@blamejs/exceptd-skills 0.14.27 → 0.15.0

package/ARCHITECTURE.md

@@ -176,7 +176,7 @@ Tracks PoC status, weaponization stage, and AI-assist factor per CVE. Updated wh
 
 ### `data/cwe-catalog.json`
 
-171 CWE entries pinned to **CWE v4.20**. Covers the Top 25 Most Dangerous Software Weaknesses (2024 release) plus AI- and supply-chain-relevant weakness classes (prompt-injection-as-trust-boundary failure, training data integrity, dependency confusion, untrusted artifact ingestion). Each entry records root-cause description, common consequences, mitigation patterns, and the CVEs in `cve-catalog.json` that instantiate the weakness. Skills cite CWE IDs in `cwe_refs` to anchor a finding to a stable weakness taxonomy rather than to a single CVE; the CWE provides the durable root-cause lens that survives across exploit generations.
+173 CWE entries pinned to **CWE v4.20**. Covers the Top 25 Most Dangerous Software Weaknesses (2024 release) plus AI- and supply-chain-relevant weakness classes (prompt-injection-as-trust-boundary failure, training data integrity, dependency confusion, untrusted artifact ingestion). Each entry records root-cause description, common consequences, mitigation patterns, and the CVEs in `cve-catalog.json` that instantiate the weakness. Skills cite CWE IDs in `cwe_refs` to anchor a finding to a stable weakness taxonomy rather than to a single CVE; the CWE provides the durable root-cause lens that survives across exploit generations.
 
 `_meta.cwe_version` pins the version; on a CWE release, audit IDs for renames or deprecations, bump `last_threat_review` on affected skills, and update `_meta`.
 
@@ -188,7 +188,7 @@ Tracks PoC status, weaponization stage, and AI-assist factor per CVE. Updated wh
 
 ### `data/rfc-references.json`
 
-31 IETF RFC / Internet-Draft references covering authentication and authorization (OAuth 2.0 Security BCP RFC 9700, JWT BCP, FIDO/WebAuthn-related drafts), cryptography (TLS 1.3 RFC 8446, hybrid PQC drafts), disclosure (security.txt RFC 9116), and adjacent IETF standards skills depend on. Each entry tracks: title, status (Proposed Standard / Best Current Practice / Internet-Draft / Historic), errata count, replaces / replaced-by chains, IESG / IRTF stream, and a `last_verified` date. Skills cite RFC IDs in `rfc_refs`. Per Hard Rule #12, RFC references are version-pinned: when an RFC is obsoleted or a draft is published as an RFC, the catalog entry's `replaced_by` field is updated, `last_verified` is refreshed, and affected skills bump `last_threat_review`. Frameworks lag RFCs; RFCs lag attacker innovation — this catalog makes that middle layer auditable.
+8888 IETF RFC / Internet-Draft references — the full RFC index, including obsoleted and Historic entries so that a superseded RFC still resolves offline. Coverage spans the security-relevant standards skills depend on — authentication and authorization (OAuth 2.0 Security BCP RFC 9700, JWT BCP, FIDO/WebAuthn-related drafts), cryptography (TLS 1.3 RFC 8446, hybrid PQC drafts), disclosure (security.txt RFC 9116) — alongside the rest of the published RFC series. Each entry tracks: title, status (Internet Standard / Proposed Standard / Best Current Practice / Internet-Draft / Historic), errata count, replaces / replaced-by chains, IESG / IRTF stream, and a `last_verified` date. Skills cite RFC IDs in `rfc_refs`. Per Hard Rule #12, RFC references are version-pinned: when an RFC is obsoleted or a draft is published as an RFC, the catalog entry's `replaced_by` field is updated, `last_verified` is refreshed, and affected skills bump `last_threat_review`. Frameworks lag RFCs; RFCs lag attacker innovation — this catalog makes that middle layer auditable.
 
