@blamejs/exceptd-skills 0.16.22 → 0.16.24
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/ARCHITECTURE.md +2 -2
- package/CHANGELOG.md +42 -0
- package/CONTEXT.md +9 -9
- package/README.md +3 -3
- package/agents/report-generator.md +2 -2
- package/agents/skill-updater.md +1 -1
- package/agents/source-validator.md +3 -4
- package/agents/threat-researcher.md +1 -1
- package/bin/exceptd.js +91 -32
- package/data/_indexes/_meta.json +10 -10
- package/data/_indexes/activity-feed.json +12 -12
- package/data/_indexes/chains.json +70435 -4026
- package/data/_indexes/frequency.json +492 -163
- package/data/_indexes/section-offsets.json +51 -51
- package/data/_indexes/summary-cards.json +272 -106
- package/data/_indexes/token-budget.json +10 -10
- package/data/_indexes/trigger-table.json +15 -6
- package/data/_indexes/xref.json +218 -26
- package/data/cve-catalog.json +10 -10
- package/data/cwe-catalog.json +1 -0
- package/lib/auto-discovery.js +39 -1
- package/lib/collectors/ai-api.js +112 -7
- package/lib/collectors/citation-hygiene.js +27 -0
- package/lib/collectors/crypto-codebase.js +25 -0
- package/lib/collectors/kernel.js +32 -2
- package/lib/collectors/library-author.js +30 -0
- package/lib/collectors/runtime.js +38 -3
- package/lib/collectors/sbom.js +21 -2
- package/lib/collectors/scan-excludes.js +4 -1
- package/lib/collectors/secrets.js +125 -0
- package/lib/cve-cli.js +9 -1
- package/lib/cve-curation.js +8 -1
- package/lib/cve-regression-watcher.js +5 -2
- package/lib/exit-codes.js +2 -0
- package/lib/flag-suggest.js +1 -1
- package/lib/lint-skills.js +70 -0
- package/lib/playbook-runner.js +75 -14
- package/lib/prefetch.js +24 -1
- package/lib/refresh-external.js +32 -3
- package/lib/rfc-cli.js +8 -1
- package/lib/scoring.js +36 -8
- package/lib/validate-cve-catalog.js +36 -14
- package/lib/validate-package.js +8 -0
- package/lib/validate-playbooks.js +42 -0
- package/lib/verify.js +4 -3
- package/manifest-snapshot.json +4 -2
- package/manifest-snapshot.sha256 +1 -1
- package/manifest.json +57 -54
- package/orchestrator/README.md +1 -1
- package/orchestrator/index.js +65 -7
- package/orchestrator/scanner.js +53 -5
- package/package.json +1 -1
- package/sbom.cdx.json +110 -110
- package/scripts/build-indexes.js +42 -8
- package/scripts/builders/cwe-chains.js +1 -0
- package/scripts/builders/section-offsets.js +10 -2
- package/scripts/builders/token-budget.js +3 -3
- package/scripts/check-changelog-extract.js +38 -1
- package/scripts/check-sbom-currency.js +72 -0
- package/scripts/check-version-tags.js +5 -0
- package/scripts/release.js +22 -15
- package/skills/exploit-scoring/skill.md +8 -8
|
@@ -89,7 +89,7 @@
|
|
|
89
89
|
"byte_start": 21020,
|
|
90
90
|
"byte_end": 23408,
|
|
91
91
|
"bytes": 2388,
|
|
92
|
-
"h3_count":
|
|
92
|
+
"h3_count": 0
|
|
93
93
|
},
|
|
94
94
|
{
|
|
95
95
|
"name": "Detection Rules",
|
|
@@ -183,7 +183,7 @@
