@blamejs/exceptd-skills 0.12.28 → 0.12.30
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/AGENTS.md +1 -1
- package/CHANGELOG.md +53 -0
- package/bin/exceptd.js +30 -20
- package/data/_indexes/_meta.json +9 -9
- package/data/_indexes/activity-feed.json +7 -7
- package/data/_indexes/chains.json +9 -9
- package/data/_indexes/currency.json +43 -43
- package/data/_indexes/stale-content.json +1 -1
- package/data/atlas-ttps.json +61 -111
- package/data/cve-catalog.json +136 -65
- package/data/cwe-catalog.json +151 -95
- package/data/d3fend-catalog.json +201 -54
- package/data/dlp-controls.json +2 -1
- package/data/framework-control-gaps.json +1214 -110
- package/data/playbooks/crypto-codebase.json +1 -1
- package/data/rfc-references.json +23 -67
- package/lib/exit-codes.js +2 -0
- package/lib/playbook-runner.js +25 -1
- package/manifest-snapshot.json +2 -2
- package/manifest-snapshot.sha256 +1 -1
- package/manifest.json +49 -48
- package/package.json +3 -2
- package/sbom.cdx.json +1853 -10
- package/scripts/backfill-theater-test.js +806 -0
- package/scripts/check-test-coverage.js +18 -4
- package/scripts/refresh-reverse-refs.js +171 -0
- package/scripts/refresh-sbom.js +155 -8
package/data/cwe-catalog.json
CHANGED
|
@@ -22,7 +22,8 @@
|
|
|
22
22
|
"stale_after_days": 180,
|
|
23
23
|
"rebuild_after_days": 365,
|
|
24
24
|
"note": "Per-entry last_verified governs decay. Skills depending on this catalog must check entry freshness before high-stakes use."
|
|
25
|
-
}
|
|
25
|
+
},
|
|
26
|
+
"last_threat_review": "2026-05-15"
|
|
26
27
|
},
|
|
27
28
|
"CWE-20": {
|
|
28
29
|
"id": "CWE-20",
|
|
@@ -43,9 +44,7 @@
|
|
|
43
44
|
"CAPEC-22"
|
|
44
45
|
],
|
|
45
46
|
"skills_referencing": [
|
|
46
|
-
"
|
|
47
|
-
"rag-pipeline-security",
|
|
48
|
-
"exploit-scoring"
|
|
47
|
+
"fuzz-testing-strategy"
|
|
49
48
|
],
|
|
50
49
|
"evidence_cves": [],
|
|
51
50
|
"framework_controls_partially_addressing": [
|
|
@@ -75,7 +74,10 @@
|
|
|
75
74
|
"CAPEC-76"
|
|
76
75
|
],
|
|
77
76
|
"skills_referencing": [
|
|
78
|
-
"
|
|
77
|
+
"api-security",
|
|
78
|
+
"attack-surface-pentest",
|
|
79
|
+
"mcp-agent-trust",
|
|
80
|
+
"webapp-security"
|
|
79
81
|
],
|
|
80
82
|
"evidence_cves": [],
|
|
81
83
|
"framework_controls_partially_addressing": [
|
|
@@ -105,8 +107,9 @@
|
|
|
105
107
|
"CAPEC-15"
|
|
106
108
|
],
|
|
107
109
|
"skills_referencing": [
|
|
110
|
+
"api-security",
|
|
108
111
|
"mcp-agent-trust",
|
|
109
|
-
"
|
|
112
|
+
"webapp-security"
|
|
110
113
|
],
|
|
111
114
|
"evidence_cves": [
|
|
112
115
|
"MAL-2026-3083",
|
|
@@ -138,9 +141,9 @@
|
|
|
138
141
|
"CAPEC-6"
|
|
139
142
|
],
|
|
140
143
|
"skills_referencing": [
|
|
141
|
-
"
|
|
142
|
-
"
|
|
143
|
-
"
|
|
144
|
+
"attack-surface-pentest",
|
|
