@blamejs/exceptd-skills 0.16.18 → 0.16.19

package/data/_indexes/currency.json

@@ -6,7 +6,7 @@
     "decay_formula": "100 base; -30/-20/-10/-5 at 180/90/60/30-day thresholds. forward_watch count does NOT affect the score (it's a maintenance signal, not a staleness one). Label thresholds: ≥90 current, ≥70 acceptable, ≥50 stale, <50 critical_stale."
   },
   "summary": {
-    "current": 50,
+    "current": 51,
     "acceptable": 0,
     "stale": 0,
     "critical_stale": 0,
@@ -310,6 +310,15 @@
       "forward_watch_count": 11,
       "action_required": false
     },
+    {
+      "skill": "privacy-consent-ops",
+      "last_threat_review": "2026-06-02",
+      "days_since_review": -18,
+      "currency_score": 100,
+      "currency_label": "current",
+      "forward_watch_count": 0,
+      "action_required": false
+    },
     {
       "skill": "rag-pipeline-security",
       "last_threat_review": "2026-05-22",

package/data/_indexes/frequency.json

@@ -36,9 +36,10 @@
         ]
       },
       "CWE-672": {
-        "count": 2,
+        "count": 3,
         "skills": [
           "kernel-lpe-triage",
+          "privacy-consent-ops",
           "vc-wallet-trust"
         ]
       },
@@ -89,12 +90,13 @@
         ]
       },
       "CWE-345": {
-        "count": 4,
+        "count": 5,
         "skills": [
           "audit-log-integrity",
           "idp-incident-response",
           "mcp-agent-trust",
-          "network-trust"
+          "network-trust",
+          "privacy-consent-ops"
         ]
       },
       "CWE-352": {
@@ -383,9 +385,10 @@
         ]
       },
       "CWE-778": {
-        "count": 1,
+        "count": 2,
         "skills": [
-          "audit-log-integrity"
+          "audit-log-integrity",
+          "privacy-consent-ops"
         ]
       },
       "CWE-353": {
@@ -448,6 +451,12 @@
         "skills": [
           "log-injection-telemetry"
         ]
+      },
+      "CWE-807": {
+        "count": 1,
+        "skills": [
+          "privacy-consent-ops"
+        ]
       }
     },
     "d3fend_refs": {
@@ -633,13 +642,14 @@
     },
     "framework_gaps": {
       "NIST-800-53-SI-2": {
-        "count": 5,
+        "count": 6,
         "skills": [
           "audit-log-integrity",
           "decompression-dos",
           "kernel-lpe-triage",
           "log-injection-telemetry",
-          "mail-server-hardening"
+          "mail-server-hardening",
+          "privacy-consent-ops"
         ]
       },
       "ISO-27001-2022-A.8.8": {
@@ -1043,11 +1053,12 @@
         ]
       },
       "AU-ISM-1556": {
-        "count": 5,
+        "count": 6,
         "skills": [
           "decompression-dos",
           "log-injection-telemetry",
           "multitenancy-isolation",
+          "privacy-consent-ops",
           "sector-telecom",
           "self-update-integrity"
         ]
@@ -1212,7 +1223,7 @@
         ]
       },
       "NIS2-Art21-network-security": {
-        "count": 7,
+        "count": 8,
         "skills": [
           "audit-log-integrity",
           "decompression-dos",
@@ -1220,6 +1231,7 @@
           "mail-server-hardening",
           "multitenancy-isolation",
           "network-trust",
+          "privacy-consent-ops",
           "self-update-integrity"
         ]
       },
@@ -1230,12 +1242,13 @@
         ]
       },
       "UK-CAF-B4": {
-        "count": 5,
+        "count": 6,
         "skills": [
           "decompression-dos",
           "log-injection-telemetry",
           "multitenancy-isolation",
           "network-trust",
+          "privacy-consent-ops",
           "self-update-integrity"
         ]
       },
@@ -1692,16 +1705,18 @@
         ]
       },
       "T1070": {
-        "count": 1,
+        "count": 2,
         "skills": [
-          "audit-log-integrity"
+          "audit-log-integrity",
+          "privacy-consent-ops"
         ]
       },
       "T1565.001": {
-        "count": 2,
+        "count": 3,
         "skills": [
           "audit-log-integrity",
-          "log-injection-telemetry"
+          "log-injection-telemetry",
+          "privacy-consent-ops"
         ]
       },
       "T1562.008": {