|
|
|
183
183
|
"byte_start": 23183,
|
|
184
184
|
"byte_end": 24873,
|
|
185
185
|
"bytes": 1690,
|
|
186
|
-
"h3_count":
|
|
186
|
+
"h3_count": 0
|
|
187
187
|
},
|
|
188
188
|
{
|
|
189
189
|
"name": "Defensive Countermeasure Mapping",
|
|
@@ -268,7 +268,7 @@
|
|
|
268
268
|
"byte_start": 23413,
|
|
269
269
|
"byte_end": 24950,
|
|
270
270
|
"bytes": 1537,
|
|
271
|
-
"h3_count":
|
|
271
|
+
"h3_count": 0
|
|
272
272
|
},
|
|
273
273
|
{
|
|
274
274
|
"name": "Hand-Off / Related Skills",
|
|
@@ -371,7 +371,7 @@
|
|
|
371
371
|
"byte_start": 20951,
|
|
372
372
|
"byte_end": 22669,
|
|
373
373
|
"bytes": 1718,
|
|
374
|
-
"h3_count":
|
|
374
|
+
"h3_count": 4
|
|
375
375
|
},
|
|
376
376
|
{
|
|
377
377
|
"name": "Universal Gaps (No Framework Covers These Adequately)",
|
|
@@ -389,7 +389,7 @@
|
|
|
389
389
|
"byte_start": 23764,
|
|
390
390
|
"byte_end": 25703,
|
|
391
391
|
"bytes": 1939,
|
|
392
|
-
"h3_count":
|
|
392
|
+
"h3_count": 0
|
|
393
393
|
},
|
|
394
394
|
{
|
|
395
395
|
"name": "Compliance Theater Check",
|
|
@@ -492,7 +492,7 @@
|
|
|
492
492
|
"byte_start": 29995,
|
|
493
493
|
"byte_end": 31948,
|
|
494
494
|
"bytes": 1953,
|
|
495
|
-
"h3_count":
|
|
495
|
+
"h3_count": 0
|
|
496
496
|
},
|
|
497
497
|
{
|
|
498
498
|
"name": "Compliance Theater Check",
|
|
@@ -516,7 +516,7 @@
|
|
|
516
516
|
},
|
|
517
517
|
"exploit-scoring": {
|
|
518
518
|
"path": "skills/exploit-scoring/skill.md",
|
|
519
|
-
"total_bytes":
|
|
519
|
+
"total_bytes": 30230,
|
|
520
520
|
"total_lines": 391,
|
|
521
521
|
"frontmatter": {
|
|
522
522
|
"line_start": 1,
|
|
@@ -575,16 +575,16 @@
|
|
|
575
575
|
"normalized_name": "rwep-formula",
|
|
576
576
|
"line": 104,
|
|
577
577
|
"byte_start": 10542,
|
|
578
|
-
"byte_end":
|
|
579
|
-
"bytes":
|
|
578
|
+
"byte_end": 13409,
|
|
579
|
+
"bytes": 2867,
|
|
580
580
|
"h3_count": 1
|
|
581
581
|
},
|
|
582
582
|
{
|
|
583
583
|
"name": "Pre-Calculated RWEP Scores",
|
|
584
584
|
"normalized_name": "pre-calculated-rwep-scores",
|
|
585
585
|
"line": 159,
|
|
586
|
-
"byte_start":
|
|
587
|
-
"byte_end":
|
|
586
|
+
"byte_start": 13409,
|
|
587
|
+
"byte_end": 19125,
|
|
588
588
|
"bytes": 5716,
|
|
589
589
|
"h3_count": 5
|
|
590
590
|
},
|
|
@@ -592,8 +592,8 @@
|
|
|
592
592
|
"name": "RWEP vs. CVSS Delta Analysis",
|
|
593
593
|
"normalized_name": "rwep-vs-cvss-delta-analysis",
|
|
594
594
|
"line": 253,
|
|
595
|
-
"byte_start":
|
|
596
|
-
"byte_end":
|
|
595
|
+
"byte_start": 19125,
|
|
596
|
+
"byte_end": 20634,
|
|
597
597
|
"bytes": 1509,
|
|
598
598
|
"h3_count": 0
|
|
599
599
|
},
|
|
@@ -601,26 +601,26 @@
|
|
|
601
601
|
"name": "Analysis Procedure",
|
|
602
602
|
"normalized_name": "analysis-procedure",
|
|
603
603
|
"line": 277,
|
|
604
|
-
"byte_start":
|
|
605
|
-
"byte_end":
|
|
606
|
-
"bytes":
|
|
604
|
+
"byte_start": 20634,
|
|
605
|
+
"byte_end": 22327,
|
|
606
|
+
