@blamejs/exceptd-skills 0.9.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (136) hide show
  1. package/AGENTS.md +232 -0
  2. package/ARCHITECTURE.md +267 -0
  3. package/CHANGELOG.md +616 -0
  4. package/CONTEXT.md +203 -0
  5. package/LICENSE +200 -0
  6. package/NOTICE +82 -0
  7. package/README.md +307 -0
  8. package/SECURITY.md +73 -0
  9. package/agents/README.md +81 -0
  10. package/agents/report-generator.md +156 -0
  11. package/agents/skill-updater.md +102 -0
  12. package/agents/source-validator.md +119 -0
  13. package/agents/threat-researcher.md +149 -0
  14. package/bin/exceptd.js +183 -0
  15. package/data/_indexes/_meta.json +88 -0
  16. package/data/_indexes/activity-feed.json +362 -0
  17. package/data/_indexes/catalog-summaries.json +229 -0
  18. package/data/_indexes/chains.json +7135 -0
  19. package/data/_indexes/currency.json +359 -0
  20. package/data/_indexes/did-ladders.json +451 -0
  21. package/data/_indexes/frequency.json +2072 -0
  22. package/data/_indexes/handoff-dag.json +476 -0
  23. package/data/_indexes/jurisdiction-clocks.json +967 -0
  24. package/data/_indexes/jurisdiction-map.json +536 -0
  25. package/data/_indexes/recipes.json +319 -0
  26. package/data/_indexes/section-offsets.json +3656 -0
  27. package/data/_indexes/stale-content.json +14 -0
  28. package/data/_indexes/summary-cards.json +1736 -0
  29. package/data/_indexes/theater-fingerprints.json +381 -0
  30. package/data/_indexes/token-budget.json +2137 -0
  31. package/data/_indexes/trigger-table.json +1374 -0
  32. package/data/_indexes/xref.json +818 -0
  33. package/data/atlas-ttps.json +282 -0
  34. package/data/cve-catalog.json +496 -0
  35. package/data/cwe-catalog.json +1017 -0
  36. package/data/d3fend-catalog.json +738 -0
  37. package/data/dlp-controls.json +1039 -0
  38. package/data/exploit-availability.json +67 -0
  39. package/data/framework-control-gaps.json +1255 -0
  40. package/data/global-frameworks.json +2913 -0
  41. package/data/rfc-references.json +324 -0
  42. package/data/zeroday-lessons.json +377 -0
  43. package/keys/public.pem +3 -0
  44. package/lib/framework-gap.js +328 -0
  45. package/lib/job-queue.js +195 -0
  46. package/lib/lint-skills.js +536 -0
  47. package/lib/prefetch.js +372 -0
  48. package/lib/refresh-external.js +713 -0
  49. package/lib/schemas/cve-catalog.schema.json +151 -0
  50. package/lib/schemas/manifest.schema.json +106 -0
  51. package/lib/schemas/skill-frontmatter.schema.json +113 -0
  52. package/lib/scoring.js +149 -0
  53. package/lib/sign.js +197 -0
  54. package/lib/ttp-mapper.js +80 -0
  55. package/lib/validate-catalog-meta.js +198 -0
  56. package/lib/validate-cve-catalog.js +213 -0
  57. package/lib/validate-indexes.js +83 -0
  58. package/lib/validate-package.js +162 -0
  59. package/lib/validate-vendor.js +85 -0
