npm - @blamejs/exceptd-skills - Versions diffs - 0.13.39 → 0.13.41 - Mend

@blamejs/exceptd-skills 0.13.39 → 0.13.41

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (8) hide show

package/AGENTS.md +1 -1
package/CHANGELOG.md +16 -0
package/data/_indexes/_meta.json +2 -2
package/lib/collectors/ai-api.js +231 -0
package/lib/collectors/runtime.js +317 -0
package/manifest.json +44 -44
package/package.json +1 -1
package/sbom.cdx.json +44 -14

package/AGENTS.md CHANGED Viewed

@@ -372,7 +372,7 @@ This split costs every consumer the same translation work on every invocation. C
 exceptd collect secrets | exceptd run secrets --evidence -
 ```
-The collector library is small and grows as playbooks are touched. Eight reference collectors ship today (`lib/collectors/secrets.js`, `lib/collectors/kernel.js`, `lib/collectors/sbom.js`, `lib/collectors/containers.js`, `lib/collectors/library-author.js`, `lib/collectors/crypto-codebase.js`, `lib/collectors/cred-stores.js`, `lib/collectors/hardening.js`); the rest are written when each playbook needs them. Until a playbook has a collector, the AI/operator owns evidence collection as before.
+The collector library is small and grows as playbooks are touched. Ten reference collectors ship today (`lib/collectors/secrets.js`, `lib/collectors/kernel.js`, `lib/collectors/sbom.js`, `lib/collectors/containers.js`, `lib/collectors/library-author.js`, `lib/collectors/crypto-codebase.js`, `lib/collectors/cred-stores.js`, `lib/collectors/hardening.js`, `lib/collectors/runtime.js`, `lib/collectors/ai-api.js`); the rest are written when each playbook needs them. Until a playbook has a collector, the AI/operator owns evidence collection as before.
 ### Precision target for new `look.artifacts[].source` strings

package/CHANGELOG.md CHANGED Viewed

@@ -1,5 +1,21 @@
 # Changelog
+## 0.13.41 — 2026-05-20
+Tenth reference collector.
+### Features
+- **`lib/collectors/ai-api.js`** — scans shell rc files (`~/.bashrc`, `~/.bash_profile`, `~/.zshrc`, `~/.zprofile`, `~/.profile`, `~/.config/fish/config.fish`, `~/.config/fish/conf.d/*.fish`) and vendor dotfiles (`~/.openai`, `~/.anthropic`, `~/.config/anthropic`, `~/.config/openai`, `~/.gemini`, `~/.config/google-genai`, `~/.config/azure-openai`) for cleartext AI API key exports — OpenAI `sk-*`, Anthropic `sk-ant-*`, Azure OpenAI, Google / Gemini / Generative AI, HuggingFace `hf_*`, Cohere. Honours `export VAR=value`, `VAR=value`, and fish-style `set -gx VAR value` shapes. Reuses the cred-stores carrier inspection for `long-lived-aws-keys` (any AWS profile with `aws_access_key_id` and no `aws_session_token` sibling), `gcp-service-account-json` (`type: service_account` in ADC JSON), `kubeconfig-with-static-token` (`users[].user.token` non-null, not the `auth-provider.config.access-token` sub-key). Behavioral indicators (`ai-api-egress-from-unexpected-process`, `ai-api-anomalous-volume`, `ai-api-beaconing-cadence`, `base64-or-encoded-payload-in-prompts`) need ss / netstat / auditd / process-list correlation and stay unflipped — the runner returns inconclusive and operator-supplied evidence completes the verdict.
+## 0.13.40 — 2026-05-20
+Ninth reference collector.
+### Features
+- **`lib/collectors/runtime.js`** — Linux-only runtime-posture collector. Reads `/etc/sudoers` + `/etc/sudoers.d/*`, `/etc/passwd`, walks trusted-path directories (`/etc`, `/usr/local/bin`, `/usr/local/sbin`, `/opt`, `/usr/bin`, `/usr/sbin`) to depth 2 for world-writable files, and inspects `/proc/<pid>` for orphan-privileged processes. Flips four deterministic indicators: `sudoers-nopasswd-wildcard` (any non-root `NOPASSWD: ALL` or `NOPASSWD: /path/*` wildcard rule), `duplicate-uid-zero` (>1 entry in `/etc/passwd` with UID 0), `world-writable-in-trusted-path` (any file under a trusted root with mode bit `o+w`), `orphan-privileged-process` (UID 0 process with PPID 1, canonical-init parent, executable under `/tmp`, `/dev/shm`, `/var/tmp`, or `/home`). Same unflipped-when-unreadable semantics as the hardening collector — when `/etc/sudoers` / `/etc/passwd` / trusted paths / `/proc` are all unreadable, the indicator stays absent from `signal_overrides` so the runner returns inconclusive rather than asserting a clean posture without evidence. Path overrides via `args.paths` for synthetic-tempdir tests.
 ## 0.13.39 — 2026-05-20
 Eighth reference collector.

package/data/_indexes/_meta.json CHANGED Viewed

@@ -1,10 +1,10 @@
 {
   "schema_version": "1.1.0",
-  "generated_at": "2026-05-21T05:15:19.319Z",
+  "generated_at": "2026-05-21T05:59:31.155Z",
   "generator": "scripts/build-indexes.js",
   "source_count": 54,
   "source_hashes": {
-    "manifest.json": "0785c4b4b99897d6846d7e324c8a093da8bfdeaa48ca9ab234cd82009d1e04d0",
+    "manifest.json": "baf6b821336ba74ccafa21f09c510e7f581d3157a1aab19ed282f8d975ed8eec",
     "data/atlas-ttps.json": "d296c1d3e71807c9279b731f047e57796e85137f186586743a8cdad214b408f9",
     "data/attack-techniques.json": "49b6010b317edd219def135171ea8f3b1bbf1e00e9c5a08bf7237215ff54e2c3",
     "data/cve-catalog.json": "a09c83af3f9679a7ea73935726a1ff9de2cab94b4ab6321fc017fc147747d7c3",

package/lib/collectors/ai-api.js ADDED Viewed

@@ -0,0 +1,231 @@
+"use strict";
+/**
+ * lib/collectors/ai-api.js
+ *
+ * Companion collector for the `ai-api` playbook. Scans shell rc
+ * files for cleartext AI API key exports, plus the standard
+ * credential carriers (~/.aws, ~/.kube, ~/.config/gcloud) for
+ * long-lived credentials likely to authenticate against AI APIs.
+ *
+ * Non-deterministic indicators (ai-api-egress-from-unexpected-
+ * process, ai-api-anomalous-volume, ai-api-beaconing-cadence,
+ * base64-or-encoded-payload-in-prompts) require ss/netstat/auditd
+ * traces and process-list correlation that fall outside the
+ * stdlib-only collector contract. They stay unflipped — the runner
+ * returns inconclusive and operator-supplied evidence completes
+ * the verdict.
+ *
+ * Interface: see lib/collectors/README.md
+ */
+const fs = require("node:fs");
+const path = require("node:path");
+const os = require("node:os");
+const COLLECTOR_ID = "ai-api";
+function readSafe(full, max = 256 * 1024) {
+  try {
+    const s = fs.statSync(full);
+    if (s.size > max) return null;
+    return fs.readFileSync(full, "utf8");
+  } catch { return null; }
+}
+function fileExists(full) {
+  try { return fs.statSync(full).isFile(); } catch { return false; }
+}
+// Cleartext AI-API-key export patterns. Matches the standard
+// `export VAR=value` and `VAR=value` shell shapes plus fish-style
+// `set -gx VAR value`.