"bytes": 1693,
|
|
607
607
|
"h3_count": 4
|
|
608
608
|
},
|
|
609
609
|
{
|
|
610
610
|
"name": "Output Format",
|
|
611
611
|
"normalized_name": "output-format",
|
|
612
612
|
"line": 315,
|
|
613
|
-
"byte_start":
|
|
614
|
-
"byte_end":
|
|
613
|
+
"byte_start": 22327,
|
|
614
|
+
"byte_end": 23972,
|
|
615
615
|
"bytes": 1645,
|
|
616
|
-
"h3_count":
|
|
616
|
+
"h3_count": 0
|
|
617
617
|
},
|
|
618
618
|
{
|
|
619
619
|
"name": "Compliance Theater Check",
|
|
620
620
|
"normalized_name": "compliance-theater-check",
|
|
621
621
|
"line": 355,
|
|
622
|
-
"byte_start":
|
|
623
|
-
"byte_end":
|
|
622
|
+
"byte_start": 23972,
|
|
623
|
+
"byte_end": 26007,
|
|
624
624
|
"bytes": 2035,
|
|
625
625
|
"h3_count": 0
|
|
626
626
|
},
|
|
@@ -628,8 +628,8 @@
|
|
|
628
628
|
"name": "Defensive Countermeasure Mapping",
|
|
629
629
|
"normalized_name": "defensive-countermeasure-mapping",
|
|
630
630
|
"line": 367,
|
|
631
|
-
"byte_start":
|
|
632
|
-
"byte_end":
|
|
631
|
+
"byte_start": 26007,
|
|
632
|
+
"byte_end": 30230,
|
|
633
633
|
"bytes": 4223,
|
|
634
634
|
"h3_count": 0
|
|
635
635
|
}
|
|
@@ -743,7 +743,7 @@
|
|
|
743
743
|
"byte_start": 23244,
|
|
744
744
|
"byte_end": 24789,
|
|
745
745
|
"bytes": 1545,
|
|
746
|
-
"h3_count":
|
|
746
|
+
"h3_count": 0
|
|
747
747
|
},
|
|
748
748
|
{
|
|
749
749
|
"name": "Hand-Off / Related Skills",
|
|
@@ -882,7 +882,7 @@
|
|
|
882
882
|
"byte_start": 35308,
|
|
883
883
|
"byte_end": 36801,
|
|
884
884
|
"bytes": 1493,
|
|
885
|
-
"h3_count":
|
|
885
|
+
"h3_count": 0
|
|
886
886
|
},
|
|
887
887
|
{
|
|
888
888
|
"name": "Hand-Off / Related Skills",
|
|
@@ -1106,7 +1106,7 @@
|
|
|
1106
1106
|
"byte_start": 26199,
|
|
1107
1107
|
"byte_end": 28181,
|
|
1108
1108
|
"bytes": 1982,
|
|
1109
|
-
"h3_count":
|
|
1109
|
+
"h3_count": 0
|
|
1110
1110
|
},
|
|
1111
1111
|
{
|
|
1112
1112
|
"name": "Defensive Countermeasure Mapping",
|
|
@@ -1227,7 +1227,7 @@
|
|
|
1227
1227
|
"byte_start": 39587,
|
|
1228
1228
|
"byte_end": 41090,
|
|
1229
1229
|
"bytes": 1503,
|
|
1230
|
-
"h3_count":
|
|
1230
|
+
"h3_count": 0
|
|
1231
1231
|
}
|
|
1232
1232
|
]
|
|
1233
1233
|
},
|
|
@@ -1321,7 +1321,7 @@
|
|
|
1321
1321
|
"byte_start": 34986,
|
|
1322
1322
|
"byte_end": 36548,
|
|
1323
1323
|
"bytes": 1562,
|
|
1324
|
-
"h3_count":
|
|
1324
|
+
"h3_count": 0
|
|
1325
1325
|
},
|
|
1326
1326
|
{
|
|
1327
1327
|
"name": "Compliance Theater Check",
|
|
@@ -1469,7 +1469,7 @@
|
|
|
1469
1469
|
"byte_start": 31973,
|
|
1470
1470
|
"byte_end": 33464,
|
|
1471
1471
|
"bytes": 1491,
|
|
1472
|
-
"h3_count":
|
|
1472
|
+
"h3_count": 0
|
|
1473
1473
|
},
|
|
1474
1474
|
{
|
|
1475
1475
|
"name": "Defensive Countermeasure Mapping",
|
|
@@ -1581,7 +1581,7 @@
|
|
|
1581
1581
|
"byte_start": 35586,
|
|
1582
1582
|
"byte_end": 36640,
|
|
1583
1583
|
"bytes": 1054,
|
|
1584
|
-
"h3_count":
|
|
1584
|
+
"h3_count": 0
|
|
1585
1585
|
},
