@blamejs/exceptd-skills 0.13.60 → 0.13.63
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +29 -0
- package/README.md +4 -2
- package/agents/README.md +5 -7
- package/data/_indexes/_meta.json +17 -17
- package/data/_indexes/catalog-summaries.json +2 -2
- package/data/_indexes/handoff-dag.json +3 -2
- package/data/_indexes/section-offsets.json +181 -172
- package/data/_indexes/stale-content.json +2 -8
- package/data/_indexes/token-budget.json +64 -59
- package/data/atlas-ttps.json +1 -1
- package/data/framework-control-gaps.json +3 -3
- package/manifest.json +56 -56
- package/package.json +2 -2
- package/sbom.cdx.json +45 -45
- package/scripts/builders/catalog-summaries.js +2 -2
- package/skills/attack-surface-pentest/skill.md +3 -3
- package/skills/compliance-theater/skill.md +2 -2
- package/skills/framework-gap-analysis/skill.md +2 -2
- package/skills/incident-response-playbook/skill.md +3 -3
- package/skills/mlops-security/skill.md +3 -3
- package/skills/policy-exception-gen/skill.md +2 -2
- package/skills/pqc-first/skill.md +23 -2
- package/skills/rag-pipeline-security/skill.md +2 -2
- package/skills/ransomware-response/skill.md +2 -2
- package/skills/researcher/skill.md +2 -2
- package/skills/skill-update-loop/skill.md +4 -4
|
@@ -3,10 +3,10 @@
|
|
|
3
3
|
"schema_version": "1.0.0",
|
|
4
4
|
"reference_date": "2026-05-15",
|
|
5
5
|
"note": "Stale-content snapshot derived from audit-cross-skill checks. Re-runs of build-indexes against the same inputs produce byte-identical output (reference_date is manifest.threat_review_date, not 'now'). audit-cross-skill.js remains the canonical interactive audit.",
|
|
6
|
-
"finding_count":
|
|
6
|
+
"finding_count": 1,
|
|
7
7
|
"by_severity": {
|
|
8
8
|
"high": 0,
|
|
9
|
-
"medium":
|
|
9
|
+
"medium": 1,
|
|
10
10
|
"low": 0
|
|
11
11
|
}
|
|
12
12
|
},
|
|
@@ -16,12 +16,6 @@
|
|
|
16
16
|
"category": "badge_drift",
|
|
17
17
|
"artifact": "README.md",
|
|
18
18
|
"detail": "jurisdictions badge shows 35, live count is 34"
|
|
19
|
-
},
|
|
20
|
-
{
|
|
21
|
-
"severity": "medium",
|
|
22
|
-
"category": "researcher_claim_drift",
|
|
23
|
-
"artifact": "skills/researcher/skill.md",
|
|
24
|
-
"detail": "claims 37 specialized skills downstream; live count is 41"
|
|
25
19
|
}
|
|
26
20
|
]
|
|
27
21
|
}
|
|
@@ -3,8 +3,8 @@
|
|
|
3
3
|
"schema_version": "1.0.0",
|
|
4
4
|
"tokenizer_note": "Character-density approximation: 1 token ≈ 4 chars. This is the canonical rule-of-thumb for OpenAI tokenizers on English+technical text. Claude's tokenizer is typically more efficient on prose; treat this as an upper-bound budget for both. Consumers with stricter precision needs should re-tokenize with their own tokenizer.",
|
|
5
5
|
"approx_chars_per_token": 4,
|
|
6
|
-
"total_chars":
|
|
7
|
-
"total_approx_tokens":
|
|
6
|
+
"total_chars": 1671867,
