@blamejs/exceptd-skills 0.12.8 → 0.12.10
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/AGENTS.md +2 -2
- package/ARCHITECTURE.md +21 -5
- package/CHANGELOG.md +120 -0
- package/README.md +1 -1
- package/bin/exceptd.js +227 -17
- package/data/_indexes/_meta.json +20 -20
- package/data/_indexes/activity-feed.json +17 -17
- package/data/_indexes/catalog-summaries.json +5 -5
- package/data/_indexes/chains.json +90 -11
- package/data/_indexes/frequency.json +2 -0
- package/data/_indexes/section-offsets.json +463 -355
- package/data/_indexes/token-budget.json +113 -53
- package/data/cve-catalog.json +385 -23
- package/data/cwe-catalog.json +34 -0
- package/data/playbooks/library-author.json +14 -0
- package/data/playbooks/mcp.json +1 -0
- package/data/zeroday-lessons.json +223 -1
- package/lib/playbook-runner.js +119 -35
- package/lib/prefetch.js +27 -6
- package/lib/refresh-external.js +81 -18
- package/lib/source-osv.js +493 -0
- package/manifest-snapshot.json +1 -1
- package/manifest.json +51 -51
- package/orchestrator/index.js +1 -1
- package/package.json +1 -1
- package/sbom.cdx.json +6 -6
- package/scripts/check-test-coverage.js +27 -6
- package/scripts/predeploy.js +7 -9
- package/skills/ai-attack-surface/skill.md +25 -0
- package/skills/ai-c2-detection/skill.md +24 -0
- package/skills/compliance-theater/skill.md +6 -0
- package/skills/exploit-scoring/skill.md +6 -0
- package/skills/mcp-agent-trust/skill.md +24 -0
- package/skills/policy-exception-gen/skill.md +6 -0
- package/skills/rag-pipeline-security/skill.md +28 -2
- package/skills/researcher/skill.md +6 -0
- package/skills/security-maturity-tiers/skill.md +6 -0
- package/skills/skill-update-loop/skill.md +6 -0
- package/skills/threat-model-currency/skill.md +4 -0
- package/skills/zeroday-gap-learn/skill.md +6 -0
|
@@ -3,8 +3,8 @@
|
|
|
3
3
|
"schema_version": "1.0.0",
|
|
4
4
|
"tokenizer_note": "Character-density approximation: 1 token ≈ 4 chars. This is the canonical rule-of-thumb for OpenAI tokenizers on English+technical text. Claude's tokenizer is typically more efficient on prose; treat this as an upper-bound budget for both. Consumers with stricter precision needs should re-tokenize with their own tokenizer.",
|
|
5
5
|
"approx_chars_per_token": 4,
|
|
6
|
-
"total_chars":
|
|
7
|
-
"total_approx_tokens":
|
|
6
|
+
"total_chars": 1369448,
|
|
7
|
+
"total_approx_tokens": 342364,
|
|
8
8
|
"skill_count": 38
|
|
9
9
|
},
|
|
10
10
|
"skills": {
|
|
@@ -65,10 +65,10 @@
|
|
|
65
65
|
},
|
|
66
66
|
"ai-attack-surface": {
|
|
67
67
|
"path": "skills/ai-attack-surface/skill.md",
|
|
68
|
-
"bytes":
|
|
69
|
-
"chars":
|
|
70
|
-
"lines":
|
|
71
|
-
"approx_tokens":
|
|
68
|
+
"bytes": 20062,
|
|
69
|
+
"chars": 20024,
|
|
70
|
+
"lines": 311,
|
|
71
|
+
"approx_tokens": 5006,
|
|
72
72
|