+const AI_KEY_PATTERNS = [
+  { id: "openai",       re: /(?:^|\n)\s*(?:export\s+|set\s+-gx\s+)?OPENAI_API_KEY\s*[= ]\s*['"]?sk-[A-Za-z0-9_-]{20,}/m },
+  { id: "anthropic",    re: /(?:^|\n)\s*(?:export\s+|set\s+-gx\s+)?ANTHROPIC_API_KEY\s*[= ]\s*['"]?sk-ant-[A-Za-z0-9_-]{20,}/m },
+  { id: "azure",        re: /(?:^|\n)\s*(?:export\s+|set\s+-gx\s+)?AZURE_OPENAI(?:_API)?_KEY\s*[= ]\s*['"]?[A-Za-z0-9]{20,}/m },
+  { id: "google",       re: /(?:^|\n)\s*(?:export\s+|set\s+-gx\s+)?(?:GOOGLE_API_KEY|GOOGLE_GENAI_API_KEY|GEMINI_API_KEY)\s*[= ]\s*['"]?[A-Za-z0-9_-]{20,}/m },
+  { id: "huggingface",  re: /(?:^|\n)\s*(?:export\s+|set\s+-gx\s+)?(?:HUGGINGFACE_TOKEN|HF_TOKEN)\s*[= ]\s*['"]?hf_[A-Za-z0-9]{20,}/m },
+  { id: "cohere",       re: /(?:^|\n)\s*(?:export\s+|set\s+-gx\s+)?COHERE_API_KEY\s*[= ]\s*['"]?[A-Za-z0-9-]{30,}/m },
+];
+function scanShellRc(content) {
+  if (!content) return [];
+  const hits = [];
+  for (const p of AI_KEY_PATTERNS) {
+    if (p.re.test(content)) hits.push(p.id);
+  }
+  return hits;
+}
+function parseAwsCredentials(content) {
+  if (!content) return { staticProfiles: [] };
+  const lines = content.split(/\r?\n/);
+  const profiles = {};
+  let current = null;
+  for (const raw of lines) {
+    const line = raw.replace(/[#;].*$/, "").trim();
+    if (!line) continue;
+    const sec = line.match(/^\[([^\]]+)\]$/);
+    if (sec) { current = sec[1].trim(); profiles[current] = {}; continue; }
+    if (!current) continue;
+    const kv = line.match(/^([A-Za-z0-9_-]+)\s*=\s*(.*)$/);
+    if (!kv) continue;
+    profiles[current][kv[1].trim().toLowerCase()] = kv[2].trim();
+  }
+  const staticProfiles = [];
+  for (const [name, kv] of Object.entries(profiles)) {
+    // long-lived-aws-keys: aws_access_key_id present AND no
+    // aws_session_token sibling (STS temporary creds carry the
+    // session token; IAM-user long-lived keys do not).
+    if (kv["aws_access_key_id"] && !kv["aws_session_token"]) {
+      staticProfiles.push(name);
+    }
+  }
+  return { staticProfiles };
+}
+function parseGcloudAdc(content) {
+  if (!content) return { hasServiceAccount: false };
+  try {
+    const j = JSON.parse(content);
+    return { hasServiceAccount: j?.type === "service_account" };
+  } catch { return { hasServiceAccount: false }; }
+}
+function parseKubeStaticToken(content) {
+  if (!content) return false;
+  // Same shape as cred-stores: token under user:, not auth-provider.
+  const userKvRe = /^(\s+)(token|token-data)\s*:\s*(\S[^\n]*)/gm;
+  let staticFound = false;
+  for (const m of content.matchAll(userKvRe)) {
+    const upto = content.slice(0, m.index);
+    const lastUserAt = upto.lastIndexOf("\n  user:");
+    const lastAuthProviderAt = upto.lastIndexOf("auth-provider:");
+    if (lastAuthProviderAt > lastUserAt) continue;
+    const value = m[3];
+    if (!value || value.startsWith("null")) continue;
+    staticFound = true;
+    break;
+  }
+  return staticFound;
+}
+function collect({ cwd = process.cwd(), env = process.env, args = {} } = {}) {
+  const errors = [];
+  const startTime = Date.now();
+  const root = path.resolve(cwd);
+  const home = (env && env.HOME) || (env && env.USERPROFILE) || os.homedir();
+  // Shell rc + dotfile candidates.
+  const shellRcs = [
+    ".bashrc", ".bash_profile", ".zshrc", ".zprofile", ".profile",
+    path.join(".config", "fish", "config.fish"),
+  ].map(rel => path.join(home, rel));
+  // Glob fish/conf.d/*.
+  try {
+    const fishConfD = path.join(home, ".config", "fish", "conf.d");
+    for (const e of fs.readdirSync(fishConfD)) {
+      if (e.endsWith(".fish")) shellRcs.push(path.join(fishConfD, e));
+    }
+  } catch { /* fish not present */ }
+  const dotfileKeys = [
+    ".openai", ".anthropic",
+    path.join(".config", "anthropic"), path.join(".config", "openai"),
+    ".gemini",
+    path.join(".config", "google-genai"),
+    path.join(".config", "azure-openai"),
+  ].map(rel => path.join(home, rel));
+  const allKeyCarriers = [...shellRcs, ...dotfileKeys];
+  const cleartextHitsByFile = {};
+  for (const p of allKeyCarriers) {
+    if (!fileExists(p)) continue;
+    const c = readSafe(p);
+    if (c == null) continue;
+    const hits = scanShellRc(c);
+    if (hits.length > 0) {
+      cleartextHitsByFile[path.relative(home, p)] = hits;
+    }
+  }
+  const cleartextAnyHit = Object.keys(cleartextHitsByFile).length > 0;
+  // AWS / GCP / kube reuse.
+  const awsCredsPath = path.join(home, ".aws", "credentials");
+  const awsCredsContent = fileExists(awsCredsPath) ? readSafe(awsCredsPath) : null;
+  const awsParsed = parseAwsCredentials(awsCredsContent);
+  const longLivedAws = awsParsed.staticProfiles.length > 0;
+  const gcloudAdcPath = path.join(home, ".config", "gcloud", "application_default_credentials.json");
+  const gcloudContent = fileExists(gcloudAdcPath) ? readSafe(gcloudAdcPath) : null;
+  const gcloudParsed = parseGcloudAdc(gcloudContent);
+  const kubeCfgPath = (env && env.KUBECONFIG) || path.join(home, ".kube", "config");
+  const kubeContent = fileExists(kubeCfgPath) ? readSafe(kubeCfgPath) : null;
+  const kubeStaticToken = parseKubeStaticToken(kubeContent);
+  const signal_overrides = {
+    "cleartext-api-key-in-dotfile": cleartextAnyHit ? "hit" : "miss",
+    "long-lived-aws-keys": longLivedAws ? "hit" : "miss",
+    "gcp-service-account-json": gcloudParsed.hasServiceAccount ? "hit" : "miss",
+    "kubeconfig-with-static-token": kubeStaticToken ? "hit" : "miss",
+  };
+  const artifacts = {
+    "shell-rc-files": {
+      value: cleartextAnyHit
+        ? Object.entries(cleartextHitsByFile).map(([f, ids]) => `${f}: ${ids.join(",")}`).join("; ")
+        : `scanned ${shellRcs.length} shell rc + ${dotfileKeys.length} dotfile path(s); no cleartext AI API key exports`,
+      captured: true,
+    },
+    "dotfile-api-keys": {
+      value: dotfileKeys.filter(p => fileExists(p)).map(p => path.relative(home, p)).join(", ") || "no AI vendor dotfile carriers found at the canonical paths",
+      captured: true,
+    },
+    "aws-credentials": awsCredsContent
+      ? { value: `${awsParsed.staticProfiles.length} long-lived profile(s): ${awsParsed.staticProfiles.join(", ") || "none"}`, captured: true }
+      : { value: "~/.aws/credentials absent", captured: true },
+    "gcp-credentials": gcloudContent
+      ? { value: `application_default_credentials.json present; service_account=${gcloudParsed.hasServiceAccount}`, captured: true }
+      : { value: "no gcloud ADC at the canonical path", captured: true, reason: "credentials.db / legacy_credentials/*/adc.json inspection deferred (no stdlib SQLite reader)" },
+    "kube-config": kubeContent
+      ? { value: `kubeconfig present; static_token=${kubeStaticToken}`, captured: true }
+      : { value: "no kubeconfig at the canonical path", captured: true },
+    "ai-sdk-inventory": {
+      value: "skipped — npm/pip global listing deferred to operator/AI evidence",
+      captured: false,
+      reason: "spawning npm ls / pip list out of stdlib collector contract; operator should run those and submit as evidence",
+    },
+    "ai-api-egress-baseline": {
+      value: "skipped — ss/netstat capture deferred to operator/AI evidence",
+      captured: false,
+      reason: "live socket / process correlation needs ss / netstat / auditd traces; operator-supplied evidence completes the verdict",
+    },
+    "process-list": {
+      value: "skipped — ps -ef capture deferred to operator/AI evidence",
+      captured: false,
+      reason: "process-list correlation tied to network egress + behavioral signals out of stdlib collector scope",
+    },
+  };
+  return {
+    precondition_checks: {
+      "home-dir-readable": fs.existsSync(home),
+    },
+    artifacts,
+    signal_overrides,
+    collector_meta: {
+      collector_id: COLLECTOR_ID,
+      collector_version: "2026-05-20",
+      platform: process.platform,
+      captured_at: new Date().toISOString(),
+      cwd: root,
+      home,
+      duration_ms: Date.now() - startTime,
+    },
+    collector_errors: errors,
+  };
+}
+module.exports = { playbook_id: COLLECTOR_ID, collect };

package/lib/collectors/runtime.js ADDED Viewed

@@ -0,0 +1,317 @@
+"use strict";
+/**
+ * lib/collectors/runtime.js
+ *
+ * Companion collector for the `runtime` playbook. Linux-only:
+ * walks /etc/sudoers + /etc/sudoers.d/*, parses /etc/passwd for
+ * duplicate UID 0 entries, scans well-known trusted-path
+ * directories for world-writable files, and inspects /proc/<pid>
+ * for orphan-privileged processes. Defers non-deterministic
+ * indicators (non-baseline-suid, listening-socket-unknown-bind,
+ * cron-or-timer-outside-policy) so the runner returns inconclusive.
