@blamejs/exceptd-skills 0.12.28 → 0.12.29
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/AGENTS.md +1 -1
- package/CHANGELOG.md +32 -0
- package/bin/exceptd.js +30 -20
- package/data/_indexes/_meta.json +8 -8
- package/data/_indexes/activity-feed.json +7 -7
- package/data/_indexes/chains.json +3 -3
- package/data/_indexes/currency.json +43 -43
- package/data/_indexes/stale-content.json +1 -1
- package/data/atlas-ttps.json +61 -111
- package/data/cve-catalog.json +101 -45
- package/data/cwe-catalog.json +149 -94
- package/data/d3fend-catalog.json +199 -53
- package/data/framework-control-gaps.json +1212 -109
- package/data/playbooks/crypto-codebase.json +1 -1
- package/data/rfc-references.json +21 -66
- package/lib/exit-codes.js +2 -0
- package/lib/playbook-runner.js +25 -1
- package/manifest-snapshot.json +2 -2
- package/manifest-snapshot.sha256 +1 -1
- package/manifest.json +49 -48
- package/package.json +3 -2
- package/sbom.cdx.json +1853 -10
- package/scripts/backfill-theater-test.js +806 -0
- package/scripts/refresh-reverse-refs.js +171 -0
- package/scripts/refresh-sbom.js +155 -8
package/data/cwe-catalog.json
CHANGED
|
@@ -43,9 +43,7 @@
|
|
|
43
43
|
"CAPEC-22"
|
|
44
44
|
],
|
|
45
45
|
"skills_referencing": [
|
|
46
|
-
"
|
|
47
|
-
"rag-pipeline-security",
|
|
48
|
-
"exploit-scoring"
|
|
46
|
+
"fuzz-testing-strategy"
|
|
49
47
|
],
|
|
50
48
|
"evidence_cves": [],
|
|
51
49
|
"framework_controls_partially_addressing": [
|
|
@@ -75,7 +73,10 @@
|
|
|
75
73
|
"CAPEC-76"
|
|
76
74
|
],
|
|
77
75
|
"skills_referencing": [
|
|
78
|
-
"
|
|
76
|
+
"api-security",
|
|
77
|
+
"attack-surface-pentest",
|
|
78
|
+
"mcp-agent-trust",
|
|
79
|
+
"webapp-security"
|
|
79
80
|
],
|
|
80
81
|
"evidence_cves": [],
|
|
81
82
|
"framework_controls_partially_addressing": [
|
|
@@ -105,8 +106,9 @@
|
|
|
105
106
|
"CAPEC-15"
|
|
106
107
|
],
|
|
107
108
|
"skills_referencing": [
|
|
109
|
+
"api-security",
|
|
108
110
|
"mcp-agent-trust",
|
|
109
|
-
"
|
|
111
|
+
"webapp-security"
|
|
110
112
|
],
|
|
111
113
|
"evidence_cves": [
|
|
112
114
|
"MAL-2026-3083",
|
|
@@ -138,9 +140,9 @@
|
|
|
138
140
|
"CAPEC-6"
|
|
139
141
|
],
|
|
140
142
|
"skills_referencing": [
|
|
141
|
-
"
|
|
142
|
-
"
|
|
143
|
-
"
|
|
143
|
+
"attack-surface-pentest",
|
|
144
|
+
"fuzz-testing-strategy",
|
|
145
|
+
"webapp-security"
|
|
144
146
|
],
|
|
145
147
|
"evidence_cves": [],
|
|
146
148
|
"framework_controls_partially_addressing": [
|
|
@@ -171,7 +173,8 @@
|
|
|
171
173
|
"CAPEC-592"
|
|
172
174
|
],
|
|
173
175
|
"skills_referencing": [
|
|
174
|
-
"
|
|
176
|
+
"attack-surface-pentest",
|
|
177
|
+
"webapp-security"
|
|
175
178
|
],
|
|
176
179
|
"evidence_cves": [],
