@blamejs/exceptd-skills 0.13.15 → 0.13.17

package/AGENTS.md

@@ -170,7 +170,7 @@ Cross-cutting playbook `framework` is the natural correlation layer — many pla
 | `exceptd attest show <sid>` | Print the attestation body. |
 | `exceptd doctor` | Health checks. `--signatures` verifies Ed25519 chains; `--cves` / `--rfcs` check catalog currency; `--fix` repairs recoverable state; `--ai-config` audits AI-assistant config-file permissions (`~/.claude`, `~/.cursor`, `~/.codeium`, `~/.aider`, `~/.continue`) and flags sensitive files not at mode `0o600` on POSIX (NEW-CTRL-050). |
 | `exceptd lint` | Skill format lint — frontmatter completeness, required body sections, signature presence. |
-| `exceptd refresh --check-advisories` | Poll 12 primary-source advisory feeds — 8 advisory/coordinated-disclosure venues (Qualys TRU, Red Hat RHSA, Ubuntu USN, ZDI, kernel.org commits, oss-security mailing list, JFrog SecOps, CISA current advisories) plus 4 vendor security research blogs (Microsoft Security Blog, Sysdig, Trail of Bits, Embrace the Red — added in v0.13.14 after DirtyDecrypt fell through the advisory-only set) for CVE IDs at T+0 to T+1 — typically 3-14 days ahead of NVD enrichment. Report-only; emits structured `diffs[]` without mutating the catalog. Route promising IDs through `refresh --advisory <CVE-ID> --apply` to enrich. |
+| `exceptd refresh --check-advisories` | Poll 15 primary-source advisory feeds — 8 advisory/coordinated-disclosure venues (Qualys TRU, Red Hat RHSA, Ubuntu USN, ZDI, kernel.org commits, oss-security mailing list, JFrog SecOps, CISA current advisories), 4 vendor security research blogs (Microsoft Security Blog, Sysdig, Trail of Bits, Embrace the Red — added in v0.13.14 after DirtyDecrypt fell through the advisory-only set), and 3 sources added in v0.13.17 (BleepingComputer security, The Hacker News, Nightmare-Eclipse GitHub public-events tracker — closes the researcher-GitHub-drop class anchored by MiniPlasma / YellowKey / GreenPlasma / UnDefend, NEW-CTRL-073). Pairs with `lib/cve-regression-watcher.js` (NEW-CTRL-074) which cross-checks poller diffs for historical-CVE references that may indicate silent vendor regression — the class anchored by MiniPlasma re-breaking CVE-2020-17103. Report-only; emits structured `diffs[]` without mutating the catalog. Route promising IDs through `refresh --advisory <CVE-ID> --apply` to enrich. |
 | `exceptd watchlist` | Default: aggregate every skill's `forward_watch` entries. `--by-skill` inverts grouping. `--alerts` switches to CVE-catalog pattern alerts (5 patterns: `kernel_lpe_with_poc`, `supply_chain_family`, `ai_discovered_kev`, `active_exploitation_unpatched`, `recent_poc_no_kev_yet`); sorts critical-first, then by RWEP. `--org-scan --org <login>` probes GitHub Search for repos matching threat-actor naming patterns ("A Gift From TeamPCP", "Shai-Hulud", "TeamPCP"); custom patterns via repeatable `--pattern <s>`; set `GITHUB_TOKEN` for private-repo + rate-limit headroom (NEW-CTRL-052). |
 
