@blamejs/exceptd-skills 0.13.59 → 0.13.62

package/CHANGELOG.md

@@ -1,5 +1,40 @@
 # Changelog
 
+## 0.13.62 — 2026-05-24
+
+Threat-framework version pins are now consistent across the full surface. The remaining skills and the source registry cite MITRE ATT&CK v19.0 (April 2026); `attack-surface-pentest` and `skill-update-loop` still described the superseded v17 matrix, and `sources/index.json` pointed callers at v17 / 2025-06-25. The same registry's ATLAS pointer is corrected to v5.6.0 (May 2026) — it had drifted to v5.1.0 while every other surface moved on. A new guard refuses any operator-facing reference to an ATT&CK version older than the catalog pin, while permitting forward-looking references so forward-watch entries naming the next release cycle stay intact.
+
+### Bugs
+
+- **`attack-surface-pentest` and `skill-update-loop` cited ATT&CK v17** in their TTP-mapping tables and source-tracking rows while the catalog pin (`data/attack-techniques.json._meta.attack_version`) is v19.0. The version operators read in the skill body now matches the version the engine resolves against.
+- **`sources/index.json` pinned ATT&CK at v17 / 2025-06-25 and ATLAS at v5.1.0 / 2025-11-01** — the machine-readable "current version" pointers consumers read to learn which framework revision the catalog tracks. Both now match the catalog: ATT&CK v19.0 / 2026-04-28, ATLAS v5.6.0 / 2026-05-08, with the ATLAS update cadence corrected to monthly.
+
+### Internal
+
+- Added an ATT&CK-version drift guard mirroring the existing ATLAS guard. It is stale-only: a reference older than the pinned version fails the suite; an equal-or-newer reference (how forward-watch records the next release) passes. The source-registry version pointers are asserted against the catalog pins so they cannot silently diverge again.
+
+## 0.13.61 — 2026-05-22
+
+Documentation and skill-content drift fixes. `package.json` description, SBOM metadata, and the operator-queryable catalog summary now report the correct 35-jurisdiction count. Eight skills correct their MITRE ATLAS release date (May 2026, not February 2026); three skills bump their ATT&CK pin to v19.0 to match `data/attack-techniques.json._meta.attack_version` and the AGENTS.md Hard Rule #12 pin. `refresh --check-advisories` help text now enumerates all 15 advisory feeds the runtime polls. The agents/ directory roster drops a broken link to a non-existent `framework-analyst.md` and folds its responsibility into `threat-researcher`.
+
+### Bugs
+
+- **`package.json.description` and `sbom.cdx.json` reported "34 jurisdictions"** while every other surface (README badge, README body, ARCHITECTURE.md, CONTEXT.md) reported 35 and `data/global-frameworks.json` actually ships 35. The npm registry blurb — the first discovery-path operators see — was wrong by one. Bumped to 35 across both, plus `scripts/builders/catalog-summaries.js` and the regenerated `data/_indexes/catalog-summaries.json` which downstream AI consumers query for catalog introspection.
+- **Eight skills described MITRE ATLAS v5.6.0 as released "February 2026" (or `2026-02-06`)** when the actual release date is `2026-05-08` (May 2026), as pinned in AGENTS.md Hard Rule #12 and `data/atlas-ttps.json._meta.atlas_release_date`. Audit traceability — "which TTP catalog were we using on May 1?" — requires the date to be consistent across the shipped surface. Fixed in compliance-theater, framework-gap-analysis, incident-response-playbook, policy-exception-gen, mlops-security (×2), rag-pipeline-security, ransomware-response, and skill-update-loop (×2).
+- **Three skills referenced ATT&CK v17 (2025-06-25) and AGENTS.md "rule #8"** — both stale. Hard Rule #8 is compliance-theater detection, not version pinning; the version-pinning rule is #12. The pinned ATT&CK version per AGENTS.md and `data/attack-techniques.json._meta.attack_version` is v19.0 (April 2026), which split Defense Evasion into Stealth (TA0005) and Defense Impairment (TA0112). Skills now cite the correct rule number and the current pinned version. Affects incident-response-playbook and ransomware-response.