|
|
177
180
|
"framework_controls_partially_addressing": [
|
|
@@ -199,10 +202,7 @@
|
|
|
199
202
|
"related_attack_patterns_capec": [
|
|
200
203
|
"CAPEC-460"
|
|
201
204
|
],
|
|
202
|
-
"skills_referencing": [
|
|
203
|
-
"mcp-agent-trust",
|
|
204
|
-
"container-runtime-security"
|
|
205
|
-
],
|
|
205
|
+
"skills_referencing": [],
|
|
206
206
|
"evidence_cves": [
|
|
207
207
|
"CVE-2026-39884"
|
|
208
208
|
],
|
|
@@ -232,7 +232,8 @@
|
|
|
232
232
|
"CAPEC-470"
|
|
233
233
|
],
|
|
234
234
|
"skills_referencing": [
|
|
235
|
-
"
|
|
235
|
+
"attack-surface-pentest",
|
|
236
|
+
"webapp-security"
|
|
236
237
|
],
|
|
237
238
|
"evidence_cves": [
|
|
238
239
|
"CVE-2026-42208"
|
|
@@ -266,8 +267,7 @@
|
|
|
266
267
|
"skills_referencing": [
|
|
267
268
|
"ai-attack-surface",
|
|
268
269
|
"mcp-agent-trust",
|
|
269
|
-
"
|
|
270
|
-
"ai-c2-detection"
|
|
270
|
+
"webapp-security"
|
|
271
271
|
],
|
|
272
272
|
"evidence_cves": [
|
|
273
273
|
"CVE-2025-53773",
|
|
@@ -295,10 +295,7 @@
|
|
|
295
295
|
"CWE-1000"
|
|
296
296
|
],
|
|
297
297
|
"related_attack_patterns_capec": [],
|
|
298
|
-
"skills_referencing": [
|
|
299
|
-
"kernel-lpe-triage",
|
|
300
|
-
"exploit-scoring"
|
|
301
|
-
],
|
|
298
|
+
"skills_referencing": [],
|
|
302
299
|
"playbooks_referencing": [
|
|
303
300
|
"kernel",
|
|
304
301
|
"hardening"
|
|
@@ -331,8 +328,8 @@
|
|
|
331
328
|
"CAPEC-540"
|
|
332
329
|
],
|
|
333
330
|
"skills_referencing": [
|
|
334
|
-
"
|
|
335
|
-
"
|
|
331
|
+
"fuzz-testing-strategy",
|
|
332
|
+
"kernel-lpe-triage"
|
|
336
333
|
],
|
|
337
334
|
"evidence_cves": [],
|
|
338
335
|
"framework_controls_partially_addressing": [
|
|
@@ -362,8 +359,12 @@
|
|
|
362
359
|
"CAPEC-118"
|
|
363
360
|
],
|
|
364
361
|
"skills_referencing": [
|
|
365
|
-
"
|
|
366
|
-
"
|
|
362
|
+
"age-gates-child-safety",
|
|
363
|
+
"api-security",
|
|
364
|
+
"cloud-security",
|
|
365
|
+
"dlp-gap-analysis",
|
|
366
|
+
"sector-healthcare",
|
|
367
|
+
"webapp-security"
|
|
367
368
|
],
|
|
368
369
|
"evidence_cves": [],
|
|
369
370
|
"framework_controls_partially_addressing": [
|
|
@@ -390,11 +391,7 @@
|
|
|
390
391
|
"CAPEC-104",
|
|
391
392
|
"CAPEC-470"
|
|
392
393
|
],
|
|
393
|
-
"skills_referencing": [
|
|
394
|
-
"container-runtime-security",
|
|
395
|
-
"kernel-lpe-triage",
|
|
396
|
-
"ot-ics-security"
|
|
397
|
-
],
|
|
394
|
+
"skills_referencing": [],
|
|
398
395
|
"evidence_cves": [],
|
|
399
396
|
"framework_controls_partially_addressing": [
|
|
400
397
|
"NIST-800-53-AC-6",
|
|
@@ -420,9 +417,7 @@
|
|
|
420
417
|
"related_attack_patterns_capec": [
|
|
421
418
|
"CAPEC-37"
|
|
422
419
|
],
|
|
423
|
-
"skills_referencing": [
|
|
424
|
-
