@blamejs/exceptd-skills 0.12.26 → 0.12.28

package/AGENTS.md

@@ -353,6 +353,9 @@ Maintainers convert approved requests into skill files. The contributor is credi
 | container security, kubernetes, cis k8s, pod security standards, kyverno, gatekeeper, falco, tetragon, admission policy | container-runtime-security |
 | mlops security, model registry, training data integrity, mlflow, kubeflow, vertex ai, sagemaker, hugging face, model signing, drift detection | mlops-security |
 | incident response, ir playbook, csirt, picerl, nist 800-61, iso 27035, breach notification, bec incident, ai incident | incident-response-playbook |
+| ransomware response, decryptor, no more ransom, ofac sdn, cyber insurance, immutable backup, double extortion, phi exfil before encrypt, lockbit, alphv, akira | ransomware-response |
+| idp incident, okta tenant compromise, entra id, auth0, saml token forgery, oauth consent abuse, federated trust modification, midnight blizzard, scattered spider | idp-incident-response |
+| cloud iam incident, aws account takeover, gcp account takeover, azure account takeover, cross-account assume-role, imds, access key leak, snowflake breach, scim, workload identity | cloud-iam-incident |
 | email security, anti-phishing, dmarc, dkim, spf, bimi, arc, mta-sts, bec, vishing, deepfake phishing | email-security-anti-phishing |
 | age gate, age verification, coppa, cipa, california aadc, uk children's code, kosa, gdpr article 8, dsa article 28, parental consent, csam, child safety, children's online safety | age-gates-child-safety |
 | forward watch, watchlist, upcoming standards, horizon scan | `node orchestrator/index.js watchlist` (add `--by-skill` to invert) |

