@blamejs/exceptd-skills 0.14.10 → 0.14.11

package/lib/framework-gap.js

@@ -141,7 +141,7 @@ function lagScore(frameworkId, controlGaps, globalFrameworks) {
  * @param {object} cveCatalog - Parsed cve-catalog.json (optional)
  * @returns {{ frameworks: object, universal_gaps: object[], theater_risks: object[] }}
  */
-function gapReport(frameworkIds, threatScenario, controlGaps, cveCatalog = {}) {
+function gapReport(frameworkIds, threatScenario, controlGaps, cveCatalog = {}, opts = {}) {
   const scenario = threatScenario.toLowerCase();
 
   const relevantGaps = Object.entries(controlGaps).filter(([, gap]) => {
@@ -207,6 +207,25 @@ function gapReport(frameworkIds, threatScenario, controlGaps, cveCatalog = {}) {
       theater_test_present: !!g.theater_test,
     }));
 
+  // Summary matching count. With `all` frameworks the summary counts every
+  // scenario-relevant gap across the whole catalog (relevantGaps). With an
+  // explicit framework filter the summary must agree with the per-framework
+  // body the operator actually sees — otherwise `framework-gap nist-800-53
+  // <cve>` shows e.g. "2 matching control gap(s)" per-framework but "Summary:
+  // 8 matching gaps" (every framework's hits, pre-filter). Sum the per-
+  // framework gap_count so body + summary agree. De-duplicate by gap key in
+  // case a single gap matches multiple requested frameworks.
+  let matchingGapCount;
+  if (opts.allFrameworks) {
+    matchingGapCount = relevantGaps.length;
+  } else {
+    const seen = new Set();
+    for (const id of frameworkIds) {
+      for (const g of frameworkResults[id]?.gaps ?? []) seen.add(g.id);
+    }
+    matchingGapCount = seen.size;
+  }
+
   return {
     threat_scenario: threatScenario,
     frameworks: frameworkResults,
@@ -217,7 +236,7 @@ function gapReport(frameworkIds, threatScenario, controlGaps, cveCatalog = {}) {
     })),
     theater_risks: theaterRisks,
     summary: {
-      total_gaps: relevantGaps.length,
+      total_gaps: matchingGapCount,
       universal_gaps: universalGaps.length,
       theater_risk_controls: theaterRisks.length
     }

package/lib/prefetch.js

@@ -112,7 +112,7 @@ function parseArgs(argv) {
   for (let i = 2; i < argv.length; i++) {
     const a = argv[i];
     if (a === "--force") out.force = true;
-    else if (a === "--no-network" || a === "--dry-run") out.noNetwork = true;
+    else if (a === "--no-network" || a === "--dry-run" || a === "--air-gap") out.noNetwork = true;
     else if (a === "--quiet") out.quiet = true;
     else if (a === "--help" || a === "-h") out.help = true;
     else if (a === "--source") out.source = argv[++i];
@@ -122,6 +122,10 @@ function parseArgs(argv) {
     else if (a === "--cache-dir") out.cacheDir = path.resolve(argv[++i]);
     else if (a.startsWith("--cache-dir=")) out.cacheDir = path.resolve(a.slice("--cache-dir=".length));
   }
+  // The global air-gap switch implies a report-only / no-egress run: treat
+  // EXCEPTD_AIR_GAP=1 the same as --no-network so prefetch never plans live
+  // fetches under air-gap.
+  if (process.env.EXCEPTD_AIR_GAP === "1") out.noNetwork = true;
   return out;
 }
 

package/lib/refresh-external.js

@@ -202,10 +202,11 @@ Outputs:
 
 Exit codes (refresh's own scheme — distinct from the seven-phase verbs):
   0  applied (or a clean dry-run with no diffs to surface)
+  1  apply-mode downstream gate failed (build-indexes, or a per-source error)
   2  error (unknown --source, unreadable fixture, invalid --advisory id, air-gap refusal)
   3  draft produced, editorial review pending (a successful --advisory seed —
      NOT a failure; run --advisory <id> --apply to land it, or curate first)
-  4  network/source unreachable
+  4  network/source unreachable OR cache precondition refused (unsigned/stale/tampered/unindexed cache)
 Note: exit 3 here means "review needed", which differs from \`exceptd run\`'s
 exit 3 ("ran but no evidence"). Script \`refresh --advisory\` on the body's
 \`ok\` field, not on \`$? == 0\`.
@@ -1252,8 +1253,18 @@ async function withCatalogLock(catalogPath, mutator) {
 }
 