145
|
+
"fuzz-testing-strategy",
|
|
146
|
+
"webapp-security"
|
|
144
147
|
],
|
|
145
148
|
"evidence_cves": [],
|
|
146
149
|
"framework_controls_partially_addressing": [
|
|
@@ -171,7 +174,8 @@
|
|
|
171
174
|
"CAPEC-592"
|
|
172
175
|
],
|
|
173
176
|
"skills_referencing": [
|
|
174
|
-
"
|
|
177
|
+
"attack-surface-pentest",
|
|
178
|
+
"webapp-security"
|
|
175
179
|
],
|
|
176
180
|
"evidence_cves": [],
|
|
177
181
|
"framework_controls_partially_addressing": [
|
|
@@ -199,10 +203,7 @@
|
|
|
199
203
|
"related_attack_patterns_capec": [
|
|
200
204
|
"CAPEC-460"
|
|
201
205
|
],
|
|
202
|
-
"skills_referencing": [
|
|
203
|
-
"mcp-agent-trust",
|
|
204
|
-
"container-runtime-security"
|
|
205
|
-
],
|
|
206
|
+
"skills_referencing": [],
|
|
206
207
|
"evidence_cves": [
|
|
207
208
|
"CVE-2026-39884"
|
|
208
209
|
],
|
|
@@ -232,7 +233,8 @@
|
|
|
232
233
|
"CAPEC-470"
|
|
233
234
|
],
|
|
234
235
|
"skills_referencing": [
|
|
235
|
-
"
|
|
236
|
+
"attack-surface-pentest",
|
|
237
|
+
"webapp-security"
|
|
236
238
|
],
|
|
237
239
|
"evidence_cves": [
|
|
238
240
|
"CVE-2026-42208"
|
|
@@ -266,8 +268,7 @@
|
|
|
266
268
|
"skills_referencing": [
|
|
267
269
|
"ai-attack-surface",
|
|
268
270
|
"mcp-agent-trust",
|
|
269
|
-
"
|
|
270
|
-
"ai-c2-detection"
|
|
271
|
+
"webapp-security"
|
|
271
272
|
],
|
|
272
273
|
"evidence_cves": [
|
|
273
274
|
"CVE-2025-53773",
|
|
@@ -295,10 +296,7 @@
|
|
|
295
296
|
"CWE-1000"
|
|
296
297
|
],
|
|
297
298
|
"related_attack_patterns_capec": [],
|
|
298
|
-
"skills_referencing": [
|
|
299
|
-
"kernel-lpe-triage",
|
|
300
|
-
"exploit-scoring"
|
|
301
|
-
],
|
|
299
|
+
"skills_referencing": [],
|
|
302
300
|
"playbooks_referencing": [
|
|
303
301
|
"kernel",
|
|
304
302
|
"hardening"
|
|
@@ -331,8 +329,8 @@
|
|
|
331
329
|
"CAPEC-540"
|
|
332
330
|
],
|
|
333
331
|
"skills_referencing": [
|
|
334
|
-
"
|
|
335
|
-
"
|
|
332
|
+
"fuzz-testing-strategy",
|
|
333
|
+
"kernel-lpe-triage"
|
|
336
334
|
],
|
|
337
335
|
"evidence_cves": [],
|
|
338
336
|
"framework_controls_partially_addressing": [
|
|
@@ -362,8 +360,12 @@
|
|
|
362
360
|
"CAPEC-118"
|
|
363
361
|
],
|
|
364
362
|
"skills_referencing": [
|
|
365
|
-
"
|
|
366
|
-
"
|
|
363
|
+
"age-gates-child-safety",
|
|
364
|
+
"api-security",
|
|
365
|
+
"cloud-security",
|
|
366
|
+
"dlp-gap-analysis",
|
|
367
|
+
"sector-healthcare",
|
|
368
|
+
"webapp-security"
|
|
367
369
|
],
|
|
368
370
|
"evidence_cves": [],
|
|
369
371
|
"framework_controls_partially_addressing": [
|
|
@@ -390,11 +392,7 @@
|
|
|
390
392
|
"CAPEC-104",
|
|
391
393
|
"CAPEC-470"
|
|
392
394
|
],
|
|
393
|
-
"skills_referencing": [
|
|
394
|
-
"container-runtime-security",
|
|
395
|
-
"kernel-lpe-triage",
|
|
396
|
-
"ot-ics-security"
|
|
397