+- **`refresh --check-advisories` help text enumerated 12 venues** while the prose around it (and the runtime in `lib/source-advisories.js`) polls 15. The three omissions — BleepingComputer security, The Hacker News, and the Nightmare-Eclipse GitHub tracker — are now listed inline so the count and the enumeration agree.
+- **`agents/README.md` listed a `framework-analyst.md` role that has no file on disk** — the roster, workflow diagram, and parallelization section all referenced a fifth agent that ships as a 404. The threat-researcher role already covers framework amendments; its description and trigger list now reflect that, and the broken row + diagram node are removed.
+
+## 0.13.60 — 2026-05-22
+
+Final tranche of audit cycle 3 polish. `doctor` surfaces the local version; `--collectors` distinguishes policy-skipped from actually-missing collectors; `ask` confidence penalizes ties.
+
+### Features
+
+- **`doctor` surfaces `local_version`** at the top of the JSON envelope + in the text header. Operators see "which version am I running?" alongside "is my install healthy?" without invoking `exceptd version` separately. Opt-in `--registry-check` augments with the published comparison; `local_version` alone is offline-clean.
+- **`doctor --collectors` adds `unexplained_missing_collectors`** — the set difference of `without_collector` and `policy_skips`. Previously these were identical-by-coincidence; a future regression that lost an active collector or a policy-skipped playbook that gained one would have gone unnoticed. The new field surfaces the operator-actionable gaps directly.
+- **`ask` confidence is penalized by tie spread.** A 5-way tie at the top score no longer reports the same confidence as a single clear winner. `confidence_factors` surfaces `base` (raw score / token count) + `tie_count` so consumers can introspect the math. Tied scores also break alphabetically only as a last resort — direct id-match between the question and a playbook id now outranks alphabetical accident.
+
 ## 0.13.59 — 2026-05-22
 
 Air-gap mode honored by `--upstream-check` and the `collect` envelope. `doctor` subchecks surface freshness timestamps + walk-cap markers. `--collectors` text matches its JSON.

package/README.md

@@ -366,8 +366,10 @@ exceptd refresh                       Refresh upstream catalogs + indexes.
                                       ZDI, kernel.org commits, oss-security
                                       mailing list, JFrog SecOps, CISA current
                                       advisories, Microsoft Security Blog,
-                                      Sysdig, Trail of Bits, Embrace the Red)
-                                      for CVE IDs disclosed at T+0 to T+1 —
+                                      Sysdig, Trail of Bits, Embrace the Red,
+                                      BleepingComputer, The Hacker News,
+                                      Nightmare-Eclipse GitHub tracker) for
+                                      CVE IDs disclosed at T+0 to T+1 —
                                       days ahead of NVD enrichment.
                                       Report-only: emits structured diffs[]
                                       with {cve_id, sources[], advisory_urls[],

package/agents/README.md

@@ -8,9 +8,8 @@ Multi-agent coordination for exceptd Security. Each agent file defines a special
 
 | Agent | Role | Triggers |
 |---|---|---|
-| [threat-researcher](threat-researcher.md) | Research and validate new CVEs, threat campaigns, and ATLAS TTPs | New CVE published, ATLAS update, CISA KEV addition |
-| [framework-analyst](framework-analyst.md) | Analyze framework updates and gap changes | Framework amendment published |
-| [skill-updater](skill-updater.md) | Apply validated intelligence to update skill files | Threat researcher or framework analyst output |
+| [threat-researcher](threat-researcher.md) | Research and validate new CVEs, threat campaigns, ATLAS TTPs, and framework updates | New CVE published, ATLAS update, CISA KEV addition, framework amendment |
+| [skill-updater](skill-updater.md) | Apply validated intelligence to update skill files | Threat researcher output |
 | [source-validator](source-validator.md) | Cross-check data against primary sources | Before any data enters cve-catalog.json or atlas-ttps.json |
 | [report-generator](report-generator.md) | Generate structured reports from skill outputs | User invokes a reporting workflow |
 