 function chosenSources(opts) {
-  if (!opts.source) return Object.values(ALL_SOURCES);
+  // Flag-absent (opts.source == null) means "all sources" — the default
+  // refresh behavior. Flag-present-but-empty (`--source ""`, or a value that
+  // trims to nothing like `--source ","`) is an operator error, not a
+  // silent run-everything: refuse and list the valid names so the typo is
+  // visible rather than masquerading as a full refresh.
+  if (opts.source == null) return Object.values(ALL_SOURCES);
   const names = opts.source.split(",").map((s) => s.trim()).filter(Boolean);
+  if (names.length === 0) {
+    const err = new Error(`refresh-external: --source requires at least one source name. Valid: ${Object.keys(ALL_SOURCES).join(", ")}`);
+    err._exceptd_unknown_source = true;
+    throw err;
+  }
   const out = [];
   for (const n of names) {
     if (!ALL_SOURCES[n]) {
@@ -1428,7 +1439,7 @@ async function main() {
   // the seed is printed to stdout for review.
   // An empty --advisory value (`--advisory ""` / `--advisory=`) must error
   // rather than silently falling through to a full-refresh dry-run.
-  if (opts.advisory === "") {
+  if (opts.advisory != null && opts.advisory.trim() === "") {
     process.stderr.write(JSON.stringify({
       ok: false,
       error: "refresh: --advisory requires a non-empty identifier (e.g. CVE-2026-1234, GHSA-xxxx-xxxx-xxxx, MAL-2026-1).",
@@ -1496,11 +1507,22 @@ async function main() {
     ? await Promise.all(sources.map(runOne))
     : await sequential(sources, runOne);
 
+  // Cache-integrity refusals (sha256 mismatch, missing/partial _index.json,
+  // unindexed payload) are thrown by readCachedJson with _exceptd_exit_code=4
+  // but caught inside runOne and returned as a per-source error — so the
+  // throw never reaches main().catch where the code is otherwise honored.
+  // Carry the marker through here so main() can prefer exit 4 (BLOCKED /
+  // precondition refusal) over the generic per-source-failure exit 1.
+  let cacheIntegrityFailure = false;
   for (const { src, diff, error } of outcomes) {
     if (error) {
       log(`\n  [${src.name}] ${src.description}`);
       log(`    error: ${error.message}`);
       report.sources[src.name] = { status: "error", error: error.message };
+      if (error._exceptd_cache_integrity || error._exceptd_exit_code === 4) {
+        report.sources[src.name].cache_integrity = true;
+        cacheIntegrityFailure = true;
+      }
       hadFailure = true;
       continue;
     }
@@ -1550,7 +1572,10 @@ async function main() {
   // truncate buffered stdout (refresh-report path log line, summary log
   // lines piped to a consumer). exitCode + return lets the event loop end
   // naturally and stdout drains in full.
-  process.exitCode = hadFailure ? 1 : 0;
+  // Prefer the documented BLOCKED (4) code when any source refused on a
+  // cache-integrity precondition; fall back to generic failure (1) for other
+  // per-source errors / downstream gate failures.
+  process.exitCode = cacheIntegrityFailure ? 4 : (hadFailure ? 1 : 0);
 }
 
 async function sequential(items, fn) {

package/lib/refresh-network.js

@@ -45,14 +45,16 @@ const PKG_NAME = "@blamejs/exceptd-skills";
 const REQUEST_TIMEOUT_MS = 15000;
 
 function parseArgs(argv) {
-  const out = { force: false, dryRun: false, timeoutMs: REQUEST_TIMEOUT_MS, json: false };
+  const out = { force: false, dryRun: false, timeoutMs: REQUEST_TIMEOUT_MS, json: false, airGap: false };
   for (let i = 2; i < argv.length; i++) {
     const a = argv[i];
     if (a === "--force") out.force = true;
     else if (a === "--dry-run") out.dryRun = true;
     else if (a === "--json") out.json = true;
+    else if (a === "--air-gap") out.airGap = true;
     else if (a === "--timeout") out.timeoutMs = parseInt(argv[++i], 10) || REQUEST_TIMEOUT_MS;
   }
+  if (process.env.EXCEPTD_AIR_GAP === "1") out.airGap = true;
   return out;
 }
 
@@ -275,6 +277,19 @@ async function main() {
   const localPkg = JSON.parse(fs.readFileSync(path.join(ROOT, "package.json"), "utf8"));
   const localVersion = localPkg.version;
 
+  // Air-gap refusal. --network needs egress to registry.npmjs.org for the
+  // /latest metadata + tarball pull. Under air-gap there is no offline
+  // substitute (the test fixture path remains available for offline tests),
+  // so refuse before any network attempt and point at the offline workflow.
+  if (opts.airGap && !process.env.EXCEPTD_REGISTRY_FIXTURE) {
+    emit({
+      ok: false,
+      source: "air-gap",
+      error: "air-gap: refresh --network requires network egress; refused. Use --from-cache --apply for the offline path.",
+    }, opts.json);
+    process.exitCode = 4; return;
+  }
+
   progress(`local v${localVersion} — querying npm registry...`, opts.json);
 
   let meta;