 All verbs support `--help` for per-verb usage. JSON output by default; `--pretty` for indented.
@@ -245,6 +245,9 @@ Recently added (use the IDs in skill prose and operator briefings; full text in
 | `NEW-CTRL-070` | TYPOSQUAT-INSTALL-TIME-NAME-CONFUSION-GUARD | `MAL-2025-PYPI-COLORAMA-SOLANA-STEALER` | NIST-800-218 SSDF PW.4, NIST-800-53 SI-7, EU CRA Annex I §1(2)(c) |
 | `NEW-CTRL-071` | AI-DISCOVERY-CREDIT-IN-COMPLIANCE-EVIDENCE | `MAL-2025-AI-FOUND-FFMPEG-BIGSLEEP` + `CVE-2025-6965` + `CVE-2025-0133` + ZeroPath quartet | NIST AI RMF MEASURE 2.7, ISO/IEC 42001 §6.1.4 (records of AI use), EU AI Act Art.12 (record-keeping) |
 | `NEW-CTRL-072` | PRIMARY-SOURCE-INTAKE-VENDOR-BLOG-COVERAGE | `CVE-2026-31635` (DirtyDecrypt) | NIST-800-53 SI-5 (security alerts / advisories), ISO-27001-2022 A.5.7 (threat intelligence), CIS Controls v8 7.1 |
+| `NEW-CTRL-073` | RESEARCHER-HANDLE-GITHUB-RELEASE-TRACKER | `CVE-2020-17103-REREGRESSION-2026` (MiniPlasma) + Nightmare-Eclipse cluster | NIST-800-53 SI-5, ISO-27001-2022 A.5.7, CIS Controls v8 7.1. Enforced operationally by `lib/source-advisories.js#FEEDS[nightmare-eclipse-github]` (github-events kind). |
+| `NEW-CTRL-074` | CVE-REGRESSION-WATCHER | `CVE-2020-17103-REREGRESSION-2026` (MiniPlasma) | NIST-800-53 CM-3 (configuration-change control), NIST-800-53 SI-2, ISO-27001-2022 A.8.8 (vulnerability management). Enforced operationally by `lib/cve-regression-watcher.js` — surfaces historical-CVE references in poller diffs as candidate silent-regression cases. |
+| `NEW-CTRL-075` | AV-AGENT-CURRENCY-CROSS-VERIFICATION | `BUG-2026-NIGHTMARE-ECLIPSE-UNDEFEND` (UnDefend) | NIST-800-53 SI-3 + SI-4, ISO-27001-2022 A.8.7. Independent control-plane cross-check (Defender for Endpoint cloud telemetry / Intune compliance / SCCM inventory) for AV / EDR signature + platform currency; alert on drift > 7 days. |
 
 When you cite a `NEW-CTRL-*` ID in a skill body, the lint reads the upstream `zeroday-lessons.json` entry as the authoritative source for the requirement text — do not paraphrase the description in the skill body, link to the ID instead.
 
@@ -252,7 +255,7 @@ When you cite a `NEW-CTRL-*` ID in a skill body, the lint reads the upstream `ze
 
 ## Operational threat-intake cadence
 
-The toolkit ships with a `routine: exceptd-threat-intake` (claude.ai remote agent) that runs daily at 14:00 UTC. Sequence: `npm install` → `refresh --check-advisories` (poll the 12 primary-source feeds — 8 advisory venues + 4 vendor security blogs) → `watchlist --alerts` (5-pattern CVE-class scan) → `refresh --apply` → `refresh --advisory <CVE-ID>` for up to 5 newly-disclosed IDs from the primary-source diff → re-sign + rebuild-indexes if the catalog mutated → commit on `intake/<YYYY-MM-DD>` branch with the full diff in the report.
+The toolkit ships with a `routine: exceptd-threat-intake` (claude.ai remote agent) that runs daily at 14:00 UTC. Sequence: `npm install` → `refresh --check-advisories` (poll the 15 primary-source feeds — 8 advisory venues, 4 vendor security blogs, 3 tech-press + researcher-handle trackers) → `watchlist --alerts` (5-pattern CVE-class scan) → cross-check historical-CVE references against the catalog via `lib/cve-regression-watcher.js` (NEW-CTRL-074, MiniPlasma class) → `refresh --apply` → `refresh --advisory <CVE-ID>` for up to 5 newly-disclosed IDs from the primary-source diff → re-sign + rebuild-indexes if the catalog mutated → commit on `intake/<YYYY-MM-DD>` branch with the full diff in the report.
 
 The routine is operator-managed at <https://claude.ai/code/routines>. Closes the cadence gap between vendor disclosure (T+0) and NVD enrichment (T+10) — operators no longer depend on manual intake to surface ssh-keysign-pwn-class or Shai-Hulud-class events.
 