|
|
1586
1586
|
{
|
|
1587
1587
|
"name": "Framework Lag Declaration",
|
|
@@ -1711,7 +1711,7 @@
|
|
|
1711
1711
|
"byte_start": 15155,
|
|
1712
1712
|
"byte_end": 16753,
|
|
1713
1713
|
"bytes": 1598,
|
|
1714
|
-
"h3_count":
|
|
1714
|
+
"h3_count": 0
|
|
1715
1715
|
},
|
|
1716
1716
|
{
|
|
1717
1717
|
"name": "Compliance Theater Check",
|
|
@@ -1926,7 +1926,7 @@
|
|
|
1926
1926
|
"byte_start": 25273,
|
|
1927
1927
|
"byte_end": 29270,
|
|
1928
1928
|
"bytes": 3997,
|
|
1929
|
-
"h3_count":
|
|
1929
|
+
"h3_count": 0
|
|
1930
1930
|
},
|
|
1931
1931
|
{
|
|
1932
1932
|
"name": "Compliance Theater Check",
|
|
@@ -2011,7 +2011,7 @@
|
|
|
2011
2011
|
"byte_start": 21811,
|
|
2012
2012
|
"byte_end": 25605,
|
|
2013
2013
|
"bytes": 3794,
|
|
2014
|
-
"h3_count":
|
|
2014
|
+
"h3_count": 0
|
|
2015
2015
|
},
|
|
2016
2016
|
{
|
|
2017
2017
|
"name": "Compliance Theater Check",
|
|
@@ -2096,7 +2096,7 @@
|
|
|
2096
2096
|
"byte_start": 32852,
|
|
2097
2097
|
"byte_end": 35950,
|
|
2098
2098
|
"bytes": 3098,
|
|
2099
|
-
"h3_count":
|
|
2099
|
+
"h3_count": 0
|
|
2100
2100
|
},
|
|
2101
2101
|
{
|
|
2102
2102
|
"name": "Compliance Theater Check",
|
|
@@ -2181,7 +2181,7 @@
|
|
|
2181
2181
|
"byte_start": 34907,
|
|
2182
2182
|
"byte_end": 37660,
|
|
2183
2183
|
"bytes": 2753,
|
|
2184
|
-
"h3_count":
|
|
2184
|
+
"h3_count": 0
|
|
2185
2185
|
},
|
|
2186
2186
|
{
|
|
2187
2187
|
"name": "Compliance Theater Check",
|
|
@@ -2360,7 +2360,7 @@
|
|
|
2360
2360
|
"byte_start": 21674,
|
|
2361
2361
|
"byte_end": 25090,
|
|
2362
2362
|
"bytes": 3416,
|
|
2363
|
-
"h3_count":
|
|
2363
|
+
"h3_count": 0
|
|
2364
2364
|
},
|
|
2365
2365
|
{
|
|
2366
2366
|
"name": "Compliance Theater Check",
|
|
@@ -2454,7 +2454,7 @@
|
|
|
2454
2454
|
"byte_start": 23877,
|
|
2455
2455
|
"byte_end": 26649,
|
|
2456
2456
|
"bytes": 2772,
|
|
2457
|
-
"h3_count":
|
|
2457
|
+
"h3_count": 0
|
|
2458
2458
|
},
|
|
2459
2459
|
{
|
|
2460
2460
|
"name": "Compliance Theater Check",
|
|
@@ -2660,7 +2660,7 @@
|
|
|
2660
2660
|
"byte_start": 24615,
|
|
2661
2661
|
"byte_end": 26923,
|
|
2662
2662
|
"bytes": 2308,
|
|
2663
|
-
"h3_count":
|
|
2663
|
+
"h3_count": 0
|
|
2664
2664
|
},
|
|
2665
2665
|
{
|
|
2666
2666
|
"name": "Compliance Theater Check",
|
|
@@ -2754,7 +2754,7 @@
|
|
|
2754
2754
|
"byte_start": 20363,
|
|
2755
2755
|
"byte_end": 24124,
|
|
2756
2756
|
"bytes": 3761,
|
|
2757
|
-
"h3_count":
|
|
2757
|
+
"h3_count": 0
|
|
2758
2758
|
},
|
|
2759
2759
|
{
|
|
2760
2760
|
"name": "Compliance Theater Check",
|
|
@@ -2857,7 +2857,7 @@
|
|
|
2857
2857
|
"byte_start": 25454,
|
|
2858
2858
|
"byte_end": 28983,
|
|
2859
2859
|
"bytes": 3529,
|
|
2860
|
-
"h3_count":
|
|
2860
|
+
"h3_count": 0
|
|
2861
2861
|
},
|
|
2862
2862
|
{
|
|
2863
2863
|
"name": "Compliance Theater Check",
|
|
@@ -2951,7 +2951,7 @@
|
|
|
2951
2951
|
"byte_start": 33880,
|
|
2952
2952
|
"byte_end": 37432,
