@blamejs/exceptd-skills 0.16.17 → 0.16.19
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/AGENTS.md +3 -1
- package/CHANGELOG.md +8 -0
- package/README.md +5 -5
- package/bin/exceptd.js +3 -1
- package/data/_indexes/_meta.json +17 -15
- package/data/_indexes/activity-feed.json +17 -3
- package/data/_indexes/catalog-summaries.json +1 -1
- package/data/_indexes/chains.json +14784 -1833
- package/data/_indexes/currency.json +19 -1
- package/data/_indexes/frequency.json +138 -86
- package/data/_indexes/handoff-dag.json +9 -1
- package/data/_indexes/jurisdiction-map.json +9 -3
- package/data/_indexes/section-offsets.json +170 -0
- package/data/_indexes/stale-content.json +1 -1
- package/data/_indexes/summary-cards.json +77 -0
- package/data/_indexes/token-budget.json +103 -3
- package/data/_indexes/trigger-table.json +93 -0
- package/data/_indexes/xref.json +38 -7
- package/data/cwe-catalog.json +35 -4
- package/data/playbooks/audit-log-integrity.json +3 -0
- package/data/playbooks/framework.json +2 -0
- package/data/playbooks/log-injection-telemetry.json +619 -0
- package/data/playbooks/privacy-consent-ops.json +605 -0
- package/data/playbooks/secrets.json +1 -0
- package/manifest-snapshot.json +104 -2
- package/manifest-snapshot.sha256 +1 -1
- package/manifest.json +161 -51
- package/package.json +2 -2
- package/sbom.cdx.json +92 -32
- package/skills/log-injection-telemetry/skill.md +80 -0
- package/skills/privacy-consent-ops/skill.md +80 -0
|
@@ -6,7 +6,7 @@
|
|
|
6
6
|
"decay_formula": "100 base; -30/-20/-10/-5 at 180/90/60/30-day thresholds. forward_watch count does NOT affect the score (it's a maintenance signal, not a staleness one). Label thresholds: ≥90 current, ≥70 acceptable, ≥50 stale, <50 critical_stale."
|
|
7
7
|
},
|
|
8
8
|
"summary": {
|
|
9
|
-
"current":
|
|
9
|
+
"current": 51,
|
|
10
10
|
"acceptable": 0,
|
|
11
11
|
"stale": 0,
|
|
12
12
|
"critical_stale": 0,
|
|
@@ -229,6 +229,15 @@
|
|
|
229
229
|
"forward_watch_count": 4,
|
|
230
230
|
"action_required": false
|
|
231
231
|
},
|
|
232
|
+
{
|
|
233
|
+
"skill": "log-injection-telemetry",
|
|
234
|
+
"last_threat_review": "2026-06-02",
|
|
235
|
+
"days_since_review": -18,
|
|
236
|
+
"currency_score": 100,
|
|
237
|
+
"currency_label": "current",
|
|
238
|
+
"forward_watch_count": 0,
|
|
239
|
+
"action_required": false
|
|
240
|
+
},
|
|
232
241
|
{
|
|
233
242
|
"skill": "mail-server-hardening",
|
|
234
243
|
"last_threat_review": "2026-06-02",
|
|
@@ -301,6 +310,15 @@
|
|
|
301
310
|
"forward_watch_count": 11,
|
|
302
311
|
"action_required": false
|
|
303
312
|
},
|
|
313
|
+
{
|
|
314
|
+
"skill": "privacy-consent-ops",
|
|
315
|
+
"last_threat_review": "2026-06-02",
|