package/CHANGELOG.md

@@ -1,5 +1,47 @@
 # Changelog
 
+## 0.13.17 — 2026-05-18
+
+Threat-intake gap closure for the Nightmare-Eclipse / Chaotic Eclipse researcher-handle cluster, a new CVE-regression detection method, and a substantial catalog expansion via CISA KEV bulk intake — the catalog grows from 68 to 312 entries (4.6× of the v0.13.16 baseline).
+
+### Features
+
+**Four catalog entries added for the Nightmare-Eclipse cluster.** `CVE-2020-17103-REREGRESSION-2026` (MiniPlasma — Windows cldflt.sys Cloud Files Mini Filter SYSTEM EoP; re-regression of CVE-2020-17103, PoC by Nightmare-Eclipse on GitHub 2026-05-13, reproduces on fully-patched Windows 11 with May 2026 Patch Tuesday), `BUG-2026-NIGHTMARE-ECLIPSE-YELLOWKEY` (BitLocker TPM-only protector bypass, May 2026), `BUG-2026-NIGHTMARE-ECLIPSE-GREENPLASMA` (Windows LPE companion to MiniPlasma, May 2026), `BUG-2026-NIGHTMARE-ECLIPSE-UNDEFEND` (Microsoft Defender update-disruption tampering, April 2026 with Huntress in-wild observation 2026-04-16). Each entry carries an `intake_gap_note` explaining why the prior 12-feed intake missed it: the researcher publishes PoC binaries + source on GitHub releases and the writeups surface on BleepingComputer / The Hacker News / Cybersecurity News, none of which the intake polled.
+
+**`NEW-CTRL-073` (`RESEARCHER-HANDLE-GITHUB-RELEASE-TRACKER`).** When a researcher handle is named in any catalog entry's `discovery_attribution_note` or `poc_description`, their public GitHub releases must be polled. The handle becomes a known signal source after a single catalog-grade drop and warrants prioritized surfacing of subsequent drops. First registered handle: Nightmare-Eclipse / Chaotic Eclipse (BlueHammer, RedSun, UnDefend, MiniPlasma, YellowKey, GreenPlasma). Implementation: a new `github-events` feed kind in `lib/source-advisories.js` that polls `https://api.github.com/users/<handle>/events/public` and surfaces ReleaseEvent / PublicEvent / PushEvent items as standard poller diffs, with `researcher_handle` + `repo_name` + `triage_class: researcher-handle-drop` annotations on diff entries that lack a CVE ID. Maps to NIST 800-53 SI-5, ISO 27001:2022 A.5.7, CIS Controls v8 7.1.
+
+**`NEW-CTRL-074` (`CVE-REGRESSION-WATCHER`).** A new detection method — `lib/cve-regression-watcher.js` — that surfaces poller-diff historical-CVE references (CVE-YYYY-NNN where `YYYY <= currentYear - 2`) as candidate silent-regression cases. The MiniPlasma anchor: a 2026 PoC drop that references CVE-2020-17103 inline, where the original 2020 fix has been silently reverted in current shipping product but no new CVE is assigned. Standard NVD / KEV / OSV / vendor-advisory feeds will never surface this class — the watcher fills the gap by signal-correlation against existing poller diffs (no new feed required). Output: per-historical-ID candidates with `action` verb (`already-covered` / `annotate` / `create-regression-entry`) for operator triage. Report-only; no catalog mutation without operator action. Maps to NIST 800-53 CM-3 + SI-2, ISO 27001:2022 A.8.8.
+
+**`NEW-CTRL-075` (`AV-AGENT-CURRENCY-CROSS-VERIFICATION`).** Surfaced by UnDefend. AV / EDR currency must be verified from a source independent of the agent's own status output — `Get-MpComputerStatus` is insufficient when the update pipeline has been silently corrupted. Cross-check signature + platform timestamps against an independent control plane (Defender for Endpoint cloud telemetry, Intune compliance, SCCM inventory) and alert on drift > 7 days. Maps to NIST 800-53 SI-3 + SI-4, ISO 27001:2022 A.8.7.
+
+**Three new intake feeds in `lib/source-advisories.js#FEEDS`.** `bleepingcomputer-security` (canonical tech-press venue for "researcher dropped PoC on GitHub, no advisory yet" events — the BlueHammer / MiniPlasma cluster anchor), `thehackernews` (sibling tech-press feed; FeedBurner-hosted RSS), `nightmare-eclipse-github` (the first NEW-CTRL-073 handle tracker — GitHub public-events JSON parsed via the new `parseGitHubEvents()` helper). FEEDS total moves from 12 to 15.
+
+**Three new CWE entries** (`CWE-367` TOCTOU race, `CWE-1390` Weak Authentication, `CWE-693` Protection Mechanism Failure) and **two new ATT&CK techniques** (`T1606` Forge Web Credentials, `T1562.004` Impair Defenses: Disable or Modify System Firewall) added to the local catalogs to back the new CVE entries' `cwe_refs` + `attack_refs`. Same pattern as v0.13.16 adding `CWE-264` for DirtyDecrypt.
+