"dlp-gap-analysis"
|
|
425
|
-
],
|
|
420
|
+
"skills_referencing": [],
|
|
426
421
|
"evidence_cves": [],
|
|
427
422
|
"framework_controls_partially_addressing": [
|
|
428
423
|
"NIST-800-53-IA-5(1)",
|
|
@@ -455,8 +450,12 @@
|
|
|
455
450
|
"CAPEC-233"
|
|
456
451
|
],
|
|
457
452
|
"skills_referencing": [
|
|
458
|
-
"
|
|
459
|
-
"
|
|
453
|
+
"attack-surface-pentest",
|
|
454
|
+
"cloud-iam-incident",
|
|
455
|
+
"container-runtime-security",
|
|
456
|
+
"identity-assurance",
|
|
457
|
+
"idp-incident-response",
|
|
458
|
+
"webapp-security"
|
|
460
459
|
],
|
|
461
460
|
"evidence_cves": [],
|
|
462
461
|
"framework_controls_partially_addressing": [
|
|
@@ -483,9 +482,7 @@
|
|
|
483
482
|
"CAPEC-19"
|
|
484
483
|
],
|
|
485
484
|
"skills_referencing": [
|
|
486
|
-
"
|
|
487
|
-
"identity-assurance",
|
|
488
|
-
"webapp-security"
|
|
485
|
+
"idp-incident-response"
|
|
489
486
|
],
|
|
490
487
|
"evidence_cves": [],
|
|
491
488
|
"framework_controls_partially_addressing": [
|
|
@@ -514,7 +511,21 @@
|
|
|
514
511
|
"CAPEC-115",
|
|
515
512
|
"CAPEC-22"
|
|
516
513
|
],
|
|
517
|
-
"skills_referencing": [
|
|
514
|
+
"skills_referencing": [
|
|
515
|
+
"age-gates-child-safety",
|
|
516
|
+
"api-security",
|
|
517
|
+
"cloud-iam-incident",
|
|
518
|
+
"cloud-security",
|
|
519
|
+
"identity-assurance",
|
|
520
|
+
"idp-incident-response",
|
|
521
|
+
"ot-ics-security",
|
|
522
|
+
"ransomware-response",
|
|
523
|
+
"sector-energy",
|
|
524
|
+
"sector-financial",
|
|
525
|
+
"sector-healthcare",
|
|
526
|
+
"sector-telecom",
|
|
527
|
+
"webapp-security"
|
|
528
|
+
],
|
|
518
529
|
"evidence_cves": [],
|
|
519
530
|
"framework_controls_partially_addressing": [
|
|
520
531
|
"NIST-800-53-IA-2",
|
|
@@ -542,7 +553,10 @@
|
|
|
542
553
|
"CAPEC-115"
|
|
543
554
|
],
|
|
544
555
|
"skills_referencing": [
|
|
545
|
-
"
|
|
556
|
+
"identity-assurance",
|
|
557
|
+
"ot-ics-security",
|
|
558
|
+
"sector-energy",
|
|
559
|
+
"sector-telecom"
|
|
546
560
|
],
|
|
547
561
|
"evidence_cves": [],
|
|
548
562
|
"framework_controls_partially_addressing": [
|
|
@@ -567,9 +581,7 @@
|
|
|
567
581
|
"related_attack_patterns_capec": [
|
|
568
582
|
"CAPEC-97"
|
|
569
583
|
],
|
|
570
|
-
"skills_referencing": [
|
|
571
|
-
"pqc-first"
|
|
572
|
-
],
|
|
584
|
+
"skills_referencing": [],
|
|
573
585
|
"evidence_cves": [],
|
|
574
586
|
"framework_controls_partially_addressing": [
|
|
575
587
|
"NIST-800-53-SC-13",
|
|
@@ -598,9 +610,7 @@
|
|
|
598
610
|
"related_attack_patterns_capec": [
|
|
599
611
|
"CAPEC-37"
|
|
600
612
|
],
|
|
601
|
-
"skills_referencing": [
|
|
602
|
-
"dlp-gap-analysis"
|
|
603
|
-
],
|
|
613
|
+
"skills_referencing": [],
|
|
604