|
-
],
|
|
395
|
+
"skills_referencing": [],
|
|
398
396
|
"evidence_cves": [],
|
|
399
397
|
"framework_controls_partially_addressing": [
|
|
400
398
|
"NIST-800-53-AC-6",
|
|
@@ -420,9 +418,7 @@
|
|
|
420
418
|
"related_attack_patterns_capec": [
|
|
421
419
|
"CAPEC-37"
|
|
422
420
|
],
|
|
423
|
-
"skills_referencing": [
|
|
424
|
-
"dlp-gap-analysis"
|
|
425
|
-
],
|
|
421
|
+
"skills_referencing": [],
|
|
426
422
|
"evidence_cves": [],
|
|
427
423
|
"framework_controls_partially_addressing": [
|
|
428
424
|
"NIST-800-53-IA-5(1)",
|
|
@@ -455,8 +451,12 @@
|
|
|
455
451
|
"CAPEC-233"
|
|
456
452
|
],
|
|
457
453
|
"skills_referencing": [
|
|
458
|
-
"
|
|
459
|
-
"
|
|
454
|
+
"attack-surface-pentest",
|
|
455
|
+
"cloud-iam-incident",
|
|
456
|
+
"container-runtime-security",
|
|
457
|
+
"identity-assurance",
|
|
458
|
+
"idp-incident-response",
|
|
459
|
+
"webapp-security"
|
|
460
460
|
],
|
|
461
461
|
"evidence_cves": [],
|
|
462
462
|
"framework_controls_partially_addressing": [
|
|
@@ -483,9 +483,7 @@
|
|
|
483
483
|
"CAPEC-19"
|
|
484
484
|
],
|
|
485
485
|
"skills_referencing": [
|
|
486
|
-
"
|
|
487
|
-
"identity-assurance",
|
|
488
|
-
"webapp-security"
|
|
486
|
+
"idp-incident-response"
|
|
489
487
|
],
|
|
490
488
|
"evidence_cves": [],
|
|
491
489
|
"framework_controls_partially_addressing": [
|
|
@@ -514,7 +512,21 @@
|
|
|
514
512
|
"CAPEC-115",
|
|
515
513
|
"CAPEC-22"
|
|
516
514
|
],
|
|
517
|
-
"skills_referencing": [
|
|
515
|
+
"skills_referencing": [
|
|
516
|
+
"age-gates-child-safety",
|
|
517
|
+
"api-security",
|
|
518
|
+
"cloud-iam-incident",
|
|
519
|
+
"cloud-security",
|
|
520
|
+
"identity-assurance",
|
|
521
|
+
"idp-incident-response",
|
|
522
|
+
"ot-ics-security",
|
|
523
|
+
"ransomware-response",
|
|
524
|
+
"sector-energy",
|
|
525
|
+
"sector-financial",
|
|
526
|
+
"sector-healthcare",
|
|
527
|
+
"sector-telecom",
|
|
528
|
+
"webapp-security"
|
|
529
|
+
],
|
|
518
530
|
"evidence_cves": [],
|
|
519
531
|
"framework_controls_partially_addressing": [
|
|
520
532
|
"NIST-800-53-IA-2",
|
|
@@ -542,7 +554,10 @@
|
|
|
542
554
|
"CAPEC-115"
|
|
543
555
|
],
|
|
544
556
|
"skills_referencing": [
|
|
545
|
-
"
|
|
557
|
+
"identity-assurance",
|
|
558
|
+
"ot-ics-security",
|
|
559
|
+
"sector-energy",
|
|
560
|
+
"sector-telecom"
|
|
546
561
|
],
|
|
547
562
|
"evidence_cves": [],
|
|
548
563
|
"framework_controls_partially_addressing": [
|
|
@@ -567,9 +582,7 @@
|
|
|
567
582
|
"related_attack_patterns_capec": [
|
|
568
583
|
"CAPEC-97"
|
|
569
584
|
],
|
|
570
|
-
"skills_referencing": [
|
|
571
|
-
"pqc-first"
|
|
572
|
-
],
|
|
585
|
+
"skills_referencing": [],
|
|
573
586
|
"evidence_cves": [],
|
|
574
587
|
"framework_controls_partially_addressing": [
|
|
575