+**CISA KEV bulk intake — catalog grows from 68 → 312 entries.** 240 CISA KEV catalog entries (`dateAdded >= 2024-01-01`, deduplicated against existing catalog) imported as schema-valid stubs flagged `_auto_imported: true` + `_intake_method: "v0.13.17-bulk-cisa-kev-import"`. Each entry carries: CVSS estimate inferred from KEV `vulnerabilityName` / `shortDescription` classification (RCE / LPE / auth-bypass / info-disclosure / DoS / memory-corruption / XSS), MITRE-canonical CWE refs (with 39 new CWE-catalog entries added to back orphan refs — CWE-23 / CWE-25 / CWE-35 / CWE-59 / CWE-73 / CWE-74 / CWE-95 / CWE-98 / CWE-119 / CWE-120 / CWE-121 / CWE-122 / CWE-124 / CWE-158 / CWE-190 / CWE-209 / CWE-257 / CWE-267 / CWE-282 / CWE-288 / CWE-290 / CWE-324 / CWE-347 / CWE-399 / CWE-420 / CWE-436 / CWE-472 / CWE-476 / CWE-528 / CWE-552 / CWE-611 / CWE-648 / CWE-667 / CWE-807 / CWE-822 / CWE-843 / CWE-913 / CWE-940 / CWE-1321), ATT&CK techniques by class (T1190 / T1068 / T1078 / T1592 / T1499 / T1059.007 / T1203 / T1005, with T1592 + T1499 added to the local ATT&CK catalog), framework gaps (NIST-800-53-SI-2 + ISO-27001-2022-A.8.8 baseline; NIS2-Art21-vulnerability-handling + CIS-Controls-v8-10.1 for ransomware-elevated entries; NIST-800-53-AC-6 for auth-bypass / RCE classes), RWEP factors computed per the Shape B sum (KEV+PoC+confirmed-exploitation baseline of 75 minus patch-available -15 plus reboot-required +5 plus blast-radius scaled 22 or 28 for ransomware-elevated), and matching `zeroday-lessons.json` entries citing `NEW-CTRL-001 CISA-KEV-RESPONSE-SLA`. The 240 entries are operator-curation candidates — refine each via `exceptd refresh --advisory <CVE-ID> --apply` for NVD/GHSA/OSV enrichment when per-CVE research becomes operationally relevant. `_meta.ai_discovery_methodology.current_floor_enforced_by_test` lowered to 0.03 (from 0.13) with a new prepended ladder rung to keep the test honest under the KEV dilution; the 0.40 target remains unchanged and AI-attribution backfill for the bulk-imported entries is staged operator-curation work.
+
+**Six new framework-control-gap entries** populated with `theater_test` blocks: `NIST-800-53-CM-3` (configuration-change control silent-regression gap), `NIST-800-53-MP-7` (media-protection BitLocker TPM-only gap), `ISO-27001-2022-A.7.10` (storage-media equivalent), `EU-GDPR-Art.32-1(a)` (encryption-as-Art.32-measure gap), `NIS2-Art21-vulnerability-handling` (historical-CVE regression as Significant Incident), `NIST-800-53-SI-4` (system-monitoring independent-verification gap).
+
+### Bugs
+
+**The 12-feed intake (v0.13.14) was structurally blind to the researcher-GitHub-drop class.** The v0.13.14 release added vendor security blogs to close the "silent kernel patch + delayed-research-disclosure" class anchored by DirtyDecrypt. That fix did not address two adjacent classes: (a) researcher GitHub-release drops where the canonical signal is the researcher's own publication channel, not a vendor advisory feed, and (b) silent vendor regression of historical CVEs where no new ID is ever assigned. v0.13.17 closes both — handle tracker for (a), regression watcher for (b).
+
+### Internal
+
+- `tests/intake-nightmare-eclipse-coverage.test.js` pins the four new catalog entries + intake_gap_note + handle attribution + NEW-CTRL-073/074/075 references.
+- `tests/intake-handle-tracker.test.js` pins the handle-tracker invariant: every handle named in a catalog entry must have a github-events feed registered + fixture content; the github-events parser must extract ReleaseEvent / PublicEvent / PushEvent items with `researcher_handle` + `repo_name`.
+- `tests/cve-regression-watcher.test.js` pins `cveYear` / `findRegressionEntry` / `findRegressionCandidates` / `REGRESSION_WATCHER_SOURCE` behaviors including threshold filtering, action-verb classification, and the report-only contract.
+- `tests/fixtures/refresh/advisories.json` extended with frozen content for bleepingcomputer-security / thehackernews / nightmare-eclipse-github.
+- `lib/source-advisories.js#parseGitHubEvents` exposed for tests + future schedule-agent reuse.
+
+## 0.13.16 — 2026-05-18
+
+CWE-264 added to the local CWE catalog as a legacy-mapping entry.
+
+### Bugs
+
+**`validate-cve-catalog` no longer warns on `CWE-264` orphan.** v0.13.14 added the DirtyDecrypt (`CVE-2026-31635`) entry with `cwe_refs: ["CWE-362", "CWE-264"]`. CWE-264 was deprecated as a category in CWE 4.x (split into more specific child weaknesses: CWE-269 / CWE-285 / CWE-732), so the local 55-entry catalog didn't carry it — the validator surfaced an orphan warning on every predeploy run. Added CWE-264 as a deprecated-category retention entry with `notes` explaining the legacy-mapping rationale and `related_weaknesses` pointing at the non-deprecated children. The catalog now validates with zero warnings (`68/68 CVE entries validated`).
+
 ## 0.13.15 — 2026-05-18
 