package/CHANGELOG.md

@@ -1,5 +1,65 @@
 # Changelog
 
+## 0.12.28 — 2026-05-15
+
+Incident-response cluster — three new playbooks and skills covering identity-provider tenant compromise, cloud-IAM account takeover, and ransomware response. The existing `incident-response-playbook` skill stays as the generic PICERL backbone; the new surface adds attack-class-specific depth for the three IR scenarios that dominate 2025-2026 breach reporting.
+
+### Features
+
+**`idp-incident` playbook + `idp-incident-response` skill.** Tenant-compromise response for Okta / Entra ID / Auth0 / Ping / OneLogin. Covers federated-trust modification, OAuth consent abuse, SAML token forgery, cross-tenant relationship abuse, dormant service-account reactivation, and help-desk social engineering. Maps T1078.004, T1098.001, T1556.007, T1606.002, T1199. Eight jurisdiction clocks (GDPR Art.33/34, NIS2 Art.23, DORA Art.19, NYDFS 500.17, CCPA/CPRA, AU NDB, UK GDPR). Detects on unauthorized consent grants from non-corp tenants, anomalous federated-trust additions, MFA factor swaps without password reset, recent high-privilege role assignments, and cross-tenant assumption anomalies — each indicator carries explicit false-positive checks.
+
+**`cloud-iam-incident` playbook + `cloud-iam-incident` skill.** Account-takeover response for AWS / GCP / Azure. Covers cross-account assume-role abuse, IMDS exposure, managed-identity token replay, access-key leakage to public repositories, federated-trust attacks against IAM Identity Center, and crypto-mining detection via GPU-instance creation. Maps T1078.004, T1098.001, T1098.003, T1136.003, T1538, T1552.005, T1562.008, T1580. Ten jurisdiction clocks including SG PDPA, JP APPI, and US-CA. Detects on root-login ASN anomalies, mass IAM-user creation outside IaC, unused-region resource creation, cross-account assume-role anomalies, IMDSv1 legacy access, KMS key-policy self-grants, and S3-bucket public-grant events.
+
+**`ransomware` playbook + `ransomware-response` skill.** Ransomware-specific incident response — extends the generic `incident-response-playbook` with the four decision properties that don't appear in standard IR frameworks: OFAC SDN sanctions check (BLOCKING for payment posture; payment to a sanctioned threat actor is a federal-law violation in the US), decryptor availability (No More Ransom + vendor-specific decryptors), cyber-insurance carrier notification posture (most policies require 24-hour notification), and immutable-backup viability versus replication-only "backups." Sixteen jurisdiction obligations spanning OFAC (0-hour BLOCKING), insurance carrier (24h), NIS2 (24h), DORA (4h), GDPR (72h), SEC 8-K (4 business days), HIPAA, CCPA, NYDFS ransom-event notification, and CIRCIA. Detects on mass file-extension change events, shadow-copy deletion outside maintenance windows, encrypted-file-extension growth rate anomalies, BloodHound-class AD reconnaissance, and large outbound transfers 24-72 hours before encryption (exfil-before-encrypt as distinct breach class).
+
+### Internal
+
+- Skill count 39 → 42 (Ed25519 manifest re-signed).
+- Playbook count 13 → 16 (validator `tests/validate-playbooks.test.js` updated).
+- RFC catalog: added RFC-7591 (OAuth 2.0 Dynamic Client Registration), RFC-8693 (OAuth 2.0 Token Exchange), RFC-9068 (JWT Profile for OAuth 2.0 Access Tokens).
+- ATT&CK techniques added to resolution catalog: T1098.001, T1098.003, T1136.003, T1538, T1562.008, T1580, T1606.002.