+ *
+ * Interface: see lib/collectors/README.md
+ */
+const fs = require("node:fs");
+const path = require("node:path");
+const COLLECTOR_ID = "runtime";
+function readFileSafe(p, max = 512 * 1024) {
+  try {
+    const s = fs.statSync(p);
+    if (s.size > max) return null;
+    return fs.readFileSync(p, "utf8");
+  } catch { return null; }
+}
+const NOPASSWD_WILDCARD_RE = /\bNOPASSWD:\s*(?:ALL|\/[^,\n]*\*)/;
+// Trusted-path roots scanned for world-writable files. The
+// playbook explicitly lists /etc, /usr/local/bin, /usr/local/sbin,
+// /opt. We add /usr/bin and /usr/sbin as common variants but stay
+// shallow (depth 2) so we don't walk arbitrarily deep filesystems.
+const TRUSTED_PATHS = ["/etc", "/usr/local/bin", "/usr/local/sbin", "/opt", "/usr/bin", "/usr/sbin"];
+const TRUSTED_PATH_MAX_DEPTH = 2;
+const PARENT_INIT_BINARIES = new Set([
+  "/sbin/init", "/usr/sbin/init", "/usr/lib/systemd/systemd",
+  "/lib/systemd/systemd", "/usr/lib/systemd/systemd-userdbd",
+]);
+const ORPHAN_RISKY_PREFIXES = ["/tmp/", "/dev/shm/", "/var/tmp/", "/home/"];
+function parseSudoersForWildcards(content) {
+  if (!content) return [];
+  const hits = [];
+  for (const raw of content.split(/\r?\n/)) {
+    const line = raw.replace(/#.*$/, "").trim();
+    if (!line) continue;
+    if (!NOPASSWD_WILDCARD_RE.test(line)) continue;
+    // Sudoers entries lead with a comma-separated user/group list:
+    //   `<user1>,<user2>,%group  host = (runas) NOPASSWD: cmd*`
+    // Skip ONLY when the user list is exactly `root` (no other
+    // principals). A line like `root,deploy ALL=(ALL) NOPASSWD: ALL`
+    // still grants wildcard sudo to `deploy` and counts as a hit.
+    const userListMatch = line.match(/^([^\s]+)\s/);
+    if (userListMatch) {
+      const principals = userListMatch[1].split(",").map(s => s.trim()).filter(Boolean);
+      if (principals.length === 1 && principals[0] === "root") continue;
+    }
+    hits.push(line);
+  }
+  return hits;
+}
+function parsePasswdUidZero(content) {
+  if (!content) return [];
+  const uid0 = [];
+  for (const raw of content.split(/\r?\n/)) {
+    const line = raw.trim();
+    if (!line || line.startsWith("#")) continue;
+    const fields = line.split(":");
+    if (fields.length < 3) continue;
+    if (fields[2] === "0") uid0.push(fields[0]);
+  }
+  return uid0;
+}
+function walkShallow(dir, maxDepth) {
+  const out = [];
+  const seen = new Set();
+  function walk(d, depth) {
+    if (depth > maxDepth) return;
+    let entries;
+    try { entries = fs.readdirSync(d, { withFileTypes: true }); }
+    catch { return; }
+    for (const e of entries) {
+      const full = path.join(d, e.name);
+      let real;
+      try { real = fs.realpathSync(full); } catch { continue; }
+      if (seen.has(real)) continue;
+      seen.add(real);
+      if (e.isDirectory()) walk(full, depth + 1);
+      else if (e.isFile()) out.push(full);
+    }
+  }
+  walk(dir, 0);
+  return out;
+}
+function isWorldWritable(p) {
+  try {
+    const s = fs.statSync(p);
+    return (s.mode & 0o002) !== 0;
+  } catch { return false; }
+}
+function readProcPid(pid, procRoot) {
+  // Returns { pid, ppid, uid, exe } or null.
+  try {
+    const statusPath = path.join(procRoot, String(pid), "status");
+    const status = fs.readFileSync(statusPath, "utf8");
+    const ppidMatch = status.match(/^PPid:\s+(\d+)/m);
+    const uidMatch = status.match(/^Uid:\s+(\d+)/m);
+    if (!ppidMatch || !uidMatch) return null;
+    let exe = null;
+    try {
+      exe = fs.readlinkSync(path.join(procRoot, String(pid), "exe"));
+    } catch { /* no permission to read exe link */ }
+    return {
+      pid,
+      ppid: Number(ppidMatch[1]),
+      uid: Number(uidMatch[1]),
+      exe,
+    };
+  } catch { return null; }
+}
+function scanOrphanPrivileged(procRoot) {
+  // Returns { hits, exeReadable }. exeReadable is false when at
+  // least one candidate PID (UID 0, PPID 1) had an unreadable
+  // /proc/<pid>/exe symlink AND PID 1's exe was also unreadable —
+  // in that case the indicator MUST stay unflipped (the caller
+  // converts that to inconclusive). hidepid / ptrace-restrict /
+  // non-root scope all collapse exe readability to zero, and
+  // emitting "miss" there would mask real privileged orphans.
+  let entries;
+  try { entries = fs.readdirSync(procRoot); } catch { return { hits: [], exeReadable: false }; }
+  const hits = [];
+  // PID 1's exe is the canonical anchor. If we can't read it, we
+  // can't tell whether the parent is canonical init or a hijacked
+  // PID 1. That's an inconclusive condition.
+  const initProc = readProcPid(1, procRoot);
+  const initExeReadable = !!(initProc && initProc.exe);
+  if (!initExeReadable) return { hits: [], exeReadable: false };
+  if (!PARENT_INIT_BINARIES.has(initProc.exe)) {
+    // PID 1's exe is readable but isn't a canonical init. Treat
+    // as inconclusive — the playbook predicate explicitly says
+    // "parent != systemd/init" is the orphan condition, but
+    // distinguishing a legitimate non-systemd init (e.g. SysV,
+    // BusyBox init) from a hijacked PID 1 needs operator review.
