@blamejs/exceptd-skills 0.13.2 → 0.13.4

package/data/_indexes/catalog-summaries.json

@@ -62,7 +62,7 @@
         "rebuild_after_days": 365,
         "note": "Per-entry last_verified governs decay. Skills depending on this catalog must check entry freshness before high-stakes use."
       },
-      "entry_count": 39,
+      "entry_count": 38,
       "sample_keys": [
         "CVE-2025-53773",
         "CVE-2026-30615",
@@ -150,7 +150,7 @@
         "rebuild_after_days": 365,
         "note": "Per-entry last_verified governs decay. Skills depending on this catalog must check entry freshness before high-stakes use."
       },
-      "entry_count": 30,
+      "entry_count": 28,
       "sample_keys": [
         "CVE-2025-53773",
         "CVE-2026-30615",
@@ -172,7 +172,7 @@
         "rebuild_after_days": 365,
         "note": "Per-entry last_verified governs decay. Skills depending on this catalog must check entry freshness before high-stakes use."
       },
-      "entry_count": 130,
+      "entry_count": 142,
       "sample_keys": [
         "ALL-AI-PIPELINE-INTEGRITY",
         "ALL-MCP-TOOL-TRUST",

package/data/_indexes/chains.json

@@ -4359,38 +4359,6 @@
       "rfc_refs": []
     }
   },
-  "MAL-2026-ANTHROPIC-MCP-STDIO": {
-    "name": "Anthropic SDK MCP STDIO command-injection (embargoed)",
-    "rwep": 25,
-    "cvss": 9,
-    "cisa_kev": false,
-    "epss_score": null,
-    "referencing_skills": [],
-    "chain": {
-      "cwes": [],
-      "atlas": [],
-      "d3fend": [],
-      "framework_gaps": [],
-      "attack_refs": [],
-      "rfc_refs": []
-    }
-  },
-  "CVE-2026-GTIG-AI-2FA": {
-    "name": "GTIG-tracked AI-built 2FA-bypass zero-day (placeholder)",
-    "rwep": 55,
-    "cvss": 8.1,
-    "cisa_kev": false,
-    "epss_score": null,
-    "referencing_skills": [],
-    "chain": {
-      "cwes": [],
-      "atlas": [],
-      "d3fend": [],
-      "framework_gaps": [],
-      "attack_refs": [],
-      "rfc_refs": []
-    }
-  },
   "CVE-2026-30623": {
     "name": "Anthropic MCP SDK stdio command-injection",
     "rwep": 30,
@@ -7395,6 +7363,125 @@
       ]
     }
   },
+  "CVE-2024-21762": {
+    "name": "Fortinet FortiOS / FortiProxy SSL-VPN out-of-bounds write (sslvpnd preauth RCE)",
+    "rwep": 85,
+    "cvss": 9.8,
+    "cisa_kev": true,
+    "epss_score": null,
+    "referencing_skills": [
+      "kernel-lpe-triage",
+      "coordinated-vuln-disclosure"
+    ],
+    "chain": {
+      "cwes": [
+        {
+          "id": "CWE-125",
+          "name": "Out-of-bounds Read",
+          "category": "Memory Safety"
+        },
+        {
+          "id": "CWE-1357",
+          "name": "Reliance on Insufficiently Trustworthy Component",
+          "category": "Supply Chain"
+        },
+        {
+          "id": "CWE-362",
+          "name": "Concurrent Execution using Shared Resource with Improper Synchronization (Race Condition)",
+          "category": "Concurrency"
+        },
+        {
+          "id": "CWE-416",
+          "name": "Use After Free",
+          "category": "Memory Safety"
+        },
+        {
+          "id": "CWE-672",
+          "name": "Operation on a Resource after Expiration or Release",
+          "category": "Memory Safety"
+        },
+        {
+          "id": "CWE-787",
+          "name": "Out-of-bounds Write",
+          "category": "Memory Safety"
+        }
+      ],
+      "atlas": [],
+      "d3fend": [
+        {
+          "id": "D3-ASLR",
+          "name": "Address Space Layout Randomization",
+          "tactic": "Harden"
+        },
+        {
+          "id": "D3-EAL",
+          "name": "Executable Allowlisting",
+          "tactic": "Harden"
+        },
+        {
+          "id": "D3-PHRA",
+          "name": "Process Hardware Resource Access",
+          "tactic": "Isolate"
