@blamejs/exceptd-skills 0.12.7 → 0.12.9

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (77) hide show
  1. package/AGENTS.md +15 -1
  2. package/ARCHITECTURE.md +21 -5
  3. package/CHANGELOG.md +150 -0
  4. package/README.md +1 -1
  5. package/bin/exceptd.js +416 -69
  6. package/data/_indexes/_meta.json +44 -44
  7. package/data/_indexes/activity-feed.json +34 -34
  8. package/data/_indexes/catalog-summaries.json +9 -9
  9. package/data/_indexes/chains.json +249 -11
  10. package/data/_indexes/frequency.json +63 -5
  11. package/data/_indexes/jurisdiction-map.json +13 -3
  12. package/data/_indexes/section-offsets.json +1171 -1027
  13. package/data/_indexes/summary-cards.json +2 -2
  14. package/data/_indexes/token-budget.json +232 -152
  15. package/data/atlas-ttps.json +189 -1
  16. package/data/cve-catalog.json +34 -22
  17. package/data/cwe-catalog.json +290 -1
  18. package/data/d3fend-catalog.json +163 -1
  19. package/data/framework-control-gaps.json +243 -0
  20. package/data/playbooks/containers.json +23 -5
  21. package/data/playbooks/cred-stores.json +9 -9
  22. package/data/playbooks/crypto.json +8 -8
  23. package/data/playbooks/hardening.json +46 -10
  24. package/data/playbooks/library-author.json +16 -20
  25. package/data/playbooks/mcp.json +1 -0
  26. package/data/playbooks/runtime.json +7 -7
  27. package/data/playbooks/sbom.json +11 -11
  28. package/data/playbooks/secrets.json +4 -4
  29. package/data/rfc-references.json +144 -0
  30. package/lib/playbook-runner.js +119 -35
  31. package/lib/prefetch.js +27 -6
  32. package/lib/refresh-external.js +32 -9
  33. package/lib/schemas/skill-frontmatter.schema.json +2 -2
  34. package/manifest-snapshot.json +1 -1
  35. package/manifest.json +73 -73
  36. package/orchestrator/index.js +1 -1
  37. package/package.json +2 -1
  38. package/sbom.cdx.json +6 -6
  39. package/scripts/check-sbom-currency.js +87 -0
  40. package/scripts/check-test-coverage.README.md +148 -0
  41. package/scripts/check-test-coverage.js +476 -0
  42. package/scripts/hooks/pre-commit.sh +19 -0
  43. package/scripts/predeploy.js +14 -30
  44. package/skills/age-gates-child-safety/skill.md +3 -0
  45. package/skills/ai-attack-surface/skill.md +29 -1
  46. package/skills/ai-c2-detection/skill.md +30 -1
  47. package/skills/ai-risk-management/skill.md +3 -0
  48. package/skills/api-security/skill.md +3 -0
  49. package/skills/attack-surface-pentest/skill.md +3 -0
  50. package/skills/cloud-security/skill.md +3 -0
  51. package/skills/compliance-theater/skill.md +6 -0
  52. package/skills/container-runtime-security/skill.md +3 -0
  53. package/skills/coordinated-vuln-disclosure/skill.md +8 -1
  54. package/skills/defensive-countermeasure-mapping/skill.md +1 -1
  55. package/skills/dlp-gap-analysis/skill.md +3 -0
  56. package/skills/email-security-anti-phishing/skill.md +9 -1
  57. package/skills/exploit-scoring/skill.md +6 -0
  58. package/skills/identity-assurance/skill.md +6 -1
  59. package/skills/incident-response-playbook/skill.md +8 -2
  60. package/skills/kernel-lpe-triage/skill.md +24 -4
  61. package/skills/mcp-agent-trust/skill.md +28 -1
  62. package/skills/mlops-security/skill.md +3 -0
  63. package/skills/ot-ics-security/skill.md +3 -0
  64. package/skills/policy-exception-gen/skill.md +6 -0
  65. package/skills/rag-pipeline-security/skill.md +30 -1
  66. package/skills/researcher/skill.md +6 -0
  67. package/skills/sector-energy/skill.md +3 -0
  68. package/skills/sector-federal-government/skill.md +3 -0
  69. package/skills/sector-financial/skill.md +3 -0
  70. package/skills/sector-healthcare/skill.md +3 -0