 ### `data/dlp-controls.json`
 

package/CHANGELOG.md

@@ -1,5 +1,30 @@
 # Changelog
 
+## 0.15.0 — 2026-05-28
+
+Validation and gate hardening. Several catalog and skill integrity checks that had been deferred as non-blocking warnings now hard-fail the predeploy gate, and two latent gate weaknesses are closed.
+
+Catalog, skill, and playbook validation now runs in strict mode in the release gate: an unresolved cross-catalog reference (a CVE citing a CWE / ATT&CK / ATLAS / D3FEND id or framework control that doesn't exist), a CVSS vector that doesn't match a known `CVSS:(2.0|3.0|3.1|4.0)/` prefix, a `cisa_kev: true` entry missing its listing date, a public-PoC entry missing IOCs (Hard Rule #14), an incomplete skill body, or playbook enum/symmetry drift now block a release instead of scrolling past as warnings. Auto-imported drafts remain exempt.
+
+The `_meta.entry_count` drift guard now covers every catalog that declares the field, not only framework-control-gaps — closing the hole that had let the zero-day-lessons counter drift to 68 while the file held 422 (now corrected). The RWEP scoring invariants (Shape A/B/mixed factor detection and recomputed-vs-stored divergence) are now enforced against the shipped catalog by a test gate, where previously they ran only against synthetic fixtures.
+
+The `temporal-staleness` catalog-gap class now counts curated entries only. A CISA KEV due-date passing by calendar drift on the un-curated bulk-import backlog is expected and no longer accrues against the budget — which had crept to one slot of headroom and would have failed a future release with no code change. The budget is retightened to reflect the curated-only count.
+
+CLI surface cleanup. The dead handlers behind the verbs removed in 0.13.0 (`govern`, `direct`, `look`, `ingest`) are gone, and those verbs are no longer surfaced as "did you mean" suggestions. Unknown-flag rejection now covers `report`, `watch`, `framework-gap`, and `skill` (an unrecognized flag on these hard-fails with a structured envelope, matching the rest of the surface). The local-only `scan`, `dispatch`, and `currency` verbs now accept `--air-gap` / `--offline` / `--no-network` instead of rejecting the tool's own global flags. The `--format summary` evidence bundle no longer carries always-null `feeds_into` / `jurisdiction_clocks_active` keys (the populated values come from the close phase).
+
+Documentation: corrected catalog counts (427 CVEs, 173 CWEs, the full 8888-entry RFC index) and documented the `report` verb in the CLI reference.
+
+## 0.14.28 — 2026-05-28
+
+Catalog expansion — 2025 actively-exploited perimeter and file-transfer RCE cluster. Four CISA KEV-listed, ransomware-associated entries are now fully curated with RWEP scoring, IOCs, zero-day lessons, and reverse-referenced CWE/ATT&CK/framework mappings:
+
+- **CVE-2025-0282** — Ivanti Connect Secure stack-overflow preauth RCE, exploited as a zero-day with the SPAWN malware ecosystem (RWEP 85). Patch alone is insufficient on compromised appliances — factory reset is required.
+- **CVE-2025-22457** — Ivanti Connect Secure stack-overflow RCE, initially mis-triaged as a low-risk DoS and patched as such, then weaponized to RCE (RWEP 83). Demonstrates the severity-mis-triage failure mode for perimeter preauth flaws.
+- **CVE-2025-31324** — SAP NetWeaver Visual Composer Metadata Uploader, unauthenticated file upload to RCE via JSP web shell, CVSS 10.0 (RWEP 78). Complements the existing NetWeaver deserialization entry it was chained with.
+- **CVE-2025-31161** — CrushFTP HTTP authorization-header authentication bypass to crushadmin takeover (RWEP 76).
+
+Adds CWE-305 (Authentication Bypass by Primary Weakness) to the CWE catalog as the authoritative mapping for the CrushFTP entry.
+
 ## 0.14.27 — 2026-05-28
 
 Catalog expansion — CI/CD and IDE-extension supply-chain compromise cluster. Three CISA KEV-listed, actively-exploited CWE-506 (embedded malicious code) entries are now curated with full RWEP scoring, IOCs, zero-day lessons, and reverse-referenced technique/CWE/framework mappings:

package/README.md

@@ -30,7 +30,7 @@ This platform surfaces what is actually happening right now. Every skill explici
 