@@ -1729,6 +1744,12 @@
           "decompression-dos",
           "multitenancy-isolation"
         ]
+      },
+      "T1036": {
+        "count": 1,
+        "skills": [
+          "privacy-consent-ops"
+        ]
       }
     },
     "rfc_refs": {
@@ -2174,6 +2195,20 @@
       }
     ],
     "framework_gaps": [
+      {
+        "id": "NIS2-Art21-network-security",
+        "count": 8,
+        "skills": [
+          "audit-log-integrity",
+          "decompression-dos",
+          "log-injection-telemetry",
+          "mail-server-hardening",
+          "multitenancy-isolation",
+          "network-trust",
+          "privacy-consent-ops",
+          "self-update-integrity"
+        ]
+      },
       {
         "id": "NIST-800-218-SSDF",
         "count": 8,
@@ -2188,19 +2223,6 @@
           "webapp-security"
         ]
       },
-      {
-        "id": "NIS2-Art21-network-security",
-        "count": 7,
-        "skills": [
-          "audit-log-integrity",
-          "decompression-dos",
-          "log-injection-telemetry",
-          "mail-server-hardening",
-          "multitenancy-isolation",
-          "network-trust",
-          "self-update-integrity"
-        ]
-      },
       {
         "id": "NIST-800-53-AC-2",
         "count": 7,
@@ -2214,6 +2236,18 @@
           "sector-healthcare"
         ]
       },
+      {
+        "id": "AU-ISM-1556",
+        "count": 6,
+        "skills": [
+          "decompression-dos",
+          "log-injection-telemetry",
+          "multitenancy-isolation",
+          "privacy-consent-ops",
+          "sector-telecom",
+          "self-update-integrity"
+        ]
+      },
       {
         "id": "ISO-27001-2022-A.8.28",
         "count": 6,
@@ -2227,13 +2261,26 @@
         ]
       },
       {
-        "id": "AU-ISM-1556",
-        "count": 5,
+        "id": "NIST-800-53-SI-2",
+        "count": 6,
+        "skills": [
+          "audit-log-integrity",
+          "decompression-dos",
+          "kernel-lpe-triage",
+          "log-injection-telemetry",
+          "mail-server-hardening",
+          "privacy-consent-ops"
+        ]
+      },
+      {
+        "id": "UK-CAF-B4",
+        "count": 6,
         "skills": [
           "decompression-dos",
           "log-injection-telemetry",
           "multitenancy-isolation",
-          "sector-telecom",
+          "network-trust",
+          "privacy-consent-ops",
           "self-update-integrity"
         ]
       },
@@ -2248,17 +2295,6 @@
           "sector-healthcare"
         ]
       },
-      {
-        "id": "NIST-800-53-SI-2",
-        "count": 5,
-        "skills": [
-          "audit-log-integrity",
-          "decompression-dos",
-          "kernel-lpe-triage",
-          "log-injection-telemetry",
-          "mail-server-hardening"
-        ]
-      },
       {
         "id": "SOC2-CC7-anomaly-detection",
         "count": 5,
@@ -2270,17 +2306,6 @@
           "incident-response-playbook"
         ]
       },
-      {
-        "id": "UK-CAF-B4",
-        "count": 5,
-        "skills": [
-          "decompression-dos",
-          "log-injection-telemetry",
-          "multitenancy-isolation",
-          "network-trust",
-          "self-update-integrity"
-        ]
-      },
       {
         "id": "FedRAMP-Rev5-Moderate",
         "count": 4,
@@ -2521,11 +2546,12 @@
         ]
       },
       {
-        "id": "T0855",
-        "count": 2,
+        "id": "T1565.001",
+        "count": 3,
         "skills": [
-          "ot-ics-security",
-          "sector-energy"
+          "audit-log-integrity",
+          "log-injection-telemetry",
+          "privacy-consent-ops"
         ]
       }
     ],
@@ -2660,7 +2686,7 @@
       "CWE-639",
       "CWE-668",
       "CWE-776",
-      "CWE-778",
+      "CWE-807",
       "CWE-834",
       "CWE-93"
     ],
@@ -2717,7 +2743,7 @@
       "AML.T0040"
     ],
     "attack_refs": [
-      "T1070",
+      "T1036",
       "T1071.003",
       "T1071.004",
       "T1098",
@@ -2869,7 +2895,6 @@
       "CWE-760",
       "CWE-772",
       "CWE-779",
-      "CWE-807",
       "CWE-822",
       "CWE-835",
       "CWE-843",