 Doc currency for v0.13.14 — README + AGENTS now reflect the 12-feed intake.

package/README.md

@@ -30,7 +30,7 @@ This platform surfaces what is actually happening right now. Every skill explici
 
 ## Status
 
-Pre-1.0. Latest release lives on [GitHub Releases](https://github.com/blamejs/exceptd-skills/releases) and on npm as [`@blamejs/exceptd-skills`](https://www.npmjs.com/package/@blamejs/exceptd-skills) with signed npm provenance attestation and Ed25519-signed skill bodies. The package ships 42 skills across kernel LPE, MCP supply chain, AI-as-C2, prompt injection, post-quantum crypto, SBOM integrity, identity-incident response, and 35 other AI/security domains, plus 10 intelligence catalogs (CVE / ATLAS / ATT&CK / CWE / D3FEND / DLP / RFC / framework gaps / global frameworks / zero-day lessons) covering 35 jurisdictions, 23 investigation playbooks (kernel, MCP, AI-API, framework, SBOM, runtime, hardening, secrets, cred-stores, containers, crypto, plus `webhook-callback-abuse`, `cicd-pipeline-compromise`, `identity-sso-compromise`, `llm-tool-use-exfil`, `post-quantum-migration`, `ai-discovered-cve-triage`, `supply-chain-recovery`, and more), a CLI for discovery and seven-phase investigation runs (`govern → direct → look → detect → analyze → validate → close`), and a nightly auto-refresh job that pulls KEV / NVD / EPSS / GHSA / OSV / IETF deltas plus primary-source advisories (Qualys TRU, Red Hat RHSA, Ubuntu USN, ZDI, kernel.org, oss-security, JFrog, CISA, Microsoft Security Blog, Sysdig, Trail of Bits, Embrace the Red) into auto-PRs for editorial review.
+Pre-1.0. Latest release lives on [GitHub Releases](https://github.com/blamejs/exceptd-skills/releases) and on npm as [`@blamejs/exceptd-skills`](https://www.npmjs.com/package/@blamejs/exceptd-skills) with signed npm provenance attestation and Ed25519-signed skill bodies. The package ships 42 skills across kernel LPE, MCP supply chain, AI-as-C2, prompt injection, post-quantum crypto, SBOM integrity, identity-incident response, and 35 other AI/security domains, plus 10 intelligence catalogs (CVE / ATLAS / ATT&CK / CWE / D3FEND / DLP / RFC / framework gaps / global frameworks / zero-day lessons) covering 35 jurisdictions — the CVE catalog grew from 68 to 312 entries in v0.13.17 via a CISA KEV bulk-intake of `dateAdded >= 2024-01-01` actively-exploited vulnerabilities. 23 investigation playbooks (kernel, MCP, AI-API, framework, SBOM, runtime, hardening, secrets, cred-stores, containers, crypto, plus `webhook-callback-abuse`, `cicd-pipeline-compromise`, `identity-sso-compromise`, `llm-tool-use-exfil`, `post-quantum-migration`, `ai-discovered-cve-triage`, `supply-chain-recovery`, and more), a CLI for discovery and seven-phase investigation runs (`govern → direct → look → detect → analyze → validate → close`), and a nightly auto-refresh job that pulls KEV / NVD / EPSS / GHSA / OSV / IETF deltas plus 15 primary-source advisory + research-blog + tech-press feeds (Qualys TRU, Red Hat RHSA, Ubuntu USN, ZDI, kernel.org, oss-security, JFrog, CISA, Microsoft Security Blog, Sysdig, Trail of Bits, Embrace the Red, BleepingComputer security, The Hacker News, and a GitHub public-events tracker for the Nightmare-Eclipse researcher handle that anchors NEW-CTRL-073) into auto-PRs for editorial review. v0.13.17 also ships `lib/cve-regression-watcher.js` (NEW-CTRL-074) — a complementary detection method that surfaces poller-diff historical-CVE references as candidate silent-regression cases, the class anchored by MiniPlasma (a 2026 PoC drop that re-broke CVE-2020-17103 without any new ID being assigned).
 