 ## Status
 
-Pre-1.0. Latest release lives on [GitHub Releases](https://github.com/blamejs/exceptd-skills/releases) and on npm as [`@blamejs/exceptd-skills`](https://www.npmjs.com/package/@blamejs/exceptd-skills) with signed npm provenance attestation and Ed25519-signed skill bodies. The package ships 42 skills across kernel LPE, MCP supply chain, AI-as-C2, prompt injection, post-quantum crypto, SBOM integrity, identity-incident response, and 35 other AI/security domains, plus 10 intelligence catalogs (CVE / ATLAS / ATT&CK / CWE / D3FEND / DLP / RFC / framework gaps / global frameworks / zero-day lessons) covering 35 jurisdictions — the CVE catalog has grown past 400 entries, its size anchored by a v0.13.17 CISA KEV bulk-intake of `dateAdded >= 2024-01-01` actively-exploited vulnerabilities that took it from 68 to 312 in a single pass. 24 investigation playbooks (kernel, MCP, AI-API, framework, SBOM, runtime, hardening, secrets, cred-stores, containers, crypto, plus `webhook-callback-abuse`, `cicd-pipeline-compromise`, `identity-sso-compromise`, `llm-tool-use-exfil`, `post-quantum-migration`, `ai-discovered-cve-triage`, `supply-chain-recovery`, `citation-hygiene`, and more), a CLI for discovery and seven-phase investigation runs (`govern → direct → look → detect → analyze → validate → close`), and a nightly auto-refresh job that pulls KEV / NVD / EPSS / GHSA / OSV / IETF deltas plus 15 primary-source advisory + research-blog + tech-press feeds (Qualys TRU, Red Hat RHSA, Ubuntu USN, ZDI, kernel.org, oss-security, JFrog, CISA, Microsoft Security Blog, Sysdig, Trail of Bits, Embrace the Red, BleepingComputer security, The Hacker News, and a GitLab activity-feed tracker for the Nightmare-Eclipse researcher handle that anchors NEW-CTRL-073) into auto-PRs for editorial review. v0.13.17 also ships `lib/cve-regression-watcher.js` (NEW-CTRL-074) — a complementary detection method that surfaces poller-diff historical-CVE references as candidate silent-regression cases, the class anchored by MiniPlasma (a 2026 PoC drop that re-broke CVE-2020-17103 without any new ID being assigned).
+Pre-1.0. Latest release lives on [GitHub Releases](https://github.com/blamejs/exceptd-skills/releases) and on npm as [`@blamejs/exceptd-skills`](https://www.npmjs.com/package/@blamejs/exceptd-skills) with signed npm provenance attestation and Ed25519-signed skill bodies. The package ships 42 skills across kernel LPE, MCP supply chain, AI-as-C2, prompt injection, post-quantum crypto, SBOM integrity, identity-incident response, and 35 other AI/security domains, plus 11 intelligence catalogs (CVE / ATLAS / ATT&CK / CWE / D3FEND / DLP / RFC / framework gaps / global frameworks / zero-day lessons / exploit availability) covering 35 jurisdictions — the CVE catalog has grown past 400 entries, its size anchored by a v0.13.17 CISA KEV bulk-intake of `dateAdded >= 2024-01-01` actively-exploited vulnerabilities that took it from 68 to 312 in a single pass. 24 investigation playbooks (kernel, MCP, AI-API, framework, SBOM, runtime, hardening, secrets, cred-stores, containers, crypto, plus `webhook-callback-abuse`, `cicd-pipeline-compromise`, `identity-sso-compromise`, `llm-tool-use-exfil`, `post-quantum-migration`, `ai-discovered-cve-triage`, `supply-chain-recovery`, `citation-hygiene`, and more), a CLI for discovery and seven-phase investigation runs (`govern → direct → look → detect → analyze → validate → close`), and a nightly auto-refresh job that pulls KEV / NVD / EPSS / GHSA / OSV / IETF deltas plus 15 primary-source advisory + research-blog + tech-press feeds (Qualys TRU, Red Hat RHSA, Ubuntu USN, ZDI, kernel.org, oss-security, JFrog, CISA, Microsoft Security Blog, Sysdig, Trail of Bits, Embrace the Red, BleepingComputer security, The Hacker News, and a GitLab activity-feed tracker for the Nightmare-Eclipse researcher handle that anchors NEW-CTRL-073) into auto-PRs for editorial review. v0.13.17 also ships `lib/cve-regression-watcher.js` (NEW-CTRL-074) — a complementary detection method that surfaces poller-diff historical-CVE references as candidate silent-regression cases, the class anchored by MiniPlasma (a 2026 PoC drop that re-broke CVE-2020-17103 without any new ID being assigned).
 