package/data/_indexes/handoff-dag.json

@@ -33,6 +33,7 @@
     "ot-ics-security",
     "policy-exception-gen",
     "pqc-first",
+    "privacy-consent-ops",
     "rag-pipeline-security",
     "ransomware-response",
     "researcher",
@@ -529,7 +530,8 @@
     "self-update-integrity": [],
     "multitenancy-isolation": [],
     "decompression-dos": [],
-    "log-injection-telemetry": []
+    "log-injection-telemetry": [],
+    "privacy-consent-ops": []
   },
   "in_degree": {
     "age-gates-child-safety": 1,
@@ -565,6 +567,7 @@
     "ot-ics-security": 4,
     "policy-exception-gen": 16,
     "pqc-first": 6,
+    "privacy-consent-ops": 0,
     "rag-pipeline-security": 9,
     "ransomware-response": 1,
     "researcher": 1,
@@ -617,6 +620,7 @@
     "ot-ics-security": 14,
     "policy-exception-gen": 0,
     "pqc-first": 3,
+    "privacy-consent-ops": 0,
     "rag-pipeline-security": 6,
     "ransomware-response": 10,
     "researcher": 41,

package/data/_indexes/jurisdiction-map.json

@@ -34,6 +34,7 @@
       "ot-ics-security",
       "policy-exception-gen",
       "pqc-first",
+      "privacy-consent-ops",
       "rag-pipeline-security",
       "ransomware-response",
       "researcher",
@@ -53,7 +54,7 @@
       "zeroday-gap-learn"
     ],
     "example_excerpts": {},
-    "skill_count": 50
+    "skill_count": 51
   },
   "UK": {
     "skills": [
@@ -88,6 +89,7 @@
       "ot-ics-security",
       "policy-exception-gen",
       "pqc-first",
+      "privacy-consent-ops",
       "rag-pipeline-security",
       "ransomware-response",
       "researcher",
@@ -107,7 +109,7 @@
       "zeroday-gap-learn"
     ],
     "example_excerpts": {},
-    "skill_count": 48
+    "skill_count": 49
   },
   "AU": {
     "skills": [
@@ -141,6 +143,7 @@
       "ot-ics-security",
       "policy-exception-gen",
       "pqc-first",
+      "privacy-consent-ops",
       "rag-pipeline-security",
       "ransomware-response",
       "researcher",
@@ -159,7 +162,7 @@
       "zeroday-gap-learn"
     ],
     "example_excerpts": {},
-    "skill_count": 46
+    "skill_count": 47
   },
   "SG": {
     "skills": [