|
316
|
+
"days_since_review": -18,
|
|
317
|
+
"currency_score": 100,
|
|
318
|
+
"currency_label": "current",
|
|
319
|
+
"forward_watch_count": 0,
|
|
320
|
+
"action_required": false
|
|
321
|
+
},
|
|
304
322
|
{
|
|
305
323
|
"skill": "rag-pipeline-security",
|
|
306
324
|
"last_threat_review": "2026-05-22",
|
|
@@ -36,9 +36,10 @@
|
|
|
36
36
|
]
|
|
37
37
|
},
|
|
38
38
|
"CWE-672": {
|
|
39
|
-
"count":
|
|
39
|
+
"count": 3,
|
|
40
40
|
"skills": [
|
|
41
41
|
"kernel-lpe-triage",
|
|
42
|
+
"privacy-consent-ops",
|
|
42
43
|
"vc-wallet-trust"
|
|
43
44
|
]
|
|
44
45
|
},
|
|
@@ -89,12 +90,13 @@
|
|
|
89
90
|
]
|
|
90
91
|
},
|
|
91
92
|
"CWE-345": {
|
|
92
|
-
"count":
|
|
93
|
+
"count": 5,
|
|
93
94
|
"skills": [
|
|
94
95
|
"audit-log-integrity",
|
|
95
96
|
"idp-incident-response",
|
|
96
97
|
"mcp-agent-trust",
|
|
97
|
-
"network-trust"
|
|
98
|
+
"network-trust",
|
|
99
|
+
"privacy-consent-ops"
|
|
98
100
|
]
|
|
99
101
|
},
|
|
100
102
|
"CWE-352": {
|
|
@@ -133,10 +135,11 @@
|
|
|
133
135
|
]
|
|
134
136
|
},
|
|
135
137
|
"CWE-918": {
|
|
136
|
-
"count":
|
|
138
|
+
"count": 7,
|
|
137
139
|
"skills": [
|
|
138
140
|
"api-security",
|
|
139
141
|
"attack-surface-pentest",
|
|
142
|
+
"log-injection-telemetry",
|
|
140
143
|
"mcp-agent-trust",
|
|
141
144
|
"network-trust",
|
|
142
145
|
"sector-telecom",
|
|
@@ -222,12 +225,13 @@
|
|
|
222
225
|
]
|
|
223
226
|
},
|
|
224
227
|
"CWE-200": {
|
|
225
|
-
"count":
|
|
228
|
+
"count": 8,
|
|
226
229
|
"skills": [
|
|
227
230
|
"age-gates-child-safety",
|
|
228
231
|
"api-security",
|
|
229
232
|
"cloud-security",
|
|
230
233
|
"dlp-gap-analysis",
|
|
234
|
+
"log-injection-telemetry",
|
|
231
235
|
"sector-healthcare",
|
|
232
236
|
"vc-wallet-trust",
|
|
233
237
|
"webapp-security"
|
|
@@ -381,9 +385,10 @@
|
|
|
381
385
|
]
|
|
382
386
|
},
|
|
383
387
|
"CWE-778": {
|
|
384
|
-
"count":
|
|
388
|
+
"count": 2,
|
|
385
389
|
"skills": [
|
|
386
|
-
"audit-log-integrity"
|
|
390
|
+
"audit-log-integrity",
|
|
391
|
+
"privacy-consent-ops"
|
|
387
392
|
]
|
|
388
393
|
},
|
|
389
394
|
"CWE-353": {
|
|
@@ -434,6 +439,24 @@
|
|
|
434
439
|
"skills": [
|
|
435
440
|
"decompression-dos"
|
|
436
441
|
]
|
|
442
|
+
},
|
|
443
|
+
"CWE-117": {
|
|
444
|
+
"count": 1,
|
|
445
|
+
"skills": [
|
|
446
|
+
"log-injection-telemetry"
|
|
447
|
+
]
|
|
448
|
+
},
|
|
449
|
+
"CWE-532": {
|
|
450
|
+
"count": 1,
|
|
451
|
+
"skills": [
|
|
452
|
+
"log-injection-telemetry"
|
|
453
|
+
]
|
|
454
|
+
},
|
|
455
|
+
"CWE-807": {
|
|
456
|
+
"count": 1,
|
|
457
|
+
"skills": [
|
|
458
|
+
"privacy-consent-ops"
|
|
459
|
+
]
|
|
437
460
|
}
|
|
438
461
|
},
|
|
439
462
|
"d3fend_refs": {
|
|