package/manifest.json

@@ -1,6 +1,6 @@
 {
   "name": "exceptd-security",
-  "version": "0.14.10",
+  "version": "0.14.11",
   "description": "AI security skills grounded in mid-2026 threat reality, not stale framework documentation",
   "homepage": "https://exceptd.com",
   "license": "Apache-2.0",
@@ -53,7 +53,7 @@
       ],
       "last_threat_review": "2026-05-15",
       "signature": "lXhZgoIrrVloO3XaTvo/43AxZn4mwErstd7DR0O/oVhD3AOGODM4HqrageYEou9WKOdMEGP5mJNTjJsXdP5NDA==",
-      "signed_at": "2026-05-27T19:09:39.423Z",
+      "signed_at": "2026-05-27T20:34:53.045Z",
       "cwe_refs": [
         "CWE-125",
         "CWE-362",
@@ -123,7 +123,7 @@
       ],
       "last_threat_review": "2026-05-17",
       "signature": "ztSKk/zFMFbT12qRcEeBKpydBn7fTT86KxMmor0DTCoKQWk5fJ0fSInfP1XMSB6rFk4/SuSjKVxQRMKVJ5a+Cg==",
-      "signed_at": "2026-05-27T19:09:39.425Z",
+      "signed_at": "2026-05-27T20:34:53.047Z",
       "cwe_refs": [
         "CWE-1039",
         "CWE-1426",
@@ -196,7 +196,7 @@
       ],
       "last_threat_review": "2026-05-17",
       "signature": "K6QdPHNK5c4K5QFjrW0QsUhjp71D7SOisSoulwPNSvKRdi2rY+yg0kdckijBMkLMsVPyUvcC9giu93mKJ1OZDg==",
-      "signed_at": "2026-05-27T19:09:39.425Z",
+      "signed_at": "2026-05-27T20:34:53.047Z",
       "cwe_refs": [
         "CWE-22",
         "CWE-345",
@@ -248,7 +248,7 @@
       "framework_gaps": [],
       "last_threat_review": "2026-05-22",
       "signature": "Qd3SBWmUAaaT++e1Ry2wBIz/dCBmNBMl0+4Rb0etvJLES0fIBEAkU1mTbgNZnT5XOg9J5twdUpymWtmKnDDQCQ==",
-      "signed_at": "2026-05-27T19:09:39.425Z"
+      "signed_at": "2026-05-27T20:34:53.048Z"
     },
     {
       "name": "compliance-theater",
@@ -279,7 +279,7 @@
       ],
       "last_threat_review": "2026-05-22",
       "signature": "F2Shxae0ua0gPtvwzTRVzzHaIgJcFDRT3/akLUAZ4aaMQhkleKkcTaTpkjp+pTVEdPfLeLGNCeAOMs+whVYOBg==",
-      "signed_at": "2026-05-27T19:09:39.426Z"
+      "signed_at": "2026-05-27T20:34:53.048Z"
     },
     {
       "name": "exploit-scoring",
@@ -308,7 +308,7 @@
       ],
       "last_threat_review": "2026-05-18",
       "signature": "NA1hoQycvQhSUoG5rwlXX0mOVmGxoXRVezkELGEA2nZOdGis4gXkHT3O6Sfw7zxE4JuMrsCb65TEeOWk9WEPDg==",
-      "signed_at": "2026-05-27T19:09:39.427Z"
+      "signed_at": "2026-05-27T20:34:53.049Z"
     },
     {
       "name": "rag-pipeline-security",
@@ -345,7 +345,7 @@
       ],
       "last_threat_review": "2026-05-22",
       "signature": "W3pS8lnaCP96TQzsJpG5d5yv5IwgaQyS4Z2Ctcz5BOJf6LbajSIgeDgTZ4f4Bhr5m4E7KsgWGjZS4x7Fwd33BQ==",
-      "signed_at": "2026-05-27T19:09:39.427Z",
+      "signed_at": "2026-05-27T20:34:53.049Z",
       "cwe_refs": [
         "CWE-1395",
         "CWE-1426"
@@ -405,7 +405,7 @@
       ],
       "last_threat_review": "2026-05-17",
       "signature": "/WDGygh1Ck4yWlBWDGtEUVCqKB8d+UaJXoAoBXujtt+GAl8JbMNpaN1TvI0WkEltQ9dTxaAzSn20/eVDqv8iDQ==",
-      "signed_at": "2026-05-27T19:09:39.427Z",
+      "signed_at": "2026-05-27T20:34:53.049Z",
       "d3fend_refs": [
         "D3-CA",
         "D3-CSPP",
@@ -440,7 +440,7 @@
       "framework_gaps": [],
       "last_threat_review": "2026-05-22",
       "signature": "za1NKBpy9LC91F/ESO/qhUfmvVr8GNItQOjR5OJLeHm+2dQ9HHiFWQK2eo53V/n/0uhubuggURA3yS6kJuWwBg==",
-      "signed_at": "2026-05-27T19:09:39.428Z",
+      "signed_at": "2026-05-27T20:34:53.050Z",
       "cwe_refs": [
         "CWE-1188"
       ],
@@ -474,7 +474,7 @@
       "framework_gaps": [],
       "last_threat_review": "2026-05-18",
       "signature": "xiHAhhdufm9hCKU8PLiPE0MX65ej2F4OZwtlWLGLCiie9/km+Kiqbt192LcMvr94v83C98pb9wIaqFsFWft6AQ==",
-      "signed_at": "2026-05-27T19:09:39.428Z",
