lpe-triage/skill.md +6 -1
- package/skills/mcp-agent-trust/skill.md +7 -2
- package/skills/mlops-security/skill.md +1 -1
- package/skills/rag-pipeline-security/skill.md +4 -2
- package/skills/sector-financial/skill.md +1 -1
- package/skills/sector-telecom/skill.md +259 -0
- package/skills/skill-update-loop/skill.md +1 -1
- package/skills/supply-chain-integrity/skill.md +3 -1
- package/skills/threat-model-currency/skill.md +1 -1
- package/skills/webapp-security/skill.md +2 -0
- package/skills/zeroday-gap-learn/skill.md +2 -2
package/data/_indexes/xref.json
CHANGED
|
@@ -72,6 +72,7 @@
|
|
|
72
72
|
"api-security",
|
|
73
73
|
"attack-surface-pentest",
|
|
74
74
|
"mcp-agent-trust",
|
|
75
|
+
"sector-telecom",
|
|
75
76
|
"webapp-security"
|
|
76
77
|
],
|
|
77
78
|
"CWE-1395": [
|
|
@@ -154,12 +155,14 @@
|
|
|
154
155
|
"sector-energy",
|
|
155
156
|
"sector-financial",
|
|
156
157
|
"sector-healthcare",
|
|
158
|
+
"sector-telecom",
|
|
157
159
|
"webapp-security"
|
|
158
160
|
],
|
|
159
161
|
"CWE-306": [
|
|
160
162
|
"identity-assurance",
|
|
161
163
|
"ot-ics-security",
|
|
162
|
-
"sector-energy"
|
|
164
|
+
"sector-energy",
|
|
165
|
+
"sector-telecom"
|
|
163
166
|
],
|
|
164
167
|
"CWE-798": [
|
|
165
168
|
"cloud-security",
|
|
@@ -217,7 +220,8 @@
|
|
|
217
220
|
"defensive-countermeasure-mapping",
|
|
218
221
|
"dlp-gap-analysis",
|
|
219
222
|
"fuzz-testing-strategy",
|
|
220
|
-
"rag-pipeline-security"
|
|
223
|
+
"rag-pipeline-security",
|
|
224
|
+
"sector-telecom"
|
|
221
225
|
],
|
|
222
226
|
"D3-NTA": [
|
|
223
227
|
"ai-attack-surface",
|
|
@@ -225,7 +229,8 @@
|
|
|
225
229
|
"attack-surface-pentest",
|
|
226
230
|
"defensive-countermeasure-mapping",
|
|
227
231
|
"dlp-gap-analysis",
|
|
228
|
-
"rag-pipeline-security"
|
|
232
|
+
"rag-pipeline-security",
|
|
233
|
+
"sector-telecom"
|
|
229
234
|
],
|
|
230
235
|
"D3-CBAN": [
|
|
231
236
|
"defensive-countermeasure-mapping",
|
|
@@ -259,12 +264,14 @@
|
|
|
259
264
|
],
|
|
260
265
|
"D3-NI": [
|
|
261
266
|
"ai-c2-detection",
|
|
262
|
-
"defensive-countermeasure-mapping"
|
|
267
|
+
"defensive-countermeasure-mapping",
|
|
268
|
+
"sector-telecom"
|
|
263
269
|
],
|
|
264
270
|
"D3-NTPM": [
|
|
265
271
|
"ai-c2-detection",
|
|
266
272
|
"defensive-countermeasure-mapping",
|
|
267
|
-
"dlp-gap-analysis"
|
|
273
|
+
"dlp-gap-analysis",
|
|
274
|
+
"sector-telecom"
|
|
268
275
|
],
|
|
269
276
|
"D3-FE": [
|
|
270
277
|
"defensive-countermeasure-mapping",
|
|
@@ -511,6 +518,33 @@
|
|
|
511
518
|
"NERC-CIP-007-6-R4": [
|
|
512
519
|
"ot-ics-security",
|
|
513
520
|
"sector-energy"
|
|
521
|
+
],
|
|
522
|
+
"FCC-CPNI-4.1": [
|
|
523
|