614
|
"evidence_cves": [],
|
|
605
615
|
"framework_controls_partially_addressing": [
|
|
606
616
|
"NIST-800-53-SC-28",
|
|
@@ -631,9 +641,7 @@
|
|
|
631
641
|
"CAPEC-20",
|
|
632
642
|
"CAPEC-97"
|
|
633
643
|
],
|
|
634
|
-
"skills_referencing": [
|
|
635
|
-
"pqc-first"
|
|
636
|
-
],
|
|
644
|
+
"skills_referencing": [],
|
|
637
645
|
"evidence_cves": [],
|
|
638
646
|
"framework_controls_partially_addressing": [
|
|
639
647
|
"NIST-800-53-SC-13",
|
|
@@ -690,9 +698,7 @@
|
|
|
690
698
|
"related_attack_patterns_capec": [
|
|
691
699
|
"CAPEC-97"
|
|
692
700
|
],
|
|
693
|
-
"skills_referencing": [
|
|
694
|
-
"pqc-first"
|
|
695
|
-
],
|
|
701
|
+
"skills_referencing": [],
|
|
696
702
|
"evidence_cves": [],
|
|
697
703
|
"framework_controls_partially_addressing": [
|
|
698
704
|
"NIST-800-53-SC-13",
|
|
@@ -835,8 +841,8 @@
|
|
|
835
841
|
"CAPEC-148"
|
|
836
842
|
],
|
|
837
843
|
"skills_referencing": [
|
|
838
|
-
"
|
|
839
|
-
"
|
|
844
|
+
"idp-incident-response",
|
|
845
|
+
"mcp-agent-trust"
|
|
840
846
|
],
|
|
841
847
|
"evidence_cves": [
|
|
842
848
|
"CVE-2026-30615"
|
|
@@ -866,7 +872,13 @@
|
|
|
866
872
|
"related_attack_patterns_capec": [
|
|
867
873
|
"CAPEC-62"
|
|
868
874
|
],
|
|
869
|
-
"skills_referencing": [
|
|
875
|
+
"skills_referencing": [
|
|
876
|
+
"api-security",
|
|
877
|
+
"attack-surface-pentest",
|
|
878
|
+
"mcp-agent-trust",
|
|
879
|
+
"sector-financial",
|
|
880
|
+
"webapp-security"
|
|
881
|
+
],
|
|
870
882
|
"evidence_cves": [],
|
|
871
883
|
"framework_controls_partially_addressing": [
|
|
872
884
|
"NIST-800-53-SC-23",
|
|
@@ -891,9 +903,7 @@
|
|
|
891
903
|
"CAPEC-75",
|
|
892
904
|
"CAPEC-39"
|
|
893
905
|
],
|
|
894
|
-
"skills_referencing": [
|
|
895
|
-
"supply-chain-integrity"
|
|
896
|
-
],
|
|
906
|
+
"skills_referencing": [],
|
|
897
907
|
"evidence_cves": [],
|
|
898
908
|
"framework_controls_partially_addressing": [
|
|
899
909
|
"NIST-800-53-SI-7",
|
|
@@ -924,6 +934,7 @@
|
|
|
924
934
|
"CAPEC-29"
|
|
925
935
|
],
|
|
926
936
|
"skills_referencing": [
|
|
937
|
+
"fuzz-testing-strategy",
|
|
927
938
|
"kernel-lpe-triage"
|
|
928
939
|
],
|
|
929
940
|
"evidence_cves": [],
|
|
@@ -952,8 +963,8 @@
|
|
|
952
963
|
"CAPEC-129"
|
|
953
964
|
],
|
|
954
965
|
"skills_referencing": [
|
|
955
|
-
"
|
|
956
|
-
"
|
|
966
|
+
"fuzz-testing-strategy",
|
|
967
|
+
"kernel-lpe-triage"
|
|
957
968
|
],
|
|
958
969
|
"evidence_cves": [
|
|
959
970
|
"CVE-2026-43284",
|
|
@@ -983,9 +994,7 @@
|
|
|
983
994
|
"CAPEC-38",
|
|
984
995
|
"CAPEC-471"
|
|
985
996
|
],
|
|
986
|
-
"skills_referencing": [
|
|
987
|
-
"kernel-lpe-triage"
|
|
988
|
-
],
|
|
997
|
+
"skills_referencing": [],
|
|
989
998
|