"approx_chars_per_token": 4,
|
|
73
73
|
"sections": {
|
|
74
74
|
"threat-context": {
|
|
@@ -101,6 +101,11 @@
|
|
|
101
101
|
"chars": 1117,
|
|
102
102
|
"approx_tokens": 279
|
|
103
103
|
},
|
|
104
|
+
"defensive-countermeasure-mapping": {
|
|
105
|
+
"bytes": 3718,
|
|
106
|
+
"chars": 3706,
|
|
107
|
+
"approx_tokens": 927
|
|
108
|
+
},
|
|
104
109
|
"compliance-theater-check": {
|
|
105
110
|
"bytes": 1086,
|
|
106
111
|
"chars": 1086,
|
|
@@ -110,10 +115,10 @@
|
|
|
110
115
|
},
|
|
111
116
|
"mcp-agent-trust": {
|
|
112
117
|
"path": "skills/mcp-agent-trust/skill.md",
|
|
113
|
-
"bytes":
|
|
114
|
-
"chars":
|
|
115
|
-
"lines":
|
|
116
|
-
"approx_tokens":
|
|
118
|
+
"bytes": 23929,
|
|
119
|
+
"chars": 23861,
|
|
120
|
+
"lines": 354,
|
|
121
|
+
"approx_tokens": 5965,
|
|
117
122
|
"approx_chars_per_token": 4,
|
|
118
123
|
"sections": {
|
|
119
124
|
"threat-context": {
|
|
@@ -151,6 +156,11 @@
|
|
|
151
156
|
"chars": 2431,
|
|
152
157
|
"approx_tokens": 608
|
|
153
158
|
},
|
|
159
|
+
"defensive-countermeasure-mapping": {
|
|
160
|
+
"bytes": 4201,
|
|
161
|
+
"chars": 4195,
|
|
162
|
+
"approx_tokens": 1049
|
|
163
|
+
},
|
|
154
164
|
"compliance-theater-check": {
|
|
155
165
|
"bytes": 513,
|
|
156
166
|
"chars": 513,
|
|
@@ -215,12 +225,17 @@
|
|
|
215
225
|
},
|
|
216
226
|
"compliance-theater": {
|
|
217
227
|
"path": "skills/compliance-theater/skill.md",
|
|
218
|
-
"bytes":
|
|
219
|
-
"chars":
|
|
220
|
-
"lines":
|
|
221
|
-
"approx_tokens":
|
|
228
|
+
"bytes": 28379,
|
|
229
|
+
"chars": 28313,
|
|
230
|
+
"lines": 372,
|
|
231
|
+
"approx_tokens": 7078,
|
|
222
232
|
"approx_chars_per_token": 4,
|
|
223
233
|
"sections": {
|
|
234
|
+
"frontmatter-scope": {
|
|
235
|
+
"bytes": 811,
|
|
236
|
+
"chars": 807,
|
|
237
|
+
"approx_tokens": 202
|
|
238
|
+
},
|
|
224
239
|
"threat-context": {
|
|
225
240
|
"bytes": 1804,
|
|
226
241
|
"chars": 1798,
|
|
@@ -265,12 +280,17 @@
|
|
|
265
280
|
},
|
|
266
281
|
"exploit-scoring": {
|
|
267
282
|
"path": "skills/exploit-scoring/skill.md",
|
|
268
|
-
"bytes":
|
|
269
|
-
"chars":
|
|
270
|
-
"lines":
|
|
271
|
-
"approx_tokens":
|
|
283
|
+
"bytes": 21077,
|
|
284
|
+
"chars": 20949,
|
|
285
|
+
"lines": 338,
|
|
286
|
+
"approx_tokens": 5237,
|
|
272
287
|
"approx_chars_per_token": 4,
|
|
273
288
|
"sections": {
|
|
289
|
+
"frontmatter-scope": {
|
|
290
|
+
"bytes": 618,
|
|
291
|
+
"chars": 616,
|
|
292
|
+
"approx_tokens": 154
|
|
293
|
+
},
|
|
274
294
|
"threat-context": {
|
|
275
295
|
"bytes": 1685,
|
|
276
296
|
"chars": 1677,
|
|
@@ -325,10 +345,10 @@
|
|
|
325
345
|
},
|
|
326
346
|
"rag-pipeline-security": {
|
|
327
347
|
"path": "skills/rag-pipeline-security/skill.md",
|
|
328
|
-
"bytes":
|
|
329
|
-
"chars":
|
|
330
|
-
"lines":
|
|
331
|
-
"approx_tokens":
|
|
348
|
+
"bytes": 28775,