+- Framework-control-gaps catalog: 22 new entries covering federated-identity gaps (NIST 800-53 IA-5, ISO 27001 A.5.16-17, SOC 2 CC6, UK CAF B2, AU ISM-1559), cloud-IAM gaps (FedRAMP IL5, NIST AC-2 cross-account, ISO 27017, AWS Security Hub coverage, AU ISM-1546), and ransomware-specific gaps (OFAC SDN payment block, cyber-insurance 24h notification, EU Reg 2014/833 cyber sanctions, immutable-backup recovery, decryptor availability pre-decision, PHI-exfil-before-encrypt breach class).
+- AGENTS.md Quick Skill Reference table extended with the three new skills.
+
+
+## 0.12.27 — 2026-05-15
+
+**Patch: opt-in `--bundle-deterministic` mode for reproducible CSAF + OpenVEX + close-envelope bytes. Closes cycle 6 III P2-E + cycle 7 CCC bundle-non-determinism finding.**
+
+### New flags
+
+- **`--bundle-deterministic`** (boolean, off by default) — when set, the bundle-emit path produces byte-stable output for the same inputs. CSAF `tracking.initial_release_date` / `current_release_date` / `generator.date` / `revision_history[0].date`, OpenVEX top-level `timestamp` + per-statement `timestamp`, close-envelope `acceptance_date` + `regression_schedule.next_run` + `generated_at` all freeze to a single epoch. Auto-generated session IDs derive deterministically from `sha256(playbook_id ∥ evidence_hash ∥ engine_version)` rather than `crypto.randomBytes`. CSAF `vulnerabilities[]` + OpenVEX `statements[]` arrays sort by primary id.
+- **`--bundle-epoch <ISO-8601>`** (value-bearing, optional) — operator-supplied freeze epoch. When omitted, the deterministic mode falls back to `playbook._meta.last_threat_review` (the canonical "this catalog was last reviewed at" timestamp). Honored only when `--bundle-deterministic` is set.
+
+Both flags wired for `run`, `ci`, `run-all`, `ai-run`, `ingest`. Per-verb help blocks document them.
+
+### Why
+
+- **CI bundle diffing**: `git diff` over `evidence_package.bundle_body` against a baseline becomes signal-bearing only when drift is signal, not noise. Pre-v0.12.27 the same evidence produced ~640 bytes of timestamp drift across CSAF + OpenVEX + close-envelope per run.
+- **Auditor evidence reuse**: ISO 27001 / SOC 2 audits expect re-emit against the same submission to produce byte-equal evidence.
+- **SLSA / Sigstore alignment**: reproducible build evidence requires deterministic outputs the verifier can hash and compare.
+
+CSAF 2.0 §3.1.11.2-5 permits identical `initial_release_date` / `current_release_date` for never-revised advisories; freezing to a catalog epoch is spec-compliant. The strict-validator pass (BSI CSAF Validator) accepts the deterministic-mode output unchanged.
+
+### Default-mode regression guard
+
+When neither flag is set, bundle output is byte-identical to v0.12.26 — no existing operator sees a behavioral change. A regression test pins this: two consecutive runs in default mode produce different CSAF `tracking.initial_release_date` values, asserting the determinism is opt-in and cannot accidentally activate.
+
+### Test coverage
+
+`tests/bundle-determinism.test.js` (new, 7 exact-code tests):
+1. Two runs same inputs + same epoch → byte-identical CSAF/OpenVEX/summary
+2. Different `--bundle-epoch` → bundles differ only in timestamp fields
+3. Different evidence → bundles differ in `vulnerabilities[]` length; timestamps frozen
+4. Default mode → regression-guard timestamp drift
+5. `--bundle-epoch invalid-iso` → exit 1 + structured error
+6. `--bundle-deterministic` without `--bundle-epoch` falls back to `playbook._meta.last_threat_review`
+7. Array sort: random-order CVE evidence → `vulnerabilities[]` always ascending by `cve_id`
+
+Existing CSAF + OpenVEX + CLI test suites pass unchanged (53/53 + 30/30; no default-mode regression).
+
+Test count: 1058 pass (5 skipped). Predeploy gates: 14/14. Skills: 39/39 signed.
+
 ## 0.12.26 — 2026-05-15
 