+      "signed_at": "2026-05-27T20:34:53.050Z",
       "forward_watch": [
         "New AI attack classes as ATLAS v6 publishes",
         "Post-quantum adversary capability timeline",
@@ -513,7 +513,7 @@
       "framework_gaps": [],
       "last_threat_review": "2026-05-01",
       "signature": "oYsSk35N2Uzq7MRofACykylcVwkgPhI4luWZ14vmQT+gUKLyZiKVOUJbe1+7lGl6BYPRN0sUDQ0f7S5Eu5w2Ag==",
-      "signed_at": "2026-05-27T19:09:39.428Z"
+      "signed_at": "2026-05-27T20:34:53.051Z"
     },
     {
       "name": "zeroday-gap-learn",
@@ -540,7 +540,7 @@
       "framework_gaps": [],
       "last_threat_review": "2026-05-18",
       "signature": "igRqYyU1unRFH40BsPyAR62SPrk8QZv8dPGb8S9O9EvLCNOZAzm3t+HdT/NKqzWHwrpomOzkkkyLfYI/0qTUDA==",
-      "signed_at": "2026-05-27T19:09:39.429Z",
+      "signed_at": "2026-05-27T20:34:53.051Z",
       "forward_watch": [
         "New CISA KEV entries",
         "New ATLAS TTP additions in each ATLAS release",
@@ -604,7 +604,7 @@
       ],
       "last_threat_review": "2026-05-22",
       "signature": "i/17u4kJiSpcZAz7LnTyRePFugQOstQ1P4kVoe0oGf4E2/j8oIN9U9DccjUn/YHZhKWIJ2AILG/DMhvMrr3bBg==",
-      "signed_at": "2026-05-27T19:09:39.429Z",
+      "signed_at": "2026-05-27T20:34:53.051Z",
       "cwe_refs": [
         "CWE-327"
       ],
@@ -652,7 +652,7 @@
       ],
       "last_threat_review": "2026-05-22",
       "signature": "QuOVaQ4E2Sl39TClbhZ7HA9XrYAyRrDL44HY3RTE7aWLue0hV2cxaBt40ALGmHS++631QGFDlZTLZI77Tr6nAA==",
-      "signed_at": "2026-05-27T19:09:39.429Z"
+      "signed_at": "2026-05-27T20:34:53.052Z"
     },
     {
       "name": "security-maturity-tiers",
@@ -689,7 +689,7 @@
       ],
       "last_threat_review": "2026-05-01",
       "signature": "8Px1s2lDj10/Q6erwEQlXgUHM1+OTruUR8qAHPX7Oo3k/l69N6P9sm0PsafS9wDFtj9l5C/OiLiFgzMlMt6vBw==",
-      "signed_at": "2026-05-27T19:09:39.430Z",
+      "signed_at": "2026-05-27T20:34:53.052Z",
       "cwe_refs": [
         "CWE-1188"
       ]
@@ -724,7 +724,7 @@
       "framework_gaps": [],
       "last_threat_review": "2026-05-11",
       "signature": "urRcataVWg6/utyEkSiOWoNxTL8sABRjPR7ShyDfZGnAozFph/yDktSoaPVxQDXwu9EfJE+qhUW5OYR/yJECBQ==",
-      "signed_at": "2026-05-27T19:09:39.430Z"
+      "signed_at": "2026-05-27T20:34:53.052Z"
     },
     {
       "name": "attack-surface-pentest",
@@ -796,7 +796,7 @@
         "Pwn2Own Berlin 2026 (disclosed 2026-05-14, embargo ends 2026-08-12) — Microsoft Edge 4-bug sandbox escape by Orange Tsai (DEVCORE); forward-watch only (browser sandbox, out of current playbook scope); track Microsoft Edge security advisory and KEV add"
       ],
       "signature": "C7lv65/Ecm8JJgSKxrX5lxx0YFzKWtrIQSKp+vy50I5e8945s1JmifGUUrnQwRQhq/Pkv7EmfiH5XSO8h75bDg==",
-      "signed_at": "2026-05-27T19:09:39.430Z"
+      "signed_at": "2026-05-27T20:34:53.053Z"
     },
     {
       "name": "fuzz-testing-strategy",
@@ -856,7 +856,7 @@
         "OSS-Fuzz-Gen / AI-assisted harness generation becoming the default expectation for OSS maintainers"
       ],
       "signature": "Z7ypCUnXx8JpLtgxxB6RHNi39w74AmrGY1N4ofAGCXhkuM2EaFVm1AU0dvl9UQ1bVLfHKEDGqMO/TwlIY7RABg==",
-      "signed_at": "2026-05-27T19:09:39.431Z"
+      "signed_at": "2026-05-27T20:34:53.053Z"
     },
     {
       "name": "dlp-gap-analysis",
@@ -931,7 +931,7 @@
         "Quebec Law 25, India DPDPA, KSA PDPL enforcement actions naming AI-tool prompt data as in-scope personal information"
       ],
       "signature": "IgEnpHOhCftAyfUNdKsjbrd169T9pJkk/rRM2ZEna+H18y7p5x48+1kME2sJMZjJuyAdQFBJi8PJXZFwLGI+DQ==",
-      "signed_at": "2026-05-27T19:09:39.431Z"
+      "signed_at": "2026-05-27T20:34:53.053Z"
     },
     {
       "name": "supply-chain-integrity",