|
|
2953
2953
|
"bytes": 3552,
|
|
2954
|
-
"h3_count":
|
|
2954
|
+
"h3_count": 0
|
|
2955
2955
|
},
|
|
2956
2956
|
{
|
|
2957
2957
|
"name": "Compliance Theater Check",
|
|
@@ -3045,7 +3045,7 @@
|
|
|
3045
3045
|
"byte_start": 35068,
|
|
3046
3046
|
"byte_end": 38475,
|
|
3047
3047
|
"bytes": 3407,
|
|
3048
|
-
"h3_count":
|
|
3048
|
+
"h3_count": 0
|
|
3049
3049
|
},
|
|
3050
3050
|
{
|
|
3051
3051
|
"name": "Compliance Theater Check",
|
|
@@ -3139,7 +3139,7 @@
|
|
|
3139
3139
|
"byte_start": 34560,
|
|
3140
3140
|
"byte_end": 37765,
|
|
3141
3141
|
"bytes": 3205,
|
|
3142
|
-
"h3_count":
|
|
3142
|
+
"h3_count": 0
|
|
3143
3143
|
},
|
|
3144
3144
|
{
|
|
3145
3145
|
"name": "Compliance Theater Check",
|
|
@@ -3233,7 +3233,7 @@
|
|
|
3233
3233
|
"byte_start": 38416,
|
|
3234
3234
|
"byte_end": 41876,
|
|
3235
3235
|
"bytes": 3460,
|
|
3236
|
-
"h3_count":
|
|
3236
|
+
"h3_count": 0
|
|
3237
3237
|
},
|
|
3238
3238
|
{
|
|
3239
3239
|
"name": "Compliance Theater Check",
|
|
@@ -3421,7 +3421,7 @@
|
|
|
3421
3421
|
"byte_start": 28125,
|
|
3422
3422
|
"byte_end": 32523,
|
|
3423
3423
|
"bytes": 4398,
|
|
3424
|
-
"h3_count":
|
|
3424
|
+
"h3_count": 0
|
|
3425
3425
|
},
|
|
3426
3426
|
{
|
|
3427
3427
|
"name": "Compliance Theater Check",
|
|
@@ -3515,7 +3515,7 @@
|
|
|
3515
3515
|
"byte_start": 40269,
|
|
3516
3516
|
"byte_end": 43223,
|
|
3517
3517
|
"bytes": 2954,
|
|
3518
|
-
"h3_count":
|
|
3518
|
+
"h3_count": 0
|
|
3519
3519
|
},
|
|
3520
3520
|
{
|
|
3521
3521
|
"name": "Compliance Theater Check",
|
|
@@ -3609,7 +3609,7 @@
|
|
|
3609
3609
|
"byte_start": 32702,
|
|
3610
3610
|
"byte_end": 36368,
|
|
3611
3611
|
"bytes": 3666,
|
|
3612
|
-
"h3_count":
|
|
3612
|
+
"h3_count": 0
|
|
3613
3613
|
},
|
|
3614
3614
|
{
|
|
3615
3615
|
"name": "Compliance Theater Check",
|
|
@@ -3703,7 +3703,7 @@
|
|
|
3703
3703
|
"byte_start": 33207,
|
|
3704
3704
|
"byte_end": 36629,
|
|
3705
3705
|
"bytes": 3422,
|
|
3706
|
-
"h3_count":
|
|
3706
|
+
"h3_count": 0
|
|
3707
3707
|
},
|
|
3708
3708
|
{
|
|
3709
3709
|
"name": "Compliance Theater Check",
|
|
@@ -4079,7 +4079,7 @@
|
|
|
4079
4079
|
"byte_start": 49575,
|
|
4080
4080
|
"byte_end": 54909,
|
|
4081
4081
|
"bytes": 5334,
|
|
4082
|
-
"h3_count":
|
|
4082
|
+
"h3_count": 0
|
|
4083
4083
|
},
|
|
4084
4084
|
{
|
|
4085
4085
|
"name": "Compliance Theater Check",
|
|
@@ -4173,7 +4173,7 @@
|
|
|
4173
4173
|
"byte_start": 30423,
|
|
4174
4174
|
"byte_end": 32621,
|
|
4175
4175
|
"bytes": 2198,
|
|
4176
|
-
"h3_count":
|
|
4176
|
+
"h3_count": 0
|
|
4177
4177
|
},
|
|
4178
4178
|
{
|
|
4179
4179
|
"name": "Compliance Theater Check",
|
|
@@ -4267,7 +4267,7 @@
|
|
|
4267
4267
|
"byte_start": 30054,
|
|
4268
4268
|
"byte_end": 33237,
|
|
4269
4269
|
"bytes": 3183,
|
|
4270
|
-
"h3_count":
|
|
4270
|
+
"h3_count": 0
|
|
4271
4271
|
},
|
|
4272
4272
|
{
|
|
4273
4273
|
"name": "Compliance Theater Check",
|