  71. package/skills/security-maturity-tiers/skill.md +25 -1
  72. package/skills/skill-update-loop/skill.md +38 -0
  73. package/skills/supply-chain-integrity/skill.md +3 -0
  74. package/skills/threat-model-currency/skill.md +4 -0
  75. package/skills/threat-modeling-methodology/skill.md +3 -0
  76. package/skills/webapp-security/skill.md +3 -0
  77. package/skills/zeroday-gap-learn/skill.md +6 -0
package/data/_indexes/summary-cards.json CHANGED
@@ -509,7 +509,7 @@
509
509
  },
510
510
  "skill-update-loop": {
511
511
  "description": "Meta-skill for keeping all exceptd skills current — CISA KEV triggers, ATLAS version updates, framework amendments, forward_watch resolution, currency scoring",
512
- "threat_context_excerpt": null,
512
+ "threat_context_excerpt": "The threat context this skill defends against is not a specific adversary technique — it is the **drift attack against the platform's own currency**: an exceptd installation whose skills, catalogs, framework references, and ATLAS pins age silently between releases until the operator-facing analysis is calibrated to a threat model that no longer exists.",
513
513
  "produces": "```\n## Skill Update Loop Report\n\n**Date:** YYYY-MM-DD\n**Last Full Review:** [date from manifest.json]\n\n### Unprocessed Triggers\n| Trigger Type | Item | Affected Skills | Urgency |\n|---|---|---|---|\n\n### Skill Currency Scores\n| Skill | Last Review | Currency Score | Status |\n|---|---|---|---|\n\n### Prioritized Update Tasks\n[Ordered by urgency: specific skill, specific section, specific required change]\n\n### Forward Watch Status\n[Per skill's forward_watch items: resolved/pending/newly added]\n```\n\n---",
514
514
  "key_xrefs": {
515
515
  "cwe_refs": [],
@@ -787,7 +787,7 @@
787
787
  "defensive-countermeasure-mapping": {
788
788
  "description": "Map offensive findings (CVE / TTP / framework gap) to MITRE D3FEND defensive countermeasures with explicit defense-in-depth, least-privilege, and zero-trust layering",
789
789
  "threat_context_excerpt": "ATT&CK and ATLAS are now load-bearing in SOC detection engineering. Detection content is written against technique IDs; red-team reports are mapped to technique IDs; threat intel feeds emit technique IDs. The result: the offensive side of every blue-team discussion is technique-grained and crisp.",
790
- "produces": "```\n# Defensive Countermeasure Map — <input>\n\n## What this is\n<one-line classification + canonical reference>\nExample: \"CVE — Linux kernel LPE. Canonical: CVE-2026-31431 (Copy Fail).\"\n\n## Offensive technique set (input to D3FEND query)\n- <AML.Txxxx / Txxxx / CWE-xxx list, with one-line descriptions>\n\n## Defensive-coverage map\n| D3FEND ID | Name | Tactic (DiD layer) | Privilege scope | ZT posture | Deployed? | AI-pipeline applicable? | Framework controls partially mapped | Live-tunable? |\n|-----------|------|--------------------|-----------------|------------|-----------|----------------------- ...",
790
+ "produces": "```\n# Defensive Countermeasure Map — <input>\n\n## What this is\n<one-line classification + canonical reference>\nExample: \"CVE — Linux kernel LPE. Canonical: CVE-2026-31431 (Copy Fail).\"\n\n## Offensive technique set (input to D3FEND query)\n- <AML.T0001-or-similar / T0001-or-similar / CWE-<id> list, with one-line descriptions>\n\n## Defensive-coverage map\n| D3FEND ID | Name | Tactic (DiD layer) | Privilege scope | ZT posture | Deployed? | AI-pipeline applicable? | Framework controls partially mapped | Live-tunable? |\n|-----------|------|--------------------|-----------------|------------|-----------| ...",
791
791
  "key_xrefs": {
792
792
  "cwe_refs": [],
793
793
  "d3fend_refs": [