 **Patch: sector-telecom skill ships, with supporting framework-gap and ATLAS catalog scaffolding. Closes the cycle 8 LLL P1 finding that the unmodeled RWEP signal from Salt Typhoon-class campaigns was the highest gap in the catalog.**

package/bin/exceptd.js

@@ -909,6 +909,11 @@ function dispatchPlaybook(cmd, argv) {
             "force-overwrite", "no-stream", "block-on-jurisdiction-clock",
             "force-replay",
             "json-stdout-only", "fix", "human", "json", "strict-preconditions",
+            // v0.12.27: --bundle-deterministic opts the bundle build into
+            // byte-stable output (frozen timestamps, deterministic session_id
+            // fallback, sorted vulnerabilities[] / statements[]). Pairs with
+            // --bundle-epoch <ISO> for the frozen timestamp value.
+            "bundle-deterministic",
             // v0.12.9: doctor --shipped-tarball runs the verify-shipped-tarball
             // gate alongside --signatures. doctor --registry-check + --signatures
             // were already accepted; explicit registration removes the silent
@@ -1266,6 +1271,55 @@ function dispatchPlaybook(cmd, argv) {
     runOpts.csafStatus = cs;
   }
 
+  // --bundle-deterministic + --bundle-epoch (v0.12.27): opt-in deterministic
+  // bundle emit. When set, CSAF / OpenVEX / close-envelope timestamps freeze
+  // to the supplied epoch (or the playbook's last_threat_review fallback),
+  // the auto-generated session_id derives from sha256(playbook + evidence_hash
+  // + engine_version) when the operator did not pass --session-id, and
+  // vulnerabilities[] / statements[] sort deterministically. Opt-in so the
+  // default emit path stays byte-identical to pre-v0.12.27 output.
+  if (args["bundle-deterministic"] !== undefined && args["bundle-deterministic"] !== false) {
+    if (!BUNDLE_FLAG_RELEVANT_VERBS.has(cmd)) {
+      return emitError(
+        `${cmd}: --bundle-deterministic is irrelevant on this verb (no bundle is assembled). --bundle-deterministic only applies to verbs that drive phases 5-7: ${[...BUNDLE_FLAG_RELEVANT_VERBS].sort().join(", ")}.`,
+        { verb: cmd, flag: "bundle-deterministic", error_class: "irrelevant-flag", accepted_verbs: [...BUNDLE_FLAG_RELEVANT_VERBS].sort() },
+        pretty
+      );
+    }
+    runOpts.bundleDeterministic = true;
+  }
+  if (args["bundle-epoch"] !== undefined) {
+    if (!BUNDLE_FLAG_RELEVANT_VERBS.has(cmd)) {
+      return emitError(
+        `${cmd}: --bundle-epoch is irrelevant on this verb (no bundle is assembled). --bundle-epoch only applies to verbs that drive phases 5-7: ${[...BUNDLE_FLAG_RELEVANT_VERBS].sort().join(", ")}.`,
+        { verb: cmd, flag: "bundle-epoch", error_class: "irrelevant-flag", accepted_verbs: [...BUNDLE_FLAG_RELEVANT_VERBS].sort() },
+        pretty
+      );
+    }
+    const epoch = args["bundle-epoch"];
+    if (typeof epoch !== "string") {
+      return emitError(
+        `${cmd}: --bundle-epoch must be a string ISO-8601 timestamp.`,
+        { verb: cmd, flag: "bundle-epoch", provided: typeof epoch },
+        pretty
+      );
+    }
+    // Reuse validateIsoSince — the same calendar-shape gate used for --since.
+    const isoErr = validateIsoSince(epoch);
+    if (isoErr) {
+      return emitError(
+        `${cmd}: --bundle-epoch must be a parseable ISO-8601 calendar timestamp (e.g. 2026-01-01T00:00:00Z). Got: ${JSON.stringify(epoch).slice(0, 80)}`,
+        { verb: cmd, flag: "bundle-epoch", provided: epoch.slice(0, 80) },