@@ -1010,7 +1010,7 @@
         "Pwn2Own Berlin 2026 (disclosed 2026-05-14, embargo ends 2026-08-12) — NVIDIA Megatron Bridge path traversal by haehae; AI training-stack file-system trust boundary; track patch and SBOM-attestation impact"
       ],
       "signature": "pcLrM98A3vUSZRjwNAk0aZ9umvOwB41XCLLsCOy/IebB2F/06oIrGUKkMHtHwm4pTVPShMMcKdZQQ3jz30FnCg==",
-      "signed_at": "2026-05-27T19:09:39.431Z"
+      "signed_at": "2026-05-27T20:34:53.054Z"
     },
     {
       "name": "defensive-countermeasure-mapping",
@@ -1067,7 +1067,7 @@
       ],
       "last_threat_review": "2026-05-11",
       "signature": "G5q5elh7Q7eu2xcwTVQJGDTGfvZR0OGQaLSLJPb2wjzCHFF8PWuZfCHZdjjqisiRzRWPyLlzgfHeMJqOdy7cBw==",
-      "signed_at": "2026-05-27T19:09:39.432Z"
+      "signed_at": "2026-05-27T20:34:53.054Z"
     },
     {
       "name": "identity-assurance",
@@ -1134,7 +1134,7 @@
       "d3fend_refs": [],
       "last_threat_review": "2026-05-11",
       "signature": "Wv5hGMeHjlaQK1zwicVCA7AvdKgJBgvcjdpGM9Ywahh9tagAKhbkOjybowDQZzu7OZ3bDkbh6pBYc1Sdwr6NAA==",
-      "signed_at": "2026-05-27T19:09:39.432Z"
+      "signed_at": "2026-05-27T20:34:53.054Z"
     },
     {
       "name": "ot-ics-security",
@@ -1190,7 +1190,7 @@
       "d3fend_refs": [],
       "last_threat_review": "2026-05-11",
       "signature": "8t5qKHd3yWi57dvG36YQkLN/X9bQWqtEiYjay4IfSmqhJpM/xXPaQVKNGz3wscrO8OLKUZ0OaX7Mj5kzpgBKBQ==",
-      "signed_at": "2026-05-27T19:09:39.432Z"
+      "signed_at": "2026-05-27T20:34:53.055Z"
     },
     {
       "name": "coordinated-vuln-disclosure",
@@ -1242,7 +1242,7 @@
         "NYDFS 23 NYCRR 500 amendments potentially adding explicit CVD program requirements"
       ],
       "signature": "GDGt4UPqBa04PjlpSmpyihGzd3OgfBN7jaAK5tfwp+LRSs3ygKOdbeivUCCHNagTY1hE6hG2Ou40ADfBFuXeAg==",
-      "signed_at": "2026-05-27T19:09:39.433Z"
+      "signed_at": "2026-05-27T20:34:53.055Z"
     },
     {
       "name": "threat-modeling-methodology",
@@ -1292,7 +1292,7 @@
         "PASTA v2 updates incorporating AI/ML application threats"
       ],
       "signature": "rFBpOQEJUPpl+v88Lw/WqVJRhTl80vy0VbPAbzQj3Q0suJRRrJg368I9uKu5LXIBKFDvKxnGIcIzbGg9NUtaCA==",
-      "signed_at": "2026-05-27T19:09:39.433Z"
+      "signed_at": "2026-05-27T20:34:53.055Z"
     },
     {
       "name": "webapp-security",
@@ -1366,7 +1366,7 @@
       "d3fend_refs": [],
       "last_threat_review": "2026-05-11",
       "signature": "ux85YI4t2mVHOyt744Yin1HHy+z11JIFygjKfFfQOBBl5QVV3A267jeIy7utix85irMcpZm/T3yx/ooqiK2tBA==",
-      "signed_at": "2026-05-27T19:09:39.433Z",
+      "signed_at": "2026-05-27T20:34:53.056Z",
       "forward_watch": [
         "NGINX Rift CVE-2026-42945 (disclosed 2026-05-13, source depthfirst) — KEV-watch predicted CISA KEV listing by 2026-05-29; AI-assisted discovery angle; track for active-exploitation confirmation and patch advisory affecting front-door web app deployments"
       ]
@@ -1419,7 +1419,7 @@
       "d3fend_refs": [],
       "last_threat_review": "2026-05-15",
       "signature": "IIXnkZ5ZNqFwOto5KfytADTLLZLoyXNZACD1ORZ40P1HUAQxe6u2uyXFzzsfuob4Uy06jNkRGr2FFgCphUH1Cw==",
-      "signed_at": "2026-05-27T19:09:39.434Z"
+      "signed_at": "2026-05-27T20:34:53.056Z"
     },
     {
       "name": "sector-healthcare",
@@ -1479,7 +1479,7 @@
       "d3fend_refs": [],
       "last_threat_review": "2026-05-11",
       "signature": "AhF9KF8ZBlDteciV+F8IBSmFVYCvQOn44GmD4rZjgLoPxfIv/QE1/vSkK32zyqDKtHWkLSXExbkkPkxA/V6dDw==",
-      "signed_at": "2026-05-27T19:09:39.435Z"
+      "signed_at": "2026-05-27T20:34:53.057Z"
     },
     {
       "name": "sector-financial",
@@ -1560,7 +1560,7 @@