588
|
"NIST-800-53-SC-13",
|
|
@@ -598,9 +611,7 @@
|
|
|
598
611
|
"related_attack_patterns_capec": [
|
|
599
612
|
"CAPEC-37"
|
|
600
613
|
],
|
|
601
|
-
"skills_referencing": [
|
|
602
|
-
"dlp-gap-analysis"
|
|
603
|
-
],
|
|
614
|
+
"skills_referencing": [],
|
|
604
615
|
"evidence_cves": [],
|
|
605
616
|
"framework_controls_partially_addressing": [
|
|
606
617
|
"NIST-800-53-SC-28",
|
|
@@ -631,9 +642,7 @@
|
|
|
631
642
|
"CAPEC-20",
|
|
632
643
|
"CAPEC-97"
|
|
633
644
|
],
|
|
634
|
-
"skills_referencing": [
|
|
635
|
-
"pqc-first"
|
|
636
|
-
],
|
|
645
|
+
"skills_referencing": [],
|
|
637
646
|
"evidence_cves": [],
|
|
638
647
|
"framework_controls_partially_addressing": [
|
|
639
648
|
"NIST-800-53-SC-13",
|
|
@@ -690,9 +699,7 @@
|
|
|
690
699
|
"related_attack_patterns_capec": [
|
|
691
700
|
"CAPEC-97"
|
|
692
701
|
],
|
|
693
|
-
"skills_referencing": [
|
|
694
|
-
"pqc-first"
|
|
695
|
-
],
|
|
702
|
+
"skills_referencing": [],
|
|
696
703
|
"evidence_cves": [],
|
|
697
704
|
"framework_controls_partially_addressing": [
|
|
698
705
|
"NIST-800-53-SC-13",
|
|
@@ -835,8 +842,8 @@
|
|
|
835
842
|
"CAPEC-148"
|
|
836
843
|
],
|
|
837
844
|
"skills_referencing": [
|
|
838
|
-
"
|
|
839
|
-
"
|
|
845
|
+
"idp-incident-response",
|
|
846
|
+
"mcp-agent-trust"
|
|
840
847
|
],
|
|
841
848
|
"evidence_cves": [
|
|
842
849
|
"CVE-2026-30615"
|
|
@@ -866,7 +873,13 @@
|
|
|
866
873
|
"related_attack_patterns_capec": [
|
|
867
874
|
"CAPEC-62"
|
|
868
875
|
],
|
|
869
|
-
"skills_referencing": [
|
|
876
|
+
"skills_referencing": [
|
|
877
|
+
"api-security",
|
|
878
|
+
"attack-surface-pentest",
|
|
879
|
+
"mcp-agent-trust",
|
|
880
|
+
"sector-financial",
|
|
881
|
+
"webapp-security"
|
|
882
|
+
],
|
|
870
883
|
"evidence_cves": [],
|
|
871
884
|
"framework_controls_partially_addressing": [
|
|
872
885
|
"NIST-800-53-SC-23",
|
|
@@ -891,9 +904,7 @@
|
|
|
891
904
|
"CAPEC-75",
|
|
892
905
|
"CAPEC-39"
|
|
893
906
|
],
|
|
894
|
-
"skills_referencing": [
|
|
895
|
-
"supply-chain-integrity"
|
|
896
|
-
],
|
|
907
|
+
"skills_referencing": [],
|
|
897
908
|
"evidence_cves": [],
|
|
898
909
|
"framework_controls_partially_addressing": [
|
|
899
910
|
"NIST-800-53-SI-7",
|
|
@@ -924,6 +935,7 @@
|
|
|
924
935
|
"CAPEC-29"
|
|
925
936
|
],
|
|
926
937
|
"skills_referencing": [
|
|
938
|
+
"fuzz-testing-strategy",
|
|
927
939
|
"kernel-lpe-triage"
|
|
928
940
|
],
|
|
929
941
|
"evidence_cves": [],
|
|
@@ -952,8 +964,8 @@
|
|
|
952
964
|
"CAPEC-129"
|
|
953
965
|
],
|
|
954
966
|
"skills_referencing": [
|
|
955
|
-
"
|
|
956
|
-
"
|
|
967
|
+
"fuzz-testing-strategy",
|
|
968
|
+
"kernel-lpe-triage"
|
|
957
969
|
],
|
|
958
970
|
"evidence_cves": [
|
|
959
971
|
"CVE-2026-43284",
|
|
@@ -983,9 +995,7 @@
|
|
|