 ---
 
@@ -154,7 +154,7 @@ Air-gapped operation: run `exceptd refresh --prefetch` on a connected host, copy
 
 Fresh-disclosure workflow (v0.12.0): the nightly auto-PR job pulls KEV / NVD / EPSS / IETF / **GHSA** (added in v0.12.0) / **OSV** (added in v0.12.10). KEV typically takes days; NVD ~10 days; GHSA fires within hours of disclosure and covers npm + PyPI + Maven + Go + NuGet + …; OSV aggregates the OSSF Malicious Packages dataset (`MAL-*` keys) + Snyk + RustSec + Mageia + Ubuntu USN + Go Vuln DB + PYSEC + UVI on top of GHSA — useful for malicious-package compromises that don't have CVEs yet (`exceptd refresh --advisory MAL-2026-3083`). New IDs land as drafts (`_auto_imported: true`, `_draft: true`) that the catalog validator treats as warnings, not errors — operators get the fresh entry immediately, editorial review (framework gaps, IoCs, ATLAS/ATT&CK refs) follows via `exceptd refresh --curate <ID>`. For "I want this advisory today, not tomorrow": `exceptd refresh --advisory <CVE-or-GHSA-or-MAL-or-SNYK-or-RUSTSEC-ID> --apply`.
 
-Primary-source advisory polling: `exceptd refresh --check-advisories` polls 12 vendor and coordinated-disclosure feeds — 8 advisory/coordinated-disclosure venues (Qualys TRU, Red Hat RHSA, Ubuntu USN, Zero Day Initiative, kernel.org commits, oss-security mailing list, JFrog SecOps, CISA current advisories) plus 4 vendor security research blogs added in v0.13.14 (Microsoft Security Blog, Sysdig, Trail of Bits, Embrace the Red) that publish CVE-class research and silent-patch follow-ups not always announced through the advisory channels. Combined coverage publishes CVE IDs at T+0 to T+1 — typically 3–14 days ahead of NVD enrichment. The command is report-only: it returns a structured `diffs[]` listing each newly-seen CVE ID with its source attributions and advisory URLs, but does not mutate the catalog. Operators triage the output and route promising IDs through `exceptd refresh --advisory <CVE-ID> --apply`. Pairs naturally with the daily scheduled remote agent below.
+Primary-source advisory polling: `exceptd refresh --check-advisories` polls 15 vendor and coordinated-disclosure feeds — 8 advisory/coordinated-disclosure venues (Qualys TRU, Red Hat RHSA, Ubuntu USN, Zero Day Initiative, kernel.org commits, oss-security mailing list, JFrog SecOps, CISA current advisories), 4 vendor security research blogs added in v0.13.14 (Microsoft Security Blog, Sysdig, Trail of Bits, Embrace the Red), and 3 additions in v0.13.17 (BleepingComputer security, The Hacker News, and a GitHub public-events tracker for the Nightmare-Eclipse researcher handle that anchors NEW-CTRL-073). Combined coverage publishes CVE IDs at T+0 to T+1 — typically 3–14 days ahead of NVD enrichment. The command is report-only: it returns a structured `diffs[]` listing each newly-seen CVE ID with its source attributions and advisory URLs, but does not mutate the catalog. v0.13.17 also adds a complementary detection method (NEW-CTRL-074 / `lib/cve-regression-watcher.js`): the watcher cross-checks poller diffs for historical-CVE references (year ≤ currentYear − 2) and surfaces candidate silent-regression cases — the class anchored by MiniPlasma (a 2026 PoC drop that re-broke CVE-2020-17103 without any new ID being assigned). Operators triage the output and route promising IDs through `exceptd refresh --advisory <CVE-ID> --apply`. Pairs naturally with the daily scheduled remote agent below.
 