@@ -619,12 +642,14 @@
|
|
|
619
642
|
},
|
|
620
643
|
"framework_gaps": {
|
|
621
644
|
"NIST-800-53-SI-2": {
|
|
622
|
-
"count":
|
|
645
|
+
"count": 6,
|
|
623
646
|
"skills": [
|
|
624
647
|
"audit-log-integrity",
|
|
625
648
|
"decompression-dos",
|
|
626
649
|
"kernel-lpe-triage",
|
|
627
|
-
"
|
|
650
|
+
"log-injection-telemetry",
|
|
651
|
+
"mail-server-hardening",
|
|
652
|
+
"privacy-consent-ops"
|
|
628
653
|
]
|
|
629
654
|
},
|
|
630
655
|
"ISO-27001-2022-A.8.8": {
|
|
@@ -1028,10 +1053,12 @@
|
|
|
1028
1053
|
]
|
|
1029
1054
|
},
|
|
1030
1055
|
"AU-ISM-1556": {
|
|
1031
|
-
"count":
|
|
1056
|
+
"count": 6,
|
|
1032
1057
|
"skills": [
|
|
1033
1058
|
"decompression-dos",
|
|
1059
|
+
"log-injection-telemetry",
|
|
1034
1060
|
"multitenancy-isolation",
|
|
1061
|
+
"privacy-consent-ops",
|
|
1035
1062
|
"sector-telecom",
|
|
1036
1063
|
"self-update-integrity"
|
|
1037
1064
|
]
|
|
@@ -1196,13 +1223,15 @@
|
|
|
1196
1223
|
]
|
|
1197
1224
|
},
|
|
1198
1225
|
"NIS2-Art21-network-security": {
|
|
1199
|
-
"count":
|
|
1226
|
+
"count": 8,
|
|
1200
1227
|
"skills": [
|
|
1201
1228
|
"audit-log-integrity",
|
|
1202
1229
|
"decompression-dos",
|
|
1230
|
+
"log-injection-telemetry",
|
|
1203
1231
|
"mail-server-hardening",
|
|
1204
1232
|
"multitenancy-isolation",
|
|
1205
1233
|
"network-trust",
|
|
1234
|
+
"privacy-consent-ops",
|
|
1206
1235
|
"self-update-integrity"
|
|
1207
1236
|
]
|
|
1208
1237
|
},
|
|
@@ -1213,18 +1242,21 @@
|
|
|
1213
1242
|
]
|
|
1214
1243
|
},
|
|
1215
1244
|
"UK-CAF-B4": {
|
|
1216
|
-
"count":
|
|
1245
|
+
"count": 6,
|
|
1217
1246
|
"skills": [
|
|
1218
1247
|
"decompression-dos",
|
|
1248
|
+
"log-injection-telemetry",
|
|
1219
1249
|
"multitenancy-isolation",
|
|
1220
1250
|
"network-trust",
|
|
1251
|
+
"privacy-consent-ops",
|
|
1221
1252
|
"self-update-integrity"
|
|
1222
1253
|
]
|
|
1223
1254
|
},
|
|
1224
1255
|
"ISO-27001-2022-A.8.15": {
|
|
1225
|
-
"count":
|
|
1256
|
+
"count": 2,
|
|
1226
1257
|
"skills": [
|
|
1227
|
-
"audit-log-integrity"
|
|
1258
|
+
"audit-log-integrity",
|
|
1259
|
+
"log-injection-telemetry"
|
|
1228
1260
|
]
|
|
1229
1261
|
},
|
|
1230
1262
|
"NIST-800-53-SR-11": {
|
|
@@ -1468,18 +1500,20 @@
|
|
|
1468
1500
|
]
|
|
1469
1501
|
},
|
|
1470
1502
|
"T1530": {
|
|
1471
|
-
"count":
|
|
1503
|
+
"count": 5,
|
|
1472
1504
|
"skills": [
|
|
1473
1505
|
"cloud-security",
|
|
1474
1506
|
"dlp-gap-analysis",
|
|
1507
|
+
"log-injection-telemetry",
|
|
1475
1508
|
"multitenancy-isolation",
|
|
1476
1509
|
"sector-healthcare"
|
|
1477
1510
|
]
|
|
1478
1511
|
},
|
|
1479
1512
|
"T1213": {
|
|
1480
|
-
"count":
|
|
1513
|
+
"count": 2,
|
|
1481
1514
|
"skills": [
|
|
1482
|
-
"dlp-gap-analysis"