+    return { hits: [], exeReadable: false };
+  }
+  // PID 1's exe is canonical init. Now scan candidate PIDs.
+  let anyExeReadable = false;
+  let anyExeUnreadable = false;
+  for (const name of entries) {
+    if (!/^\d+$/.test(name)) continue;
+    const proc = readProcPid(Number(name), procRoot);
+    if (!proc) continue;
+    if (proc.uid !== 0) continue;
+    if (proc.ppid !== 1) continue;
+    if (proc.exe) {
+      anyExeReadable = true;
+      if (ORPHAN_RISKY_PREFIXES.some(p => proc.exe.startsWith(p))) {
+        hits.push({ pid: proc.pid, exe: proc.exe });
+      }
+    } else {
+      anyExeUnreadable = true;
+    }
+  }
+  // If we couldn't read ANY candidate's exe (typical non-root /
+  // hidepid scope), the indicator stays unflipped. If we read at
+  // least one and saw zero risky-path orphans, the miss is
+  // honest. If we saw mixed (some readable, some not), still
+  // report what we found — but only emit a verdict when at least
+  // one exe was readable so we have evidence to back it.
+  const exeReadable = anyExeReadable || (!anyExeUnreadable && entries.length > 0);
+  return { hits, exeReadable };
+}
+function collect({ cwd = process.cwd(), env = process.env, args = {} } = {}) {
+  const errors = [];
+  const startTime = Date.now();
+  const root = path.resolve(cwd);
+  const paths = args.paths || {};
+  const P = {
+    sudoers: paths.sudoers || "/etc/sudoers",
+    sudoersD: paths.sudoersD || "/etc/sudoers.d",
+    passwd: paths.passwd || "/etc/passwd",
+    trustedPaths: paths.trustedPaths || TRUSTED_PATHS,
+    procRoot: paths.procRoot || "/proc",
+  };
+  const isLinux = args.forceLinux === true || process.platform === "linux";
+  if (!isLinux) {
+    return {
+      precondition_checks: { "linux-platform": false },
+      artifacts: {
+        "sudo-rules": { value: "skipped — non-Linux platform", captured: false, reason: `process.platform=${process.platform}` },
+        "passwd-shadow-baseline": { value: "skipped — non-Linux platform", captured: false, reason: `process.platform=${process.platform}` },
+        "world-writable-paths": { value: "skipped — non-Linux platform", captured: false, reason: `process.platform=${process.platform}` },
+        "process-tree": { value: "skipped — non-Linux platform", captured: false, reason: `process.platform=${process.platform}` },
+      },
+      signal_overrides: {},
+      collector_meta: {
+        collector_id: COLLECTOR_ID,
+        collector_version: "2026-05-20",
+        platform: process.platform,
+        captured_at: new Date().toISOString(),
+        cwd: root,
+        duration_ms: Date.now() - startTime,
+      },
+      collector_errors: errors,
+    };
+  }
+  // Sudo rules: /etc/sudoers + /etc/sudoers.d/*
+  const sudoersBase = readFileSafe(P.sudoers);
+  let sudoersContent = sudoersBase || "";
+  let sudoersReadable = sudoersBase != null;
+  try {
+    const dEntries = fs.readdirSync(P.sudoersD);
+    for (const e of dEntries) {
+      // skip editor backup files (~, .bak, .swp)
+      if (/[~]$/.test(e) || /\.(bak|swp|orig)$/.test(e)) continue;
+      const c = readFileSafe(path.join(P.sudoersD, e));
+      if (c != null) {
+        sudoersContent += "\n" + c;
+        sudoersReadable = true;
+      }
+    }
+  } catch { /* .d not present */ }
+  const sudoersHits = parseSudoersForWildcards(sudoersContent);
+  // /etc/passwd UID-zero count
+  const passwdContent = readFileSafe(P.passwd);
+  const uid0 = passwdContent ? parsePasswdUidZero(passwdContent) : null;
+  // World-writable files under trusted paths.
+  const worldWritableFiles = [];
+  for (const tp of P.trustedPaths) {
+    for (const f of walkShallow(tp, TRUSTED_PATH_MAX_DEPTH)) {
+      if (isWorldWritable(f)) worldWritableFiles.push(f);
+    }
+  }
+  // Orphan-privileged process scan. Only meaningful on a real
+  // /proc; on a synthetic tempdir we still walk it the same way.
+  const orphanScan = scanOrphanPrivileged(P.procRoot);
+  const signal_overrides = {};
+  if (sudoersReadable) {
+    signal_overrides["sudoers-nopasswd-wildcard"] = sudoersHits.length > 0 ? "hit" : "miss";
+  }
+  if (uid0 !== null) {
+    signal_overrides["duplicate-uid-zero"] = uid0.length > 1 ? "hit" : "miss";
+  }
+  // world-writable-in-trusted-path: only emit a verdict if at least
+  // one trusted path was readable. If every TP was unreadable
+  // (chroot / restricted container), leave the indicator unflipped.
+  const anyTpReadable = P.trustedPaths.some(tp => {
+    try { fs.readdirSync(tp); return true; } catch { return false; }
+  });
+  if (anyTpReadable) {
+    signal_overrides["world-writable-in-trusted-path"] = worldWritableFiles.length > 0 ? "hit" : "miss";
+  }
+  // orphan-privileged-process: only emit when /proc was walkable
+  // AND the scan had enough exe-link visibility to reach a verdict.
+  // hidepid / ptrace-restrict / non-root scope leaves
+  // exeReadable=false; the indicator stays unflipped so the runner
+  // returns inconclusive (codex P1 #80).