@@ -21,8 +20,8 @@ Multi-agent coordination for exceptd Security. Each agent file defines a special
 ```
 External trigger (new CVE, ATLAS update, framework change)
           ↓
-[threat-researcher] or [framework-analyst]
-   — researches the trigger
+[threat-researcher]
+   — researches the trigger (CVE, ATLAS update, or framework amendment)
    — identifies affected skills
    — produces a validated intelligence package
           ↓
@@ -48,8 +47,7 @@ External trigger (new CVE, ATLAS update, framework change)
 These agents can run in parallel when their inputs are independent:
 
 **Parallel-safe:**
-- Multiple threat-researcher instances on different CVEs
-- framework-analyst + threat-researcher on unrelated topics
+- Multiple threat-researcher instances on different CVEs or framework amendments
 - Multiple source-validator instances on different data items
 
 **Must be sequential:**

package/bin/exceptd.js

@@ -6586,16 +6586,51 @@ function cmdDoctor(runner, args, runOpts, pretty) {
         }
       }
       const ok = load_errors.length === 0;
+      // Audit 3 B.6: pre-fix `without_collector` was just "playbooks
+      // missing a collector file" — which happened to equal POLICY_SKIPS
+      // exactly because every policy-skipped playbook also has no
+      // collector. That coincidence isn't an invariant: a future
+      // playbook could lose its collector by accident OR a policy-skipped
+      // playbook could gain a collector intentionally. Distinguish the
+      // two: `without_collector` is now playbooks-missing-a-collector
+      // that are NOT in the policy-skip allowlist — i.e. actual gaps
+      // that need attention. The set-difference is what operators
+      // should remediate.
+      // Pre-fix `without_collector` was just "playbooks missing a
+      // collector file" — which happened to equal POLICY_SKIPS exactly
+      // because every policy-skipped playbook also has no collector.
+      // That coincidence isn't an invariant: a future playbook could
+      // lose its collector by accident OR a policy-skipped playbook
+      // could gain one. The new `unexplained_missing_collectors`
+      // field surfaces the operator-actionable set difference:
+      // playbooks missing a collector that are NOT in the policy
+      // allowlist. Existing `without_collector` retained for
+      // back-compat.
+      const policySkipSet = new Set(POLICY_SKIPS);
+      const unexplained_missing_collectors = without_collector.filter(p => !policySkipSet.has(p));
+      // Audit-3 codex P1 follow-up: when an unexplained missing collector
+      // appears (a playbook that SHOULD have a collector but doesn't,
+      // i.e. NOT in the policy-skip allowlist), the check fails. Without
+      // this, automation and CI health checks would miss the exact
+      // regression class that unexplained_missing_collectors exists to
+      // surface. Load errors still fail at "error" severity; unexplained
+      // missings fail at "warn" (they're a build-time gap, not a
+      // runtime crash).
+      const collectorOk = ok && unexplained_missing_collectors.length === 0;
+      const collectorSeverity = load_errors.length > 0 ? "error"
+        : unexplained_missing_collectors.length > 0 ? "warn"
+        : "info";
       checks.collectors = {
-        ok,
-        severity: ok ? "info" : "error",
+        ok: collectorOk,
+        severity: collectorSeverity,
         total_playbooks: playbookFiles.length,
         with_collector,
         without_collector,
+        unexplained_missing_collectors,
         load_errors,
         policy_skips: POLICY_SKIPS.sort(),
       };
-      if (!ok) issues.push("collectors");
+      if (!collectorOk) issues.push("collectors");
     } catch (e) {
       checks.collectors = { ok: false, severity: "error", error: e.message };
       issues.push("collectors");
@@ -6615,8 +6650,18 @@ function cmdDoctor(runner, args, runOpts, pretty) {
   const { bucketChecks } = require(path.join(PKG_ROOT, "lib", "doctor-bucketing.js"));
   const { warnList, errorList } = bucketChecks(checks);
   const allGreen = errorList.length === 0 && warnList.length === 0;
+  // Audit 3 B.11: surface the local version on the default doctor output
+  // so operators answer both "is my install healthy?" AND "which version
+  // am I running?" without having to invoke `exceptd version` separately.
+  // The opt-in --registry-check augments this with the published comparison;
+  // local_version alone is offline-clean.
