@blamejs/exceptd-skills 0.14.19 → 0.14.21
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +12 -0
- package/data/_indexes/_meta.json +10 -10
- package/data/_indexes/section-offsets.json +185 -158
- package/data/_indexes/summary-cards.json +2 -2
- package/data/_indexes/token-budget.json +59 -44
- package/manifest.json +51 -51
- package/package.json +1 -1
- package/sbom.cdx.json +26 -26
- package/skills/email-security-anti-phishing/skill.md +1 -1
- package/skills/framework-gap-analysis/skill.md +4 -0
- package/skills/global-grc/skill.md +4 -0
- package/skills/pqc-first/skill.md +1 -1
- package/skills/sector-telecom/skill.md +11 -11
- package/skills/threat-model-currency/skill.md +1 -1
- package/skills/threat-modeling-methodology/skill.md +4 -0
package/CHANGELOG.md
CHANGED
|
@@ -1,5 +1,17 @@
|
|
|
1
1
|
# Changelog
|
|
2
2
|
|
|
3
|
+
## 0.14.21 — 2026-05-27
|
|
4
|
+
|
|
5
|
+
The survey/meta skills `framework-gap-analysis`, `threat-modeling-methodology`, and `global-grc` now document why their `atlas_refs` / `attack_refs` are intentionally empty (they correlate or teach across other skills' technique mappings rather than owning a native TTP set), matching the "Frontmatter Scope" note the other meta skills already carry. A reader inspecting the frontmatter alone no longer sees zero technique coverage and assumes the skill maps to nothing.
|
|
6
|
+
|
|
7
|
+
## 0.14.20 — 2026-05-27
|
|
8
|
+
|
|
9
|
+
Skill content cleanup:
|
|
10
|
+
- `sector-telecom` no longer labels its analysis-procedure subsections with the CLI verb names that were removed in 0.13.0 (`govern`, `direct`, `look`, etc.) — the section headings are neutral procedural language now. Its reference to `cred-stores` is annotated as a playbook (not a skill, matching the convention three sibling skills already use), and its `last_threat_review` date is quoted consistently with every other skill.
|
|
11
|
+
- `threat-model-currency` no longer pins an outdated date literal in its body that contradicted the frontmatter — it references the frontmatter `last_threat_review` so the assertion can't desync.
|
|
12
|
+
- `pqc-first` no longer leaks the engine's internal phase numbering ("Phase 5 analyze") into operator-facing output prose.
|
|
13
|
+
- `email-security-anti-phishing` no longer cites an internal contributor rule by name in its threat-context narrative.
|
|
14
|
+
|
|
3
15
|
## 0.14.19 — 2026-05-27
|
|
4
16
|
|
|
5
17
|
Catalog data-integrity pass:
|
package/data/_indexes/_meta.json
CHANGED
|
@@ -1,10 +1,10 @@
|
|
|
1
1
|
{
|
|
2
2
|
"schema_version": "1.1.0",
|
|
3
|
-
"generated_at": "2026-05-
|
|
3
|
+
"generated_at": "2026-05-28T04:10:43.581Z",
|
|
4
4
|
"generator": "scripts/build-indexes.js",
|
|
5
5
|
"source_count": 54,
|
|
6
6
|
"source_hashes": {
