@blamejs/exceptd-skills 0.12.40 → 0.13.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (97) hide show
  1. package/AGENTS.md +17 -0
  2. package/ARCHITECTURE.md +7 -4
  3. package/CHANGELOG.md +215 -248
  4. package/CONTEXT.md +2 -2
  5. package/README.md +2 -8
  6. package/agents/threat-researcher.md +2 -2
  7. package/bin/exceptd.js +179 -81
  8. package/data/_indexes/_meta.json +50 -50
  9. package/data/_indexes/activity-feed.json +1 -1
  10. package/data/_indexes/catalog-summaries.json +1 -1
  11. package/data/_indexes/chains.json +485 -13
  12. package/data/_indexes/frequency.json +4 -0
  13. package/data/_indexes/jurisdiction-map.json +15 -4
  14. package/data/_indexes/section-offsets.json +1224 -1224
  15. package/data/_indexes/token-budget.json +170 -170
  16. package/data/atlas-ttps.json +54 -11
  17. package/data/attack-techniques.json +113 -17
  18. package/data/cve-catalog.json +38 -52
  19. package/data/cwe-catalog.json +8 -2
  20. package/data/exploit-availability.json +1 -0
  21. package/data/framework-control-gaps.json +149 -6
  22. package/data/global-frameworks.json +1 -0
  23. package/data/playbooks/ai-api.json +5 -0
  24. package/data/playbooks/cicd-pipeline-compromise.json +970 -0
  25. package/data/playbooks/cloud-iam-incident.json +4 -1
  26. package/data/playbooks/cred-stores.json +10 -0
  27. package/data/playbooks/crypto-codebase.json +13 -0
  28. package/data/playbooks/framework.json +16 -0
  29. package/data/playbooks/hardening.json +4 -0
  30. package/data/playbooks/identity-sso-compromise.json +951 -0
  31. package/data/playbooks/idp-incident.json +3 -0
  32. package/data/playbooks/kernel.json +6 -0
  33. package/data/playbooks/llm-tool-use-exfil.json +963 -0
  34. package/data/playbooks/mcp.json +6 -0
  35. package/data/playbooks/runtime.json +4 -0
  36. package/data/playbooks/sbom.json +13 -0
  37. package/data/playbooks/secrets.json +6 -0
  38. package/data/playbooks/webhook-callback-abuse.json +916 -0
  39. package/data/zeroday-lessons.json +1 -0
  40. package/lib/cross-ref-api.js +33 -13
  41. package/lib/cve-curation.js +12 -1
  42. package/lib/exit-codes.js +29 -0
  43. package/lib/lint-skills.js +25 -3
  44. package/lib/playbook-runner.js +8 -4
  45. package/lib/refresh-external.js +10 -1
  46. package/lib/scoring.js +64 -1
  47. package/lib/sign.js +40 -7
  48. package/lib/verify.js +5 -5
  49. package/manifest.json +83 -83
  50. package/orchestrator/README.md +7 -7
  51. package/orchestrator/index.js +46 -25
  52. package/orchestrator/scheduler.js +2 -2
  53. package/package.json +1 -1
  54. package/sbom.cdx.json +135 -91
  55. package/scripts/check-test-coverage.js +6 -6
  56. package/scripts/predeploy.js +7 -13
  57. package/scripts/refresh-reverse-refs.js +107 -20
  58. package/scripts/refresh-sbom.js +21 -4
  59. package/skills/age-gates-child-safety/skill.md +1 -5
  60. package/skills/ai-attack-surface/skill.md +11 -4
  61. package/skills/ai-c2-detection/skill.md +11 -2
  62. package/skills/ai-risk-management/skill.md +4 -2
  63. package/skills/api-security/skill.md +7 -8
  64. package/skills/attack-surface-pentest/skill.md +2 -2
  65. package/skills/cloud-iam-incident/skill.md +1 -5
  66. package/skills/cloud-security/skill.md +0 -4
  67. package/skills/compliance-theater/skill.md +10 -2
  68. package/skills/container-runtime-security/skill.md +1 -3
  69. package/skills/dlp-gap-analysis/skill.md +3 -4
  70. package/skills/email-security-anti-phishing/skill.md +1 -8
  71. package/skills/exploit-scoring/skill.md +7 -2
  72. package/skills/framework-gap-analysis/skill.md +1 -1
  73. package/skills/fuzz-testing-strategy/skill.md +1 -2
  74. package/skills/global-grc/skill.md +3 -2
  75. package/skills/identity-assurance/skill.md +1 -3
  76. package/skills/idp-incident-response/skill.md +1 -4
  77. package/skills/incident-response-playbook/skill.md +1 -5
  78. package/skills/kernel-lpe-triage/skill.md +2 -2