|
|
1515
|
+
"dlp-gap-analysis",
|
|
1516
|
+
"log-injection-telemetry"
|
|
1483
1517
|
]
|
|
1484
1518
|
},
|
|
1485
1519
|
"T1041": {
|
|
@@ -1671,15 +1705,18 @@
|
|
|
1671
1705
|
]
|
|
1672
1706
|
},
|
|
1673
1707
|
"T1070": {
|
|
1674
|
-
"count":
|
|
1708
|
+
"count": 2,
|
|
1675
1709
|
"skills": [
|
|
1676
|
-
"audit-log-integrity"
|
|
1710
|
+
"audit-log-integrity",
|
|
1711
|
+
"privacy-consent-ops"
|
|
1677
1712
|
]
|
|
1678
1713
|
},
|
|
1679
1714
|
"T1565.001": {
|
|
1680
|
-
"count":
|
|
1715
|
+
"count": 3,
|
|
1681
1716
|
"skills": [
|
|
1682
|
-
"audit-log-integrity"
|
|
1717
|
+
"audit-log-integrity",
|
|
1718
|
+
"log-injection-telemetry",
|
|
1719
|
+
"privacy-consent-ops"
|
|
1683
1720
|
]
|
|
1684
1721
|
},
|
|
1685
1722
|
"T1562.008": {
|
|
@@ -1707,6 +1744,12 @@
|
|
|
1707
1744
|
"decompression-dos",
|
|
1708
1745
|
"multitenancy-isolation"
|
|
1709
1746
|
]
|
|
1747
|
+
},
|
|
1748
|
+
"T1036": {
|
|
1749
|
+
"count": 1,
|
|
1750
|
+
"skills": [
|
|
1751
|
+
"privacy-consent-ops"
|
|
1752
|
+
]
|
|
1710
1753
|
}
|
|
1711
1754
|
},
|
|
1712
1755
|
"rfc_refs": {
|
|
@@ -1933,12 +1976,13 @@
|
|
|
1933
1976
|
},
|
|
1934
1977
|
{
|
|
1935
1978
|
"id": "CWE-200",
|
|
1936
|
-
"count":
|
|
1979
|
+
"count": 8,
|
|
1937
1980
|
"skills": [
|
|
1938
1981
|
"age-gates-child-safety",
|
|
1939
1982
|
"api-security",
|
|
1940
1983
|
"cloud-security",
|
|
1941
1984
|
"dlp-gap-analysis",
|
|
1985
|
+
"log-injection-telemetry",
|
|
1942
1986
|
"sector-healthcare",
|
|
1943
1987
|
"vc-wallet-trust",
|
|
1944
1988
|
"webapp-security"
|
|
@@ -1970,6 +2014,19 @@
|
|
|
1970
2014
|
"webapp-security"
|
|
1971
2015
|
]
|
|
1972
2016
|
},
|
|
2017
|
+
{
|
|
2018
|
+
"id": "CWE-918",
|
|
2019
|
+
"count": 7,
|
|
2020
|
+
"skills": [
|
|
2021
|
+
"api-security",
|
|
2022
|
+
"attack-surface-pentest",
|
|
2023
|
+
"log-injection-telemetry",
|
|
2024
|
+
"mcp-agent-trust",
|
|
2025
|
+
"network-trust",
|
|
2026
|
+
"sector-telecom",
|
|
2027
|
+
"webapp-security"
|
|
2028
|
+
]
|
|
2029
|
+
},
|
|
1973
2030
|
{
|
|
1974
2031
|
"id": "CWE-1188",
|
|
1975
2032
|
"count": 6,
|
|
@@ -2017,18 +2074,6 @@
|
|
|
2017
2074
|
"mcp-agent-trust",
|
|
2018
2075
|
"webapp-security"
|
|
2019
2076
|
]
|
|
2020
|
-
},
|
|
2021
|
-
{
|
|
2022
|
-
"id": "CWE-269",
|
|
2023
|
-
"count": 6,
|
|
2024
|
-
"skills": [
|
|
2025
|
-
"attack-surface-pentest",
|
|
2026
|
-
"cloud-iam-incident",
|
|
2027
|
-
"container-runtime-security",
|
|
2028
|
-
"identity-assurance",
|
|
2029
|
-
"idp-incident-response",
|
|
2030
|
-
"webapp-security"
|
|
2031
|
-
]
|
|
2032
2077
|
}
|
|
2033
2078
|
],
|
|
2034
2079
|
"d3fend_refs": [
|
|
@@ -2150,6 +2195,20 @@
|
|
|
2150
2195
|
}
|
|
2151
2196