|
|
7
|
+
"total_approx_tokens": 417973,
|
|
8
8
|
"skill_count": 42
|
|
9
9
|
},
|
|
10
10
|
"skills": {
|
|
@@ -175,10 +175,10 @@
|
|
|
175
175
|
},
|
|
176
176
|
"framework-gap-analysis": {
|
|
177
177
|
"path": "skills/framework-gap-analysis/skill.md",
|
|
178
|
-
"bytes":
|
|
179
|
-
"chars":
|
|
178
|
+
"bytes": 32006,
|
|
179
|
+
"chars": 31898,
|
|
180
180
|
"lines": 406,
|
|
181
|
-
"approx_tokens":
|
|
181
|
+
"approx_tokens": 7975,
|
|
182
182
|
"approx_chars_per_token": 4,
|
|
183
183
|
"sections": {
|
|
184
184
|
"threat-context": {
|
|
@@ -192,9 +192,9 @@
|
|
|
192
192
|
"approx_tokens": 818
|
|
193
193
|
},
|
|
194
194
|
"ttp-mapping": {
|
|
195
|
-
"bytes":
|
|
196
|
-
"chars":
|
|
197
|
-
"approx_tokens":
|
|
195
|
+
"bytes": 2084,
|
|
196
|
+
"chars": 2082,
|
|
197
|
+
"approx_tokens": 521
|
|
198
198
|
},
|
|
199
199
|
"exploit-availability-matrix": {
|
|
200
200
|
"bytes": 1536,
|
|
@@ -235,10 +235,10 @@
|
|
|
235
235
|
},
|
|
236
236
|
"compliance-theater": {
|
|
237
237
|
"path": "skills/compliance-theater/skill.md",
|
|
238
|
-
"bytes":
|
|
239
|
-
"chars":
|
|
238
|
+
"bytes": 38659,
|
|
239
|
+
"chars": 38567,
|
|
240
240
|
"lines": 409,
|
|
241
|
-
"approx_tokens":
|
|
241
|
+
"approx_tokens": 9642,
|
|
242
242
|
"approx_chars_per_token": 4,
|
|
243
243
|
"sections": {
|
|
244
244
|
"frontmatter-scope": {
|
|
@@ -257,9 +257,9 @@
|
|
|
257
257
|
"approx_tokens": 2025
|
|
258
258
|
},
|
|
259
259
|
"ttp-mapping": {
|
|
260
|
-
"bytes":
|
|
261
|
-
"chars":
|
|
262
|
-
"approx_tokens":
|
|
260
|
+
"bytes": 2205,
|
|
261
|
+
"chars": 2189,
|
|
262
|
+
"approx_tokens": 547
|
|
263
263
|
},
|
|
264
264
|
"exploit-availability-matrix": {
|
|
265
265
|
"bytes": 2006,
|
|
@@ -515,10 +515,10 @@
|
|
|
515
515
|
},
|
|
516
516
|
"policy-exception-gen": {
|
|
517
517
|
"path": "skills/policy-exception-gen/skill.md",
|
|
518
|
-
"bytes":
|
|
519
|
-
"chars":
|
|
518
|
+
"bytes": 36832,
|
|
519
|
+
"chars": 36720,
|
|
520
520
|
"lines": 479,
|
|
521
|
-
"approx_tokens":
|
|
521
|
+
"approx_tokens": 9180,
|
|
522
522
|
"approx_chars_per_token": 4,
|
|
523
523
|
"sections": {
|
|
524
524
|
"frontmatter-scope": {
|
|
@@ -537,9 +537,9 @@
|
|
|
537
537
|
"approx_tokens": 1363
|
|
538
538
|
},
|
|
539
539
|
"ttp-mapping": {
|
|
540
|
-
"bytes":
|
|
541
|
-
"chars":
|
|
542
|
-
"approx_tokens":
|
|
540
|
+
"bytes": 1943,
|
|
541
|
+
"chars": 1929,
|
|
542
|
+
"approx_tokens": 482
|
|
543
543
|
},
|
|
544
544
|
"exploit-availability-matrix": {
|
|
545
545
|
"bytes": 2024,
|
|
@@ -770,10 +770,10 @@
|
|
|
770
770
|
},
|
|
771
771
|
"pqc-first": {
|
|
772
772
|
"path": "skills/pqc-first/skill.md",
|
|
773
|
-
"bytes":
|
|
774
|
-
"chars":
|
|
775
|
-
"lines":
|
|
776
|
-
"approx_tokens":
|
|
773
|
+
"bytes": 37988,
|
|
774
|
+
"chars": 37818,
|
|
775
|
+
"lines": 572,
|
|
776
|
+