+  let localVersion = null;
+  try {
+    localVersion = require(path.join(PKG_ROOT, "package.json")).version || null;
+  } catch { /* package.json unreadable — fall through */ }
   const out = {
     verb: "doctor",
+    local_version: localVersion,
     checks,
     summary: {
       all_green: allGreen,
@@ -6727,7 +6772,7 @@ function cmdDoctor(runner, args, runOpts, pretty) {
 
   // Default: human checklist. v0.11.0 redesign #5.
   const lines = [];
-  lines.push("exceptd doctor");
+  lines.push(`exceptd doctor${localVersion ? ` (v${localVersion})` : ""}`);
   function mark(c, render) {
     if (!c) return;
     // Four states: ok / warn / error / skipped. `skipped` is informational
@@ -7546,7 +7591,20 @@ function cmdAsk(runner, args, runOpts, pretty) {
     if (tokens.some(t => (pb._meta?.id || id) === t)) score += 3;
     scored.push({ id: pb._meta?.id || id, score });
   }
-  scored.sort((a, b) => b.score - a.score);
+  // Audit 3 C.6: when scores tie, fall back to a deterministic but more
+  // useful order than alphabetical playbook-id (which made the first-5
+  // playbooks dominate every vague query). Secondary sort favors
+  // playbooks whose id is referenced directly in the question (e.g.
+  // "secrets" matching playbook id "secrets" outranks an alphabetical
+  // accident). Tertiary is the original stable order.
+  scored.forEach((s, i) => { s._origIdx = i; });
+  scored.sort((a, b) => {
+    if (b.score !== a.score) return b.score - a.score;
+    const aIdMatch = tokens.includes(a.id) ? 1 : 0;
+    const bIdMatch = tokens.includes(b.id) ? 1 : 0;
+    if (aIdMatch !== bIdMatch) return bIdMatch - aIdMatch;
+    return a._origIdx - b._origIdx;
+  });
   const top = scored.filter(s => s.score > 0).slice(0, 5);
 
   // v0.11.2: default human-readable; --json for machine.
@@ -7575,11 +7633,22 @@ function cmdAsk(runner, args, runOpts, pretty) {
     t.collector_available = fs.existsSync(collectorPath);
   }
 
+  // Audit 3 C.7: penalize confidence by the tie spread at the top so a
+  // 5-way tie at score 3 doesn't claim the same confidence as a single
+  // clear winner at score 3. tieCount counts how many playbooks share
+  // the top score (1 = clean winner; >1 = tie). Confidence divided
+  // accordingly: a 5-way tie reports ~0.2x the base, a clean winner
+  // reports the full base.
+  const topScore = top[0].score;
+  const tieCount = scored.filter(s => s.score === topScore).length;
+  const baseConfidence = Math.min(1, topScore / Math.max(2, tokens.length));
+  const tiePenalty = tieCount > 1 ? 1 / tieCount : 1;
   const result = {
     verb: "ask",
     question,
     routed_to: top.map(t => t.id),
-    confidence: Math.min(1, top[0].score / Math.max(2, tokens.length)),
+    confidence: Math.round(baseConfidence * tiePenalty * 100) / 100,
+    confidence_factors: { base: Math.round(baseConfidence * 100) / 100, tie_count: tieCount },
     next_step: `exceptd run ${top[0].id}    # or: exceptd brief ${top[0].id} to learn first`,
     full_match_list: top,
   };

package/data/_indexes/_meta.json

@@ -1,10 +1,10 @@
 {
   "schema_version": "1.1.0",
-  "generated_at": "2026-05-22T23:28:32.508Z",
+  "generated_at": "2026-05-24T14:51:18.851Z",
   "generator": "scripts/build-indexes.js",
   "source_count": 54,