|
],
|
|
2152
2197
|
"framework_gaps": [
|
|
2198
|
+
{
|
|
2199
|
+
"id": "NIS2-Art21-network-security",
|
|
2200
|
+
"count": 8,
|
|
2201
|
+
"skills": [
|
|
2202
|
+
"audit-log-integrity",
|
|
2203
|
+
"decompression-dos",
|
|
2204
|
+
"log-injection-telemetry",
|
|
2205
|
+
"mail-server-hardening",
|
|
2206
|
+
"multitenancy-isolation",
|
|
2207
|
+
"network-trust",
|
|
2208
|
+
"privacy-consent-ops",
|
|
2209
|
+
"self-update-integrity"
|
|
2210
|
+
]
|
|
2211
|
+
},
|
|
2153
2212
|
{
|
|
2154
2213
|
"id": "NIST-800-218-SSDF",
|
|
2155
2214
|
"count": 8,
|
|
@@ -2177,6 +2236,18 @@
|
|
|
2177
2236
|
"sector-healthcare"
|
|
2178
2237
|
]
|
|
2179
2238
|
},
|
|
2239
|
+
{
|
|
2240
|
+
"id": "AU-ISM-1556",
|
|
2241
|
+
"count": 6,
|
|
2242
|
+
"skills": [
|
|
2243
|
+
"decompression-dos",
|
|
2244
|
+
"log-injection-telemetry",
|
|
2245
|
+
"multitenancy-isolation",
|
|
2246
|
+
"privacy-consent-ops",
|
|
2247
|
+
"sector-telecom",
|
|
2248
|
+
"self-update-integrity"
|
|
2249
|
+
]
|
|
2250
|
+
},
|
|
2180
2251
|
{
|
|
2181
2252
|
"id": "ISO-27001-2022-A.8.28",
|
|
2182
2253
|
"count": 6,
|
|
@@ -2190,14 +2261,26 @@
|
|
|
2190
2261
|
]
|
|
2191
2262
|
},
|
|
2192
2263
|
{
|
|
2193
|
-
"id": "
|
|
2264
|
+
"id": "NIST-800-53-SI-2",
|
|
2194
2265
|
"count": 6,
|
|
2195
2266
|
"skills": [
|
|
2196
2267
|
"audit-log-integrity",
|
|
2197
2268
|
"decompression-dos",
|
|
2269
|
+
"kernel-lpe-triage",
|
|
2270
|
+
"log-injection-telemetry",
|
|
2198
2271
|
"mail-server-hardening",
|
|
2272
|
+
"privacy-consent-ops"
|
|
2273
|
+
]
|
|
2274
|
+
},
|
|
2275
|
+
{
|
|
2276
|
+
"id": "UK-CAF-B4",
|
|
2277
|
+
"count": 6,
|
|
2278
|
+
"skills": [
|
|
2279
|
+
"decompression-dos",
|
|
2280
|
+
"log-injection-telemetry",
|
|
2199
2281
|
"multitenancy-isolation",
|
|
2200
2282
|
"network-trust",
|
|
2283
|
+
"privacy-consent-ops",
|
|
2201
2284
|
"self-update-integrity"
|
|
2202
2285
|
]
|
|
2203
2286
|
},
|
|
@@ -2223,16 +2306,6 @@
|
|
|
2223
2306
|
"incident-response-playbook"
|
|
2224
2307
|
]
|
|
2225
2308
|
},
|
|
2226
|
-
{
|
|
2227
|
-
"id": "AU-ISM-1556",
|
|
2228
|
-
"count": 4,
|
|
2229
|
-
"skills": [
|
|
2230
|
-
"decompression-dos",
|
|
2231
|
-
"multitenancy-isolation",
|
|
2232
|
-
"sector-telecom",
|
|
2233
|
-
"self-update-integrity"
|
|
2234
|
-
]
|
|
2235
|
-
},
|
|
2236
2309
|
{
|
|
2237
2310
|
"id": "FedRAMP-Rev5-Moderate",
|
|
2238
2311
|
"count": 4,
|
|
@@ -2242,26 +2315,6 @@
|
|
|
2242
2315
|
"sector-federal-government",
|
|
2243
2316
|
"supply-chain-integrity"
|
|
2244
2317
|
]
|
|
2245
|
-
},
|
|
2246
|
-
{
|
|
2247
|
-
"id": "ISO-27001-2022-A.8.16",
|
|
2248
|
-
"count": 4,
|
|
2249
|
-
"skills": [
|
|
2250
|
-
"ai-c2-detection",
|
|
2251