         "TIBER-EU framework v2.0 alignment with DORA TLPT RTS (JC 2024/40); cross-recognition with CBEST and iCAST"
       ],
       "signature": "HQgZvb4ReziEz5rNFr8i/O8/rJEZR+iHRROT7m/D2QUqhrcNISPkYXENsUZlG8xapzy/Ik92ehkseyj4hdmhCQ==",
-      "signed_at": "2026-05-27T19:09:39.435Z"
+      "signed_at": "2026-05-27T20:34:53.057Z"
     },
     {
       "name": "sector-federal-government",
@@ -1629,7 +1629,7 @@
         "Australia PSPF 2024 revision and ISM quarterly updates — track for Essential Eight Maturity Level requirements for federal entities"
       ],
       "signature": "linxmsXZiOYtcs71sSWgGCrvb8xQfmxmtTY5PRvZJ0/8FgJulo0tQtejzexYG775s7XhjAmGsDP238BQTQ8ADA==",
-      "signed_at": "2026-05-27T19:09:39.435Z"
+      "signed_at": "2026-05-27T20:34:53.057Z"
     },
     {
       "name": "sector-energy",
@@ -1694,7 +1694,7 @@
         "ICS-CERT advisory feed (https://www.cisa.gov/news-events/cybersecurity-advisories/ics-advisories) for vendor CVEs in Siemens, Rockwell, Schneider Electric, ABB, GE Vernova, Hitachi Energy, AVEVA / OSIsoft PI"
       ],
       "signature": "JjBfc0ovta560Clk0x3QGRM5osFJDwcvpy3rT7QEGdCIL827jzE8QCow1C8deXq+4JhY2sA/d7/8IsxikdlkCg==",
-      "signed_at": "2026-05-27T19:09:39.436Z"
+      "signed_at": "2026-05-27T20:34:53.058Z"
     },
     {
       "name": "sector-telecom",
@@ -1780,7 +1780,7 @@
         "O-RAN SFG / WG11 security specifications"
       ],
       "signature": "JWVxKFoKrbX4d+Tko1d4OBdwyg25MfFFKn4CT6E/CzH+YwnU3T6Y76uBQIKg3+gIGTvPduqyvQwQQ5FxKDuPBw==",
-      "signed_at": "2026-05-27T19:09:39.436Z"
+      "signed_at": "2026-05-27T20:34:53.058Z"
     },
     {
       "name": "api-security",
@@ -1849,7 +1849,7 @@
       "d3fend_refs": [],
       "last_threat_review": "2026-05-18",
       "signature": "BmCRCestWqr55+fCynEhtAl5NWLT+xLTkpwS0Icp3SaoZOw/ce3Y6TtqjHRSKn4CBJq7YDiLRWxmhO3MStvOAA==",
-      "signed_at": "2026-05-27T19:09:39.437Z",
+      "signed_at": "2026-05-27T20:34:53.058Z",
       "forward_watch": [
         "NGINX Rift CVE-2026-42945 (disclosed 2026-05-13, source depthfirst) — KEV-watch predicted CISA KEV listing by 2026-05-29; track for active-exploitation confirmation and patch advisory affecting API gateway / reverse-proxy deployments",
         "Pwn2Own Berlin 2026 (disclosed 2026-05-14, embargo ends 2026-08-12) — LiteLLM 3-bug SSRF + Code Injection chain by k3vg3n; LLM-proxy API surface; track upstream patch and CVE assignments",
@@ -1935,7 +1935,7 @@
         "CISA KEV additions for cloud-control-plane CVEs (IMDSv1 abuses, federation token mishandling, cross-tenant boundary failures); CISA Cybersecurity Advisories for cross-cloud advisories"
       ],
       "signature": "/DV3pmZwrRySrk1OCbyI+0BQESacjupJfUX3eC2NGtXuYOBro0vndIP+z27heFxumnjU3a9sfla7/U9X+pqnDw==",
-      "signed_at": "2026-05-27T19:09:39.437Z"
+      "signed_at": "2026-05-27T20:34:53.059Z"
     },
     {
       "name": "container-runtime-security",
@@ -1997,7 +1997,7 @@
       "d3fend_refs": [],
       "last_threat_review": "2026-05-15",
       "signature": "E2UGSf9ATyYgzBr8uM/0ubOUmDqo1jVA7f9mVxv6LHfWGCNuQNXDyuNou9VAmUCeeXEeUYIi3AFjXkJqpOkxDA==",
-      "signed_at": "2026-05-27T19:09:39.438Z",
+      "signed_at": "2026-05-27T20:34:53.059Z",
       "forward_watch": [
         "Pwn2Own Berlin 2026 (disclosed 2026-05-14, embargo ends 2026-08-12) — NVIDIA Container Toolkit container escape ($50K award) by chompie / IBM X-Force XOR; high-severity container/hypervisor boundary break; track patch and KEV add post-embargo"
       ]
@@ -2071,7 +2071,7 @@