+        pretty
+      );
+    }
+    // Normalise to a full ISO timestamp so downstream consumers don't have
+    // to handle the date-only shape. Date-only inputs render as
+    // YYYY-MM-DDT00:00:00.000Z; full timestamps round-trip unchanged modulo
+    // ms precision (Date.prototype.toISOString always emits ms).
+    runOpts.bundleEpoch = new Date(epoch).toISOString();
+  }
+
   // --ack: operator acknowledges the jurisdiction obligations surfaced by
   // govern. Captured in attestation; downstream tooling can check whether
   // consent was explicit vs. implicit. AGENTS.md says the AI should surface
@@ -1512,6 +1566,16 @@ Flags:
                           publisher trust anchor — i.e. the operator's
                           organisation, NOT the tooling vendor. Must be an
                           http://… or https://… URL, ≤256 chars.
+  --bundle-deterministic  Emit byte-stable CSAF / OpenVEX / close envelope.
+                          Freezes tracking + timestamp fields to a single
+                          epoch, derives session_id from evidence hash when
+                          not supplied via --session-id, and sorts
+                          vulnerabilities[] / statements[] ascending.
+                          Off by default; opt-in for reproducible-build
+                          pipelines + diff-friendly attestation review.
+  --bundle-epoch <ISO>    Frozen epoch for --bundle-deterministic. ISO-8601
+                          calendar timestamp (date or date+time). Falls back
+                          to the playbook's last_threat_review when omitted.
   --diff-from-latest      Compare evidence_hash against the most recent prior
                           attestation for the same playbook in
                           .exceptd/attestations/. Emits status: unchanged | drifted.
@@ -1589,6 +1653,8 @@ Flags:
                           CSAF document.publisher.namespace (§3.1.7.4). The
                           operator's organisation URL, NOT the tooling vendor.
                           Must be an http://… or https://… URL, ≤256 chars.
+  --bundle-deterministic  Emit byte-stable bundles (frozen timestamps).
+  --bundle-epoch <ISO>    Frozen epoch for --bundle-deterministic.
   --pretty                Indented JSON output.
 
 Exit codes: 0 PASS, 1 framework, 4 blocked, 7 SESSION_ID_COLLISION,
@@ -1716,6 +1782,8 @@ Flags:
                           CSAF document.publisher.namespace (§3.1.7.4). The
                           operator's organisation URL, NOT the tooling vendor.
                           Must be an http://… or https://… URL, ≤256 chars.
+  --bundle-deterministic  Emit byte-stable bundles for reproducible pipelines.
+  --bundle-epoch <ISO>    Frozen epoch for --bundle-deterministic.
   --evidence <file|->     Single-shot mode: pre-supplied submission JSON.
   --operator <name>       Bind the attestation to a specific identity.
   --ack                   Mark explicit operator consent (jurisdiction clock).
@@ -1794,6 +1862,8 @@ Flags:
   --publisher-namespace <url>
                           CSAF document.publisher.namespace (§3.1.7.4). The
                           operator's organisation URL, NOT the tooling vendor.
+  --bundle-deterministic  Emit byte-stable bundles across per-playbook runs.
+  --bundle-epoch <ISO>    Frozen epoch for --bundle-deterministic.
   --json                  Force single-line JSON (overrides any TTY heuristics).
   --pretty                Indented JSON output (implies --json).
 