 ---
 
@@ -488,6 +488,10 @@ exceptd skill <name>                  Show context for one skill.
 exceptd framework-gap <FW> <ref>      One framework + one CVE/scenario, JSON
                                       or human. (Operates outside the seven-
                                       phase contract for ad-hoc gap analysis.)
+exceptd report [executive]            Structured posture report. Bare `report`
+                                      emits the full posture; the optional
+                                      `executive` argument emits the
+                                      executive-summary view.
 exceptd path                          Absolute path to the installed package.
 exceptd version                       Package version.
 exceptd help                          This help.

package/bin/exceptd.js

@@ -159,12 +159,7 @@ const COMMANDS = {
   cve:             () => path.join(PKG_ROOT, "lib", "cve-cli.js"),
   rfc:             () => path.join(PKG_ROOT, "lib", "rfc-cli.js"),
   // Seven-phase playbook verbs — handled in-process via lib/playbook-runner.js.
-  plan:     null,
-  govern:   null,
-  direct:   null,
-  look:     null,
   run:      null,
-  ingest:   null,
   reattest: null,
 };
 
@@ -1724,12 +1719,7 @@ function dispatchPlaybook(cmd, argv) {
 
   try {
     switch (cmd) {
-      case "plan":     return cmdPlan(runner, args, runOpts, pretty);
-      case "govern":   return cmdGovern(runner, args, runOpts, pretty);
-      case "direct":   return cmdDirect(runner, args, pretty);
-      case "look":     return cmdLook(runner, args, runOpts, pretty);
       case "run":      return cmdRun(runner, args, runOpts, pretty);
-      case "ingest":   return cmdIngest(runner, args, runOpts, pretty);
       case "reattest": return cmdReattest(runner, args, runOpts, pretty);
       case "list-attestations": return cmdListAttestations(runner, args, runOpts, pretty);
       case "attest": return cmdAttest(runner, args, runOpts, pretty);
@@ -3179,36 +3169,6 @@ function detectScopes() {
   return detected.length ? detected : ["cross-cutting"];
 }
 
-function cmdGovern(runner, args, runOpts, pretty) {
-  const playbookId = args._[0];
-  if (!playbookId) return emitError("govern: missing <playbookId> positional argument.", null, pretty);
-  if (refuseInvalidPlaybookId("govern", playbookId, pretty)) return;
-  const pb = runner.loadPlaybook(playbookId);
-  const directiveId = args.directive || (pb.directives[0] && pb.directives[0].id);
-  if (!directiveId) return refuseNoDirectives("govern", playbookId, pretty);
-  emit(runner.govern(playbookId, directiveId, runOpts), pretty);
-}
-
-function cmdDirect(runner, args, pretty) {
-  const playbookId = args._[0];
-  if (!playbookId) return emitError("direct: missing <playbookId> positional argument.", null, pretty);
-  if (refuseInvalidPlaybookId("direct", playbookId, pretty)) return;
-  const pb = runner.loadPlaybook(playbookId);
-  const directiveId = args.directive || (pb.directives[0] && pb.directives[0].id);
-  if (!directiveId) return refuseNoDirectives("direct", playbookId, pretty);
-  emit(runner.direct(playbookId, directiveId), pretty);
-}
-
-function cmdLook(runner, args, runOpts, pretty) {
-  const playbookId = args._[0];
-  if (!playbookId) return emitError("look: missing <playbookId> positional argument.", null, pretty);
-  if (refuseInvalidPlaybookId("look", playbookId, pretty)) return;
-  const pb = runner.loadPlaybook(playbookId);
-  const directiveId = args.directive || (pb.directives[0] && pb.directives[0].id);
-  if (!directiveId) return refuseNoDirectives("look", playbookId, pretty);
-  emit(runner.look(playbookId, directiveId, runOpts), pretty);
-}
-
 function cmdRun(runner, args, runOpts, pretty) {
   const positional = args._[0];
 