|
|
7
|
-
"manifest.json": "
|
|
7
|
+
"manifest.json": "238a94feb0967eb74eedd99084ecf49ee6a20cbf04e9f704a6a3526fdddb6363",
|
|
8
8
|
"data/atlas-ttps.json": "d24bc02859d40ccf1615db75cca68c077585904e41e0d8f6de448121e9b1abb0",
|
|
9
9
|
"data/attack-techniques.json": "fa193f0d2d248176a8beddb641e9fe56ba4faa9e15dc253ff876dbf0c5d58a77",
|
|
10
10
|
"data/cve-catalog.json": "03d8071c7ae244ccda7611c3bc66a5581c21e790d158c2948c3001f55aa5aac9",
|
|
@@ -19,16 +19,16 @@
|
|
|
19
19
|
"skills/kernel-lpe-triage/skill.md": "08b3e9815ba481c57c80f5fc0ccbf5bb7cbb41f570c235ba6ff9596b8c07354d",
|
|
20
20
|
"skills/ai-attack-surface/skill.md": "c4c1eb22a38ca7a959b5725222bab8fbd4f4044a548a93f3e288e6f698334b72",
|
|
21
21
|
"skills/mcp-agent-trust/skill.md": "89ac89084391d2341b6513fefb1be2d36b93de1c130f057696219c1c59440f13",
|
|
22
|
-
"skills/framework-gap-analysis/skill.md": "
|
|
22
|
+
"skills/framework-gap-analysis/skill.md": "f7092b8d3efbcbf0b7af9a712a6705ad07ce4dd1abbd92762b5b395d6cbe6cca",
|
|
23
23
|
"skills/compliance-theater/skill.md": "d656444bb1987f43ae61374f210977d0c1f247f54d7318fdd639dd0cfdbef392",
|
|
24
24
|
"skills/exploit-scoring/skill.md": "f55e9aa4985ebad8a2a12092c937deb6939a639dc1e16e2214ecfa1c9b9402c4",
|
|
25
25
|
"skills/rag-pipeline-security/skill.md": "792c6f48a7ff06785c24258cac1714068feafefb3f8f05e6c62ddce2f2f9128d",
|
|
26
26
|
"skills/ai-c2-detection/skill.md": "de83dc284dc4f85a8a383c0b715ec7b9ea127ec49c3227bf4c72344bad4008ed",
|
|
27
27
|
"skills/policy-exception-gen/skill.md": "238074319b57399c75d76439ef1ff67153b5a3207adf1556f3ca1e68cfe7cfaa",
|
|
28
|
-
"skills/threat-model-currency/skill.md": "
|
|
29
|
-
"skills/global-grc/skill.md": "
|
|
28
|
+
"skills/threat-model-currency/skill.md": "637861b4dcd2cb608c08c5aa62a8ef73efc976584f901e612c73cf53b3559422",
|
|
29
|
+
"skills/global-grc/skill.md": "6d9722b7a85b8ad1150a61188b578f380e9c9685118028e134a0ba5804dae708",
|
|
30
30
|
"skills/zeroday-gap-learn/skill.md": "d8872a4f5e5e927ae087e8319996ec3b9e010aa23fca32248c0909051032db48",
|
|
31
|
-
"skills/pqc-first/skill.md": "
|
|
31
|
+
"skills/pqc-first/skill.md": "8b77569100d10201044d63a69cbc83c9cfe6d2c3568884aa900ef0eb72ba99c3",
|
|
32
32
|
"skills/skill-update-loop/skill.md": "f7cd18df293b90c0d2afb6ba8b87664419becea6b63221f03efaf09c69586025",
|
|
33
33
|
"skills/security-maturity-tiers/skill.md": "2e46c9332a5a6190d4605ba7bc653410659be19fab50c78c0a6732f84ebdb300",
|
|
34
34
|
"skills/researcher/skill.md": "dc8ceab8f69af370abb1165ed14ead6f3e9d236a8f703165eba52014ebfd43ab",
|
|
@@ -40,21 +40,21 @@
|
|
|
40
40
|
"skills/identity-assurance/skill.md": "f3c29ce17aaa426b65b58238e5bc9ccabcda23a8d350e597840e5d6d664aa102",
|
|
41
41
|
"skills/ot-ics-security/skill.md": "0acb7c105c87c523720bc19fdb4b6922cbf4f63054396e38b498528cfde02d76",