  60. package/lib/verify.js +216 -0
  61. package/lib/worker-pool.js +84 -0
  62. package/manifest-snapshot.json +1833 -0
  63. package/manifest.json +2108 -0
  64. package/orchestrator/README.md +124 -0
  65. package/orchestrator/dispatcher.js +140 -0
  66. package/orchestrator/event-bus.js +146 -0
  67. package/orchestrator/index.js +874 -0
  68. package/orchestrator/pipeline.js +201 -0
  69. package/orchestrator/scanner.js +327 -0
  70. package/orchestrator/scheduler.js +137 -0
  71. package/package.json +113 -0
  72. package/sbom.cdx.json +158 -0
  73. package/scripts/audit-cross-skill.js +261 -0
  74. package/scripts/audit-perf.js +160 -0
  75. package/scripts/bootstrap.js +205 -0
  76. package/scripts/build-indexes.js +721 -0
  77. package/scripts/builders/activity-feed.js +79 -0
  78. package/scripts/builders/catalog-summaries.js +67 -0
  79. package/scripts/builders/currency.js +109 -0
  80. package/scripts/builders/cwe-chains.js +105 -0
  81. package/scripts/builders/did-ladders.js +149 -0
  82. package/scripts/builders/frequency.js +89 -0
  83. package/scripts/builders/jurisdiction-clocks.js +126 -0
  84. package/scripts/builders/recipes.js +159 -0
  85. package/scripts/builders/section-offsets.js +162 -0
  86. package/scripts/builders/stale-content.js +171 -0
  87. package/scripts/builders/summary-cards.js +166 -0
  88. package/scripts/builders/theater-fingerprints.js +198 -0
  89. package/scripts/builders/token-budget.js +96 -0
  90. package/scripts/check-manifest-snapshot.js +217 -0
  91. package/scripts/predeploy.js +267 -0
  92. package/scripts/refresh-manifest-snapshot.js +57 -0
  93. package/scripts/refresh-sbom.js +222 -0
  94. package/skills/age-gates-child-safety/skill.md +456 -0
  95. package/skills/ai-attack-surface/skill.md +282 -0
  96. package/skills/ai-c2-detection/skill.md +440 -0
  97. package/skills/ai-risk-management/skill.md +311 -0
  98. package/skills/api-security/skill.md +287 -0
  99. package/skills/attack-surface-pentest/skill.md +381 -0
  100. package/skills/cloud-security/skill.md +384 -0
  101. package/skills/compliance-theater/skill.md +365 -0
  102. package/skills/container-runtime-security/skill.md +379 -0
  103. package/skills/coordinated-vuln-disclosure/skill.md +473 -0
  104. package/skills/defensive-countermeasure-mapping/skill.md +300 -0
  105. package/skills/dlp-gap-analysis/skill.md +337 -0
  106. package/skills/email-security-anti-phishing/skill.md +206 -0
  107. package/skills/exploit-scoring/skill.md +331 -0
  108. package/skills/framework-gap-analysis/skill.md +374 -0
  109. package/skills/fuzz-testing-strategy/skill.md +313 -0
  110. package/skills/global-grc/skill.md +564 -0
  111. package/skills/identity-assurance/skill.md +272 -0
  112. package/skills/incident-response-playbook/skill.md +546 -0
  113. package/skills/kernel-lpe-triage/skill.md +303 -0