983
995
|
"CAPEC-38",
|
|
984
996
|
"CAPEC-471"
|
|
985
997
|
],
|
|
986
|
-
"skills_referencing": [
|
|
987
|
-
"kernel-lpe-triage"
|
|
988
|
-
],
|
|
998
|
+
"skills_referencing": [],
|
|
989
999
|
"evidence_cves": [],
|
|
990
1000
|
"framework_controls_partially_addressing": [
|
|
991
1001
|
"NIST-800-53-AC-6",
|
|
@@ -1015,7 +1025,11 @@
|
|
|
1015
1025
|
"CAPEC-1",
|
|
1016
1026
|
"CAPEC-650"
|
|
1017
1027
|
],
|
|
1018
|
-
"skills_referencing": [
|
|
1028
|
+
"skills_referencing": [
|
|
1029
|
+
"attack-surface-pentest",
|
|
1030
|
+
"mcp-agent-trust",
|
|
1031
|
+
"webapp-security"
|
|
1032
|
+
],
|
|
1019
1033
|
"evidence_cves": [],
|
|
1020
1034
|
"framework_controls_partially_addressing": [
|
|
1021
1035
|
"NIST-800-53-SI-3",
|
|
@@ -1042,7 +1056,7 @@
|
|
|
1042
1056
|
],
|
|
1043
1057
|
"skills_referencing": [
|
|
1044
1058
|
"mcp-agent-trust",
|
|
1045
|
-
"
|
|
1059
|
+
"supply-chain-integrity"
|
|
1046
1060
|
],
|
|
1047
1061
|
"evidence_cves": [
|
|
1048
1062
|
"CVE-2026-30615"
|
|
@@ -1074,8 +1088,9 @@
|
|
|
1074
1088
|
"CAPEC-586"
|
|
1075
1089
|
],
|
|
1076
1090
|
"skills_referencing": [
|
|
1077
|
-
"
|
|
1078
|
-
"
|
|
1091
|
+
"mlops-security",
|
|
1092
|
+
"supply-chain-integrity",
|
|
1093
|
+
"webapp-security"
|
|
1079
1094
|
],
|
|
1080
1095
|
"evidence_cves": [],
|
|
1081
1096
|
"framework_controls_partially_addressing": [
|
|
@@ -1103,9 +1118,7 @@
|
|
|
1103
1118
|
"CAPEC-446",
|
|
1104
1119
|
"CAPEC-538"
|
|
1105
1120
|
],
|
|
1106
|
-
"skills_referencing": [
|
|
1107
|
-
"supply-chain-integrity"
|
|
1108
|
-
],
|
|
1121
|
+
"skills_referencing": [],
|
|
1109
1122
|
"evidence_cves": [
|
|
1110
1123
|
"CVE-2026-45321",
|
|
1111
1124
|
"MAL-2026-3083"
|
|
@@ -1140,7 +1153,8 @@
|
|
|
1140
1153
|
"CAPEC-555"
|
|
1141
1154
|
],
|
|
1142
1155
|
"skills_referencing": [
|
|
1143
|
-
"
|
|
1156
|
+
"cloud-iam-incident",
|
|
1157
|
+
"idp-incident-response"
|
|
1144
1158
|
],
|
|
1145
1159
|
"evidence_cves": [],
|
|
1146
1160
|
"framework_controls_partially_addressing": [
|
|
@@ -1168,10 +1182,7 @@
|
|
|
1168
1182
|
"CWE-1000"
|
|
1169
1183
|
],
|
|
1170
1184
|
"related_attack_patterns_capec": [],
|
|
1171
|
-
"skills_referencing": [
|
|
1172
|
-
"kernel-lpe-triage",
|
|
1173
|
-
"exploit-scoring"
|
|
1174
|
-
],
|
|
1185
|
+
"skills_referencing": [],
|
|
1175
1186
|
"playbooks_referencing": [
|
|
1176
1187
|
"kernel",
|
|
1177
1188
|
"hardening",
|
|
@@ -1228,7 +1239,14 @@
|
|
|
1228
1239
|
"related_attack_patterns_capec": [
|
|
1229
1240
|
"CAPEC-1"
|
|
1230
1241
|
],
|
|
1231
|
-
"skills_referencing": [
|
|
1242
|
+
"skills_referencing": [
|
|
1243
|
+
"attack-surface-pentest",
|
|
1244
|
+
"cloud-iam-incident",
|
|
1245
|
+
"cloud-security",
|
|
1246
|
+
"container-runtime-security",