         "MITRE ATLAS v5.6.0 (released May 2026) shipped the AML.T0010 sub-technique expansion this forecast tracked plus new techniques (\"Publish Poisoned AI Agent Tool\", \"Escape to Host\"); inventory now 16 tactics, 84 techniques, 56 sub-techniques. Forward watch: subsequent ATLAS minor and major releases — track next-cadence updates to agentic-AI TTPs and MLOps-pipeline-specific techniques"
       ],
       "signature": "IL+DlRCDJN/p08iiJCFkasKcoyjcB0uWrJ6ORLjQcS1HrUa5Xt62QxVjYPHzaevlm5y36ZdmfESqsZJmzK3lCg==",
-      "signed_at": "2026-05-27T19:09:39.438Z"
+      "signed_at": "2026-05-27T20:34:53.059Z"
     },
     {
       "name": "incident-response-playbook",
@@ -2133,7 +2133,7 @@
         "NYDFS 23 NYCRR 500.17 amendments tightening ransom-payment 24h disclosure operationalization"
       ],
       "signature": "MmjLjlmOMLjhJJ4ZfR8MYlHam+ZB+eSqfh6Nv+DecaG4O5zeo9DBP/iL3cbyDVZxmhnhivgJild2ccYeWTeZAg==",
-      "signed_at": "2026-05-27T19:09:39.439Z"
+      "signed_at": "2026-05-27T20:34:53.060Z"
     },
     {
       "name": "ransomware-response",
@@ -2213,7 +2213,7 @@
       ],
       "last_threat_review": "2026-05-22",
       "signature": "ssueL03g9fWlhXpTe+IiY5l7RqQkunN4DTN5QETKE+VOX+qggdjAR8PONxk77ol4xWYmHrM/VcH8CNtXUEvgBA==",
-      "signed_at": "2026-05-27T19:09:39.439Z"
+      "signed_at": "2026-05-27T20:34:53.060Z"
     },
     {
       "name": "email-security-anti-phishing",
@@ -2266,7 +2266,7 @@
       "d3fend_refs": [],
       "last_threat_review": "2026-05-18",
       "signature": "rK+WnuS+9tqEABmwc0jO/PEmxcLjG1/tmUb897HsClQeKzf+TQOlwBE+OsbtuKxpjYNwur62Xxs3TxObkwm8Cw==",
-      "signed_at": "2026-05-27T19:09:39.439Z"
+      "signed_at": "2026-05-27T20:34:53.060Z"
     },
     {
       "name": "age-gates-child-safety",
@@ -2334,7 +2334,7 @@
         "US state adult-site age-verification laws — 19+ states by mid-2026 (TX HB 18 upheld by SCOTUS June 2025 in Free Speech Coalition v. Paxton); track ongoing challenges in remaining states"
       ],
       "signature": "Rgho5TOFUL1txOzcVR0kASCNdovSU4yt99JlGilJlJRyg0A+BdeeQYrZrhPF6Vx2reUAVG0BeHfcZtSbi+cwCg==",
-      "signed_at": "2026-05-27T19:09:39.440Z"
+      "signed_at": "2026-05-27T20:34:53.061Z"
     },
     {
       "name": "cloud-iam-incident",
@@ -2414,7 +2414,7 @@
       ],
       "last_threat_review": "2026-05-15",
       "signature": "e/kij7GtKaytROyIj7V5RH+FC9WtmVFzrmG2kIlNDNn29ep/CRNlIQKwXLpzo/81AIf634pmdr1qy/+vwIuUDA==",
-      "signed_at": "2026-05-27T19:09:39.440Z",
+      "signed_at": "2026-05-27T20:34:53.061Z",
       "forward_watch": [
         "AWS IAM Identity Center session-policy refresh and step-up-on-admin enforcement (anticipated 2026-H2 release)",
         "GCP Workload Identity Federation principal-set attribute mapping tightening (post-2026 Q3 Federation hardening guide)",
@@ -2508,7 +2508,7 @@
       ],
       "last_threat_review": "2026-05-15",
       "signature": "ew9Kglc9fAZzbn0ZIfGP7WSK/j4eV2VhSvpy+s5bEfNEVYIMa2kZjnGBapgUsyGDLes9H9K2ovjQyX17+GKiBw==",
-      "signed_at": "2026-05-27T19:09:39.440Z",
+      "signed_at": "2026-05-27T20:34:53.062Z",
       "forward_watch": [
         "Entra ID conditional access evolution post-Midnight Blizzard — Microsoft's 2025-2026 commitments on legacy-tenant MFA enforcement and OAuth-app consent gating",
         "Okta IPSIE (Interoperability Profile for Secure Identity in the Enterprise) OpenID Foundation working-group output and adoption timeline",
@@ -2526,6 +2526,6 @@
   ],
   "manifest_signature": {
     "algorithm": "Ed25519",
-    "signature_base64": "kz1GOuevVLJH7BQe+0ZEZfgkd7GmCgXILgZxLT8NqAX+PCTLHWNoYFHNZjSEcuSL38OhhidKiqt5381iRh0CCw=="
+    "signature_base64": "GiJgwVB+yGfTQxNMFBR3nhzebn0c1LBsNIW3dtRuHaQ7YIvHO50HSWAGieaCzQVS6QVL13RHGZO/rpW+cD6WBQ=="
   }
 }