|
|
42
42
|
"skills/coordinated-vuln-disclosure/skill.md": "dc7a29a0d503d7e3a55ba9afd963630329397577ca4e6be124c0263c315acca3",
|
|
43
|
-
"skills/threat-modeling-methodology/skill.md": "
|
|
43
|
+
"skills/threat-modeling-methodology/skill.md": "964e90dd9ba632926414987ab7c26cac881ff1b36ff161172271ad8c94bcc49d",
|
|
44
44
|
"skills/webapp-security/skill.md": "6d29b944d841b8d21d19edce6b98be20dc2c2b1360ccb946cb2be5a58a0b3e7b",
|
|
45
45
|
"skills/ai-risk-management/skill.md": "686f53c2aee3a44108d1fa3e5f52fc7d971edc00946cfc1f082e4658af25fddc",
|
|
46
46
|
"skills/sector-healthcare/skill.md": "c27672afe6abc2b293e213d8482e5e0d1e16a9ed4986d2637d1d586a14598238",
|
|
47
47
|
"skills/sector-financial/skill.md": "ad8f207a6ce255aad9c33ea9a3009fb707c0f59be9df565fe68679654488bb6e",
|
|
48
48
|
"skills/sector-federal-government/skill.md": "7b513d2365390fdb546c0f266139a21ae247339f0e346695fcbc92ba3d7fa69a",
|
|
49
49
|
"skills/sector-energy/skill.md": "9aed96c78e8aaeafd3b7564d26311d625b4466a1e3822281721bdbfcfca058ec",
|
|
50
|
-
"skills/sector-telecom/skill.md": "
|
|
50
|
+
"skills/sector-telecom/skill.md": "2f336a0b79cd28a3353ec0a72ce0469ac57305345d652247e7cb368f79ec8d4f",
|
|
51
51
|
"skills/api-security/skill.md": "120ed75df17db4dfc4746b9d5bd6efd33786bbf68cb840670aeed0be505866f9",
|
|
52
52
|
"skills/cloud-security/skill.md": "425be2c6e3563f011d0280bf03268425bf60923ae3d02eafbf1b56d04f0b7ffe",
|
|
53
53
|
"skills/container-runtime-security/skill.md": "f22bf5a305f8a33884d49d9bfb25fa2bd00c4b3d0dc490bd12f20a7721683b4a",
|
|
54
54
|
"skills/mlops-security/skill.md": "498549ddc9d870cb8d6a28a4d79b8d7058d5eed832d7c266c281084f4371ce46",
|
|
55
55
|
"skills/incident-response-playbook/skill.md": "9c219de36c7d702dff8504a25e2f1b07459716ea2ed02f49d751f91dbeca1b01",
|
|
56
56
|
"skills/ransomware-response/skill.md": "471b714c42717d43f81b2b582cd8e89ca8d3140de2ddc06cce15f012a0e19be1",
|
|
57
|
-
"skills/email-security-anti-phishing/skill.md": "
|
|
57
|
+
"skills/email-security-anti-phishing/skill.md": "da0b937350e538b55db8daa1f50047d9f4e889e6b89b040dcecfb71feecd63d7",
|
|
58
58
|
"skills/age-gates-child-safety/skill.md": "639b79a2724415afe9e4469202f806e5bec022c0946c9496d4e17ed73aabbe21",
|
|
59
59
|
"skills/cloud-iam-incident/skill.md": "5ec3800a0049b2123aff67bfab4ff28491a86d2daeb712283e5e88b10c3d5d7b",
|
|
60
60
|
"skills/idp-incident-response/skill.md": "e67a2576e7f1c3bf89f499f5c977bc470ef29e8b3e3e45f4cb5bd45a82674282"
|
|
@@ -78,7 +78,7 @@
|
|
|
78
78
|
"handoff_dag_nodes": 42,
|
|
79
79
|
"summary_cards": 42,
|
|
80
80
|
"section_offsets_skills": 42,
|
|
81
|
-
"token_budget_total_approx":
|
|
81
|
+
"token_budget_total_approx": 418611,
|
|
82
82
|
"recipes": 8,
|
|
83
83
|
"jurisdiction_clocks": 29,
|
|
84
84
|
"did_ladders": 8,
|