|
|
349
|
+
"chars": 28610,
|
|
350
|
+
"lines": 324,
|
|
351
|
+
"approx_tokens": 7153,
|
|
332
352
|
"approx_chars_per_token": 4,
|
|
333
353
|
"sections": {
|
|
334
354
|
"threat-context": {
|
|
@@ -362,9 +382,9 @@
|
|
|
362
382
|
"approx_tokens": 423
|
|
363
383
|
},
|
|
364
384
|
"framework-lag-declaration": {
|
|
365
|
-
"bytes":
|
|
366
|
-
"chars":
|
|
367
|
-
"approx_tokens":
|
|
385
|
+
"bytes": 2157,
|
|
386
|
+
"chars": 2151,
|
|
387
|
+
"approx_tokens": 538
|
|
368
388
|
},
|
|
369
389
|
"ttp-mapping": {
|
|
370
390
|
"bytes": 3642,
|
|
@@ -391,6 +411,11 @@
|
|
|
391
411
|
"chars": 2624,
|
|
392
412
|
"approx_tokens": 656
|
|
393
413
|
},
|
|
414
|
+
"defensive-countermeasure-mapping": {
|
|
415
|
+
"bytes": 3879,
|
|
416
|
+
"chars": 3857,
|
|
417
|
+
"approx_tokens": 964
|
|
418
|
+
},
|
|
394
419
|
"compliance-theater-check": {
|
|
395
420
|
"bytes": 644,
|
|
396
421
|
"chars": 640,
|
|
@@ -400,10 +425,10 @@
|
|
|
400
425
|
},
|
|
401
426
|
"ai-c2-detection": {
|
|
402
427
|
"path": "skills/ai-c2-detection/skill.md",
|
|
403
|
-
"bytes":
|
|
404
|
-
"chars":
|
|
405
|
-
"lines":
|
|
406
|
-
"approx_tokens":
|
|
428
|
+
"bytes": 33572,
|
|
429
|
+
"chars": 33436,
|
|
430
|
+
"lines": 470,
|
|
431
|
+
"approx_tokens": 8359,
|
|
407
432
|
"approx_chars_per_token": 4,
|
|
408
433
|
"sections": {
|
|
409
434
|
"threat-context": {
|
|
@@ -446,6 +471,11 @@
|
|
|
446
471
|
"chars": 4070,
|
|
447
472
|
"approx_tokens": 1018
|
|
448
473
|
},
|
|
474
|
+
"defensive-countermeasure-mapping": {
|
|
475
|
+
"bytes": 3942,
|
|
476
|
+
"chars": 3930,
|
|
477
|
+
"approx_tokens": 983
|
|
478
|
+
},
|
|
449
479
|
"compliance-theater-check": {
|
|
450
480
|
"bytes": 1390,
|
|
451
481
|
"chars": 1382,
|
|
@@ -465,12 +495,17 @@
|
|
|
465
495
|
},
|
|
466
496
|
"policy-exception-gen": {
|
|
467
497
|
"path": "skills/policy-exception-gen/skill.md",
|
|
468
|
-
"bytes":
|
|
469
|
-
"chars":
|
|
470
|
-
"lines":
|
|
471
|
-
"approx_tokens":
|
|
498
|
+
"bytes": 28886,
|
|
499
|
+
"chars": 28802,
|
|
500
|
+
"lines": 444,
|
|
501
|
+
"approx_tokens": 7201,
|
|
472
502
|
"approx_chars_per_token": 4,
|
|
473
503
|
"sections": {
|
|
504
|
+
"frontmatter-scope": {
|
|
505
|
+
"bytes": 483,
|
|
506
|
+
"chars": 481,
|
|
507
|
+
"approx_tokens": 120
|
|
508
|
+
},
|
|
474
509
|
"threat-context": {
|
|
475
510
|
"bytes": 2232,
|
|
476
511
|
"chars": 2226,
|
|
@@ -515,12 +550,17 @@
|
|
|
515
550
|
},
|
|
516
551
|
"threat-model-currency": {
|
|
517
552
|
"path": "skills/threat-model-currency/skill.md",
|
|
518
|
-
"bytes":
|
|
519
|
-
"chars":
|
|
520
|
-
"lines":
|
|
521
|
-
"approx_tokens":
|
|
553
|
+
"bytes": 25608,
|
|
554
|
+
"chars": 25506,
|
|
555
|
+
"lines": 409,
|
|
556
|
+
"approx_tokens": 6377,
|
|
522
557
|
"approx_chars_per_token": 4,
|
|
523
558
|
"sections": {
|