package/orchestrator/index.js

@@ -207,7 +207,8 @@ Examples:
   }
   const scenario = args[1];
 
-  const report = gapReport(requested, scenario, controlGaps, cveCatalog);
+  const allFrameworks = args[0].toLowerCase() === 'all';
+  const report = gapReport(requested, scenario, controlGaps, cveCatalog, { allFrameworks });
   const theater = theaterCheck(controlGaps, cveCatalog);
 
   if (jsonOut) {
@@ -233,7 +234,8 @@ Examples:
   if (report.universal_gaps.length > 0) {
     console.log(`### Universal gaps (no jurisdiction covers these) — ${report.universal_gaps.length}`);
     for (const g of report.universal_gaps) {
-      console.log(`  - ${g.id || g.name}: ${(g.real_requirement || '').slice(0, 140)}`);
+      const req = g.real_requirement || '';
+      console.log(`  - ${g.id || g.name}: ${req.length > 140 ? req.slice(0, 140) + '…' : req}`);
     }
     console.log();
   }
@@ -472,7 +474,10 @@ async function runReport(format) {
     return;
   }
 
-  console.log(`[orchestrator] Generating ${format} report...\n`);
+  // Progress line goes to stderr so `report executive > out.md` produces
+  // clean markdown on stdout — the first stdout line must be the report
+  // header, not this progress notice.
+  console.error(`[orchestrator] Generating ${format} report...\n`);
   const scanResult = await scan();
   const plan = dispatch(scanResult.findings);
   const { currency_report } = currencyCheck();
@@ -1705,6 +1710,21 @@ async function runWatchlistOrgScan(rawArgs = []) {
     safeExit(EXIT_CODES.GENERIC_FAILURE);
     return;
   }
+  // Air-gap guard. The org-scan reaches api.github.com on every pattern
+  // query; under air-gap there is no offline substitute, so refuse before
+  // any fetch rather than silently attempting egress. Mirrors the
+  // source-ghsa air-gap refusal shape (ok:false + source + explicit error).
+  if (process.env.EXCEPTD_AIR_GAP === '1' || rawArgs.includes('--air-gap')) {
+    process.stdout.write(JSON.stringify({
+      ok: false,
+      source: 'air-gap',
+      verb: 'watchlist',
+      mode: 'org-scan',
+      error: 'air-gap: watchlist --org-scan requires network egress to api.github.com; refused.',
+    }) + '\n');
+    safeExit(EXIT_CODES.BLOCKED);
+    return;
+  }
   // Custom patterns via --pattern <s> (repeatable). Default set from
   // the MAL-2026-SHAI-HULUD-OSS catalog entry + NEW-CTRL-052 evidence.
   const customPatterns = [];

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@blamejs/exceptd-skills",
-  "version": "0.14.10",
+  "version": "0.14.11",
   "description": "AI security skills grounded in mid-2026 threat reality, not stale framework documentation. 42 skills, 11 catalogs (406 CVEs / 171 CWEs / 805 ATT&CK + ICS / 170 ATLAS / 468 D3FEND / 8888 RFCs), 35 jurisdictions, 10-class catalog gap detector + budget gate, real XML parser + canonical-form diff + content-pattern regression detection, Ed25519-signed.",
   "keywords": [
     "ai-security",