|
-
"dlp-gap-analysis",
|
|
2252
|
-
"email-security-anti-phishing",
|
|
2253
|
-
"incident-response-playbook"
|
|
2254
|
-
]
|
|
2255
|
-
},
|
|
2256
|
-
{
|
|
2257
|
-
"id": "ISO-IEC-42001-2023-clause-6.1.2",
|
|
2258
|
-
"count": 4,
|
|
2259
|
-
"skills": [
|
|
2260
|
-
"ai-risk-management",
|
|
2261
|
-
"dlp-gap-analysis",
|
|
2262
|
-
"mlops-security",
|
|
2263
|
-
"threat-modeling-methodology"
|
|
2264
|
-
]
|
|
2265
2318
|
}
|
|
2266
2319
|
],
|
|
2267
2320
|
"atlas_refs": [
|
|
@@ -2443,6 +2496,17 @@
|
|
|
2443
2496
|
"webapp-security"
|
|
2444
2497
|
]
|
|
2445
2498
|
},
|
|
2499
|
+
{
|
|
2500
|
+
"id": "T1530",
|
|
2501
|
+
"count": 5,
|
|
2502
|
+
"skills": [
|
|
2503
|
+
"cloud-security",
|
|
2504
|
+
"dlp-gap-analysis",
|
|
2505
|
+
"log-injection-telemetry",
|
|
2506
|
+
"multitenancy-isolation",
|
|
2507
|
+
"sector-healthcare"
|
|
2508
|
+
]
|
|
2509
|
+
},
|
|
2446
2510
|
{
|
|
2447
2511
|
"id": "T1195.001",
|
|
2448
2512
|
"count": 4,
|
|
@@ -2453,16 +2517,6 @@
|
|
|
2453
2517
|
"supply-chain-integrity"
|
|
2454
2518
|
]
|
|
2455
2519
|
},
|
|
2456
|
-
{
|
|
2457
|
-
"id": "T1530",
|
|
2458
|
-
"count": 4,
|
|
2459
|
-
"skills": [
|
|
2460
|
-
"cloud-security",
|
|
2461
|
-
"dlp-gap-analysis",
|
|
2462
|
-
"multitenancy-isolation",
|
|
2463
|
-
"sector-healthcare"
|
|
2464
|
-
]
|
|
2465
|
-
},
|
|
2466
2520
|
{
|
|
2467
2521
|
"id": "T1556",
|
|
2468
2522
|
"count": 4,
|
|
@@ -2492,11 +2546,12 @@
|
|
|
2492
2546
|
]
|
|
2493
2547
|
},
|
|
2494
2548
|
{
|
|
2495
|
-
"id": "
|
|
2496
|
-
"count":
|
|
2549
|
+
"id": "T1565.001",
|
|
2550
|
+
"count": 3,
|
|
2497
2551
|
"skills": [
|
|
2498
|
-
"
|
|
2499
|
-
"
|
|
2552
|
+
"audit-log-integrity",
|
|
2553
|
+
"log-injection-telemetry",
|
|
2554
|
+
"privacy-consent-ops"
|
|
2500
2555
|
]
|
|
2501
2556
|
}
|
|
2502
2557
|
],
|
|
@@ -2620,16 +2675,18 @@
|
|
|
2620
2675
|
},
|
|
2621
2676
|
"orphan_adjacent": {
|
|
2622
2677
|
"cwe_refs": [
|
|
2678
|
+
"CWE-117",
|
|
2623
2679
|
"CWE-1333",
|
|
2624
2680
|
"CWE-20",
|
|
2625
2681
|
"CWE-327",
|
|
2626
2682
|
"CWE-353",
|
|
2627
2683
|
"CWE-409",
|
|
2684
|
+
"CWE-532",
|
|
2628
2685
|
"CWE-611",
|
|
2629
2686
|
"CWE-639",
|
|
2630
2687
|
"CWE-668",
|
|
2631
2688
|
"CWE-776",
|
|
2632
|
-
"CWE-
|
|
2689
|
+
"CWE-807",
|
|
2633
2690
|
"CWE-834",
|
|
2634
2691
|
"CWE-93"
|
|
2635
2692
|
],
|
|
@@ -2656,7 +2713,6 @@
|
|
|
2656
2713
|
"FCC-Cyber-Incident-Notification-2024",
|
|
2657
2714
|
"FedRAMP-IL5-IAM-Federated",
|
|
2658
2715
|
"GSMA-NESAS-Deployment",
|
|
2659
|
-
"ISO-27001-2022-A.8.15",
|
|
2660
2716
|
"ISO-27001-2022-A.8.21",
|
|
2661
2717
|
"ISO-27017-Cloud-IAM",
|
|
2662
2718
|
"ITU-T-X.805",
|
|
@@ -2687,14 +2743,13 @@
|
|
|
2687