package/data/_indexes/section-offsets.json

@@ -4977,6 +4977,91 @@
           "h3_count": 0
         }
       ]
+    },
+    "privacy-consent-ops": {
+      "path": "skills/privacy-consent-ops/skill.md",
+      "total_bytes": 7758,
+      "total_lines": 81,
+      "frontmatter": {
+        "line_start": 1,
+        "line_end": 46,
+        "byte_start": 0,
+        "byte_end": 1110
+      },
+      "sections": [
+        {
+          "name": "Threat Context (mid-2026)",
+          "normalized_name": "threat-context",
+          "line": 50,
+          "byte_start": 1166,
+          "byte_end": 2082,
+          "bytes": 916,
+          "h3_count": 0
+        },
+        {
+          "name": "Framework Lag Declaration",
+          "normalized_name": "framework-lag-declaration",
+          "line": 54,
+          "byte_start": 2082,
+          "byte_end": 2912,
+          "bytes": 830,
+          "h3_count": 0
+        },
+        {
+          "name": "TTP Mapping",
+          "normalized_name": "ttp-mapping",
+          "line": 58,
+          "byte_start": 2912,
+          "byte_end": 3782,
+          "bytes": 870,
+          "h3_count": 0
+        },
+        {
+          "name": "Exploit Availability Matrix",
+          "normalized_name": "exploit-availability-matrix",
+          "line": 62,
+          "byte_start": 3782,
+          "byte_end": 4510,
+          "bytes": 728,
+          "h3_count": 0
+        },
+        {
+          "name": "Analysis Procedure",
+          "normalized_name": "analysis-procedure",
+          "line": 66,
+          "byte_start": 4510,
+          "byte_end": 5365,
+          "bytes": 855,
+          "h3_count": 0
+        },
+        {
+          "name": "Output Format",
+          "normalized_name": "output-format",
+          "line": 70,
+          "byte_start": 5365,
+          "byte_end": 6187,
+          "bytes": 822,
+          "h3_count": 0
+        },
+        {
+          "name": "Compliance Theater Check",
+          "normalized_name": "compliance-theater-check",
+          "line": 74,
+          "byte_start": 6187,
+          "byte_end": 6915,
+          "bytes": 728,
+          "h3_count": 0
+        },
+        {
+          "name": "Defensive Countermeasure Mapping",
+          "normalized_name": "defensive-countermeasure-mapping",
+          "line": 78,
+          "byte_start": 6915,
+          "byte_end": 7758,
+          "bytes": 843,
+          "h3_count": 0
+        }
+      ]
     }
   }
 }

package/data/_indexes/stale-content.json

@@ -15,7 +15,7 @@
       "severity": "medium",
       "category": "researcher_claim_drift",
       "artifact": "skills/researcher/skill.md",
-      "detail": "claims 41 specialized skills downstream; live count is 49"
+      "detail": "claims 41 specialized skills downstream; live count is 50"
     }
   ]
 }

package/data/_indexes/summary-cards.json

@@ -2296,6 +2296,44 @@
       "last_threat_review": "2026-06-02",
       "path": "skills/log-injection-telemetry/skill.md",
       "handoff_targets": []
+    },
+    "privacy-consent-ops": {
+      "description": "Privacy, consent, and sanctions operational integrity for mid-2026 — confusable/homoglyph normalization before sanctions screening, integrity-bound and re-validated consent records, evidence-gated and downstream-propagated DSR erasure, and ROPA reconciliation against actual processing",
+      "threat_context_excerpt": "Privacy and sanctions controls fail operationally even when they exist on paper. A sanctions screen that compares raw strings is evaded by a listed name spelled with confusable Unicode (Cyrillic/Latin lookalikes, combining marks, zero-width characters) — or simply by an alias or transliteration the screen does not cover. A consent signal (IAB TCF / MSPA or first-party) trusted from the client with no integrity binding to a server-side consent_log is forgeable and stale-by-default, and continuing to process on a cached signal after withdrawal is unlawful. A data-subject erasure marked ...",
+      "produces": "Report per control (sanctions screening, consent, DSR erasure, ROPA), marking each enforced / missing / inconclusive (visibility gap). For every missing control, state whether a prohibited party could clear screening, whether personal data is unlawfully processed or un-erased, and the affected population. Distinguish a control enforced by a dedicated layer (a confusable-folding screen, a consent platform, an evidence-gated workflow) from an absent one. Provide the prioritised remediation (normalize + alias/fuzzy screen, server-bind + re-validate consent, evidence-gate + propagate erasure, reco ...",
+      "key_xrefs": {
+        "cwe_refs": [
+          "CWE-807",
+          "CWE-345",
+          "CWE-778",
+          "CWE-672"
+        ],
+        "d3fend_refs": [],
+        "framework_gaps": [
+          "NIST-800-53-SI-2",
+          "NIS2-Art21-network-security",
+          "UK-CAF-B4",
+          "AU-ISM-1556"
+        ],
+        "atlas_refs": [],
+        "attack_refs": [
+          "T1036",
+          "T1565.001",
+          "T1070"
+        ],
+        "rfc_refs": [],
+        "dlp_refs": []
+      },
+      "trigger_count": 16,
+      "atlas_count": 0,
+      "attack_count": 3,
+      "framework_gap_count": 4,
+      "cwe_count": 4,
+      "d3fend_count": 0,
+      "rfc_count": 0,
+      "last_threat_review": "2026-06-02",
+      "path": "skills/privacy-consent-ops/skill.md",
+      "handoff_targets": []
     }
   }
 }