@@ -4351,113 +4311,6 @@ function cmdRunMulti(runner, ids, args, runOpts, pretty, meta) {
   if (anyBlocked) { process.exitCode = EXIT_CODES.GENERIC_FAILURE; return; }
 }
 
-function cmdIngest(runner, args, runOpts, pretty) {
-  // `ingest` matches the AGENTS.md ingest contract. The submission JSON may
-  // carry playbook_id + directive_id; --domain/--directive flags override.
-  let submission = {};
-  // Auto-detect piped stdin (parity with cmdRun) so
-  // `echo '{...}' | exceptd ingest` reads the routing JSON instead of
-  // failing with "no playbook resolved" because args.evidence stays
-  // undefined.
-  // Route stdin auto-detection through hasReadableStdin() (see cmdRun for
-  // rationale). Wrapped-stdin test harnesses (Mocha/Jest, Docker
-  // stdin-passthrough) would otherwise block here forever on the
-  // readFileSync(0) call when isTTY === undefined.
-  if (!args.evidence && hasReadableStdin()) {
-    args.evidence = "-";
-  }
-  if (args.evidence) {
-    try {
-      submission = readEvidence(args.evidence);
-    } catch (e) {
-      return emitError(`ingest: failed to read evidence: ${e.message}`, { evidence: args.evidence }, pretty);
-    }
-  }
-  const playbookId = args.domain || submission.playbook_id || submission.domain;
-  if (!playbookId) return emitError("ingest: no playbook resolved — pass --domain <id> or include playbook_id in evidence JSON.", null, pretty);
-  if (refuseInvalidPlaybookId("ingest", playbookId, pretty)) return;
-  const pb = runner.loadPlaybook(playbookId);
-  const directiveId = args.directive
-    || submission.directive_id
-    || (pb.directives[0] && pb.directives[0].id);
-  if (!directiveId) return refuseNoDirectives("ingest", playbookId, pretty);
-
-  // Strip the routing keys so the runner only sees the contract shape it
-  // expects. precondition_checks travel on the submission (not lifted into
-  // runOpts) so run()'s mergedPCs derives them with correct "submission"
-  // provenance — the same path cmdRun uses.
-  const cleanedSubmission = {
-    artifacts: submission.artifacts || {},
-    signal_overrides: submission.signal_overrides || {},
-    signals: submission.signals || {},
-    ...(submission.precondition_checks ? { precondition_checks: submission.precondition_checks } : {}),
-  };
-
-  const result = runner.run(playbookId, directiveId, cleanedSubmission, runOpts);
-
-  // v0.12.8: route ingest's attestation persistence through persistAttestation
-  // — the same path cmdRun + cmdRunMulti use — so the session-id collision
-  // refusal AND the Ed25519 sidecar signing both apply. Pre-v0.12.8 ingest
-  // had its own inline writeFileSync with neither check, meaning two ingest
-  // calls with the same session-id silently clobbered the audit trail and no
-  // .sig sidecar was written.
-  if (result && result.ok && result.session_id) {
-    // Mirror cmdRun / cmdRunMulti: gate operator_consent persistence on
-    // classification === 'detected'. --ack is meaningful only when a
-    // jurisdiction clock is at stake; persisting consent on a
-    // not-detected ingest forges audit-trail consent for a clock that
-    // never started.
-    const ingestClassification = result.phases && result.phases.detect ? result.phases.detect.classification : null;
-    const ingestConsentApplies = ingestClassification === "detected";
-    if (runOpts.operator_consent && !ingestConsentApplies) {
-      result.ack = true;
-      result.ack_applied = false;
-      result.ack_skipped_reason = `classification=${ingestClassification || "unknown"}; consent only persisted when classification=detected (jurisdiction clock at stake).`;
-    }
-    const persisted = persistAttestation({
-      sessionId: result.session_id,
-      playbookId: result.playbook_id,
-      directiveId: result.directive_id,
-      evidenceHash: result.evidence_hash,
-      operator: runOpts.operator,
-      operatorConsent: ingestConsentApplies ? runOpts.operator_consent : null,
-      submission: cleanedSubmission,
-      runOpts,
-      forceOverwrite: !!args["force-overwrite"],
-      filename: "attestation.json",
-    });
-    if (!persisted.ok) {
-      // Route every persist-failure shape through emitError so the
-      // emit() ok:false → exitCode contract applies uniformly. Three
-      // exit classes: LOCK_CONTENTION (transient), STORAGE_EXHAUSTED
-      // (infra), SESSION_ID_COLLISION (operator decision).
-      const ctx = { session_id: result.session_id, existing_path: persisted.existingPath };
-      if (persisted.lock_contention) {
-        ctx.lock_contention = true;
-        ctx.exit_code = EXIT_CODES.LOCK_CONTENTION;
-      }
-      if (persisted.storage_exhausted) {
-        ctx.storage_exhausted = true;
-        ctx.exit_code = EXIT_CODES.STORAGE_EXHAUSTED;
-      }
-      emitError(persisted.error, ctx, pretty);
-      if (persisted.lock_contention) process.exitCode = EXIT_CODES.LOCK_CONTENTION;
-      else if (persisted.storage_exhausted) process.exitCode = EXIT_CODES.STORAGE_EXHAUSTED;
-      else process.exitCode = EXIT_CODES.SESSION_ID_COLLISION;
-      return;
-    }
-    if (persisted.prior_session_id) {
-      result.attestation_persist = { ok: true, prior_session_id: persisted.prior_session_id, overwrote_at: persisted.overwrote_at };
-    }
-  }
-
-  if (result && result.ok === false) {
-    emit(result, pretty);
-    return;
-  }
-  emit(result, pretty);
-}
-
 /**
  * Resolve the attestation root for a given run. Resolution order (most-specific
  * first):