2743
|
"AML.T0040"
|
|
2688
2744
|
],
|
|
2689
2745
|
"attack_refs": [
|
|
2690
|
-
"
|
|
2746
|
+
"T1036",
|
|
2691
2747
|
"T1071.003",
|
|
2692
2748
|
"T1071.004",
|
|
2693
2749
|
"T1098",
|
|
2694
2750
|
"T1102",
|
|
2695
2751
|
"T1110",
|
|
2696
2752
|
"T1133",
|
|
2697
|
-
"T1213",
|
|
2698
2753
|
"T1505",
|
|
2699
2754
|
"T1538",
|
|
2700
2755
|
"T1548.001",
|
|
@@ -2703,7 +2758,6 @@
|
|
|
2703
2758
|
"T1552.005",
|
|
2704
2759
|
"T1556.007",
|
|
2705
2760
|
"T1562.008",
|
|
2706
|
-
"T1565.001",
|
|
2707
2761
|
"T1566.001",
|
|
2708
2762
|
"T1566.002",
|
|
2709
2763
|
"T1566.003",
|
|
@@ -2811,7 +2865,6 @@
|
|
|
2811
2865
|
"CWE-521",
|
|
2812
2866
|
"CWE-525",
|
|
2813
2867
|
"CWE-528",
|
|
2814
|
-
"CWE-532",
|
|
2815
2868
|
"CWE-539",
|
|
2816
2869
|
"CWE-540",
|
|
2817
2870
|
"CWE-547",
|
|
@@ -2842,7 +2895,6 @@
|
|
|
2842
2895
|
"CWE-760",
|
|
2843
2896
|
"CWE-772",
|
|
2844
2897
|
"CWE-779",
|
|
2845
|
-
"CWE-807",
|
|
2846
2898
|
"CWE-822",
|
|
2847
2899
|
"CWE-835",
|
|
2848
2900
|
"CWE-843",
|
|
@@ -24,6 +24,7 @@
|
|
|
24
24
|
"idp-incident-response",
|
|
25
25
|
"incident-response-playbook",
|
|
26
26
|
"kernel-lpe-triage",
|
|
27
|
+
"log-injection-telemetry",
|
|
27
28
|
"mail-server-hardening",
|
|
28
29
|
"mcp-agent-trust",
|
|
29
30
|
"mlops-security",
|
|
@@ -32,6 +33,7 @@
|
|
|
32
33
|
"ot-ics-security",
|
|
33
34
|
"policy-exception-gen",
|
|
34
35
|
"pqc-first",
|
|
36
|
+
"privacy-consent-ops",
|
|
35
37
|
"rag-pipeline-security",
|
|
36
38
|
"ransomware-response",
|
|
37
39
|
"researcher",
|
|
@@ -527,7 +529,9 @@
|
|
|
527
529
|
"audit-log-integrity": [],
|
|
528
530
|
"self-update-integrity": [],
|
|
529
531
|
"multitenancy-isolation": [],
|
|
530
|
-
"decompression-dos": []
|
|
532
|
+
"decompression-dos": [],
|
|
533
|
+
"log-injection-telemetry": [],
|
|
534
|
+
"privacy-consent-ops": []
|
|
531
535
|
},
|
|
532
536
|
"in_degree": {
|
|
533
537
|
"age-gates-child-safety": 1,
|
|
@@ -554,6 +558,7 @@
|
|
|
554
558
|
"idp-incident-response": 2,
|
|
555
559
|
"incident-response-playbook": 18,
|
|
556
560
|
"kernel-lpe-triage": 12,
|
|
561
|
+
"log-injection-telemetry": 0,
|
|
557
562
|
"mail-server-hardening": 0,
|
|
558
563
|
"mcp-agent-trust": 22,
|
|
559
564
|
"mlops-security": 6,
|
|
@@ -562,6 +567,7 @@
|
|
|
562
567
|
"ot-ics-security": 4,
|
|
563
568
|
"policy-exception-gen": 16,
|
|
564
569
|
"pqc-first": 6,
|
|
570
|
+
"privacy-consent-ops": 0,
|
|
565
571
|
"rag-pipeline-security": 9,
|
|
566
572
|
"ransomware-response": 1,
|
|
567
573
|
"researcher": 1,
|
|
@@ -605,6 +611,7 @@
|
|
|
605
611
|
"idp-incident-response": 12,
|
|
606
612
|
"incident-response-playbook": 20,
|
|
607
613
|
"kernel-lpe-triage": 6,
|
|
614