   "source_hashes": {
-    "manifest.json": "020990fd6a13ea3a2a0273e80d0607c1cf0fd8887f03bb48294d2568a22d2789",
+    "manifest.json": "a5c737f12027f2dbea6de6ea9e540a81a075ba49cf0d4d72bdb9b247732e3907",
     "data/atlas-ttps.json": "d296c1d3e71807c9279b731f047e57796e85137f186586743a8cdad214b408f9",
     "data/attack-techniques.json": "49b6010b317edd219def135171ea8f3b1bbf1e00e9c5a08bf7237215ff54e2c3",
     "data/cve-catalog.json": "a09c83af3f9679a7ea73935726a1ff9de2cab94b4ab6321fc017fc147747d7c3",
@@ -19,20 +19,20 @@
     "skills/kernel-lpe-triage/skill.md": "08b3e9815ba481c57c80f5fc0ccbf5bb7cbb41f570c235ba6ff9596b8c07354d",
     "skills/ai-attack-surface/skill.md": "6ff82cd5e805a29b694a71ffbeba22e78966249da921706f3256fa4319e402fc",
     "skills/mcp-agent-trust/skill.md": "bf3ded40e84443400c9bec8634e0d6a14c9633e569d8c2e26f9d5881f8e78dff",
-    "skills/framework-gap-analysis/skill.md": "82acc8fc68ee5cc7aaddff1632a63524663981d4b9ce064f8543d1cfbba1b770",
-    "skills/compliance-theater/skill.md": "a664e202d4fdcd28eb3216983d6b982b288ce8e553461fa79468c6a1744b83ee",
+    "skills/framework-gap-analysis/skill.md": "17249909697a9c61b71f6885a1f4888ab1e727909ddb487ed82aeef535884a4f",
+    "skills/compliance-theater/skill.md": "d656444bb1987f43ae61374f210977d0c1f247f54d7318fdd639dd0cfdbef392",
     "skills/exploit-scoring/skill.md": "f55e9aa4985ebad8a2a12092c937deb6939a639dc1e16e2214ecfa1c9b9402c4",
-    "skills/rag-pipeline-security/skill.md": "785dac24078f4f3d798f04607aa13d2d902d027fb5ea95d1074240c4762b2dff",
+    "skills/rag-pipeline-security/skill.md": "d3ad18562a6083fb773347e24b6fcda2adcb68b4269e29df53b5afeb113cf7b0",
     "skills/ai-c2-detection/skill.md": "524474483bdfa9614cf31276f16c0ec365a364e61e9ca6047c08621751539671",
-    "skills/policy-exception-gen/skill.md": "76c8f4dadf470103a467f40b01870585d8769c1af2bc15956e1d8b0b424626ae",
+    "skills/policy-exception-gen/skill.md": "238074319b57399c75d76439ef1ff67153b5a3207adf1556f3ca1e68cfe7cfaa",
     "skills/threat-model-currency/skill.md": "4295c0efe31dcbec1a7bc96b8ce05d41414d918cbfc7fb7dffb2be7e4d873ae3",
     "skills/global-grc/skill.md": "57ca729034e9d33c527d869c1c4aa82fe37e496878a3cbcd9e5043cb62b7105d",
     "skills/zeroday-gap-learn/skill.md": "d8872a4f5e5e927ae087e8319996ec3b9e010aa23fca32248c0909051032db48",
-    "skills/pqc-first/skill.md": "07b38278b60d2437603a541c1ee954999abfe3a192f94b43cd384023738a0c1f",
-    "skills/skill-update-loop/skill.md": "358a0ac73bc7f211def7e2ad0d3eda147f847ded3a3f1dd27afdd360226e8add",
+    "skills/pqc-first/skill.md": "3b41b59eb4e8480b691ff17185f42b9fbfd7665e369fc210feba496688cc77aa",
+    "skills/skill-update-loop/skill.md": "f7cd18df293b90c0d2afb6ba8b87664419becea6b63221f03efaf09c69586025",
     "skills/security-maturity-tiers/skill.md": "2e46c9332a5a6190d4605ba7bc653410659be19fab50c78c0a6732f84ebdb300",
     "skills/researcher/skill.md": "959aeba706eea43a69136561968d7942dcd981d0a6c3da7db47673c51943b6df",
-    "skills/attack-surface-pentest/skill.md": "7609380c53bfc829b28a4478457a887aadcf31ddbade2d6ecf56fc5f845a0f72",
+    "skills/attack-surface-pentest/skill.md": "d6ea35136f93eb4aa75b65a5ae402353b0e2c63a83acece1606fe3f5d1ec6a8d",
     "skills/fuzz-testing-strategy/skill.md": "86e7bf537e4313b932acaba6282a4514336066a740bdbee4e7cbea2d2ef05b54",