+  let procWalkable = false;
+  try { fs.readdirSync(P.procRoot); procWalkable = true; } catch { /* not present */ }
+  if (procWalkable && orphanScan.exeReadable) {
+    signal_overrides["orphan-privileged-process"] = orphanScan.hits.length > 0 ? "hit" : "miss";
+  }
+  const artifacts = {
+    "sudo-rules": sudoersReadable
+      ? { value: `${sudoersHits.length} NOPASSWD wildcard rule(s)` + (sudoersHits.length > 0 ? ": " + sudoersHits.slice(0, 3).join("; ") : ""), captured: true }
+      : { value: "/etc/sudoers unreadable", captured: false, reason: "permission denied or absent" },
+    "passwd-shadow-baseline": passwdContent
+      ? { value: `${(uid0 || []).length} UID-0 entr(y/ies): ${(uid0 || []).join(", ") || "none"}`, captured: true }
+      : { value: "/etc/passwd unreadable", captured: false, reason: "permission denied or absent" },
+    "world-writable-paths": anyTpReadable
+      ? { value: worldWritableFiles.length > 0 ? `${worldWritableFiles.length} world-writable file(s): ${worldWritableFiles.slice(0, 5).join("; ")}` : "no world-writable files under trusted paths", captured: true }
+      : { value: "no trusted paths readable from this scope", captured: false, reason: "all trusted paths unreadable (chroot / restricted scope)" },
+    "process-tree": procWalkable
+      ? (orphanScan.exeReadable
+        ? { value: orphanScan.hits.length > 0 ? `${orphanScan.hits.length} orphan-privileged process(es): ` + orphanScan.hits.slice(0, 3).map(p => `pid=${p.pid} exe=${p.exe}`).join("; ") : "no orphan-privileged processes detected", captured: true }
+        : { value: "/proc walkable but /proc/<pid>/exe symlinks unreadable (likely hidepid / ptrace-restrict / non-root scope)", captured: false, reason: "insufficient exe-link visibility to reach a verdict" })
+      : { value: "/proc not walkable", captured: false, reason: "no /proc on this scope" },
+  };
+  return {
+    precondition_checks: {
+      "linux-platform": true,
+    },
+    artifacts,
+    signal_overrides,
+    collector_meta: {
+      collector_id: COLLECTOR_ID,
+      collector_version: "2026-05-20",
+      platform: process.platform,
+      captured_at: new Date().toISOString(),
+      cwd: root,
+      duration_ms: Date.now() - startTime,
+    },
+    collector_errors: errors,
+  };
+}
+module.exports = { playbook_id: COLLECTOR_ID, collect };

package/manifest.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "exceptd-security",
-  "version": "0.13.39",
+  "version": "0.13.41",
   "description": "AI security skills grounded in mid-2026 threat reality, not stale framework documentation",
   "homepage": "https://exceptd.com",
   "license": "Apache-2.0",
@@ -53,7 +53,7 @@
       ],
       "last_threat_review": "2026-05-01",
       "signature": "lXhZgoIrrVloO3XaTvo/43AxZn4mwErstd7DR0O/oVhD3AOGODM4HqrageYEou9WKOdMEGP5mJNTjJsXdP5NDA==",
-      "signed_at": "2026-05-21T05:14:23.230Z",
+      "signed_at": "2026-05-21T05:58:40.487Z",
       "cwe_refs": [
         "CWE-125",
         "CWE-362",
@@ -117,7 +117,7 @@
       ],
       "last_threat_review": "2026-05-01",
       "signature": "vSVqu4wBm+d68ujZmM6Rto/HzViCkE0gPUcv/MYE/bjFiqamf/s0On4kTOo1KIveV9cOwYNxiItaGEWlVkRFDg==",
-      "signed_at": "2026-05-21T05:14:23.231Z",
+      "signed_at": "2026-05-21T05:58:40.488Z",
       "cwe_refs": [
         "CWE-1039",
         "CWE-1426",
@@ -180,7 +180,7 @@
       ],
       "last_threat_review": "2026-05-01",
       "signature": "RIgXKvolQjgJdnlrDnVOd90IOY1B7VHHZD/YJQRzouL+wUeOLclPrdK/EgEuFyiu7lR4bi+Pl6aGB9G9tOxYCQ==",
-      "signed_at": "2026-05-21T05:14:23.232Z",
+      "signed_at": "2026-05-21T05:58:40.489Z",
       "cwe_refs": [
         "CWE-22",
         "CWE-345",
@@ -226,7 +226,7 @@
       "framework_gaps": [],
       "last_threat_review": "2026-05-01",
       "signature": "RYOxeq/o3uTwTWq4H7RcdH2Aclg9UyCERfUH9Frwkzncsowg7LgxpaEDc3swTCv73HMEGbU8wVbXguZ4JxHUCQ==",
-      "signed_at": "2026-05-21T05:14:23.232Z"
+      "signed_at": "2026-05-21T05:58:40.489Z"
     },
     {
       "name": "compliance-theater",
@@ -257,7 +257,7 @@
       ],
       "last_threat_review": "2026-05-01",
       "signature": "DneJCPKCPcoe6nQ82XptqSqNfSRdt1orKaO+o7K36YCciDrzwJb+1BuBLusPDtpcdDaGY0y0e+AqiTYJklhBAQ==",
-      "signed_at": "2026-05-21T05:14:23.233Z"
+      "signed_at": "2026-05-21T05:58:40.489Z"
     },
     {
       "name": "exploit-scoring",
@@ -286,7 +286,7 @@
       ],
       "last_threat_review": "2026-05-01",
       "signature": "NA1hoQycvQhSUoG5rwlXX0mOVmGxoXRVezkELGEA2nZOdGis4gXkHT3O6Sfw7zxE4JuMrsCb65TEeOWk9WEPDg==",
-      "signed_at": "2026-05-21T05:14:23.233Z"
+      "signed_at": "2026-05-21T05:58:40.490Z"
     },
     {
       "name": "rag-pipeline-security",
@@ -323,7 +323,7 @@
       ],
       "last_threat_review": "2026-05-01",
       "signature": "XgrzcA2brPhXrSTxrcLnJec0OpgGYJBoSTUlJ10UdePHffxqb9LTVGnfbmEk1ykQifXREZexui2bG7X/+eFfCQ==",
-      "signed_at": "2026-05-21T05:14:23.234Z",
+      "signed_at": "2026-05-21T05:58:40.490Z",
       "cwe_refs": [
         "CWE-1395",
         "CWE-1426"
@@ -380,7 +380,7 @@
       ],
       "last_threat_review": "2026-05-01",
       "signature": "9+hZlZOqZdeACUmamQk66L5levZhhwnFXuYRhdT6Mce99eQaKT7wNfWq12hXQztkRcVRKaFH+a01zwJQwsRQCA==",
-      "signed_at": "2026-05-21T05:14:23.234Z",
+      "signed_at": "2026-05-21T05:58:40.491Z",
       "d3fend_refs": [
         "D3-CA",
         "D3-CSPP",
@@ -415,7 +415,7 @@
       "framework_gaps": [],
       "last_threat_review": "2026-05-01",
       "signature": "ciqhVloMWWXEigPZvvwoV2c54tEqsDqsoc+sS/mNTFFJk2H+tz2+XUrgfEPRuYw0FeyNB6/+27pL2NpKHzUqAg==",
-      "signed_at": "2026-05-21T05:14:23.235Z",
+      "signed_at": "2026-05-21T05:58:40.491Z",
       "cwe_refs": [
         "CWE-1188"
       ]
@@ -443,7 +443,7 @@
       "framework_gaps": [],
       "last_threat_review": "2026-05-01",
       "signature": "xiHAhhdufm9hCKU8PLiPE0MX65ej2F4OZwtlWLGLCiie9/km+Kiqbt192LcMvr94v83C98pb9wIaqFsFWft6AQ==",
-      "signed_at": "2026-05-21T05:14:23.235Z"
+      "signed_at": "2026-05-21T05:58:40.491Z"
     },
     {
       "name": "global-grc",