  114. package/skills/mcp-agent-trust/skill.md +326 -0
  115. package/skills/mlops-security/skill.md +325 -0
  116. package/skills/ot-ics-security/skill.md +340 -0
  117. package/skills/policy-exception-gen/skill.md +437 -0
  118. package/skills/pqc-first/skill.md +546 -0
  119. package/skills/rag-pipeline-security/skill.md +294 -0
  120. package/skills/researcher/skill.md +310 -0
  121. package/skills/sector-energy/skill.md +409 -0
  122. package/skills/sector-federal-government/skill.md +302 -0
  123. package/skills/sector-financial/skill.md +398 -0
  124. package/skills/sector-healthcare/skill.md +373 -0
  125. package/skills/security-maturity-tiers/skill.md +464 -0
  126. package/skills/skill-update-loop/skill.md +463 -0
  127. package/skills/supply-chain-integrity/skill.md +318 -0
  128. package/skills/threat-model-currency/skill.md +404 -0
  129. package/skills/threat-modeling-methodology/skill.md +312 -0
  130. package/skills/webapp-security/skill.md +281 -0
  131. package/skills/zeroday-gap-learn/skill.md +350 -0
  132. package/vendor/blamejs/LICENSE +201 -0
  133. package/vendor/blamejs/README.md +54 -0
  134. package/vendor/blamejs/_PROVENANCE.json +54 -0
  135. package/vendor/blamejs/retry.js +335 -0
  136. package/vendor/blamejs/worker-pool.js +418 -0
package/data/_indexes/frequency.json ADDED
@@ -0,0 +1,2072 @@
1
+ {
2
+ "_meta": {
3
+ "schema_version": "1.0.0",
4
+ "note": "Citation-count tables per catalog field. top_cited surfaces load-bearing entries; orphan_adjacent identifies entries cited by exactly one skill; uncited identifies catalog entries with zero skill references (review whether they should be culled or whether a skill should pick them up).",
5
+ "fields_indexed": [
6
+ "cwe_refs",
7
+ "d3fend_refs",
8
+ "framework_gaps",
9
+ "atlas_refs",
10
+ "attack_refs",
11
+ "rfc_refs",
12
+ "dlp_refs"
13
+ ]
14
+ },
15
+ "counts": {
16
+ "cwe_refs": {
17
+ "CWE-125": {
18
+ "count": 2,
19
+ "skills": [
20
+ "fuzz-testing-strategy",
21
+ "kernel-lpe-triage"
22
+ ]
23
+ },
24
+ "CWE-362": {
25
+ "count": 2,
26
+ "skills": [
27
+ "fuzz-testing-strategy",
28
+ "kernel-lpe-triage"
29
+ ]
30
+ },
31
+ "CWE-416": {
32
+ "count": 2,
33
+ "skills": [
34
+ "fuzz-testing-strategy",
35
+ "kernel-lpe-triage"
36
+ ]
37
+ },
38
+ "CWE-672": {
39
+ "count": 1,
40
+ "skills": [
41
+ "kernel-lpe-triage"
42
+ ]
43
+ },
44
+ "CWE-787": {
45
+ "count": 4,
46
+ "skills": [
47
+ "attack-surface-pentest",
48
+ "container-runtime-security",
49
+ "fuzz-testing-strategy",
50
+ "kernel-lpe-triage"
51
+ ]
52
+ },
53
+ "CWE-1039": {
54
+ "count": 2,
55
+ "skills": [
56
+ "ai-attack-surface",
57
+ "ai-risk-management"
58
+ ]
59
+ },
60
+ "CWE-1426": {
61
+ "count": 6,
62
+ "skills": [
63
+ "ai-attack-surface",
64
+ "ai-risk-management",
65
+ "dlp-gap-analysis",
66
+ "mlops-security",
67