"evidence_cves": [],
|
|
990
999
|
"framework_controls_partially_addressing": [
|
|
991
1000
|
"NIST-800-53-AC-6",
|
|
@@ -1015,7 +1024,11 @@
|
|
|
1015
1024
|
"CAPEC-1",
|
|
1016
1025
|
"CAPEC-650"
|
|
1017
1026
|
],
|
|
1018
|
-
"skills_referencing": [
|
|
1027
|
+
"skills_referencing": [
|
|
1028
|
+
"attack-surface-pentest",
|
|
1029
|
+
"mcp-agent-trust",
|
|
1030
|
+
"webapp-security"
|
|
1031
|
+
],
|
|
1019
1032
|
"evidence_cves": [],
|
|
1020
1033
|
"framework_controls_partially_addressing": [
|
|
1021
1034
|
"NIST-800-53-SI-3",
|
|
@@ -1042,7 +1055,7 @@
|
|
|
1042
1055
|
],
|
|
1043
1056
|
"skills_referencing": [
|
|
1044
1057
|
"mcp-agent-trust",
|
|
1045
|
-
"
|
|
1058
|
+
"supply-chain-integrity"
|
|
1046
1059
|
],
|
|
1047
1060
|
"evidence_cves": [
|
|
1048
1061
|
"CVE-2026-30615"
|
|
@@ -1074,8 +1087,9 @@
|
|
|
1074
1087
|
"CAPEC-586"
|
|
1075
1088
|
],
|
|
1076
1089
|
"skills_referencing": [
|
|
1077
|
-
"
|
|
1078
|
-
"
|
|
1090
|
+
"mlops-security",
|
|
1091
|
+
"supply-chain-integrity",
|
|
1092
|
+
"webapp-security"
|
|
1079
1093
|
],
|
|
1080
1094
|
"evidence_cves": [],
|
|
1081
1095
|
"framework_controls_partially_addressing": [
|
|
@@ -1103,9 +1117,7 @@
|
|
|
1103
1117
|
"CAPEC-446",
|
|
1104
1118
|
"CAPEC-538"
|
|
1105
1119
|
],
|
|
1106
|
-
"skills_referencing": [
|
|
1107
|
-
"supply-chain-integrity"
|
|
1108
|
-
],
|
|
1120
|
+
"skills_referencing": [],
|
|
1109
1121
|
"evidence_cves": [
|
|
1110
1122
|
"CVE-2026-45321",
|
|
1111
1123
|
"MAL-2026-3083"
|
|
@@ -1140,7 +1152,8 @@
|
|
|
1140
1152
|
"CAPEC-555"
|
|
1141
1153
|
],
|
|
1142
1154
|
"skills_referencing": [
|
|
1143
|
-
"
|
|
1155
|
+
"cloud-iam-incident",
|
|
1156
|
+
"idp-incident-response"
|
|
1144
1157
|
],
|
|
1145
1158
|
"evidence_cves": [],
|
|
1146
1159
|
"framework_controls_partially_addressing": [
|
|
@@ -1168,10 +1181,7 @@
|
|
|
1168
1181
|
"CWE-1000"
|
|
1169
1182
|
],
|
|
1170
1183
|
"related_attack_patterns_capec": [],
|
|
1171
|
-
"skills_referencing": [
|
|
1172
|
-
"kernel-lpe-triage",
|
|
1173
|
-
"exploit-scoring"
|
|
1174
|
-
],
|
|
1184
|
+
"skills_referencing": [],
|
|
1175
1185
|
"playbooks_referencing": [
|
|
1176
1186
|
"kernel",
|
|
1177
1187
|
"hardening",
|
|
@@ -1228,7 +1238,14 @@
|
|
|
1228
1238
|
"related_attack_patterns_capec": [
|
|
1229
1239
|
"CAPEC-1"
|
|
1230
1240
|
],
|
|
1231
|
-
"skills_referencing": [
|
|
1241
|
+
"skills_referencing": [
|
|
1242
|
+
"attack-surface-pentest",
|
|
1243
|
+
"cloud-iam-incident",
|
|
1244
|
+
"cloud-security",
|
|
1245
|
+
"container-runtime-security",
|
|
1246
|
+
"identity-assurance",
|
|
1247
|
+
"webapp-security"
|
|
1248
|
+
],
|
|
1232
1249
|
"evidence_cves": [],
|
|
1233
1250
|