 CVE-class alert surfacing: `exceptd watchlist --alerts` matches the live `cve-catalog.json` against five operational patterns (`kernel_lpe_with_poc`, `supply_chain_family`, `ai_discovered_kev`, `active_exploitation_unpatched`, `recent_poc_no_kev_yet`) and returns the matches sorted critical-severity-first, then by RWEP. Use as a fast operational triage on a refreshed catalog without scanning every entry by hand.
 
@@ -322,7 +322,7 @@ exceptd refresh                       Refresh upstream catalogs + indexes.
   --curate <CVE-ID>                   (v0.12.0) Emit editorial questions + ranked
                                       candidates (ATLAS/ATT&CK/CWE/framework) for
                                       a draft catalog entry.
-  --check-advisories                  Poll 12 primary-source advisory feeds
+  --check-advisories                  Poll 15 primary-source advisory feeds
                                       (Qualys TRU, Red Hat RHSA, Ubuntu USN,
                                       ZDI, kernel.org commits, oss-security
                                       mailing list, JFrog SecOps, CISA current

package/data/_indexes/_meta.json

@@ -1,21 +1,21 @@
 {
   "schema_version": "1.1.0",
-  "generated_at": "2026-05-19T01:02:08.246Z",
+  "generated_at": "2026-05-19T04:24:02.780Z",
   "generator": "scripts/build-indexes.js",
   "source_count": 54,
   "source_hashes": {
-    "manifest.json": "21e451470c35463ab5e7e0026fddc962156b1f53f740eca99faddb62fc7e9eb8",
+    "manifest.json": "4c44b9fdb8e9c818c2fd979d708178df4829e1a829a87e1d74d27ea662f0980e",
     "data/atlas-ttps.json": "c2aee9c70ec24cf48f1ea4daf170aa6e7b93292888239c46a8ec9e522ee32119",
-    "data/attack-techniques.json": "6b1fa4c2559229bb8d0b3df497f6bfdd0816e7294ec06afed6482e9dd66b7cb4",
-    "data/cve-catalog.json": "e57929ebdde8027a0cdae9125120644667a1b78c3cababd97f2a032c4f10ca22",
-    "data/cwe-catalog.json": "42bcaf5d95401c29bcd0851284e3b3ecd60f14a02fcebd3efe198a11e7bc5067",
+    "data/attack-techniques.json": "aed1543c7dd40fc1f92b5ee3f907687e07acc0388a68488e21c2f7694227c256",
+    "data/cve-catalog.json": "cbe8d0d6e56da6b091c178af81de1b7fbdb865414290a20614981c8de564568f",
+    "data/cwe-catalog.json": "068fcaa8baa4a23e6ff54a2348f6e98dbecfd43a3c3e0f9b6c4cf3db5cfd17a9",
     "data/d3fend-catalog.json": "a1fc2827ceb344669e148d55197dbf1b0e5b20bcc618e90517639c17d67ee82d",
     "data/dlp-controls.json": "d2406c482dddd30e49203879999dc4b3a7fd4d0494d6a61d86b91ee76415df19",
     "data/exploit-availability.json": "ec2656f0d9a893610e27b43eb6035fe9b18e057c9f6dfaac7e7d4959bbcbb795",
-    "data/framework-control-gaps.json": "368115d37ab5936abb44e346193979b24c3e5fdf7cb5b00afb2aadc9b5c4bf62",
+    "data/framework-control-gaps.json": "efa397028de61ea2c59319a6bf754090a97cffd43891136aaa80476fa976bbca",
     "data/global-frameworks.json": "9ba563a85f7f8d6c3c957de64945e20925a89d0ed6ea6fc561cf093811acf558",
     "data/rfc-references.json": "e253a548c8a829d178d5aea601e268724b85c936ccbfa51c2e5d80c5f8efe2b0",
-    "data/zeroday-lessons.json": "606ccb60a0a117809cd8b814f575db15b66385f9b63a4e8c790e4dcc0e492ed5",
+    "data/zeroday-lessons.json": "6d83e28e70ec74eb275fed08d759a409df5c39c342893b34d996930b684c14b3",
     "skills/kernel-lpe-triage/skill.md": "08b3e9815ba481c57c80f5fc0ccbf5bb7cbb41f570c235ba6ff9596b8c07354d",
     "skills/ai-attack-surface/skill.md": "d1361c53c8360999e1ec6a403bcbfaa53d0afc11689e8781d26081196dd079d4",
     "skills/mcp-agent-trust/skill.md": "19a6b54375808e59143070011328d8c936836845bca4a484108738bbef290694",
@@ -72,8 +72,8 @@
       "dlp_refs": 0
     },
     "trigger_table_entries": 538,
-    "chains_cve_entries": 60,
-    "chains_cwe_entries": 55,
+    "chains_cve_entries": 301,
+    "chains_cwe_entries": 98,
     "jurisdictions_indexed": 29,
     "handoff_dag_nodes": 42,
     "summary_cards": 42,