@@ -475,7 +475,7 @@
       "framework_gaps": [],
       "last_threat_review": "2026-05-01",
       "signature": "oYsSk35N2Uzq7MRofACykylcVwkgPhI4luWZ14vmQT+gUKLyZiKVOUJbe1+7lGl6BYPRN0sUDQ0f7S5Eu5w2Ag==",
-      "signed_at": "2026-05-21T05:14:23.235Z"
+      "signed_at": "2026-05-21T05:58:40.492Z"
     },
     {
       "name": "zeroday-gap-learn",
@@ -502,7 +502,7 @@
       "framework_gaps": [],
       "last_threat_review": "2026-05-01",
       "signature": "igRqYyU1unRFH40BsPyAR62SPrk8QZv8dPGb8S9O9EvLCNOZAzm3t+HdT/NKqzWHwrpomOzkkkyLfYI/0qTUDA==",
-      "signed_at": "2026-05-21T05:14:23.236Z"
+      "signed_at": "2026-05-21T05:58:40.492Z"
     },
     {
       "name": "pqc-first",
@@ -554,7 +554,7 @@
       ],
       "last_threat_review": "2026-05-01",
       "signature": "vhc3wuQEro/86s1ro2b/KakUXg8QVnySYTBqA7ebzv9oeR2HYO5bvGEJp3oOHWtL37JDqcCAHYadSN/qxIyCCA==",
-      "signed_at": "2026-05-21T05:14:23.236Z",
+      "signed_at": "2026-05-21T05:58:40.492Z",
       "cwe_refs": [
         "CWE-327"
       ],
@@ -601,7 +601,7 @@
       ],
       "last_threat_review": "2026-05-01",
       "signature": "MS35nWm8djfJGn4OOoT0JKJ2aO+Dkbb6wOOWJYvNZlRKT3UGA59o2gxg1JOnD20hb/RwxtkmCujhl2tuYSR+AQ==",
-      "signed_at": "2026-05-21T05:14:23.236Z"
+      "signed_at": "2026-05-21T05:58:40.493Z"
     },
     {
       "name": "security-maturity-tiers",
@@ -638,7 +638,7 @@
       ],
       "last_threat_review": "2026-05-01",
       "signature": "8Px1s2lDj10/Q6erwEQlXgUHM1+OTruUR8qAHPX7Oo3k/l69N6P9sm0PsafS9wDFtj9l5C/OiLiFgzMlMt6vBw==",
-      "signed_at": "2026-05-21T05:14:23.237Z",
+      "signed_at": "2026-05-21T05:58:40.493Z",
       "cwe_refs": [
         "CWE-1188"
       ]
@@ -673,7 +673,7 @@
       "framework_gaps": [],
       "last_threat_review": "2026-05-11",
       "signature": "WAu5fRirzSOcnnZsTx2d/JJZwa/LPpXCi+31qATTGLmoNuhyy81k3ooPe9kCM3E0CLMtvTePg9DagYqBninZDQ==",
-      "signed_at": "2026-05-21T05:14:23.237Z"
+      "signed_at": "2026-05-21T05:58:40.493Z"
     },
     {
       "name": "attack-surface-pentest",
@@ -744,7 +744,7 @@
         "PTES revision incorporating AI-surface enumeration"
       ],
       "signature": "7eEwCXFd9pDKUw7yCUbRJSjfzozE44dwwwemCQUPm8JBPztLltibD9bL/RszSbYyCrYJmVb5Drncz2cGe62gCw==",
-      "signed_at": "2026-05-21T05:14:23.237Z"
+      "signed_at": "2026-05-21T05:58:40.493Z"
     },
     {
       "name": "fuzz-testing-strategy",
@@ -804,7 +804,7 @@
         "OSS-Fuzz-Gen / AI-assisted harness generation becoming the default expectation for OSS maintainers"
       ],
       "signature": "Z7ypCUnXx8JpLtgxxB6RHNi39w74AmrGY1N4ofAGCXhkuM2EaFVm1AU0dvl9UQ1bVLfHKEDGqMO/TwlIY7RABg==",
-      "signed_at": "2026-05-21T05:14:23.238Z"
+      "signed_at": "2026-05-21T05:58:40.494Z"
     },
     {
       "name": "dlp-gap-analysis",
@@ -879,7 +879,7 @@
         "Quebec Law 25, India DPDPA, KSA PDPL enforcement actions naming AI-tool prompt data as in-scope personal information"
       ],
       "signature": "fgxG344JGYBWWWwFXZ1IzGipWKP7EyBhrsvsbsb0CCGXfv/MvNHVNI6G0zQddCsWX1JeQbhZT3Vk8v1uJKDTDA==",
-      "signed_at": "2026-05-21T05:14:23.238Z"
+      "signed_at": "2026-05-21T05:58:40.494Z"
     },
     {
       "name": "supply-chain-integrity",
@@ -956,7 +956,7 @@
         "OpenSSF model-signing — emerging Sigstore-based signing standard for ML model weights; track for production adoption"
       ],
       "signature": "pcLrM98A3vUSZRjwNAk0aZ9umvOwB41XCLLsCOy/IebB2F/06oIrGUKkMHtHwm4pTVPShMMcKdZQQ3jz30FnCg==",
-      "signed_at": "2026-05-21T05:14:23.238Z"
+      "signed_at": "2026-05-21T05:58:40.494Z"
     },
     {
       "name": "defensive-countermeasure-mapping",
@@ -1013,7 +1013,7 @@
       ],
       "last_threat_review": "2026-05-11",
       "signature": "gqF8eU3VBrZhO2WnlcqKa7wm1d2mmWtvpbmx0kNCgHojNV+qEt+Ij84RO6bZvaUqhfYPWizWL79Fa4DL0curAQ==",
-      "signed_at": "2026-05-21T05:14:23.239Z"
+      "signed_at": "2026-05-21T05:58:40.495Z"
     },
     {
       "name": "identity-assurance",
@@ -1080,7 +1080,7 @@
       "d3fend_refs": [],
       "last_threat_review": "2026-05-11",
       "signature": "Wv5hGMeHjlaQK1zwicVCA7AvdKgJBgvcjdpGM9Ywahh9tagAKhbkOjybowDQZzu7OZ3bDkbh6pBYc1Sdwr6NAA==",
-      "signed_at": "2026-05-21T05:14:23.239Z"
+      "signed_at": "2026-05-21T05:58:40.495Z"
     },
     {
       "name": "ot-ics-security",
@@ -1136,7 +1136,7 @@
       "d3fend_refs": [],
       "last_threat_review": "2026-05-11",
       "signature": "8t5qKHd3yWi57dvG36YQkLN/X9bQWqtEiYjay4IfSmqhJpM/xXPaQVKNGz3wscrO8OLKUZ0OaX7Mj5kzpgBKBQ==",
-      "signed_at": "2026-05-21T05:14:23.239Z"
+      "signed_at": "2026-05-21T05:58:40.495Z"
     },
     {
       "name": "coordinated-vuln-disclosure",
@@ -1188,7 +1188,7 @@
         "NYDFS 23 NYCRR 500 amendments potentially adding explicit CVD program requirements"
       ],
       "signature": "GDGt4UPqBa04PjlpSmpyihGzd3OgfBN7jaAK5tfwp+LRSs3ygKOdbeivUCCHNagTY1hE6hG2Ou40ADfBFuXeAg==",
-      "signed_at": "2026-05-21T05:14:23.240Z"
+      "signed_at": "2026-05-21T05:58:40.496Z"
     },
     {
       "name": "threat-modeling-methodology",
@@ -1238,7 +1238,7 @@
         "PASTA v2 updates incorporating AI/ML application threats"
       ],
       "signature": "rFBpOQEJUPpl+v88Lw/WqVJRhTl80vy0VbPAbzQj3Q0suJRRrJg368I9uKu5LXIBKFDvKxnGIcIzbGg9NUtaCA==",
-      "signed_at": "2026-05-21T05:14:23.240Z"
+      "signed_at": "2026-05-21T05:58:40.496Z"
     },
     {
       "name": "webapp-security",
@@ -1312,7 +1312,7 @@
       "d3fend_refs": [],
       "last_threat_review": "2026-05-11",
       "signature": "ux85YI4t2mVHOyt744Yin1HHy+z11JIFygjKfFfQOBBl5QVV3A267jeIy7utix85irMcpZm/T3yx/ooqiK2tBA==",
-      "signed_at": "2026-05-21T05:14:23.240Z"
+      "signed_at": "2026-05-21T05:58:40.496Z"
     },
     {
       "name": "ai-risk-management",
@@ -1362,7 +1362,7 @@
       "d3fend_refs": [],
       "last_threat_review": "2026-05-11",
       "signature": "IIXnkZ5ZNqFwOto5KfytADTLLZLoyXNZACD1ORZ40P1HUAQxe6u2uyXFzzsfuob4Uy06jNkRGr2FFgCphUH1Cw==",
-      "signed_at": "2026-05-21T05:14:23.241Z"
+      "signed_at": "2026-05-21T05:58:40.497Z"