|
|
1247
|
+
"identity-assurance",
|
|
1248
|
+
"webapp-security"
|
|
1249
|
+
],
|
|
1232
1250
|
"evidence_cves": [],
|
|
1233
1251
|
"framework_controls_partially_addressing": [
|
|
1234
1252
|
"NIST-800-53-AC-3",
|
|
@@ -1315,9 +1333,10 @@
|
|
|
1315
1333
|
"CAPEC-540"
|
|
1316
1334
|
],
|
|
1317
1335
|
"skills_referencing": [
|
|
1318
|
-
"
|
|
1319
|
-
"
|
|
1320
|
-
"
|
|
1336
|
+
"attack-surface-pentest",
|
|
1337
|
+
"container-runtime-security",
|
|
1338
|
+
"fuzz-testing-strategy",
|
|
1339
|
+
"kernel-lpe-triage"
|
|
1321
1340
|
],
|
|
1322
1341
|
"evidence_cves": [
|
|
1323
1342
|
"CVE-2026-31431",
|
|
@@ -1350,7 +1369,13 @@
|
|
|
1350
1369
|
"CAPEC-191"
|
|
1351
1370
|
],
|
|
1352
1371
|
"skills_referencing": [
|
|
1353
|
-
"
|
|
1372
|
+
"cloud-iam-incident",
|
|
1373
|
+
"cloud-security",
|
|
1374
|
+
"identity-assurance",
|
|
1375
|
+
"ot-ics-security",
|
|
1376
|
+
"ransomware-response",
|
|
1377
|
+
"sector-energy",
|
|
1378
|
+
"sector-financial"
|
|
1354
1379
|
],
|
|
1355
1380
|
"evidence_cves": [],
|
|
1356
1381
|
"framework_controls_partially_addressing": [
|
|
@@ -1376,8 +1401,8 @@
|
|
|
1376
1401
|
"CAPEC-538"
|
|
1377
1402
|
],
|
|
1378
1403
|
"skills_referencing": [
|
|
1379
|
-
"
|
|
1380
|
-
"
|
|
1404
|
+
"sector-federal-government",
|
|
1405
|
+
"supply-chain-integrity"
|
|
1381
1406
|
],
|
|
1382
1407
|
"evidence_cves": [],
|
|
1383
1408
|
"framework_controls_partially_addressing": [
|
|
@@ -1405,7 +1430,15 @@
|
|
|
1405
1430
|
"CAPEC-1",
|
|
1406
1431
|
"CAPEC-115"
|
|
1407
1432
|
],
|
|
1408
|
-
"skills_referencing": [
|
|
1433
|
+
"skills_referencing": [
|
|
1434
|
+
"age-gates-child-safety",
|
|
1435
|
+
"api-security",
|
|
1436
|
+
"cloud-security",
|
|
1437
|
+
"identity-assurance",
|
|
1438
|
+
"sector-financial",
|
|
1439
|
+
"sector-healthcare",
|
|
1440
|
+
"webapp-security"
|
|
1441
|
+
],
|
|
1409
1442
|
"evidence_cves": [],
|
|
1410
1443
|
"framework_controls_partially_addressing": [
|
|
1411
1444
|
"NIST-800-53-AC-3",
|
|
@@ -1434,7 +1467,12 @@
|
|
|
1434
1467
|
"CAPEC-1"
|
|
1435
1468
|
],
|
|
1436
1469
|
"skills_referencing": [
|
|
1437
|
-
"
|
|
1470
|
+
"api-security",
|
|
1471
|
+
"cloud-iam-incident",
|
|
1472
|
+
"identity-assurance",
|
|
1473
|
+
"idp-incident-response",
|
|
1474
|
+
"sector-financial",
|
|
1475
|
+
"webapp-security"
|
|
1438
1476
|
],
|
|
1439
1477
|
"evidence_cves": [],
|
|
1440
1478
|
"framework_controls_partially_addressing": [
|
|
@@ -1492,8 +1530,11 @@
|
|
|
1492
1530
|
"CAPEC-664"
|
|
1493
1531
|
],
|
|
1494
1532
|
"skills_referencing": [
|
|
1495
|
-
"
|
|
1496
|
-
"
|
|
1533
|
+
"api-security",
|
|
1534
|
+
"attack-surface-pentest",
|
|
1535
|
+
"mcp-agent-trust",
|
|
1536
|
+
"sector-telecom",
|
|
1537
|
+
"webapp-security"
|