package/data/_indexes/_meta.json

@@ -1,21 +1,21 @@
 {
   "schema_version": "1.1.0",
-  "generated_at": "2026-05-28T12:04:03.421Z",
+  "generated_at": "2026-05-29T00:05:09.817Z",
   "generator": "scripts/build-indexes.js",
   "source_count": 54,
   "source_hashes": {
-    "manifest.json": "c01b0ab7d4e2fc7e1df238aef12a757006bd88c4b5d920d7aa49e4fd70fa92a6",
+    "manifest.json": "2075a9d45002fe52785b0aa326d3bf6531f6b9b611c4c8ae166b413ca5f06b8c",
     "data/atlas-ttps.json": "878b4a08bb73c8d20396d85cf433a88f2bc5e7a8cbf7f6ab773ce7ede0a11251",
-    "data/attack-techniques.json": "da108a493511ce0b04c37d0e69ed357e9b61fff94b9c78c205eaf64bb2496dce",
-    "data/cve-catalog.json": "f8a734e43b2f53f0ac2bb68859d422ed8e1a04ae27a587fd0f90396a58f36561",
-    "data/cwe-catalog.json": "8abc97e4e4312bdc3b26cc777cd95c5482a7b12cd77e7704a7cda24f1e4d8057",
+    "data/attack-techniques.json": "57b8a1b4e1c3f524a76b4bded09b3082b36b783db3df116f863892072e0f65e9",
+    "data/cve-catalog.json": "5849b48dd5489ba6d10cbd3b0b25c9d8412e3932e0ae2304364ec95cf254ec97",
+    "data/cwe-catalog.json": "0fd275c2a61754958d68cea03a92794a67cf1c1d4d609f81a5728334df013ee3",
     "data/d3fend-catalog.json": "9a54bccb9f24f84b32024216cc3f53819a053721ac8ab43c326859e68fc0ffaf",
     "data/dlp-controls.json": "d2406c482dddd30e49203879999dc4b3a7fd4d0494d6a61d86b91ee76415df19",
     "data/exploit-availability.json": "ec2656f0d9a893610e27b43eb6035fe9b18e057c9f6dfaac7e7d4959bbcbb795",
-    "data/framework-control-gaps.json": "ddff6bcd32734bd97ba9c92b065303b1b69596f4e360fd3ce77cd0ceaab15871",
+    "data/framework-control-gaps.json": "29e7b6aa841ddf2530ca5971bdb60d7a715684b2f6264141ad49f0de9a039d78",
     "data/global-frameworks.json": "9ba563a85f7f8d6c3c957de64945e20925a89d0ed6ea6fc561cf093811acf558",
     "data/rfc-references.json": "b21d03b948c41bc8a854e2f057948ecf844bd8c105848aeb141d1eadf8192c31",
-    "data/zeroday-lessons.json": "13d620e664064517a55bd573070be891056c95b89290d769a8b433aa369eacbe",
+    "data/zeroday-lessons.json": "e8202ffa99ed7c7d40b89ee5eedbea33839048cbff482e09329292e6700a5157",
     "skills/kernel-lpe-triage/skill.md": "08b3e9815ba481c57c80f5fc0ccbf5bb7cbb41f570c235ba6ff9596b8c07354d",
     "skills/ai-attack-surface/skill.md": "c4c1eb22a38ca7a959b5725222bab8fbd4f4044a548a93f3e288e6f698334b72",
     "skills/mcp-agent-trust/skill.md": "89ac89084391d2341b6513fefb1be2d36b93de1c130f057696219c1c59440f13",
@@ -72,8 +72,8 @@
       "dlp_refs": 0
     },
     "trigger_table_entries": 538,
-    "chains_cve_entries": 412,
-    "chains_cwe_entries": 172,
+    "chains_cve_entries": 416,
+    "chains_cwe_entries": 173,
     "jurisdictions_indexed": 29,
     "handoff_dag_nodes": 42,
     "summary_cards": 42,