+        },
+        {
+          "id": "D3-PSEP",
+          "name": "Process Segment Execution Prevention",
+          "tactic": "Harden"
+        }
+      ],
+      "framework_gaps": [
+        {
+          "id": "CIS-Controls-v8-Control7",
+          "framework": "CIS Controls v8",
+          "control_name": "Continuous Vulnerability Management"
+        },
+        {
+          "id": "ISO-27001-2022-A.8.8",
+          "framework": "ISO/IEC 27001:2022",
+          "control_name": "Management of technical vulnerabilities"
+        },
+        {
+          "id": "NIS2-Art21-patch-management",
+          "framework": "EU NIS2 Directive",
+          "control_name": "Vulnerability handling and disclosure"
+        },
+        {
+          "id": "NIST-800-218-SSDF",
+          "framework": "NIST SP 800-218 (Secure Software Development Framework v1.1)",
+          "control_name": "Secure Software Development Framework"
+        },
+        {
+          "id": "NIST-800-53-SC-8",
+          "framework": "NIST SP 800-53 Rev 5",
+          "control_name": "Transmission Confidentiality and Integrity"
+        },
+        {
+          "id": "NIST-800-53-SI-2",
+          "framework": "NIST SP 800-53 Rev 5",
+          "control_name": "Flaw Remediation"
+        },
+        {
+          "id": "PCI-DSS-4.0-6.3.3",
+          "framework": "PCI DSS 4.0",
+          "control_name": "All system components are protected from known vulnerabilities by installing applicable security patches/updates"
+        },
+        {
+          "id": "SOC2-CC9-vendor-management",
+          "framework": "SOC 2 (AICPA Trust Services Criteria)",
+          "control_name": "Risk Mitigation — Vendor and Business Partner Risk"
+        }
+      ],
+      "attack_refs": [
+        "T1068",
+        "T1548.001"
+      ],
+      "rfc_refs": [
+        "RFC-4301",
+        "RFC-4303",
+        "RFC-7296"
+      ]
+    }
+  },
   "CWE-20": {
     "name": "Improper Input Validation",
     "category": "Validation",
@@ -8648,6 +8735,7 @@
     },
     "related_cves": [
       "CVE-2023-3519",
+      "CVE-2024-21762",
       "CVE-2025-12686",
       "CVE-2025-59389",
       "CVE-2025-62847",
@@ -10763,6 +10851,7 @@
     },
     "related_cves": [
       "CVE-2023-3519",
+      "CVE-2024-21762",
       "CVE-2025-12686",
       "CVE-2025-59389",
       "CVE-2025-62847",
@@ -10900,6 +10989,7 @@
     },
     "related_cves": [
       "CVE-2023-3519",
+      "CVE-2024-21762",
       "CVE-2025-12686",
       "CVE-2025-59389",
       "CVE-2025-62847",
@@ -11820,6 +11910,7 @@
     },
     "related_cves": [
       "CVE-2023-3519",
+      "CVE-2024-21762",
       "CVE-2025-12686",
       "CVE-2025-59389",
       "CVE-2025-62847",
@@ -12336,6 +12427,7 @@
     "related_cves": [
       "CVE-2023-3519",
       "CVE-2023-43472",
+      "CVE-2024-21762",
       "CVE-2024-3094",
       "CVE-2024-3154",
       "CVE-2025-12686",
@@ -14064,6 +14156,7 @@
       ]
     },
     "related_cves": [
+      "CVE-2024-21762",
       "CVE-2024-3094",
       "CVE-2026-0300",
       "CVE-2026-30615",

package/data/_indexes/frequency.json

@@ -2521,7 +2521,11 @@
       "AU-Essential-8-MFA",
       "AU-Essential-8-Patch",
       "AU-ISM-1546",
+      "AU-ISM-1808",
       "CIS-Controls-v8-10.1",
+      "CIS-Controls-v8-Control6",
+      "CIS-Kubernetes-Benchmark-4.2.13",
+      "CIS-Kubernetes-Benchmark-5.3",
       "CIS-Kubernetes-Benchmark-5.7",
       "DORA-Art-9",
       "DORA-Art28",
@@ -2539,23 +2543,31 @@
       "HIPAA-Security-Rule-2026-NPRM-164.310",
       "HIPAA-Security-Rule-2026-NPRM-164.312",
       "HIPAA-Security-Rule-2026-NPRM-164.314",
+      "ISO-27001-2022-A.5.15",
       "ISO-27001-2022-A.5.7",
+      "ISO-27001-2022-A.8.13",
       "ISO-27001-2022-A.8.22",
       "ISO-27001-2022-A.8.7",