|
+
"log-injection-telemetry": 0,
|
|
608
615
|
"mail-server-hardening": 0,
|
|
609
616
|
"mcp-agent-trust": 7,
|
|
610
617
|
"mlops-security": 10,
|
|
@@ -613,6 +620,7 @@
|
|
|
613
620
|
"ot-ics-security": 14,
|
|
614
621
|
"policy-exception-gen": 0,
|
|
615
622
|
"pqc-first": 3,
|
|
623
|
+
"privacy-consent-ops": 0,
|
|
616
624
|
"rag-pipeline-security": 6,
|
|
617
625
|
"ransomware-response": 10,
|
|
618
626
|
"researcher": 41,
|
|
@@ -25,6 +25,7 @@
|
|
|
25
25
|
"idp-incident-response",
|
|
26
26
|
"incident-response-playbook",
|
|
27
27
|
"kernel-lpe-triage",
|
|
28
|
+
"log-injection-telemetry",
|
|
28
29
|
"mail-server-hardening",
|
|
29
30
|
"mcp-agent-trust",
|
|
30
31
|
"mlops-security",
|
|
@@ -33,6 +34,7 @@
|
|
|
33
34
|
"ot-ics-security",
|
|
34
35
|
"policy-exception-gen",
|
|
35
36
|
"pqc-first",
|
|
37
|
+
"privacy-consent-ops",
|
|
36
38
|
"rag-pipeline-security",
|
|
37
39
|
"ransomware-response",
|
|
38
40
|
"researcher",
|
|
@@ -52,7 +54,7 @@
|
|
|
52
54
|
"zeroday-gap-learn"
|
|
53
55
|
],
|
|
54
56
|
"example_excerpts": {},
|
|
55
|
-
"skill_count":
|
|
57
|
+
"skill_count": 51
|
|
56
58
|
},
|
|
57
59
|
"UK": {
|
|
58
60
|
"skills": [
|
|
@@ -79,6 +81,7 @@
|
|
|
79
81
|
"idp-incident-response",
|
|
80
82
|
"incident-response-playbook",
|
|
81
83
|
"kernel-lpe-triage",
|
|
84
|
+
"log-injection-telemetry",
|
|
82
85
|
"mcp-agent-trust",
|
|
83
86
|
"mlops-security",
|
|
84
87
|
"multitenancy-isolation",
|
|
@@ -86,6 +89,7 @@
|
|
|
86
89
|
"ot-ics-security",
|
|
87
90
|
"policy-exception-gen",
|
|
88
91
|
"pqc-first",
|
|
92
|
+
"privacy-consent-ops",
|
|
89
93
|
"rag-pipeline-security",
|
|
90
94
|
"ransomware-response",
|
|
91
95
|
"researcher",
|
|
@@ -105,7 +109,7 @@
|
|
|
105
109
|
"zeroday-gap-learn"
|
|
106
110
|
],
|
|
107
111
|
"example_excerpts": {},
|
|
108
|
-
"skill_count":
|
|
112
|
+
"skill_count": 49
|
|
109
113
|
},
|
|
110
114
|
"AU": {
|
|
111
115
|
"skills": [
|
|
@@ -132,12 +136,14 @@
|
|
|
132
136
|
"idp-incident-response",
|
|
133
137
|
"incident-response-playbook",
|
|
134
138
|
"kernel-lpe-triage",
|
|
139
|
+
"log-injection-telemetry",
|
|
135
140
|
"mcp-agent-trust",
|
|
136
141
|
"mlops-security",
|
|
137
142
|
"multitenancy-isolation",
|
|
138
143
|
"ot-ics-security",
|
|
139
144
|
"policy-exception-gen",
|
|
140
145
|
"pqc-first",
|
|
146
|
+
"privacy-consent-ops",
|
|
141
147
|
"rag-pipeline-security",
|
|
142
148
|
"ransomware-response",
|
|
143
149
|
"researcher",
|
|
@@ -156,7 +162,7 @@
|
|
|
156
162
|
"zeroday-gap-learn"
|
|
157
163
|
],
|
|
158
164
|
"example_excerpts": {},
|
|
159
|
-
"skill_count":
|
|
165
|
+
"skill_count": 47
|
|
160
166
|
},
|
|
161
167
|
"SG": {
|
|
162
168
|
"skills": [
|