|
1497
1538
|
],
|
|
1498
1539
|
"evidence_cves": [],
|
|
1499
1540
|
"framework_controls_partially_addressing": [
|
|
@@ -1517,7 +1558,8 @@
|
|
|
1517
1558
|
],
|
|
1518
1559
|
"related_attack_patterns_capec": [],
|
|
1519
1560
|
"skills_referencing": [
|
|
1520
|
-
"
|
|
1561
|
+
"ot-ics-security",
|
|
1562
|
+
"sector-energy"
|
|
1521
1563
|
],
|
|
1522
1564
|
"evidence_cves": [],
|
|
1523
1565
|
"framework_controls_partially_addressing": [
|
|
@@ -1542,7 +1584,8 @@
|
|
|
1542
1584
|
],
|
|
1543
1585
|
"related_attack_patterns_capec": [],
|
|
1544
1586
|
"skills_referencing": [
|
|
1545
|
-
"ai-attack-surface"
|
|
1587
|
+
"ai-attack-surface",
|
|
1588
|
+
"ai-risk-management"
|
|
1546
1589
|
],
|
|
1547
1590
|
"evidence_cves": [],
|
|
1548
1591
|
"framework_controls_partially_addressing": [
|
|
@@ -1566,8 +1609,12 @@
|
|
|
1566
1609
|
],
|
|
1567
1610
|
"related_attack_patterns_capec": [],
|
|
1568
1611
|
"skills_referencing": [
|
|
1569
|
-
"
|
|
1570
|
-
"security
|
|
1612
|
+
"api-security",
|
|
1613
|
+
"cloud-security",
|
|
1614
|
+
"container-runtime-security",
|
|
1615
|
+
"policy-exception-gen",
|
|
1616
|
+
"security-maturity-tiers",
|
|
1617
|
+
"webapp-security"
|
|
1571
1618
|
],
|
|
1572
1619
|
"evidence_cves": [],
|
|
1573
1620
|
"framework_controls_partially_addressing": [
|
|
@@ -1591,7 +1638,10 @@
|
|
|
1591
1638
|
],
|
|
1592
1639
|
"related_attack_patterns_capec": [],
|
|
1593
1640
|
"skills_referencing": [
|
|
1594
|
-
"
|
|
1641
|
+
"coordinated-vuln-disclosure",
|
|
1642
|
+
"mlops-security",
|
|
1643
|
+
"sector-federal-government",
|
|
1644
|
+
"supply-chain-integrity"
|
|
1595
1645
|
],
|
|
1596
1646
|
"evidence_cves": [],
|
|
1597
1647
|
"framework_controls_partially_addressing": [
|
|
@@ -1617,8 +1667,12 @@
|
|
|
1617
1667
|
],
|
|
1618
1668
|
"related_attack_patterns_capec": [],
|
|
1619
1669
|
"skills_referencing": [
|
|
1620
|
-
"
|
|
1621
|
-
"
|
|
1670
|
+
"attack-surface-pentest",
|
|
1671
|
+
"container-runtime-security",
|
|
1672
|
+
"mlops-security",
|
|
1673
|
+
"rag-pipeline-security",
|
|
1674
|
+
"sector-federal-government",
|
|
1675
|
+
"supply-chain-integrity"
|
|
1622
1676
|
],
|
|
1623
1677
|
"evidence_cves": [],
|
|
1624
1678
|
"framework_controls_partially_addressing": [
|
|
@@ -1646,9 +1700,11 @@
|
|
|
1646
1700
|
"related_attack_patterns_capec": [],
|
|
1647
1701
|
"skills_referencing": [
|
|
1648
1702
|
"ai-attack-surface",
|
|
1703
|
+
"ai-risk-management",
|
|
1704
|
+
"dlp-gap-analysis",
|
|
1705
|
+
"mlops-security",
|
|
1649
1706
|
"rag-pipeline-security",
|
|
1650
|
-
"
|
|
1651
|
-
"mcp-agent-trust"
|
|
1707
|
+
"sector-healthcare"
|
|
1652
1708
|
],
|
|
1653
1709
|
"evidence_cves": [],
|
|
1654
1710
|
"framework_controls_partially_addressing": [
|