@@ -1874,7 +1944,9 @@ Flags (selected — see \`exceptd run --help\` for the full list):
   --publisher-namespace <url>
                           CSAF document.publisher.namespace (§3.1.7.4). The
                           operator's organisation URL, NOT the tooling vendor.
-                          Must be an http://… or https://… URL, ≤256 chars.`,
+                          Must be an http://… or https://… URL, ≤256 chars.
+  --bundle-deterministic  Emit byte-stable bundles across the multi-run set.
+  --bundle-epoch <ISO>    Frozen epoch for --bundle-deterministic.`,
   };
   process.stdout.write((cmds[verb] || `${verb} — no per-verb help available; see \`exceptd help\` for the full list.`) + "\n");
 }

package/data/_indexes/_meta.json

@@ -1,20 +1,20 @@
 {
   "schema_version": "1.1.0",
-  "generated_at": "2026-05-15T22:17:17.497Z",
+  "generated_at": "2026-05-15T23:31:25.676Z",
   "generator": "scripts/build-indexes.js",
-  "source_count": 51,
+  "source_count": 54,
   "source_hashes": {
-    "manifest.json": "492f8548ab8dc7d8edba1666d07c401d77e9459e356e3c30283888c73be6f005",
+    "manifest.json": "41d91731d616c0e2514783212f7eb32761298ab40cde66aa6076724aff729190",
     "data/atlas-ttps.json": "db52a797f6ba7c9a61fd7b1225ebbc268ddf21abe29a106c4246c2ed2e617b86",
-    "data/attack-techniques.json": "6b45448aa42cc6664376c93da73356624708e935c12589ee8c776a10215bce3a",
+    "data/attack-techniques.json": "51f60819aef36e960fd768e44dcc725e137781534fbbb028e5ef6baa21defa1d",
     "data/cve-catalog.json": "a2acad16f5e3856b07019fa00110e9dcb38ec5cc71b318d0e164bfcba7f4f644",
     "data/cwe-catalog.json": "19893d2a7139d86ff3fcf296b0e6cda10e357727a1d1ffb56af282104e99157a",
     "data/d3fend-catalog.json": "d219520c8d3eb61a270b25ea60f64721035e98a8d5d51d1a4e1f1140d9a586f9",
     "data/dlp-controls.json": "8ea8d907aea0a2cfd772b048a62122a322ba3284a5c36a272ad5e9d392564cb5",
     "data/exploit-availability.json": "a9eeda95d24b56c28a0d0178fc601b531653e2ba7dc857160b35ad23ad6c7471",
-    "data/framework-control-gaps.json": "e87790cae8839dc5d73632d7d875d12cffa2ad741a9002ec7851e1ae04df54c4",
+    "data/framework-control-gaps.json": "8d6cbf6c8fc38060c5cea9f300a61b4d0cbbda5e490983bd6780d0b0ae841e5a",
     "data/global-frameworks.json": "0168825497e03f079274c9da2e5529310a2ba5bd7c7da7c93acd0b66ed845b8a",
-    "data/rfc-references.json": "863f1ad7a36c020d11eb7bffea49ca1df89b10d43f3986118cdc5a5712308115",
+    "data/rfc-references.json": "a11de1bcff62b8f5e0bb8ce47a9b3fa26cf733ba283a8f1c9c4185d74efaad3e",
     "data/zeroday-lessons.json": "d960e5f8ca7a83c10194cd60207e13046a7eee1b8793e2f3de79475db283f800",
     "skills/kernel-lpe-triage/skill.md": "8e94bfd38d6db47342fbbe95a0c8df8f7c38743982c13e9de6a1c59cd3783d33",
     "skills/ai-attack-surface/skill.md": "13e543fc92b9b27cdb647dce96a9eeb44919e0fa92ec41e8265a9981a23e7b79",
@@ -53,36 +53,39 @@
     "skills/container-runtime-security/skill.md": "f06260f0c468d6a4f0409294899017edab45c98d71db1fedd7a630fe6a7bf53a",
     "skills/mlops-security/skill.md": "e6a296fc67724aa3b026c0039f44867b44cf0926eade4fe616bfd0a4c77310bf",
     "skills/incident-response-playbook/skill.md": "8ef7ce1246dc1329b6df3cc9de8d79d35e2c02c703dcef20f35b312b1c24fd52",
+    "skills/ransomware-response/skill.md": "ffe07ba8c196aabceb69b07dafa7a9c3ca2ec8e5ce079107f4eec82512a01be1",
     "skills/email-security-anti-phishing/skill.md": "b5a7693b3ddbd6cd83303d092bc5e324db431245d25c4945d9f65fcffa1995e7",
-    "skills/age-gates-child-safety/skill.md": "c741d7dca9da0abb09bdebb8a02e803ce4ae9fb9a6904fb8df3ec19cae83917d"
+    "skills/age-gates-child-safety/skill.md": "c741d7dca9da0abb09bdebb8a02e803ce4ae9fb9a6904fb8df3ec19cae83917d",
+    "skills/cloud-iam-incident/skill.md": "35a9dd108679103c0eca54ea0c5b8f3db0a199975f87e20660b2c3a11440f40b",
+    "skills/idp-incident-response/skill.md": "39b5b492914e9092fe1c0b2be5af83d4ed869939996b6a201f2d0cd8142ab8f3"
   },
-  "skill_count": 39,
+  "skill_count": 42,
   "catalog_count": 11,
   "index_stats": {
     "xref_entries": {
-      "cwe_refs": 34,
-      "d3fend_refs": 20,
-      "framework_gaps": 58,
+      "cwe_refs": 36,
+      "d3fend_refs": 21,
+      "framework_gaps": 80,
       "atlas_refs": 10,
-      "attack_refs": 32,
-      "rfc_refs": 20,
+      "attack_refs": 39,
+      "rfc_refs": 23,
       "dlp_refs": 0
     },
-    "trigger_table_entries": 475,
+    "trigger_table_entries": 538,
     "chains_cve_entries": 27,
     "chains_cwe_entries": 55,
     "jurisdictions_indexed": 29,
-    "handoff_dag_nodes": 39,
-    "summary_cards": 39,
-    "section_offsets_skills": 39,
-    "token_budget_total_approx": 362735,
+    "handoff_dag_nodes": 42,
+    "summary_cards": 42,
+    "section_offsets_skills": 42,
+    "token_budget_total_approx": 397336,
     "recipes": 8,
     "jurisdiction_clocks": 29,
     "did_ladders": 8,
     "theater_fingerprints": 7,
     "currency_action_required": 0,
     "frequency_fields": 7,
-    "activity_feed_events": 51,
+    "activity_feed_events": 54,
     "catalog_summaries": 11,
     "stale_content_findings": 3
   },