+
"sector-telecom"
|
|
524
|
+
],
|
|
525
|
+
"FCC-Cyber-Incident-Notification-2024": [
|
|
526
|
+
"sector-telecom"
|
|
527
|
+
],
|
|
528
|
+
"NIS2-Annex-I-Telecom": [
|
|
529
|
+
"sector-telecom"
|
|
530
|
+
],
|
|
531
|
+
"DORA-Art-21-Telecom-ICT": [
|
|
532
|
+
"sector-telecom"
|
|
533
|
+
],
|
|
534
|
+
"UK-CAF-B5": [
|
|
535
|
+
"sector-telecom"
|
|
536
|
+
],
|
|
537
|
+
"AU-ISM-1556": [
|
|
538
|
+
"sector-telecom"
|
|
539
|
+
],
|
|
540
|
+
"GSMA-NESAS-Deployment": [
|
|
541
|
+
"sector-telecom"
|
|
542
|
+
],
|
|
543
|
+
"3GPP-TR-33.926": [
|
|
544
|
+
"sector-telecom"
|
|
545
|
+
],
|
|
546
|
+
"ITU-T-X.805": [
|
|
547
|
+
"sector-telecom"
|
|
514
548
|
]
|
|
515
549
|
},
|
|
516
550
|
"atlas_refs": {
|
|
@@ -580,6 +614,9 @@
|
|
|
580
614
|
"mlops-security",
|
|
581
615
|
"ot-ics-security",
|
|
582
616
|
"supply-chain-integrity"
|
|
617
|
+
],
|
|
618
|
+
"AML.T0040": [
|
|
619
|
+
"sector-telecom"
|
|
583
620
|
]
|
|
584
621
|
},
|
|
585
622
|
"attack_refs": {
|
|
@@ -613,6 +650,7 @@
|
|
|
613
650
|
"sector-energy",
|
|
614
651
|
"sector-federal-government",
|
|
615
652
|
"sector-financial",
|
|
653
|
+
"sector-telecom",
|
|
616
654
|
"webapp-security"
|
|
617
655
|
],
|
|
618
656
|
"T1195.001": [
|
|
@@ -626,7 +664,8 @@
|
|
|
626
664
|
"rag-pipeline-security"
|
|
627
665
|
],
|
|
628
666
|
"T1071": [
|
|
629
|
-
"ai-c2-detection"
|
|
667
|
+
"ai-c2-detection",
|
|
668
|
+
"sector-telecom"
|
|
630
669
|
],
|
|
631
670
|
"T1102": [
|
|
632
671
|
"ai-c2-detection"
|
|
@@ -647,7 +686,8 @@
|
|
|
647
686
|
"incident-response-playbook",
|
|
648
687
|
"sector-energy",
|
|
649
688
|
"sector-financial",
|
|
650
|
-
"sector-healthcare"
|
|
689
|
+
"sector-healthcare",
|
|
690
|
+
"sector-telecom"
|
|
651
691
|
],
|
|
652
692
|
"T1567": [
|
|
653
693
|
"age-gates-child-safety",
|
|
@@ -677,7 +717,8 @@
|
|
|
677
717
|
"supply-chain-integrity"
|
|
678
718
|
],
|
|
679
719
|
"T1556": [
|
|
680
|
-
"identity-assurance"
|
|
720
|
+
"identity-assurance",
|
|
721
|
+
"sector-telecom"
|
|
681
722
|
],
|
|
682
723
|
"T1110": [
|
|
683
724
|
"identity-assurance"
|
|
@@ -697,6 +738,12 @@
|
|
|
697
738
|
"incident-response-playbook",
|
|
698
739
|
"sector-financial"
|
|
699
740
|
],
|
|
741
|
+
"T1098": [
|
|
742
|
+
"sector-telecom"
|
|
743
|
+
],
|
|
744
|
+
"T1199": [
|
|
745
|
+
"sector-telecom"
|
|
746
|
+
],
|
|
700
747
|
"T1552": [
|
|
701
748
|
"cloud-security"
|
|
702
749
|
],
|
|
@@ -812,6 +859,9 @@
|
|
|
812
859
|
],
|
|
813
860
|
"RFC-9106": [
|
|
814
861
|
"pqc-first"
|
|
862
|
+
],
|
|
863
|
+
"RFC-9622": [
|
|
864
|
+
"sector-telecom"
|
|
815
865
|
]
|
|
816
866
|
},
|
|
817
867
|
"dlp_refs": {}
|