     "skills/dlp-gap-analysis/skill.md": "b5183b5ea6fad6986500d7a04e83239a5fbf4272eaa6888b8be6420ce3d36ac5",
     "skills/supply-chain-integrity/skill.md": "90e930ef5d4cc5a54653844098d3549c3760b1a4aba5c48db1bd4eb24bea8d1b",
@@ -51,9 +51,9 @@
     "skills/api-security/skill.md": "120ed75df17db4dfc4746b9d5bd6efd33786bbf68cb840670aeed0be505866f9",
     "skills/cloud-security/skill.md": "425be2c6e3563f011d0280bf03268425bf60923ae3d02eafbf1b56d04f0b7ffe",
     "skills/container-runtime-security/skill.md": "f22bf5a305f8a33884d49d9bfb25fa2bd00c4b3d0dc490bd12f20a7721683b4a",
-    "skills/mlops-security/skill.md": "90225bee8c6980a08a4d9601ece15337d065fd12ff52b0821a91eee63aa6950a",
-    "skills/incident-response-playbook/skill.md": "4d1509db64c59a8985bef7f53dfe6be54887e2989b39ed51f19eacc761750877",
-    "skills/ransomware-response/skill.md": "1455eeecbb18962447af80fe3d49aead15ebe7b45c206d8f4bd7d0c202b9681a",
+    "skills/mlops-security/skill.md": "498549ddc9d870cb8d6a28a4d79b8d7058d5eed832d7c266c281084f4371ce46",
+    "skills/incident-response-playbook/skill.md": "9c219de36c7d702dff8504a25e2f1b07459716ea2ed02f49d751f91dbeca1b01",
+    "skills/ransomware-response/skill.md": "471b714c42717d43f81b2b582cd8e89ca8d3140de2ddc06cce15f012a0e19be1",
     "skills/email-security-anti-phishing/skill.md": "250f266908f51f99a4cb3aec0d5dacfcf91fac9f3d95e5a117429a40ed2ff45a",
     "skills/age-gates-child-safety/skill.md": "b8fad37033ba955eee678950963e816b6c56fd34a953e5c81b3bdd4c12a8f69a",
     "skills/cloud-iam-incident/skill.md": "5ec3800a0049b2123aff67bfab4ff28491a86d2daeb712283e5e88b10c3d5d7b",
@@ -78,7 +78,7 @@
     "handoff_dag_nodes": 42,
     "summary_cards": 42,
     "section_offsets_skills": 42,
-    "token_budget_total_approx": 416979,
+    "token_budget_total_approx": 417973,
     "recipes": 8,
     "jurisdiction_clocks": 29,
     "did_ladders": 8,

package/data/_indexes/catalog-summaries.json

@@ -183,7 +183,7 @@
     },
     "global-frameworks.json": {
       "path": "data/global-frameworks.json",
-      "purpose": "Multi-jurisdiction framework registry: 34 jurisdictions × applicable frameworks × patch_sla / notification_sla / critical_controls / framework_gaps. Cross-cutting authority for jurisdiction-clocks index.",
+      "purpose": "Multi-jurisdiction framework registry: 35 jurisdictions × applicable frameworks × patch_sla / notification_sla / critical_controls / framework_gaps. Cross-cutting authority for jurisdiction-clocks index.",
       "schema_version": "1.3.0",
       "last_updated": "2026-05-15",
       "tlp": "CLEAR",

package/data/_indexes/handoff-dag.json

@@ -126,6 +126,7 @@
       "mcp-agent-trust"
     ],
     "pqc-first": [
+      "ai-c2-detection",
       "compliance-theater",
       "framework-gap-analysis"
     ],
@@ -513,7 +514,7 @@
   "in_degree": {
     "age-gates-child-safety": 1,
     "ai-attack-surface": 26,
-    "ai-c2-detection": 12,
+    "ai-c2-detection": 13,
     "ai-risk-management": 5,
     "api-security": 4,
     "attack-surface-pentest": 13,
@@ -581,7 +582,7 @@
     "mlops-security": 10,
     "ot-ics-security": 14,
     "policy-exception-gen": 0,
-    "pqc-first": 2,
+    "pqc-first": 3,
     "rag-pipeline-security": 6,
     "ransomware-response": 10,
     "researcher": 37,