package/data/_indexes/activity-feed.json

@@ -98,7 +98,7 @@
       "artifact": "data/cwe-catalog.json",
       "path": "data/cwe-catalog.json",
       "schema_version": "1.0.0",
-      "entry_count": 172
+      "entry_count": 173
     },
     {
       "date": "2026-05-19",
@@ -149,7 +149,7 @@
       "artifact": "data/cve-catalog.json",
       "path": "data/cve-catalog.json",
       "schema_version": "1.0.0",
-      "entry_count": 423
+      "entry_count": 427
     },
     {
       "date": "2026-05-18",
@@ -165,7 +165,7 @@
       "artifact": "data/zeroday-lessons.json",
       "path": "data/zeroday-lessons.json",
       "schema_version": "1.1.0",
-      "entry_count": 418
+      "entry_count": 422
     },
     {
       "date": "2026-05-17",

package/data/_indexes/catalog-summaries.json

@@ -62,13 +62,13 @@
         "rebuild_after_days": 365,
         "note": "Per-entry last_verified governs decay. Skills depending on this catalog must check entry freshness before high-stakes use."
       },
-      "entry_count": 423,
+      "entry_count": 427,
       "sample_keys": [
-        "CVE-2025-30066",
-        "CVE-2025-30154",
-        "CVE-2026-48027",
-        "CVE-2025-53773",
-        "CVE-2026-30615"
+        "CVE-2025-0282",
+        "CVE-2025-22457",
+        "CVE-2025-31324",
+        "CVE-2025-31161",
+        "CVE-2025-30066"
       ]
     },
     "cwe-catalog.json": {
@@ -84,7 +84,7 @@
         "rebuild_after_days": 365,
         "note": "Per-entry last_verified governs decay. Skills depending on this catalog must check entry freshness before high-stakes use."
       },
-      "entry_count": 172,
+      "entry_count": 173,
       "sample_keys": [
         "CWE-20",
         "CWE-22",
@@ -238,7 +238,7 @@
         "rebuild_after_days": 365,
         "note": "Per-entry last_verified governs decay. Skills depending on this catalog must check entry freshness before high-stakes use."
       },
-      "entry_count": 418,
+      "entry_count": 422,
       "sample_keys": [
         "CVE-2026-31431",
         "CVE-2025-53773",