|
559
|
+
"frontmatter-scope": {
|
|
560
|
+
"bytes": 626,
|
|
561
|
+
"chars": 624,
|
|
562
|
+
"approx_tokens": 156
|
|
563
|
+
},
|
|
524
564
|
"purpose": {
|
|
525
565
|
"bytes": 545,
|
|
526
566
|
"chars": 541,
|
|
@@ -635,12 +675,17 @@
|
|
|
635
675
|
},
|
|
636
676
|
"zeroday-gap-learn": {
|
|
637
677
|
"path": "skills/zeroday-gap-learn/skill.md",
|
|
638
|
-
"bytes":
|
|
639
|
-
"chars":
|
|
640
|
-
"lines":
|
|
641
|
-
"approx_tokens":
|
|
678
|
+
"bytes": 22718,
|
|
679
|
+
"chars": 22600,
|
|
680
|
+
"lines": 357,
|
|
681
|
+
"approx_tokens": 5650,
|
|
642
682
|
"approx_chars_per_token": 4,
|
|
643
683
|
"sections": {
|
|
684
|
+
"frontmatter-scope": {
|
|
685
|
+
"bytes": 541,
|
|
686
|
+
"chars": 539,
|
|
687
|
+
"approx_tokens": 135
|
|
688
|
+
},
|
|
644
689
|
"threat-context": {
|
|
645
690
|
"bytes": 1673,
|
|
646
691
|
"chars": 1665,
|
|
@@ -770,12 +815,17 @@
|
|
|
770
815
|
},
|
|
771
816
|
"skill-update-loop": {
|
|
772
817
|
"path": "skills/skill-update-loop/skill.md",
|
|
773
|
-
"bytes":
|
|
774
|
-
"chars":
|
|
775
|
-
"lines":
|
|
776
|
-
"approx_tokens":
|
|
818
|
+
"bytes": 43027,
|
|
819
|
+
"chars": 42921,
|
|
820
|
+
"lines": 502,
|
|
821
|
+
"approx_tokens": 10730,
|
|
777
822
|
"approx_chars_per_token": 4,
|
|
778
823
|
"sections": {
|
|
824
|
+
"frontmatter-scope": {
|
|
825
|
+
"bytes": 453,
|
|
826
|
+
"chars": 451,
|
|
827
|
+
"approx_tokens": 113
|
|
828
|
+
},
|
|
779
829
|
"threat-context": {
|
|
780
830
|
"bytes": 1510,
|
|
781
831
|
"chars": 1504,
|
|
@@ -835,12 +885,17 @@
|
|
|
835
885
|
},
|
|
836
886
|
"security-maturity-tiers": {
|
|
837
887
|
"path": "skills/security-maturity-tiers/skill.md",
|
|
838
|
-
"bytes":
|
|
839
|
-
"chars":
|
|
840
|
-
"lines":
|
|
841
|
-
"approx_tokens":
|
|
888
|
+
"bytes": 29805,
|
|
889
|
+
"chars": 29641,
|
|
890
|
+
"lines": 489,
|
|
891
|
+
"approx_tokens": 7410,
|
|
842
892
|
"approx_chars_per_token": 4,
|
|
843
893
|
"sections": {
|
|
894
|
+
"frontmatter-scope": {
|
|
895
|
+
"bytes": 522,
|
|
896
|
+
"chars": 522,
|
|
897
|
+
"approx_tokens": 131
|
|
898
|
+
},
|
|
844
899
|
"how-to-use-this-skill": {
|
|
845
900
|
"bytes": 411,
|
|
846
901
|
"chars": 409,
|
|
@@ -915,12 +970,17 @@
|
|
|
915
970
|
},
|
|
916
971
|
"researcher": {
|
|
917
972
|
"path": "skills/researcher/skill.md",
|
|
918
|
-
"bytes":
|
|
919
|
-
"chars":
|
|
920
|
-
"lines":
|
|
921
|
-
"approx_tokens":
|
|
973
|
+
"bytes": 29009,
|
|
974
|
+
"chars": 28839,
|
|
975
|
+
"lines": 317,
|
|
976
|
+
"approx_tokens": 7210,
|
|
922
977
|
"approx_chars_per_token": 4,
|
|
923
978
|
"sections": {
|
|
979
|
+
"frontmatter-scope": {
|
|
980
|
+
"bytes": 537,
|
|
981
|
+
"chars": 535,
|
|
982
|
+
"approx_tokens": 134
|
|
983
|
+
},
|
|
924
984
|
"threat-context": {
|
|
925
985
|
"bytes": 2945,
|
|
926
986
|
"chars": 2937,
|