package/data/_indexes/activity-feed.json

@@ -11,7 +11,7 @@
       "artifact": "data/cve-catalog.json",
       "path": "data/cve-catalog.json",
       "schema_version": "1.0.0",
-      "entry_count": 68
+      "entry_count": 312
     },
     {
       "date": "2026-05-18",
@@ -19,7 +19,7 @@
       "artifact": "data/framework-control-gaps.json",
       "path": "data/framework-control-gaps.json",
       "schema_version": "1.0.0",
-      "entry_count": 184
+      "entry_count": 190
     },
     {
       "date": "2026-05-18",
@@ -27,7 +27,7 @@
       "artifact": "data/zeroday-lessons.json",
       "path": "data/zeroday-lessons.json",
       "schema_version": "1.1.0",
-      "entry_count": 68
+      "entry_count": 312
     },
     {
       "date": "2026-05-15",
@@ -71,7 +71,7 @@
       "artifact": "data/attack-techniques.json",
       "path": "data/attack-techniques.json",
       "schema_version": "1.0.0",
-      "entry_count": 106
+      "entry_count": 110
     },
     {
       "date": "2026-05-15",
@@ -110,7 +110,7 @@
       "artifact": "data/cwe-catalog.json",
       "path": "data/cwe-catalog.json",
       "schema_version": "1.0.0",
-      "entry_count": 55
+      "entry_count": 98
     },
     {
       "date": "2026-05-13",

package/data/_indexes/catalog-summaries.json

@@ -40,7 +40,7 @@
         "rebuild_after_days": 365,
         "note": "Catalog must be rebuilt against the upstream ATT&CK release whenever MITRE publishes a new version. AGENTS.md external-data version-pinning rule requires the bump to be intentional, not silent. ATT&CK ships semi-annually (April + October); audit on each release for tactic moves, technique splits, and new Detection Strategies."
       },
-      "entry_count": 106,
+      "entry_count": 110,
       "sample_keys": [
         "T0001",
         "T0017",
@@ -62,7 +62,7 @@
         "rebuild_after_days": 365,
         "note": "Per-entry last_verified governs decay. Skills depending on this catalog must check entry freshness before high-stakes use."
       },
-      "entry_count": 68,
+      "entry_count": 312,
       "sample_keys": [
         "CVE-2025-53773",
         "CVE-2026-30615",
@@ -84,7 +84,7 @@
         "rebuild_after_days": 365,
         "note": "Per-entry last_verified governs decay. Skills depending on this catalog must check entry freshness before high-stakes use."
       },
-      "entry_count": 55,
+      "entry_count": 98,
       "sample_keys": [
         "CWE-20",
         "CWE-22",
@@ -172,7 +172,7 @@
         "rebuild_after_days": 365,
         "note": "Per-entry last_verified governs decay. Skills depending on this catalog must check entry freshness before high-stakes use."
       },
-      "entry_count": 184,
+      "entry_count": 190,
       "sample_keys": [
         "ALL-AI-PIPELINE-INTEGRITY",
         "ALL-MCP-TOOL-TRUST",
@@ -238,7 +238,7 @@
         "rebuild_after_days": 365,
         "note": "Per-entry last_verified governs decay. Skills depending on this catalog must check entry freshness before high-stakes use."
       },
-      "entry_count": 68,
+      "entry_count": 312,
       "sample_keys": [
         "CVE-2026-31431",
         "CVE-2025-53773",