+ "rag-pipeline-security",
68
+ "sector-healthcare"
69
+ ]
70
+ },
71
+ "CWE-94": {
72
+ "count": 3,
73
+ "skills": [
74
+ "ai-attack-surface",
75
+ "mcp-agent-trust",
76
+ "webapp-security"
77
+ ]
78
+ },
79
+ "CWE-22": {
80
+ "count": 4,
81
+ "skills": [
82
+ "api-security",
83
+ "attack-surface-pentest",
84
+ "mcp-agent-trust",
85
+ "webapp-security"
86
+ ]
87
+ },
88
+ "CWE-345": {
89
+ "count": 1,
90
+ "skills": [
91
+ "mcp-agent-trust"
92
+ ]
93
+ },
94
+ "CWE-352": {
95
+ "count": 5,
96
+ "skills": [
97
+ "api-security",
98
+ "attack-surface-pentest",
99
+ "mcp-agent-trust",
100
+ "sector-financial",
101
+ "webapp-security"
102
+ ]
103
+ },
104
+ "CWE-434": {
105
+ "count": 3,
106
+ "skills": [
107
+ "attack-surface-pentest",
108
+ "mcp-agent-trust",
109
+ "webapp-security"
110
+ ]
111
+ },
112
+ "CWE-494": {
113
+ "count": 2,
114
+ "skills": [
115
+ "mcp-agent-trust",
116
+ "supply-chain-integrity"
117
+ ]
118
+ },
119
+ "CWE-77": {
120
+ "count": 3,
121
+ "skills": [
122
+ "api-security",
123
+ "mcp-agent-trust",
124
+ "webapp-security"
125
+ ]
126
+ },
127
+ "CWE-918": {
128
+ "count": 4,
129
+ "skills": [
130
+ "api-security",
131
+ "attack-surface-pentest",
132
+ "mcp-agent-trust",
133
+ "webapp-security"
134
+ ]
135
+ },
136
+ "CWE-1395": {
137
+ "count": 6,
138
+ "skills": [
139
+ "attack-surface-pentest",
140
+ "container-runtime-security",
141
+ "mlops-security",
142
+ "rag-pipeline-security",
143
+ "sector-federal-government",
144
+ "supply-chain-integrity"
145
+ ]
146
+ },
147
+ "CWE-1188": {
148
+ "count": 6,
149
+ "skills": [
150
+ "api-security",
151
+ "cloud-security",
152
+ "container-runtime-security",
153
+ "policy-exception-gen",
154
+ "security-maturity-tiers",
155
+ "webapp-security"
156
+ ]
157
+ },
158
+ "CWE-327": {
159
+ "count": 1,
160
+ "skills": [
161
+ "pqc-first"
162
+ ]
163
+ },
164
+ "CWE-269": {
165
+ "count": 4,
166
+ "skills": [
167
+ "attack-surface-pentest",
168
+ "container-runtime-security",
169
+ "identity-assurance",
170
+ "webapp-security"
171
+ ]
172
+ },
173
+ "CWE-732": {
174
+ "count": 5,
175
+ "skills": [
176
+ "attack-surface-pentest",
177
+ "cloud-security",
178
+ "container-runtime-security",
179
+ "identity-assurance",
180
+ "webapp-security"
181
+ ]
182
+ },
183
+ "CWE-78": {
184
+ "count": 3,
185
+ "skills": [
186
+ "attack-surface-pentest",
187
+ "fuzz-testing-strategy",
188
+ "webapp-security"
189
+ ]
190
+ },
191
+ "CWE-79": {
192
+ "count": 2,
193
+ "skills": [
194
+ "attack-surface-pentest",
195
+ "webapp-security"
196
+ ]
197
+ },
198
+ "CWE-89": {
199
+ "count": 2,
200
+ "skills": [
201
+ "attack-surface-pentest",
202
+ "webapp-security"
203
+ ]
204
+ },
205
+ "CWE-20": {
206
+ "count": 1,
207
+ "skills": [
208
+ "fuzz-testing-strategy"
209
+ ]
210
+ },
211
+ "CWE-200": {
212
+ "count": 6,
213
+ "skills": [
214
+ "age-gates-child-safety",