"approx_tokens": 9455,
|
|
777
777
|
"approx_chars_per_token": 4,
|
|
778
778
|
"sections": {
|
|
779
779
|
"threat-context": {
|
|
@@ -787,9 +787,9 @@
|
|
|
787
787
|
"approx_tokens": 1976
|
|
788
788
|
},
|
|
789
789
|
"ttp-mapping": {
|
|
790
|
-
"bytes":
|
|
791
|
-
"chars":
|
|
792
|
-
"approx_tokens":
|
|
790
|
+
"bytes": 2122,
|
|
791
|
+
"chars": 2110,
|
|
792
|
+
"approx_tokens": 528
|
|
793
793
|
},
|
|
794
794
|
"exploit-availability-matrix": {
|
|
795
795
|
"bytes": 2472,
|
|
@@ -841,6 +841,11 @@
|
|
|
841
841
|
"chars": 1471,
|
|
842
842
|
"approx_tokens": 368
|
|
843
843
|
},
|
|
844
|
+
"defensive-countermeasure-mapping": {
|
|
845
|
+
"bytes": 3868,
|
|
846
|
+
"chars": 3846,
|
|
847
|
+
"approx_tokens": 962
|
|
848
|
+
},
|
|
844
849
|
"compliance-theater-check": {
|
|
845
850
|
"bytes": 660,
|
|
846
851
|
"chars": 660,
|
|
@@ -850,10 +855,10 @@
|
|
|
850
855
|
},
|
|
851
856
|
"skill-update-loop": {
|
|
852
857
|
"path": "skills/skill-update-loop/skill.md",
|
|
853
|
-
"bytes":
|
|
854
|
-
"chars":
|
|
858
|
+
"bytes": 47833,
|
|
859
|
+
"chars": 47699,
|
|
855
860
|
"lines": 522,
|
|
856
|
-
"approx_tokens":
|
|
861
|
+
"approx_tokens": 11925,
|
|
857
862
|
"approx_chars_per_token": 4,
|
|
858
863
|
"sections": {
|
|
859
864
|
"frontmatter-scope": {
|
|
@@ -862,9 +867,9 @@
|
|
|
862
867
|
"approx_tokens": 113
|
|
863
868
|
},
|
|
864
869
|
"threat-context": {
|
|
865
|
-
"bytes":
|
|
866
|
-
"chars":
|
|
867
|
-
"approx_tokens":
|
|
870
|
+
"bytes": 1543,
|
|
871
|
+
"chars": 1537,
|
|
872
|
+
"approx_tokens": 384
|
|
868
873
|
},
|
|
869
874
|
"ttp-mapping": {
|
|
870
875
|
"bytes": 1092,
|
|
@@ -907,9 +912,9 @@
|
|
|
907
912
|
"approx_tokens": 699
|
|
908
913
|
},
|
|
909
914
|
"exploit-availability-matrix": {
|
|
910
|
-
"bytes":
|
|
911
|
-
"chars":
|
|
912
|
-
"approx_tokens":
|
|
915
|
+
"bytes": 2727,
|
|
916
|
+
"chars": 2721,
|
|
917
|
+
"approx_tokens": 680
|
|
913
918
|
},
|
|
914
919
|
"compliance-theater-check": {
|
|
915
920
|
"bytes": 1677,
|
|
@@ -1065,10 +1070,10 @@
|
|
|
1065
1070
|
},
|
|
1066
1071
|
"attack-surface-pentest": {
|
|
1067
1072
|
"path": "skills/attack-surface-pentest/skill.md",
|
|
1068
|
-
"bytes":
|
|
1069
|
-
"chars":
|
|
1073
|
+
"bytes": 33290,
|
|
1074
|
+
"chars": 33147,
|
|
1070
1075
|
"lines": 388,
|
|
1071
|
-
"approx_tokens":
|
|
1076
|
+
"approx_tokens": 8287,
|
|
1072
1077
|
"approx_chars_per_token": 4,
|
|
1073
1078
|
"sections": {
|
|
1074
1079
|
"threat-context": {
|
|
@@ -1077,14 +1082,14 @@
|
|
|
1077
1082
|
"approx_tokens": 1173
|
|
1078
1083
|
},
|
|
1079
1084
|
"framework-lag-declaration": {
|
|
1080
|
-
"bytes":
|
|
1081
|
-
"chars":
|
|
1085
|
+
"bytes": 4563,
|
|
1086
|
+
"chars": 4553,
|
|
1082
1087
|
"approx_tokens": 1138
|
|
1083
1088
|
},
|
|
1084
1089
|
"ttp-mapping": {
|
|
1085
|
-
"bytes":
|
|
1086
|
-
"chars":