"framework_controls_partially_addressing": [
|
|
1234
1251
|
"NIST-800-53-AC-3",
|
|
@@ -1315,9 +1332,10 @@
|
|
|
1315
1332
|
"CAPEC-540"
|
|
1316
1333
|
],
|
|
1317
1334
|
"skills_referencing": [
|
|
1318
|
-
"
|
|
1319
|
-
"
|
|
1320
|
-
"
|
|
1335
|
+
"attack-surface-pentest",
|
|
1336
|
+
"container-runtime-security",
|
|
1337
|
+
"fuzz-testing-strategy",
|
|
1338
|
+
"kernel-lpe-triage"
|
|
1321
1339
|
],
|
|
1322
1340
|
"evidence_cves": [
|
|
1323
1341
|
"CVE-2026-31431",
|
|
@@ -1350,7 +1368,13 @@
|
|
|
1350
1368
|
"CAPEC-191"
|
|
1351
1369
|
],
|
|
1352
1370
|
"skills_referencing": [
|
|
1353
|
-
"
|
|
1371
|
+
"cloud-iam-incident",
|
|
1372
|
+
"cloud-security",
|
|
1373
|
+
"identity-assurance",
|
|
1374
|
+
"ot-ics-security",
|
|
1375
|
+
"ransomware-response",
|
|
1376
|
+
"sector-energy",
|
|
1377
|
+
"sector-financial"
|
|
1354
1378
|
],
|
|
1355
1379
|
"evidence_cves": [],
|
|
1356
1380
|
"framework_controls_partially_addressing": [
|
|
@@ -1376,8 +1400,8 @@
|
|
|
1376
1400
|
"CAPEC-538"
|
|
1377
1401
|
],
|
|
1378
1402
|
"skills_referencing": [
|
|
1379
|
-
"
|
|
1380
|
-
"
|
|
1403
|
+
"sector-federal-government",
|
|
1404
|
+
"supply-chain-integrity"
|
|
1381
1405
|
],
|
|
1382
1406
|
"evidence_cves": [],
|
|
1383
1407
|
"framework_controls_partially_addressing": [
|
|
@@ -1405,7 +1429,15 @@
|
|
|
1405
1429
|
"CAPEC-1",
|
|
1406
1430
|
"CAPEC-115"
|
|
1407
1431
|
],
|
|
1408
|
-
"skills_referencing": [
|
|
1432
|
+
"skills_referencing": [
|
|
1433
|
+
"age-gates-child-safety",
|
|
1434
|
+
"api-security",
|
|
1435
|
+
"cloud-security",
|
|
1436
|
+
"identity-assurance",
|
|
1437
|
+
"sector-financial",
|
|
1438
|
+
"sector-healthcare",
|
|
1439
|
+
"webapp-security"
|
|
1440
|
+
],
|
|
1409
1441
|
"evidence_cves": [],
|
|
1410
1442
|
"framework_controls_partially_addressing": [
|
|
1411
1443
|
"NIST-800-53-AC-3",
|
|
@@ -1434,7 +1466,12 @@
|
|
|
1434
1466
|
"CAPEC-1"
|
|
1435
1467
|
],
|
|
1436
1468
|
"skills_referencing": [
|
|
1437
|
-
"
|
|
1469
|
+
"api-security",
|
|
1470
|
+
"cloud-iam-incident",
|
|
1471
|
+
"identity-assurance",
|
|
1472
|
+
"idp-incident-response",
|
|
1473
|
+
"sector-financial",
|
|
1474
|
+
"webapp-security"
|
|
1438
1475
|
],
|
|
1439
1476
|
"evidence_cves": [],
|
|
1440
1477
|
"framework_controls_partially_addressing": [
|
|
@@ -1492,8 +1529,11 @@
|
|
|
1492
1529
|
"CAPEC-664"
|
|
1493
1530
|
],
|
|
1494
1531
|
"skills_referencing": [
|
|
1495
|
-
"
|
|
1496
|
-
"
|
|
1532
|
+
"api-security",
|
|
1533
|
+
"attack-surface-pentest",
|
|
1534
|
+
"mcp-agent-trust",
|
|
1535
|
+
"sector-telecom",
|
|
1536
|
+
"webapp-security"
|
|
1497
1537
|
],
|
|
1498
1538
|
"evidence_cves": [],
|
|
1499
1539