     },
     {
       "name": "sector-healthcare",
@@ -1422,7 +1422,7 @@
       "d3fend_refs": [],
       "last_threat_review": "2026-05-11",
       "signature": "AhF9KF8ZBlDteciV+F8IBSmFVYCvQOn44GmD4rZjgLoPxfIv/QE1/vSkK32zyqDKtHWkLSXExbkkPkxA/V6dDw==",
-      "signed_at": "2026-05-21T05:14:23.241Z"
+      "signed_at": "2026-05-21T05:58:40.497Z"
     },
     {
       "name": "sector-financial",
@@ -1503,7 +1503,7 @@
         "TIBER-EU framework v2.0 alignment with DORA TLPT RTS (JC 2024/40); cross-recognition with CBEST and iCAST"
       ],
       "signature": "HQgZvb4ReziEz5rNFr8i/O8/rJEZR+iHRROT7m/D2QUqhrcNISPkYXENsUZlG8xapzy/Ik92ehkseyj4hdmhCQ==",
-      "signed_at": "2026-05-21T05:14:23.242Z"
+      "signed_at": "2026-05-21T05:58:40.498Z"
     },
     {
       "name": "sector-federal-government",
@@ -1572,7 +1572,7 @@
         "Australia PSPF 2024 revision and ISM quarterly updates — track for Essential Eight Maturity Level requirements for federal entities"
       ],
       "signature": "linxmsXZiOYtcs71sSWgGCrvb8xQfmxmtTY5PRvZJ0/8FgJulo0tQtejzexYG775s7XhjAmGsDP238BQTQ8ADA==",
-      "signed_at": "2026-05-21T05:14:23.242Z"
+      "signed_at": "2026-05-21T05:58:40.498Z"
     },
     {
       "name": "sector-energy",
@@ -1637,7 +1637,7 @@
         "ICS-CERT advisory feed (https://www.cisa.gov/news-events/cybersecurity-advisories/ics-advisories) for vendor CVEs in Siemens, Rockwell, Schneider Electric, ABB, GE Vernova, Hitachi Energy, AVEVA / OSIsoft PI"
       ],
       "signature": "JjBfc0ovta560Clk0x3QGRM5osFJDwcvpy3rT7QEGdCIL827jzE8QCow1C8deXq+4JhY2sA/d7/8IsxikdlkCg==",
-      "signed_at": "2026-05-21T05:14:23.242Z"
+      "signed_at": "2026-05-21T05:58:40.498Z"
     },
     {
       "name": "sector-telecom",
@@ -1723,7 +1723,7 @@
         "O-RAN SFG / WG11 security specifications"
       ],
       "signature": "JWVxKFoKrbX4d+Tko1d4OBdwyg25MfFFKn4CT6E/CzH+YwnU3T6Y76uBQIKg3+gIGTvPduqyvQwQQ5FxKDuPBw==",
-      "signed_at": "2026-05-21T05:14:23.243Z"
+      "signed_at": "2026-05-21T05:58:40.498Z"
     },
     {
       "name": "api-security",
@@ -1792,7 +1792,7 @@
       "d3fend_refs": [],
       "last_threat_review": "2026-05-11",
       "signature": "BmCRCestWqr55+fCynEhtAl5NWLT+xLTkpwS0Icp3SaoZOw/ce3Y6TtqjHRSKn4CBJq7YDiLRWxmhO3MStvOAA==",
-      "signed_at": "2026-05-21T05:14:23.243Z"
+      "signed_at": "2026-05-21T05:58:40.499Z"
     },
     {
       "name": "cloud-security",
@@ -1873,7 +1873,7 @@
         "CISA KEV additions for cloud-control-plane CVEs (IMDSv1 abuses, federation token mishandling, cross-tenant boundary failures); CISA Cybersecurity Advisories for cross-cloud advisories"
       ],
       "signature": "/DV3pmZwrRySrk1OCbyI+0BQESacjupJfUX3eC2NGtXuYOBro0vndIP+z27heFxumnjU3a9sfla7/U9X+pqnDw==",
-      "signed_at": "2026-05-21T05:14:23.243Z"
+      "signed_at": "2026-05-21T05:58:40.499Z"
     },
     {
       "name": "container-runtime-security",
@@ -1935,7 +1935,7 @@
       "d3fend_refs": [],
       "last_threat_review": "2026-05-11",
       "signature": "E2UGSf9ATyYgzBr8uM/0ubOUmDqo1jVA7f9mVxv6LHfWGCNuQNXDyuNou9VAmUCeeXEeUYIi3AFjXkJqpOkxDA==",
-      "signed_at": "2026-05-21T05:14:23.244Z"
+      "signed_at": "2026-05-21T05:58:40.499Z"
     },
     {
       "name": "mlops-security",
@@ -2006,7 +2006,7 @@
         "MITRE ATLAS v5.6.0 (released February 2026) shipped the AML.T0010 sub-technique expansion this forecast tracked plus new techniques (\"Publish Poisoned AI Agent Tool\", \"Escape to Host\"); inventory now 16 tactics, 84 techniques, 56 sub-techniques. Forward watch: ATLAS v5.5 / v6.0 — track next-cadence updates to agentic-AI TTPs and MLOps-pipeline-specific techniques"
       ],
       "signature": "BGNE6ZQWBA1LmsUFe8tU0L67iGDSrFqiuqaZD2f1KqfcyqqzQfMs9PWNHFzxxaJmXeKlm87eU8lgELF0bX+RBA==",
-      "signed_at": "2026-05-21T05:14:23.244Z"
+      "signed_at": "2026-05-21T05:58:40.500Z"
     },
     {
       "name": "incident-response-playbook",
@@ -2068,7 +2068,7 @@
         "NYDFS 23 NYCRR 500.17 amendments tightening ransom-payment 24h disclosure operationalization"
       ],
       "signature": "FkZQerh3VHVJAwIcCktDyMRh5KE2+Em/i0ek8zEz7JG/PXtQx8ujHWTh3VjZbOLhPNtdB2qxgXOIAYIofaVOAQ==",
-      "signed_at": "2026-05-21T05:14:23.244Z"
+      "signed_at": "2026-05-21T05:58:40.500Z"
     },
     {
       "name": "ransomware-response",
@@ -2148,7 +2148,7 @@
       ],
       "last_threat_review": "2026-05-15",
       "signature": "n3UToNuN3A1HgLvcuqmIx8vrZY71+r/79waK92jG+rSX4uYOzkmxMUpROrE5K9bDwMezNBHdjWv8Uul6zugyDQ==",
-      "signed_at": "2026-05-21T05:14:23.245Z"
+      "signed_at": "2026-05-21T05:58:40.500Z"
     },
     {
       "name": "email-security-anti-phishing",
@@ -2201,7 +2201,7 @@
       "d3fend_refs": [],
       "last_threat_review": "2026-05-11",
       "signature": "rK+WnuS+9tqEABmwc0jO/PEmxcLjG1/tmUb897HsClQeKzf+TQOlwBE+OsbtuKxpjYNwur62Xxs3TxObkwm8Cw==",
-      "signed_at": "2026-05-21T05:14:23.245Z"
+      "signed_at": "2026-05-21T05:58:40.501Z"
     },
     {
       "name": "age-gates-child-safety",
@@ -2269,7 +2269,7 @@
         "US state adult-site age-verification laws — 19+ states by mid-2026 (TX HB 18 upheld by SCOTUS June 2025 in Free Speech Coalition v. Paxton); track ongoing challenges in remaining states"
       ],
       "signature": "+OO0RhQ303RJV7kaH38IuZpLeQbapep6Ds4Re/WEZu0FHBwKSlwvF7jbtP7KQ57xldJYn/xZm2jaszyOacMfDg==",
-      "signed_at": "2026-05-21T05:14:23.245Z"
+      "signed_at": "2026-05-21T05:58:40.501Z"
     },
     {
       "name": "cloud-iam-incident",
@@ -2349,7 +2349,7 @@
       ],
       "last_threat_review": "2026-05-15",
       "signature": "e/kij7GtKaytROyIj7V5RH+FC9WtmVFzrmG2kIlNDNn29ep/CRNlIQKwXLpzo/81AIf634pmdr1qy/+vwIuUDA==",
-      "signed_at": "2026-05-21T05:14:23.246Z"
+      "signed_at": "2026-05-21T05:58:40.501Z"
     },
     {
       "name": "idp-incident-response",
@@ -2430,11 +2430,11 @@
       ],
       "last_threat_review": "2026-05-15",
       "signature": "ew9Kglc9fAZzbn0ZIfGP7WSK/j4eV2VhSvpy+s5bEfNEVYIMa2kZjnGBapgUsyGDLes9H9K2ovjQyX17+GKiBw==",
-      "signed_at": "2026-05-21T05:14:23.246Z"