package/data/_indexes/token-budget.json

@@ -3,9 +3,9 @@
     "schema_version": "1.0.0",
     "tokenizer_note": "Character-density approximation: 1 token ≈ 4 chars. This is the canonical rule-of-thumb for OpenAI tokenizers on English+technical text. Claude's tokenizer is typically more efficient on prose; treat this as an upper-bound budget for both. Consumers with stricter precision needs should re-tokenize with their own tokenizer.",
     "approx_chars_per_token": 4,
-    "total_chars": 1736061,
-    "total_approx_tokens": 434018,
-    "skill_count": 50
+    "total_chars": 1743803,
+    "total_approx_tokens": 435954,
+    "skill_count": 51
   },
   "skills": {
     "kernel-lpe-triage": {
@@ -2902,6 +2902,56 @@
           "approx_tokens": 212
         }
       }
+    },
+    "privacy-consent-ops": {
+      "path": "skills/privacy-consent-ops/skill.md",
+      "bytes": 7758,
+      "chars": 7742,
+      "lines": 81,
+      "approx_tokens": 1936,
+      "approx_chars_per_token": 4,
+      "sections": {
+        "threat-context": {
+          "bytes": 916,
+          "chars": 914,
+          "approx_tokens": 229
+        },
+        "framework-lag-declaration": {
+          "bytes": 830,
+          "chars": 828,
+          "approx_tokens": 207
+        },
+        "ttp-mapping": {
+          "bytes": 870,
+          "chars": 862,
+          "approx_tokens": 216
+        },
+        "exploit-availability-matrix": {
+          "bytes": 728,
+          "chars": 726,
+          "approx_tokens": 182
+        },
+        "analysis-procedure": {
+          "bytes": 855,
+          "chars": 855,
+          "approx_tokens": 214
+        },
+        "output-format": {
+          "bytes": 822,
+          "chars": 822,
+          "approx_tokens": 206
+        },
+        "compliance-theater-check": {
+          "bytes": 728,
+          "chars": 728,
+          "approx_tokens": 182
+        },
+        "defensive-countermeasure-mapping": {
+          "bytes": 843,
+          "chars": 843,
+          "approx_tokens": 211
+        }
+      }
     }
   }
 }

package/data/_indexes/trigger-table.json

@@ -2021,5 +2021,53 @@
   ],
   "telemetry exfiltration": [
     "log-injection-telemetry"
+  ],
+  "privacy operations": [
+    "privacy-consent-ops"
+  ],
+  "consent integrity": [
+    "privacy-consent-ops"
+  ],
+  "sanctions screening": [
+    "privacy-consent-ops"
+  ],
+  "ofac screening": [
+    "privacy-consent-ops"
+  ],
+  "homoglyph evasion": [
+    "privacy-consent-ops"
+  ],
+  "confusable normalization": [
+    "privacy-consent-ops"
+  ],
+  "iab tcf": [
+    "privacy-consent-ops"
+  ],
+  "mspa": [
+    "privacy-consent-ops"
+  ],
+  "consent string": [
+    "privacy-consent-ops"
+  ],
+  "dsr": [
+    "privacy-consent-ops"
+  ],
+  "right to erasure": [
+    "privacy-consent-ops"
+  ],
+  "right to be forgotten": [
+    "privacy-consent-ops"
+  ],
+  "gdpr article 17": [
+    "privacy-consent-ops"
+  ],
+  "ropa": [
+    "privacy-consent-ops"
+  ],
+  "record of processing": [
+    "privacy-consent-ops"
+  ],
+  "data subject request": [
+    "privacy-consent-ops"
   ]
 }