215
+ "api-security",
216
+ "cloud-security",
217
+ "dlp-gap-analysis",
218
+ "sector-healthcare",
219
+ "webapp-security"
220
+ ]
221
+ },
222
+ "CWE-1357": {
223
+ "count": 4,
224
+ "skills": [
225
+ "coordinated-vuln-disclosure",
226
+ "mlops-security",
227
+ "sector-federal-government",
228
+ "supply-chain-integrity"
229
+ ]
230
+ },
231
+ "CWE-502": {
232
+ "count": 3,
233
+ "skills": [
234
+ "mlops-security",
235
+ "supply-chain-integrity",
236
+ "webapp-security"
237
+ ]
238
+ },
239
+ "CWE-829": {
240
+ "count": 2,
241
+ "skills": [
242
+ "sector-federal-government",
243
+ "supply-chain-integrity"
244
+ ]
245
+ },
246
+ "CWE-287": {
247
+ "count": 9,
248
+ "skills": [
249
+ "age-gates-child-safety",
250
+ "api-security",
251
+ "cloud-security",
252
+ "identity-assurance",
253
+ "ot-ics-security",
254
+ "sector-energy",
255
+ "sector-financial",
256
+ "sector-healthcare",
257
+ "webapp-security"
258
+ ]
259
+ },
260
+ "CWE-306": {
261
+ "count": 3,
262
+ "skills": [
263
+ "identity-assurance",
264
+ "ot-ics-security",
265
+ "sector-energy"
266
+ ]
267
+ },
268
+ "CWE-798": {
269
+ "count": 5,
270
+ "skills": [
271
+ "cloud-security",
272
+ "identity-assurance",
273
+ "ot-ics-security",
274
+ "sector-energy",
275
+ "sector-financial"
276
+ ]
277
+ },
278
+ "CWE-862": {
279
+ "count": 7,
280
+ "skills": [
281
+ "age-gates-child-safety",
282
+ "api-security",
283
+ "cloud-security",
284
+ "identity-assurance",
285
+ "sector-financial",
286
+ "sector-healthcare",
287
+ "webapp-security"
288
+ ]
289
+ },
290
+ "CWE-863": {
291
+ "count": 4,
292
+ "skills": [
293
+ "api-security",
294
+ "identity-assurance",
295
+ "sector-financial",
296
+ "webapp-security"
297
+ ]
298
+ },
299
+ "CWE-1037": {
300
+ "count": 2,
301
+ "skills": [
302
+ "ot-ics-security",
303
+ "sector-energy"
304
+ ]
305
+ }
306
+ },
307
+ "d3fend_refs": {
308
+ "D3-ASLR": {
309
+ "count": 2,
310
+ "skills": [
311
+ "defensive-countermeasure-mapping",
312
+ "kernel-lpe-triage"
313
+ ]
314
+ },
315
+ "D3-EAL": {
316
+ "count": 7,
317
+ "skills": [
318
+ "attack-surface-pentest",
319
+ "defensive-countermeasure-mapping",
320
+ "dlp-gap-analysis",
321
+ "fuzz-testing-strategy",
322
+ "kernel-lpe-triage",
323
+ "mcp-agent-trust",
324
+ "supply-chain-integrity"
325
+ ]
326
+ },
327
+ "D3-PHRA": {
328
+ "count": 2,
329
+ "skills": [
330
+ "defensive-countermeasure-mapping",
331
+ "kernel-lpe-triage"
332
+ ]
333
+ },
334
+ "D3-PSEP": {
335
+ "count": 3,
336
+ "skills": [
337
+ "defensive-countermeasure-mapping",
338
+ "fuzz-testing-strategy",
339
+ "kernel-lpe-triage"
340
+ ]
341
+ },
342
+ "D3-IOPR": {
343
+ "count": 6,
344
+ "skills": [
345
+ "ai-attack-surface",
346
+ "ai-c2-detection",
347
+ "defensive-countermeasure-mapping",
348
+ "dlp-gap-analysis",
349
+ "fuzz-testing-strategy",
350
+ "rag-pipeline-security"
351