+      "signed_at": "2026-05-21T05:58:40.502Z"
     }
   ],
   "manifest_signature": {
     "algorithm": "Ed25519",
-    "signature_base64": "U+/t7HEN6UYD1OiVmFk3gIG2ONice3AFoWmRhmS3blpwXOORBg4y5+/1Ds5fVorRqfXuEL5/E/vqqUFlZLxADg=="
+    "signature_base64": "hR1NLS5mN1goInEizRpPOjO5xkg3wB4zsmciSo3/UIgmS10Qa0WJNTWX52o032ZLC4Dxn4snJ60zlx1vKuvhBQ=="
   }
 }

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@blamejs/exceptd-skills",
-  "version": "0.13.39",
+  "version": "0.13.41",
   "description": "AI security skills grounded in mid-2026 threat reality, not stale framework documentation. 42 skills, 10 catalogs (312 CVEs / 171 CWEs / 805 ATT&CK + ICS / 170 ATLAS / 468 D3FEND / 7476 RFCs), 34 jurisdictions, 10-class catalog gap detector + budget gate, real XML parser + canonical-form diff + content-pattern regression detection, Ed25519-signed.",
   "keywords": [
     "ai-security",

package/sbom.cdx.json CHANGED Viewed

@@ -1,22 +1,22 @@
 {
   "bomFormat": "CycloneDX",
   "specVersion": "1.6",
-  "serialNumber": "urn:uuid:fc61f805-6740-4746-9ace-c5646de5c30a",
+  "serialNumber": "urn:uuid:4fd52afb-0580-4176-b3f6-4f7c125d7e1e",
   "version": 1,
   "metadata": {
-    "timestamp": "2160-03-06T20:35:17.000Z",
+    "timestamp": "2068-06-10T23:17:15.000Z",
     "tools": [
       {
         "vendor": "blamejs",
         "name": "scripts/refresh-sbom.js",
-        "version": "0.13.39"
+        "version": "0.13.41"
       }
     ],
     "component": {
-      "bom-ref": "pkg:npm/@blamejs/exceptd-skills@0.13.39",
+      "bom-ref": "pkg:npm/@blamejs/exceptd-skills@0.13.41",
       "type": "application",
       "name": "@blamejs/exceptd-skills",
-      "version": "0.13.39",
+      "version": "0.13.41",
       "description": "AI security skills grounded in mid-2026 threat reality, not stale framework documentation. 42 skills, 10 catalogs (312 CVEs / 171 CWEs / 805 ATT&CK + ICS / 170 ATLAS / 468 D3FEND / 7476 RFCs), 34 jurisdictions, 10-class catalog gap detector + budget gate, real XML parser + canonical-form diff + content-pattern regression detection, Ed25519-signed.",
       "licenses": [
         {
@@ -25,17 +25,17 @@
           }
         }
       ],
-      "purl": "pkg:npm/%40blamejs/exceptd-skills@0.13.39",
+      "purl": "pkg:npm/%40blamejs/exceptd-skills@0.13.41",
       "hashes": [
         {
           "alg": "SHA-256",
-          "content": "74ddf4a0338a1e5b64531527ddc887ff95795ae9dfd1bd6bd5308129d9278f1d"
+          "content": "2170da0695dce4c96c204240cfce3133f147737709260c42e828be6778099cf9"
         }
       ],
       "externalReferences": [
         {
           "type": "distribution",
-          "url": "https://www.npmjs.com/package/@blamejs/exceptd-skills/v/0.13.39"
+          "url": "https://www.npmjs.com/package/@blamejs/exceptd-skills/v/0.13.41"
         },
         {
           "type": "vcs",
@@ -86,11 +86,11 @@
       "hashes": [
         {
           "alg": "SHA-256",
-          "content": "d6eeb79e1a53bdf399b48d79fc4cd30161be3b4202c1c45653329e1b80a4b2ad"
+          "content": "f11900411cb9b38926cd06bd0fc3a5f9a976992e7fd10fc256430c86a01c2ff4"
         },
         {
           "alg": "SHA3-512",
-          "content": "861654229312f2c2d6b1f279038a771fcdb56f38aec9eda1ca4d5d66c4a475d8c3fa99468adddc883c61bfb092e4e245d1b4ea26c5fe745f981bfdb085864ab8"
+          "content": "7aacca7daeb4c211da11f0bc01844d39601fe2e6d4104653b9ef6ff6f0646261e4d9e1681c789154ed3ca454abf3bc8f255c9bfc741ef2498b2898f144fc5b4a"
         }
       ]
     },
@@ -116,11 +116,11 @@
       "hashes": [
         {
           "alg": "SHA-256",
-          "content": "58bb67fe475a44a19e96b28ee97c286e2b5f6c69188c40a5392a5aca2bf188f1"
+          "content": "25679cb7c885f4c94779172be8505d09229eb9a09b279d95c75b710bc30b8e02"
         },
         {
           "alg": "SHA3-512",
-          "content": "610996d04a43067e1109444fd87a4ff6334599d5cffe21d0c9ee80520fed1e1728d2be0da0758c7a2016ed6660bbf6188a190fba9bcb0fca9197560af3aed565"
+          "content": "7aebbb9fb903f3ec6892214943ce47b894f31800e6cfadcd16b748faa687e71146812c2181003aa9f437cd7b5f80943574319ec974d8a686232bbdeb76bb45ee"
         }
       ]
     },
@@ -874,6 +874,21 @@
         }
       ]
     },
+    {
+      "bom-ref": "file:lib/collectors/ai-api.js",
+      "type": "file",
+      "name": "lib/collectors/ai-api.js",
+      "hashes": [
+        {
+          "alg": "SHA-256",
+          "content": "f7f37f5567c4d6d31cbe076d9be0fcbefaac89e8f4db7b339fe4a9a441d25246"
+        },
+        {
+          "alg": "SHA3-512",
+          "content": "8a183e4d43cf51e8f45c0f2a630ee3004df83ded3e0d2879c1a38da927ff1ec9eb0c22321c98d1c0ee15979d49ec6fff6e37fd947b01e48e9c7a99ea3ee255b3"
+        }
+      ]
+    },
     {
       "bom-ref": "file:lib/collectors/containers.js",
       "type": "file",
@@ -964,6 +979,21 @@
         }
       ]
     },
+    {
+      "bom-ref": "file:lib/collectors/runtime.js",
+      "type": "file",
+      "name": "lib/collectors/runtime.js",
+      "hashes": [
+        {
+          "alg": "SHA-256",
+          "content": "9e289a5af6df7044750c39072ff2df9a4fa80c9594e5b84fdd490754939fabdb"
+        },
+        {
+          "alg": "SHA3-512",
+          "content": "e58b55d0d98313382bddfaea5e7c3d5e3e610aaafc744df0878778420df0ac97e8688c1f32067c69627d429fbaaaec7123dc9f4dcf4f4ebe7161b56eaa93424c"
+        }
+      ]
+    },
     {
       "bom-ref": "file:lib/collectors/sbom.js",
       "type": "file",
@@ -1586,11 +1616,11 @@
       "hashes": [
         {
           "alg": "SHA-256",
-          "content": "0785c4b4b99897d6846d7e324c8a093da8bfdeaa48ca9ab234cd82009d1e04d0"
+          "content": "baf6b821336ba74ccafa21f09c510e7f581d3157a1aab19ed282f8d975ed8eec"
         },
         {
           "alg": "SHA3-512",
-          "content": "1391605f5361e83252247ffff0d85511abd4d3aed6308b89027ae4cd5df1aeb67ff3abfa71396421e9cdc31535e1783cb53b150aa0caf08000734171371ce480"
+          "content": "e0a13900f9bd00255a766fa39d8ae79952c6c4c9cea0798bdacfe943f2b52350e5b0f32b261a850b54d67d2fbe50ed3e0608fd4669f95253bc93da7e1518c895"
         }
       ]
     },