@blamejs/exceptd-skills 0.16.11 → 0.16.13

package/data/playbooks/secrets.json

@@ -48,7 +48,8 @@
       "containers",
       "cred-stores",
       "crypto-codebase",
-      "llm-tool-use-exfil"
+      "llm-tool-use-exfil",
+      "mail-server-hardening"
     ]
   },
   "domain": {
@@ -754,7 +755,19 @@
             "rotation_ownership_identified == true"
           ],
           "priority": 1,
-          "for_signals": ["aws-access-key-id","aws-secret-access-key","gcp-service-account-json","github-personal-access-token","github-fine-grained-pat","slack-bot-or-user-token","stripe-secret-key","jwt-token-with-secret-context","ssh-private-key-block","openai-api-key","anthropic-api-key"],
+          "for_signals": [
+            "aws-access-key-id",
+            "aws-secret-access-key",
+            "gcp-service-account-json",
+            "github-personal-access-token",
+            "github-fine-grained-pat",
+            "slack-bot-or-user-token",
+            "stripe-secret-key",
+            "jwt-token-with-secret-context",
+            "ssh-private-key-block",
+            "openai-api-key",
+            "anthropic-api-key"
+          ],
           "compensating_controls": [
             "session-revocation",
             "cloudtrail-or-audit-log-review-for-misuse-window"
@@ -768,7 +781,10 @@
             "file_owner_is_current_user OR has_sudo == true"
           ],
           "priority": 2,
-          "for_signals": ["world-writable-env-file","ssh-key-bad-perms"],
+          "for_signals": [
+            "world-writable-env-file",
+            "ssh-key-bad-perms"
+          ],
           "compensating_controls": [
             "perm-change-recorded"
           ],

package/manifest-snapshot.json

@@ -1,8 +1,8 @@
 {
   "_comment": "Auto-generated by scripts/refresh-manifest-snapshot.js — do not hand-edit. Public skill surface used by check-manifest-snapshot.js to detect breaking removals.",
-  "_generated_at": "2026-06-02T15:45:27.118Z",
+  "_generated_at": "2026-06-02T17:04:39.278Z",
   "atlas_version": "5.6.0",
-  "skill_count": 43,
+  "skill_count": 45,
   "skills": [
     {
       "name": "age-gates-child-safety",
@@ -1146,6 +1146,61 @@
       ],
       "dlp_refs": []
     },
+    {
+      "name": "mail-server-hardening",
+      "version": "1.0.0",
+      "triggers": [
+        "caldav",
+        "carddav",
+        "imap command injection",
+        "inbound mail",
+        "mail protocol",
+        "mail server hardening",
+        "mailbox dav",
+        "managesieve",
+        "mx hardening",
+        "open relay",
+        "pop3",
+        "rfc 5321",
+        "rfc 5804",
+        "rfc 9051",
+        "sieve redirect",
+        "smtp listener",
+        "smtp smuggling",
+        "starttls injection"
+      ],
+      "data_deps": [
+        "atlas-ttps.json",
+        "attack-techniques.json",
+        "cve-catalog.json",
+        "cwe-catalog.json",
+        "framework-control-gaps.json",
+        "rfc-references.json"
+      ],
+      "atlas_refs": [],
+      "attack_refs": [
+        "T1071.003",
+        "T1190",
+        "T1557"
+      ],
+      "framework_gaps": [
+        "ISO-27001-2022-A.8.8",
+        "NIS2-Art21-network-security",
+        "NIST-800-53-SI-2",
+        "PCI-DSS-4.0-6.3.3"
+      ],
+      "rfc_refs": [],
+      "cwe_refs": [
+        "CWE-22",
+        "CWE-400",
+        "CWE-611",
+        "CWE-77",
+        "CWE-863",
+        "CWE-93"
+      ],
+      "d3fend_refs": [],
+      "dlp_refs": []
+    },
     {
       "name": "mcp-agent-trust",
       "version": "1.0.0",
@@ -1272,6 +1327,58 @@
       "d3fend_refs": [],
       "dlp_refs": []
     },
+    {
+      "name": "network-trust",
+      "version": "1.0.0",
+      "triggers": [
+        "adversary in the middle",
+        "aitm",
+        "authenticated time",
+        "certificate pinning",
+        "dane",
+        "dns rebinding",
+        "dnssec",
+        "http message signature",
+        "mtls pinning",
+        "name resolution trust",
+        "network trust",
+        "ntp spoofing",
+        "nts",
+        "public suffix list",
+        "rfc 9421",
+        "tlsa",
+        "tsig"
+      ],
+      "data_deps": [
+        "atlas-ttps.json",
+        "attack-techniques.json",
+        "cve-catalog.json",
+        "cwe-catalog.json",
+        "framework-control-gaps.json",
+        "rfc-references.json"
+      ],
+      "atlas_refs": [],
+      "attack_refs": [
+        "T1071.004",
+        "T1556",
+        "T1557"
+      ],
+      "framework_gaps": [
+        "ISO-27001-2022-A.8.21",
+        "NIS2-Art21-network-security",
+        "NIST-800-53-SC-8",
+        "UK-CAF-B4"
+      ],
+      "rfc_refs": [],
+      "cwe_refs": [
+        "CWE-290",
+        "CWE-345",
+        "CWE-347",
+        "CWE-918"
+      ],
+      "d3fend_refs": [],
+      "dlp_refs": []
+    },
     {
       "name": "ot-ics-security",
       "version": "1.0.0",

package/manifest-snapshot.sha256

@@ -1 +1 @@
-3d9a53fa10f7c9842903252192f1f838bec422b99ed9562be9fd7aef88dacf20  manifest-snapshot.json
+01d04f338bc17fbb0ed099faf0da62eefc9022888f2474171b587e614eab3255  manifest-snapshot.json