+ ]
352
+ },
353
+ "D3-NTA": {
354
+ "count": 6,
355
+ "skills": [
356
+ "ai-attack-surface",
357
+ "ai-c2-detection",
358
+ "attack-surface-pentest",
359
+ "defensive-countermeasure-mapping",
360
+ "dlp-gap-analysis",
361
+ "rag-pipeline-security"
362
+ ]
363
+ },
364
+ "D3-CBAN": {
365
+ "count": 3,
366
+ "skills": [
367
+ "defensive-countermeasure-mapping",
368
+ "mcp-agent-trust",
369
+ "supply-chain-integrity"
370
+ ]
371
+ },
372
+ "D3-CSPP": {
373
+ "count": 6,
374
+ "skills": [
375
+ "ai-c2-detection",
376
+ "attack-surface-pentest",
377
+ "defensive-countermeasure-mapping",
378
+ "dlp-gap-analysis",
379
+ "mcp-agent-trust",
380
+ "rag-pipeline-security"
381
+ ]
382
+ },
383
+ "D3-EHB": {
384
+ "count": 3,
385
+ "skills": [
386
+ "defensive-countermeasure-mapping",
387
+ "mcp-agent-trust",
388
+ "supply-chain-integrity"
389
+ ]
390
+ },
391
+ "D3-MFA": {
392
+ "count": 2,
393
+ "skills": [
394
+ "defensive-countermeasure-mapping",
395
+ "mcp-agent-trust"
396
+ ]
397
+ },
398
+ "D3-CA": {
399
+ "count": 2,
400
+ "skills": [
401
+ "ai-c2-detection",
402
+ "defensive-countermeasure-mapping"
403
+ ]
404
+ },
405
+ "D3-DA": {
406
+ "count": 2,
407
+ "skills": [
408
+ "ai-c2-detection",
409
+ "defensive-countermeasure-mapping"
410
+ ]
411
+ },
412
+ "D3-NI": {
413
+ "count": 2,
414
+ "skills": [
415
+ "ai-c2-detection",
416
+ "defensive-countermeasure-mapping"
417
+ ]
418
+ },
419
+ "D3-NTPM": {
420
+ "count": 3,
421
+ "skills": [
422
+ "ai-c2-detection",
423
+ "defensive-countermeasure-mapping",
424
+ "dlp-gap-analysis"
425
+ ]
426
+ },
427
+ "D3-FE": {
428
+ "count": 2,
429
+ "skills": [
430
+ "defensive-countermeasure-mapping",
431
+ "pqc-first"
432
+ ]
433
+ },
434
+ "D3-MENCR": {
435
+ "count": 2,
436
+ "skills": [
437
+ "defensive-countermeasure-mapping",
438
+ "pqc-first"
439
+ ]
440
+ },
441
+ "D3-FAPA": {
442
+ "count": 1,
443
+ "skills": [
444
+ "defensive-countermeasure-mapping"
445
+ ]
446
+ },
447
+ "D3-PA": {
448
+ "count": 1,
449
+ "skills": [
450
+ "defensive-countermeasure-mapping"
451
+ ]
452
+ },
453
+ "D3-RPA": {
454
+ "count": 1,
455
+ "skills": [
456
+ "defensive-countermeasure-mapping"
457
+ ]
458
+ },
459
+ "D3-SCP": {
460
+ "count": 1,
461
+ "skills": [
462
+ "defensive-countermeasure-mapping"
463
+ ]
464
+ }
465
+ },
466
+ "framework_gaps": {
467
+ "NIST-800-53-SI-2": {
468
+ "count": 1,
469
+ "skills": [
470
+ "kernel-lpe-triage"
471
+ ]
472
+ },
473
+ "ISO-27001-2022-A.8.8": {
474
+ "count": 2,
475
+ "skills": [
476
+ "coordinated-vuln-disclosure",
477
+ "kernel-lpe-triage"
478
+ ]
479
+ },
480
+ "PCI-DSS-4.0-6.3.3": {
481
+ "count": 1,
482
+ "skills": [
483
+ "kernel-lpe-triage"
484
+ ]
485
+ },
486
+ "NIS2-Art21-patch-management": {
487
+ "count": 4,
488
+ "skills": [
489
+ "attack-surface-pentest",
490
+ "kernel-lpe-triage",
491
+ "ot-ics-security",
492