+      "NIS2-Art21-business-continuity",
       "NIS2-Art21-identity-management",
       "NIS2-Art21-incident-handling",
+      "NIS2-Art21-network-security",
       "NIS2-Art21-supply-chain",
       "NIS2-Art21-vulnerability-management",
       "NIST-800-218-SSDF-PW.4",
       "NIST-800-53-AC-3",
       "NIST-800-53-AC-6",
+      "NIST-800-53-IA-2",
       "NIST-800-53-SC-39",
       "NIST-800-53-SC-44",
       "NIST-800-53-SI-10",
       "NIST-800-53-SR-3",
       "NIST-AI-RMF-MAP-3.4",
+      "NIST-AI-RMF-MEASURE-2.7",
       "OWASP-LLM-Top-10-2025-LLM05",
+      "OWASP-ML-Top-10-2023-ML06",
       "OWASP-Top-10-2021-A06",
+      "PCI-DSS-4.0-5.1",
       "PCI-DSS-4.0.1-11.6.1",
       "PCI-DSS-4.0.1-12.10.7",
       "PCI-DSS-4.0.1-12.3.3",

package/data/_indexes/handoff-dag.json

@@ -49,20 +49,42 @@
       "compliance-theater",
       "defensive-countermeasure-mapping",
       "exploit-scoring",
+      "incident-response-playbook",
       "policy-exception-gen"
     ],
-    "ai-attack-surface": [],
+    "ai-attack-surface": [
+      "incident-response-playbook",
+      "mcp-agent-trust",
+      "rag-pipeline-security"
+    ],
     "mcp-agent-trust": [
+      "ai-attack-surface",
       "attack-surface-pentest",
+      "compliance-theater",
       "defensive-countermeasure-mapping",
       "dlp-gap-analysis",
       "framework-gap-analysis",
       "supply-chain-integrity"
     ],
     "framework-gap-analysis": [],
-    "compliance-theater": [],
+    "compliance-theater": [
+      "ai-attack-surface",
+      "ai-c2-detection",
+      "email-security-anti-phishing",
+      "framework-gap-analysis",
+      "global-grc",
+      "identity-assurance",
+      "incident-response-playbook",
+      "kernel-lpe-triage",
+      "mcp-agent-trust",
+      "mlops-security",
+      "policy-exception-gen",
+      "supply-chain-integrity"
+    ],
     "exploit-scoring": [
       "ai-attack-surface",
+      "compliance-theater",
+      "incident-response-playbook",
       "kernel-lpe-triage",
       "mcp-agent-trust"
     ],
@@ -71,25 +93,42 @@
       "attack-surface-pentest",
       "defensive-countermeasure-mapping",
       "dlp-gap-analysis",
+      "mlops-security",
       "supply-chain-integrity"
     ],
     "ai-c2-detection": [
+      "ai-attack-surface",
       "attack-surface-pentest",
       "compliance-theater",
       "defensive-countermeasure-mapping",
       "dlp-gap-analysis",
+      "incident-response-playbook",
       "mcp-agent-trust"
     ],
     "policy-exception-gen": [],
-    "threat-model-currency": [],
-    "global-grc": [],
+    "threat-model-currency": [
+      "ai-attack-surface",
+      "framework-gap-analysis",
+      "global-grc",
+      "kernel-lpe-triage",
+      "policy-exception-gen"
+    ],
+    "global-grc": [
+      "framework-gap-analysis",
+      "policy-exception-gen"
+    ],
     "zeroday-gap-learn": [
       "ai-attack-surface",
       "ai-c2-detection",
+      "defensive-countermeasure-mapping",
+      "framework-gap-analysis",
       "kernel-lpe-triage",
       "mcp-agent-trust"
     ],
-    "pqc-first": [],
+    "pqc-first": [
+      "compliance-theater",
+      "framework-gap-analysis"
+    ],
     "skill-update-loop": [
       "ai-c2-detection",
       "ai-risk-management",
@@ -113,7 +152,11 @@
       "threat-modeling-methodology",
       "webapp-security"
     ],
-    "security-maturity-tiers": [],
+    "security-maturity-tiers": [
+      "compliance-theater",
+      "global-grc",
+      "policy-exception-gen"
+    ],
     "researcher": [
       "age-gates-child-safety",
       "ai-attack-surface",
@@ -154,14 +197,25 @@
       "zeroday-gap-learn"
     ],
     "attack-surface-pentest": [
+      "compliance-theater",
+      "exploit-scoring",
+      "incident-response-playbook",