|
"framework_controls_partially_addressing": [
|
|
@@ -1517,7 +1557,8 @@
|
|
|
1517
1557
|
],
|
|
1518
1558
|
"related_attack_patterns_capec": [],
|
|
1519
1559
|
"skills_referencing": [
|
|
1520
|
-
"
|
|
1560
|
+
"ot-ics-security",
|
|
1561
|
+
"sector-energy"
|
|
1521
1562
|
],
|
|
1522
1563
|
"evidence_cves": [],
|
|
1523
1564
|
"framework_controls_partially_addressing": [
|
|
@@ -1542,7 +1583,8 @@
|
|
|
1542
1583
|
],
|
|
1543
1584
|
"related_attack_patterns_capec": [],
|
|
1544
1585
|
"skills_referencing": [
|
|
1545
|
-
"ai-attack-surface"
|
|
1586
|
+
"ai-attack-surface",
|
|
1587
|
+
"ai-risk-management"
|
|
1546
1588
|
],
|
|
1547
1589
|
"evidence_cves": [],
|
|
1548
1590
|
"framework_controls_partially_addressing": [
|
|
@@ -1566,8 +1608,12 @@
|
|
|
1566
1608
|
],
|
|
1567
1609
|
"related_attack_patterns_capec": [],
|
|
1568
1610
|
"skills_referencing": [
|
|
1569
|
-
"
|
|
1570
|
-
"security
|
|
1611
|
+
"api-security",
|
|
1612
|
+
"cloud-security",
|
|
1613
|
+
"container-runtime-security",
|
|
1614
|
+
"policy-exception-gen",
|
|
1615
|
+
"security-maturity-tiers",
|
|
1616
|
+
"webapp-security"
|
|
1571
1617
|
],
|
|
1572
1618
|
"evidence_cves": [],
|
|
1573
1619
|
"framework_controls_partially_addressing": [
|
|
@@ -1591,7 +1637,10 @@
|
|
|
1591
1637
|
],
|
|
1592
1638
|
"related_attack_patterns_capec": [],
|
|
1593
1639
|
"skills_referencing": [
|
|
1594
|
-
"
|
|
1640
|
+
"coordinated-vuln-disclosure",
|
|
1641
|
+
"mlops-security",
|
|
1642
|
+
"sector-federal-government",
|
|
1643
|
+
"supply-chain-integrity"
|
|
1595
1644
|
],
|
|
1596
1645
|
"evidence_cves": [],
|
|
1597
1646
|
"framework_controls_partially_addressing": [
|
|
@@ -1617,8 +1666,12 @@
|
|
|
1617
1666
|
],
|
|
1618
1667
|
"related_attack_patterns_capec": [],
|
|
1619
1668
|
"skills_referencing": [
|
|
1620
|
-
"
|
|
1621
|
-
"
|
|
1669
|
+
"attack-surface-pentest",
|
|
1670
|
+
"container-runtime-security",
|
|
1671
|
+
"mlops-security",
|
|
1672
|
+
"rag-pipeline-security",
|
|
1673
|
+
"sector-federal-government",
|
|
1674
|
+
"supply-chain-integrity"
|
|
1622
1675
|
],
|
|
1623
1676
|
"evidence_cves": [],
|
|
1624
1677
|
"framework_controls_partially_addressing": [
|
|
@@ -1646,9 +1699,11 @@
|
|
|
1646
1699
|
"related_attack_patterns_capec": [],
|
|
1647
1700
|
"skills_referencing": [
|
|
1648
1701
|
"ai-attack-surface",
|
|
1702
|
+
"ai-risk-management",
|
|
1703
|
+
"dlp-gap-analysis",
|
|
1704
|
+
"mlops-security",
|
|
1649
1705
|
"rag-pipeline-security",
|
|
1650
|
-
"
|
|
1651
|
-
"mcp-agent-trust"
|
|
1706
|
+
"sector-healthcare"
|
|
1652
1707
|
],
|
|
1653
1708
|
"evidence_cves": [],
|
|
1654
1709
|
"framework_controls_partially_addressing": [
|