+ "sector-energy"
493
+ ]
494
+ },
495
+ "NIST-800-53-SC-8": {
496
+ "count": 2,
497
+ "skills": [
498
+ "kernel-lpe-triage",
499
+ "pqc-first"
500
+ ]
501
+ },
502
+ "CIS-Controls-v8-Control7": {
503
+ "count": 2,
504
+ "skills": [
505
+ "exploit-scoring",
506
+ "kernel-lpe-triage"
507
+ ]
508
+ },
509
+ "ALL-AI-PIPELINE-INTEGRITY": {
510
+ "count": 2,
511
+ "skills": [
512
+ "ai-attack-surface",
513
+ "compliance-theater"
514
+ ]
515
+ },
516
+ "ALL-PROMPT-INJECTION-ACCESS-CONTROL": {
517
+ "count": 2,
518
+ "skills": [
519
+ "ai-attack-surface",
520
+ "compliance-theater"
521
+ ]
522
+ },
523
+ "ISO-27001-2022-A.8.28": {
524
+ "count": 6,
525
+ "skills": [
526
+ "ai-attack-surface",
527
+ "api-security",
528
+ "container-runtime-security",
529
+ "rag-pipeline-security",
530
+ "threat-modeling-methodology",
531
+ "webapp-security"
532
+ ]
533
+ },
534
+ "ISO-IEC-23894-2023-clause-7": {
535
+ "count": 3,
536
+ "skills": [
537
+ "ai-attack-surface",
538
+ "ai-risk-management",
539
+ "threat-modeling-methodology"
540
+ ]
541
+ },
542
+ "NIST-800-53-AC-2": {
543
+ "count": 7,
544
+ "skills": [
545
+ "age-gates-child-safety",
546
+ "ai-attack-surface",
547
+ "api-security",
548
+ "identity-assurance",
549
+ "incident-response-playbook",
550
+ "sector-financial",
551
+ "sector-healthcare"
552
+ ]
553
+ },
554
+ "NIST-800-53-SI-3": {
555
+ "count": 3,
556
+ "skills": [
557
+ "ai-attack-surface",
558
+ "ai-c2-detection",
559
+ "email-security-anti-phishing"
560
+ ]
561
+ },
562
+ "OWASP-LLM-Top-10-2025-LLM01": {
563
+ "count": 3,
564
+ "skills": [
565
+ "ai-attack-surface",
566
+ "ai-risk-management",
567
+ "webapp-security"
568
+ ]
569
+ },
570
+ "OWASP-LLM-Top-10-2025-LLM02": {
571
+ "count": 1,
572
+ "skills": [
573
+ "ai-attack-surface"
574
+ ]
575
+ },
576
+ "SOC2-CC6-logical-access": {
577
+ "count": 4,
578
+ "skills": [
579
+ "age-gates-child-safety",
580
+ "ai-attack-surface",
581
+ "identity-assurance",
582
+ "sector-financial"
583
+ ]
584
+ },
585
+ "ALL-MCP-TOOL-TRUST": {
586
+ "count": 1,
587
+ "skills": [
588
+ "mcp-agent-trust"
589
+ ]
590
+ },
591
+ "ISO-27001-2022-A.8.30": {
592
+ "count": 5,
593
+ "skills": [
594
+ "age-gates-child-safety",
595
+ "cloud-security",
596
+ "identity-assurance",
597
+ "mcp-agent-trust",
598
+ "sector-healthcare"
599
+ ]
600
+ },
601
+ "NIST-800-53-CM-7": {
602
+ "count": 3,
603
+ "skills": [
604
+ "cloud-security",
605
+ "container-runtime-security",
606
+ "mcp-agent-trust"
607
+ ]
608
+ },
609
+ "NIST-800-53-SA-12": {
610
+ "count": 2,
611
+ "skills": [
612
+ "mcp-agent-trust",
613
+ "supply-chain-integrity"
614
+ ]
615
+ },
616
+ "OWASP-LLM-Top-10-2025-LLM06": {
617
+ "count": 1,
618
+ "skills": [
619
+ "mcp-agent-trust"
620
+ ]
621
+ },
622
+ "SOC2-CC9-vendor-management": {
623
+ "count": 3,
624
+ "skills": [
625
+ "cloud-security",
626