       "kernel-lpe-triage"
     ],
-    "fuzz-testing-strategy": [],
+    "fuzz-testing-strategy": [
+      "compliance-theater",
+      "zeroday-gap-learn"
+    ],
     "dlp-gap-analysis": [
-      "ai-c2-detection"
+      "ai-attack-surface",
+      "ai-c2-detection",
+      "compliance-theater",
+      "email-security-anti-phishing"
     ],
     "supply-chain-integrity": [
+      "compliance-theater",
       "mcp-agent-trust",
+      "mlops-security",
       "pqc-first"
     ],
     "defensive-countermeasure-mapping": [
@@ -176,6 +230,8 @@
       "compliance-theater",
       "defensive-countermeasure-mapping",
       "dlp-gap-analysis",
+      "email-security-anti-phishing",
+      "idp-incident-response",
       "mcp-agent-trust",
       "pqc-first",
       "supply-chain-integrity"
@@ -189,9 +245,11 @@
       "framework-gap-analysis",
       "global-grc",
       "identity-assurance",
+      "incident-response-playbook",
       "kernel-lpe-triage",
       "mcp-agent-trust",
       "policy-exception-gen",
+      "sector-energy",
       "supply-chain-integrity"
     ],
     "coordinated-vuln-disclosure": [
@@ -213,6 +271,7 @@
       "defensive-countermeasure-mapping",
       "framework-gap-analysis",
       "mcp-agent-trust",
+      "policy-exception-gen",
       "rag-pipeline-security",
       "researcher",
       "threat-model-currency",
@@ -221,7 +280,9 @@
     "webapp-security": [
       "ai-attack-surface",
       "ai-c2-detection",
+      "api-security",
       "attack-surface-pentest",
+      "compliance-theater",
       "defensive-countermeasure-mapping",
       "fuzz-testing-strategy",
       "identity-assurance",
@@ -252,6 +313,7 @@
       "framework-gap-analysis",
       "global-grc",
       "identity-assurance",
+      "incident-response-playbook",
       "mcp-agent-trust",
       "ot-ics-security",
       "policy-exception-gen",
@@ -263,10 +325,12 @@
       "compliance-theater",
       "coordinated-vuln-disclosure",
       "dlp-gap-analysis",
+      "email-security-anti-phishing",
       "exploit-scoring",
       "framework-gap-analysis",
       "global-grc",
       "identity-assurance",
+      "incident-response-playbook",
       "mcp-agent-trust",
       "policy-exception-gen",
       "supply-chain-integrity"
@@ -279,6 +343,7 @@
       "framework-gap-analysis",
       "global-grc",
       "identity-assurance",
+      "incident-response-playbook",
       "pqc-first",
       "supply-chain-integrity"
     ],
@@ -291,6 +356,7 @@
       "framework-gap-analysis",
       "global-grc",
       "identity-assurance",
+      "incident-response-playbook",
       "kernel-lpe-triage",
       "mcp-agent-trust",
       "ot-ics-security",
@@ -301,6 +367,7 @@
     "sector-telecom": [],
     "api-security": [
       "ai-c2-detection",
+      "compliance-theater",
       "defensive-countermeasure-mapping",
       "dlp-gap-analysis",
       "identity-assurance",
@@ -311,7 +378,9 @@
       "ai-attack-surface",
       "ai-c2-detection",
       "api-security",
+      "cloud-iam-incident",
       "compliance-theater",
+      "container-runtime-security",
       "defensive-countermeasure-mapping",
       "dlp-gap-analysis",
       "exploit-scoring",
@@ -348,6 +417,7 @@
       "ai-attack-surface",
       "ai-risk-management",
       "cloud-security",
+      "compliance-theater",
       "container-runtime-security",
       "coordinated-vuln-disclosure",
       "mcp-agent-trust",
@@ -442,90 +512,90 @@
   },
   "in_degree": {
     "age-gates-child-safety": 1,
-    "ai-attack-surface": 21,
-    "ai-c2-detection": 11,
+    "ai-attack-surface": 26,
+    "ai-c2-detection": 12,
     "ai-risk-management": 5,
-    "api-security": 3,
+    "api-security": 4,
     "attack-surface-pentest": 13,
-    "cloud-iam-incident": 0,
+    "cloud-iam-incident": 1,