|
|
1087
|
-
"approx_tokens":
|
|
1090
|
+
"bytes": 2235,
|
|
1091
|
+
"chars": 2214,
|
|
1092
|
+
"approx_tokens": 554
|
|
1088
1093
|
},
|
|
1089
1094
|
"exploit-availability-matrix": {
|
|
1090
1095
|
"bytes": 2455,
|
|
@@ -2095,10 +2100,10 @@
|
|
|
2095
2100
|
},
|
|
2096
2101
|
"mlops-security": {
|
|
2097
2102
|
"path": "skills/mlops-security/skill.md",
|
|
2098
|
-
"bytes":
|
|
2099
|
-
"chars":
|
|
2103
|
+
"bytes": 46350,
|
|
2104
|
+
"chars": 46056,
|
|
2100
2105
|
"lines": 332,
|
|
2101
|
-
"approx_tokens":
|
|
2106
|
+
"approx_tokens": 11514,
|
|
2102
2107
|
"approx_chars_per_token": 4,
|
|
2103
2108
|
"sections": {
|
|
2104
2109
|
"threat-context": {
|
|
@@ -2150,10 +2155,10 @@
|
|
|
2150
2155
|
},
|
|
2151
2156
|
"incident-response-playbook": {
|
|
2152
2157
|
"path": "skills/incident-response-playbook/skill.md",
|
|
2153
|
-
"bytes":
|
|
2154
|
-
"chars":
|
|
2158
|
+
"bytes": 63307,
|
|
2159
|
+
"chars": 63055,
|
|
2155
2160
|
"lines": 549,
|
|
2156
|
-
"approx_tokens":
|
|
2161
|
+
"approx_tokens": 15764,
|
|
2157
2162
|
"approx_chars_per_token": 4,
|
|
2158
2163
|
"sections": {
|
|
2159
2164
|
"threat-context": {
|
|
@@ -2167,9 +2172,9 @@
|
|
|
2167
2172
|
"approx_tokens": 2541
|
|
2168
2173
|
},
|
|
2169
2174
|
"ttp-mapping": {
|
|
2170
|
-
"bytes":
|
|
2171
|
-
"chars":
|
|
2172
|
-
"approx_tokens":
|
|
2175
|
+
"bytes": 4992,
|
|
2176
|
+
"chars": 4984,
|
|
2177
|
+
"approx_tokens": 1246
|
|
2173
2178
|
},
|
|
2174
2179
|
"exploit-availability-matrix": {
|
|
2175
2180
|
"bytes": 3811,
|
|
@@ -2205,10 +2210,10 @@
|
|
|
2205
2210
|
},
|
|
2206
2211
|
"ransomware-response": {
|
|
2207
2212
|
"path": "skills/ransomware-response/skill.md",
|
|
2208
|
-
"bytes":
|
|
2209
|
-
"chars":
|
|
2213
|
+
"bytes": 48452,
|
|
2214
|
+
"chars": 48272,
|
|
2210
2215
|
"lines": 371,
|
|
2211
|
-
"approx_tokens":
|
|
2216
|
+
"approx_tokens": 12068,
|
|
2212
2217
|
"approx_chars_per_token": 4,
|
|
2213
2218
|
"sections": {
|
|
2214
2219
|
"threat-context": {
|
|
@@ -2222,9 +2227,9 @@
|
|
|
2222
2227
|
"approx_tokens": 1692
|
|
2223
2228
|
},
|
|
2224
2229
|
"ttp-mapping": {
|
|
2225
|
-
"bytes":
|
|
2226
|
-
"chars":
|
|
2227
|
-
"approx_tokens":
|
|
2230
|
+
"bytes": 2217,
|
|
2231
|
+
"chars": 2217,
|
|
2232
|
+
"approx_tokens": 554
|
|
2228
2233
|
},
|
|
2229
2234
|
"exploit-availability-matrix": {
|
|
2230
2235
|
"bytes": 2592,
|
package/data/atlas-ttps.json
CHANGED
|
@@ -512,7 +512,7 @@
|
|
|
512
512
|
"Multiple production AI assistant prompt injection incidents 2025-2026"
|
|
513
513
|
],
|
|
514
514
|
"framework_gap": true,
|
|
515
|
-
"framework_gap_detail": "No framework has a control for prompt injection as an access control failure vector. The attack uses the AI service account's authorized permissions — from AC-2's perspective, the access is authorized. MITRE ATLAS v5.