  79. package/skills/mcp-agent-trust/skill.md +13 -3
  80. package/skills/mlops-security/skill.md +3 -4
  81. package/skills/ot-ics-security/skill.md +0 -3
  82. package/skills/policy-exception-gen/skill.md +11 -3
  83. package/skills/pqc-first/skill.md +4 -2
  84. package/skills/rag-pipeline-security/skill.md +2 -0
  85. package/skills/ransomware-response/skill.md +1 -5
  86. package/skills/researcher/skill.md +4 -3
  87. package/skills/sector-energy/skill.md +0 -4
  88. package/skills/sector-federal-government/skill.md +2 -3
  89. package/skills/sector-financial/skill.md +1 -4
  90. package/skills/sector-healthcare/skill.md +0 -5
  91. package/skills/sector-telecom/skill.md +0 -4
  92. package/skills/security-maturity-tiers/skill.md +1 -2
  93. package/skills/skill-update-loop/skill.md +4 -3
  94. package/skills/supply-chain-integrity/skill.md +4 -3
  95. package/skills/threat-model-currency/skill.md +1 -1
  96. package/skills/threat-modeling-methodology/skill.md +2 -1
  97. package/skills/webapp-security/skill.md +0 -5
package/data/_indexes/frequency.json CHANGED
@@ -2520,6 +2520,7 @@
2520
2520
  "AU-Essential-8-Backup",
2521
2521
  "AU-Essential-8-MFA",
2522
2522
  "AU-Essential-8-Patch",
2523
+ "AU-ISM-1546",
2523
2524
  "CIS-Controls-v8-10.1",
2524
2525
  "DORA-Art-9",
2525
2526
  "DORA-Art28",
@@ -2537,9 +2538,11 @@
2537
2538
  "HIPAA-Security-Rule-2026-NPRM-164.310",
2538
2539
  "HIPAA-Security-Rule-2026-NPRM-164.312",
2539
2540
  "HIPAA-Security-Rule-2026-NPRM-164.314",
2541
+ "ISO-27001-2022-A.5.7",
2540
2542
  "ISO-27001-2022-A.8.7",
2541
2543
  "NIS2-Art21-identity-management",
2542
2544
  "NIS2-Art21-incident-handling",
2545
+ "NIS2-Art21-supply-chain",
2543
2546
  "NIS2-Art21-vulnerability-management",
2544
2547
  "NIST-800-53-AC-3",
2545
2548
  "NIST-800-53-AC-6",
@@ -2552,6 +2555,7 @@
2552
2555
  "PCI-DSS-4.0.1-6.4.3",
2553
2556
  "UK-CAF-A1",
2554
2557
  "UK-CAF-B2",
2558
+ "UK-CAF-B4",
2555
2559
  "UK-CAF-C1",
2556
2560
  "UK-CAF-D1"
2557
2561
  ],
package/data/_indexes/jurisdiction-map.json CHANGED
@@ -63,6 +63,7 @@
63
63
  "defensive-countermeasure-mapping",
64
64
  "dlp-gap-analysis",
65
65
  "email-security-anti-phishing",
66
+ "exploit-scoring",
66
67
  "framework-gap-analysis",
67
68
  "fuzz-testing-strategy",
68
69
  "global-grc",
@@ -73,6 +74,7 @@
73
74
  "mcp-agent-trust",
74
75
  "mlops-security",
75
76
  "ot-ics-security",
77
+ "policy-exception-gen",
76
78
  "pqc-first",
77
79
  "rag-pipeline-security",
78
80
  "ransomware-response",
@@ -91,7 +93,7 @@
91
93
  "zeroday-gap-learn"
92
94
  ],
93
95
  "example_excerpts": {},
94
- "skill_count": 40
96
+ "skill_count": 42
95
97
  },
96
98
  "AU": {
97
99
  "skills": [
@@ -120,6 +122,7 @@
120
122
  "mcp-agent-trust",
121
123
  "mlops-security",
122
124
  "ot-ics-security",
125
+ "policy-exception-gen",
123
126
  "pqc-first",
124
127
  "rag-pipeline-security",
125
128
  "ransomware-response",
@@ -138,7 +141,7 @@
138
141
  "zeroday-gap-learn"
139
142
  ],
140
143
  "example_excerpts": {},
141
- "skill_count": 41
144
+ "skill_count": 42
142
145
  },
143
146
  "SG": {
144
147
  "skills": [
@@ -548,21 +551,29 @@
548
551
  "EU_DE_BSI": {
549
552
  "skills": [
550
553
  "age-gates-child-safety",
554
+ "ai-attack-surface",
555
+ "ai-c2-detection",
551
556
  "cloud-security",
557
+ "compliance-theater",
552
558
  "coordinated-vuln-disclosure",
553
559
  "fuzz-testing-strategy",
560
+ "mcp-agent-trust",
554
561
  "pqc-first"
555
562
  ],
556
563
  "example_excerpts": {},
557
- "skill_count": 5
564
+ "skill_count": 9
558
565
  },
559
566
  "EU_FR_ANSSI": {
560
567
  "skills": [
568
+ "ai-attack-surface",
569
+ "ai-c2-detection",
561
570
  "cloud-security",
571
+ "compliance-theater",
572
+ "mcp-agent-trust",
562
573
  "pqc-first"
563
574
  ],
564
575
  "example_excerpts": {},
565
- "skill_count": 2
576
+ "skill_count": 6
566
577
  },
567
578
  "EU_ES_AEPD": {
568
579
  "skills": [