     "cloud-security": 5,
-    "compliance-theater": 19,
-    "container-runtime-security": 3,
+    "compliance-theater": 30,
+    "container-runtime-security": 4,
     "coordinated-vuln-disclosure": 12,
-    "defensive-countermeasure-mapping": 17,
+    "defensive-countermeasure-mapping": 18,
     "dlp-gap-analysis": 15,
-    "email-security-anti-phishing": 2,
-    "exploit-scoring": 10,
-    "framework-gap-analysis": 18,
+    "email-security-anti-phishing": 6,
+    "exploit-scoring": 11,
+    "framework-gap-analysis": 23,
     "fuzz-testing-strategy": 3,
-    "global-grc": 12,
-    "identity-assurance": 17,
-    "idp-incident-response": 0,
-    "incident-response-playbook": 7,
-    "kernel-lpe-triage": 10,
-    "mcp-agent-trust": 20,
-    "mlops-security": 3,
+    "global-grc": 15,
+    "identity-assurance": 18,
+    "idp-incident-response": 1,
+    "incident-response-playbook": 18,
+    "kernel-lpe-triage": 12,
+    "mcp-agent-trust": 22,
+    "mlops-security": 6,
     "ot-ics-security": 4,
-    "policy-exception-gen": 11,
+    "policy-exception-gen": 16,
     "pqc-first": 6,
-    "rag-pipeline-security": 8,
+    "rag-pipeline-security": 9,
     "ransomware-response": 0,
     "researcher": 1,
-    "sector-energy": 3,
+    "sector-energy": 4,
     "sector-federal-government": 6,
     "sector-financial": 8,
     "sector-healthcare": 6,
     "sector-telecom": 1,
     "security-maturity-tiers": 1,
     "skill-update-loop": 3,
-    "supply-chain-integrity": 16,
+    "supply-chain-integrity": 17,
     "threat-model-currency": 6,
     "threat-modeling-methodology": 4,
     "webapp-security": 3,
-    "zeroday-gap-learn": 7
+    "zeroday-gap-learn": 8
   },
   "out_degree": {
     "age-gates-child-safety": 10,
-    "ai-attack-surface": 0,
-    "ai-c2-detection": 5,
+    "ai-attack-surface": 3,
+    "ai-c2-detection": 7,
     "ai-risk-management": 13,
-    "api-security": 6,
-    "attack-surface-pentest": 1,
+    "api-security": 7,
+    "attack-surface-pentest": 4,
     "cloud-iam-incident": 14,
-    "cloud-security": 15,
-    "compliance-theater": 0,
+    "cloud-security": 17,
+    "compliance-theater": 12,
     "container-runtime-security": 18,
     "coordinated-vuln-disclosure": 12,
     "defensive-countermeasure-mapping": 6,
-    "dlp-gap-analysis": 1,
+    "dlp-gap-analysis": 4,
     "email-security-anti-phishing": 6,
-    "exploit-scoring": 3,
+    "exploit-scoring": 5,
     "framework-gap-analysis": 0,
-    "fuzz-testing-strategy": 0,
-    "global-grc": 0,
-    "identity-assurance": 6,
+    "fuzz-testing-strategy": 2,
+    "global-grc": 2,
+    "identity-assurance": 8,
     "idp-incident-response": 12,
     "incident-response-playbook": 20,
-    "kernel-lpe-triage": 5,
-    "mcp-agent-trust": 5,
-    "mlops-security": 9,
-    "ot-ics-security": 12,
+    "kernel-lpe-triage": 6,
+    "mcp-agent-trust": 7,
+    "mlops-security": 10,
+    "ot-ics-security": 14,
     "policy-exception-gen": 0,
-    "pqc-first": 0,
-    "rag-pipeline-security": 5,
+    "pqc-first": 2,
+    "rag-pipeline-security": 6,
     "ransomware-response": 10,
     "researcher": 37,
-    "sector-energy": 14,
-    "sector-federal-government": 9,
-    "sector-financial": 12,
-    "sector-healthcare": 12,
+    "sector-energy": 15,
+    "sector-federal-government": 10,
+    "sector-financial": 14,
+    "sector-healthcare": 13,
     "sector-telecom": 0,
-    "security-maturity-tiers": 0,
+    "security-maturity-tiers": 3,
     "skill-update-loop": 21,
-    "supply-chain-integrity": 2,
-    "threat-model-currency": 0,
-    "threat-modeling-methodology": 8,
-    "webapp-security": 8,
-    "zeroday-gap-learn": 4
+    "supply-chain-integrity": 4,
+    "threat-model-currency": 5,
+    "threat-modeling-methodology": 9,
+    "webapp-security": 10,
+    "zeroday-gap-learn": 6
   }
 }