|
|
515
|
+
"framework_gap_detail": "No framework has a control for prompt injection as an access control failure vector. The attack uses the AI service account's authorized permissions — from AC-2's perspective, the access is authorized. MITRE ATLAS v5.6.0 documents the technique; no framework has implemented controls. OWASP LLM Top 10 documents the class; it is not incorporated in any compliance framework.",
|
|
516
516
|
"controls_that_partially_help": [
|
|
517
517
|
"NIST-800-53-AC-2",
|
|
518
518
|
"ISO-27001-2022-A.8.28"
|
|
@@ -365,7 +365,7 @@
|
|
|
365
365
|
"Treating 'Top 25 addressed' as a compliance signal creates a compliance-theatre risk for organisations with significant AI surface",
|
|
366
366
|
"No cross-walk requirement to ATLAS TTPs — CWE addresses weaknesses; ATLAS addresses adversary techniques. Both are needed for AI coverage"
|
|
367
367
|
],
|
|
368
|
-
"real_requirement": "Programmes that claim 'Top 25 addressed' as compliance evidence must additionally: (1) enumerate AI-relevant CWEs outside the Top 25 (CWE-1426 Improper Output Validation, CWE-1039 Inadequate Detection of Adversarial Input, CWE-1230 Exposure of Sensitive Info Through Metadata) with explicit treatment, (2) cross-walk to ATLAS v5.
|
|
368
|
+
"real_requirement": "Programmes that claim 'Top 25 addressed' as compliance evidence must additionally: (1) enumerate AI-relevant CWEs outside the Top 25 (CWE-1426 Improper Output Validation, CWE-1039 Inadequate Detection of Adversarial Input, CWE-1230 Exposure of Sensitive Info Through Metadata) with explicit treatment, (2) cross-walk to ATLAS v5.6.0 TTPs for adversarial coverage, (3) re-baseline against the next-published Top 25 with delta analysis. Aligns with EU CRA Annex I, UK NCSC, AU ISM, ISO 27001 A.8.28.",
|
|
369
369
|
"status": "open",
|
|
370
370
|
"opened_date": "2026-05-11",
|
|
371
371
|
"evidence_cves": [],
|
|
@@ -1586,7 +1586,7 @@
|
|
|
1586
1586
|
"LLM-API-as-C2 (SesameOp pattern, ATLAS AML.T0096) is not in the clause 6.1.2 example threat list — risk register templates omit it",
|
|
1587
1587
|
"No requirement to link AI risk register entries to specific TTP IDs (ATLAS / ATT&CK) — risks remain framework-internal abstractions"
|
|
1588
1588
|
],
|
|
1589
|
-
"real_requirement": "Clause 6.1.2 risk registers must (1) ingest ATLAS v5.
|
|
1589
|
+
"real_requirement": "Clause 6.1.2 risk registers must (1) ingest ATLAS v5.6.0 TTPs as enumerated AI-specific threat sources, (2) cross-reference jurisdictional obligations (EU AI Act Annex III, NIS2 Art. 21, DORA Art. 28, UK CAF B4, AU ISM AI annex, ISO 27001:2022 A.5.7), (3) include AI-API-as-C2 and prompt-injection-as-RCE as named scenarios, (4) be re-run on threat-intel triggers, not only on calendar cycles.",
|
|
1590
1590
|
"status": "open",
|
|
1591
1591
|
"opened_date": "2026-05-11",
|
|
1592
1592
|
"evidence_cves": [],
|
|
@@ -6199,7 +6199,7 @@
|
|
|
6199
6199
|
}
|
|
6200
6200
|
},
|
|
6201
6201
|
"ATLAS-AML.T0048": {
|
|
6202
|
-
"framework": "MITRE ATLAS v5.
|
|
6202
|
+
"framework": "MITRE ATLAS v5.6.0",
|
|
6203
6203
|
"control_id": "AML.T0048",
|
|
6204
6204
|
"control_name": "External Harms — ML Supply Chain Compromise (bundled-codec / inference-server class)",
|
|
6205
6205
|
"designed_for": "ATLAS AML.T0048 catalogues external harms from ML supply-chain compromise, including malicious model weights, poisoned training data, and compromised ML libraries. The technique-level guidance covers detection and mitigation at the model-artifact and library-consumption layer.",
|