package/data/_indexes/activity-feed.json

@@ -2,7 +2,7 @@
   "_meta": {
     "schema_version": "1.0.0",
     "note": "Per-artifact 'last changed' feed sorted descending by date. Skill events from manifest.last_threat_review; catalog events from data/<catalog>.json _meta.last_updated.",
-    "event_count": 51
+    "event_count": 54
   },
   "events": [
     {
@@ -12,6 +12,27 @@
       "path": "skills/sector-telecom/skill.md",
       "note": "Telecom and 5G security for mid-2026 — Salt Typhoon, Volt Typhoon, CALEA / IPA-LI gateway compromise, signaling-protocol abuse (SS7 / Diameter / GTP), 5G N6 / N9 isolation, gNB / DU / CU integrity, OEM-equipment supply-chain compromise, AI-RAN / O-RAN security"
     },
+    {
+      "date": "2026-05-15",
+      "type": "skill_review",
+      "artifact": "ransomware-response",
+      "path": "skills/ransomware-response/skill.md",
+      "note": "Ransomware-specific incident response — OFAC SDN sanctions screening as payment-posture blocker, EU Reg 2014/833 + UK OFSI + AU DFAT + JP MOF cross-jurisdiction sanctions lookups, decryptor availability via No More Ransom + vendor-specific catalogs, cyber-insurance carrier 24h notification, negotiator-engagement legal posture, immutable-backup viability test, PHI exfil-before-encrypt as distinct breach class, parallel jurisdiction clocks"
+    },
+    {
+      "date": "2026-05-15",
+      "type": "skill_review",
+      "artifact": "cloud-iam-incident",
+      "path": "skills/cloud-iam-incident/skill.md",
+      "note": "Cloud-IAM incident response for AWS / GCP / Azure — account takeover, IAM role assumption abuse, access-key compromise, cross-account assume-role chains, federated-trust attacks, IMDS metadata exfiltration, and Snowflake-AA24-class IdP-to-cloud credential reuse"
+    },
+    {
+      "date": "2026-05-15",
+      "type": "skill_review",
+      "artifact": "idp-incident-response",
+      "path": "skills/idp-incident-response/skill.md",
+      "note": "Identity-provider incident response for mid-2026 — Okta, Entra ID, Auth0, Ping, OneLogin tenant compromise, federated-trust abuse, OAuth app consent abuse, Midnight Blizzard and Scattered Spider TTPs against the IdP control plane"
+    },
     {
       "date": "2026-05-15",
       "type": "catalog_update",
@@ -26,7 +47,7 @@
       "artifact": "data/attack-techniques.json",
       "path": "data/attack-techniques.json",
       "schema_version": "1.0.0",
-      "entry_count": 91
+      "entry_count": 98
     },
     {
       "date": "2026-05-15",
@@ -42,7 +63,7 @@
       "artifact": "data/framework-control-gaps.json",
       "path": "data/framework-control-gaps.json",
       "schema_version": "1.0.0",
-      "entry_count": 87
+      "entry_count": 109
     },
     {
       "date": "2026-05-15",
@@ -58,7 +79,7 @@
       "artifact": "data/rfc-references.json",
       "path": "data/rfc-references.json",
       "schema_version": "1.0.0",
-      "entry_count": 38
+      "entry_count": 41
     },
     {
       "date": "2026-05-15",
@@ -371,7 +392,7 @@
       "type": "manifest_review",
       "artifact": "manifest.json",
       "path": "manifest.json",
-      "note": "manifest threat_review_date — 39 skills, 11 catalogs"
+      "note": "manifest threat_review_date — 42 skills, 11 catalogs"
     }
   ]
 }

package/data/_indexes/catalog-summaries.json

@@ -40,7 +40,7 @@
         "rebuild_after_days": 365,
         "note": "Catalog must be rebuilt against the upstream ATT&CK release whenever MITRE publishes a new version. AGENTS.md external-data version-pinning rule requires the bump to be intentional, not silent. ATT&CK ships semi-annually (April + October); audit on each release for tactic moves, technique splits, and new Detection Strategies."
       },
-      "entry_count": 91,
+      "entry_count": 98,
       "sample_keys": [
         "T0001",
         "T0017",
@@ -172,7 +172,7 @@
         "rebuild_after_days": 365,
         "note": "Per-entry last_verified governs decay. Skills depending on this catalog must check entry freshness before high-stakes use."
       },
-      "entry_count": 87,
+      "entry_count": 109,
       "sample_keys": [
         "ALL-AI-PIPELINE-INTEGRITY",
         "ALL-MCP-TOOL-TRUST",
@@ -216,7 +216,7 @@
         "rebuild_after_days": 365,
         "note": "Per-entry last_verified governs decay. Skills depending on this catalog must check entry freshness before high-stakes use."
       },
-      "entry_count": 38,
+      "entry_count": 41,
       "sample_keys": [
         "RFC-4301",
         "RFC-4303",