+ "coordinated-vuln-disclosure",
627
+ "mcp-agent-trust"
628
+ ]
629
+ },
630
+ "SWIFT-CSCF-v2026-1.1": {
631
+ "count": 3,
632
+ "skills": [
633
+ "mcp-agent-trust",
634
+ "sector-financial",
635
+ "supply-chain-integrity"
636
+ ]
637
+ },
638
+ "FedRAMP-Rev5-Moderate": {
639
+ "count": 4,
640
+ "skills": [
641
+ "cloud-security",
642
+ "compliance-theater",
643
+ "sector-federal-government",
644
+ "supply-chain-integrity"
645
+ ]
646
+ },
647
+ "CMMC-2.0-Level-2": {
648
+ "count": 3,
649
+ "skills": [
650
+ "compliance-theater",
651
+ "sector-federal-government",
652
+ "supply-chain-integrity"
653
+ ]
654
+ },
655
+ "CWE-Top-25-2024-meta": {
656
+ "count": 1,
657
+ "skills": [
658
+ "exploit-scoring"
659
+ ]
660
+ },
661
+ "NIST-800-53-SI-12": {
662
+ "count": 1,
663
+ "skills": [
664
+ "rag-pipeline-security"
665
+ ]
666
+ },
667
+ "NIST-AI-RMF-MEASURE-2.5": {
668
+ "count": 3,
669
+ "skills": [
670
+ "ai-risk-management",
671
+ "mlops-security",
672
+ "rag-pipeline-security"
673
+ ]
674
+ },
675
+ "OWASP-LLM-Top-10-2025-LLM08": {
676
+ "count": 2,
677
+ "skills": [
678
+ "mlops-security",
679
+ "rag-pipeline-security"
680
+ ]
681
+ },
682
+ "NIST-800-53-SC-7": {
683
+ "count": 2,
684
+ "skills": [
685
+ "ai-c2-detection",
686
+ "dlp-gap-analysis"
687
+ ]
688
+ },
689
+ "ISO-27001-2022-A.8.16": {
690
+ "count": 4,
691
+ "skills": [
692
+ "ai-c2-detection",
693
+ "dlp-gap-analysis",
694
+ "email-security-anti-phishing",
695
+ "incident-response-playbook"
696
+ ]
697
+ },
698
+ "SOC2-CC7-anomaly-detection": {
699
+ "count": 4,
700
+ "skills": [
701
+ "ai-c2-detection",
702
+ "dlp-gap-analysis",
703
+ "email-security-anti-phishing",
704
+ "incident-response-playbook"
705
+ ]
706
+ },
707
+ "NIST-800-53-SC-28": {
708
+ "count": 2,
709
+ "skills": [
710
+ "dlp-gap-analysis",
711
+ "pqc-first"
712
+ ]
713
+ },
714
+ "NIST-800-115": {
715
+ "count": 2,
716
+ "skills": [
717
+ "attack-surface-pentest",
718
+ "fuzz-testing-strategy"
719
+ ]
720
+ },
721
+ "OWASP-Pen-Testing-Guide-v5": {
722
+ "count": 1,
723
+ "skills": [
724
+ "attack-surface-pentest"
725
+ ]
726
+ },
727
+ "PTES-Pre-engagement": {
728
+ "count": 1,
729
+ "skills": [
730
+ "attack-surface-pentest"
731
+ ]
732
+ },
733
+ "NIST-800-218-SSDF": {
734
+ "count": 8,
735
+ "skills": [
736
+ "api-security",
737
+ "coordinated-vuln-disclosure",
738
+ "fuzz-testing-strategy",
739
+ "mlops-security",
740
+ "sector-federal-government",
741
+ "supply-chain-integrity",
742
+ "threat-modeling-methodology",
743
+ "webapp-security"
744
+ ]
745
+ },
746
+ "OWASP-ASVS-v5.0-V14": {
747
+ "count": 3,
748
+ "skills": [
749
+ "api-security",
750
+ "fuzz-testing-strategy",
751
+ "webapp-security"
752
+ ]
753
+ },
754
+ "ISO-IEC-42001-2023-clause-6.1.2": {
755
+ "count": 4,
756
+ "skills": [
757
+ "ai-risk-management",
758
+ "dlp-gap-analysis",
759
+ "mlops-security",
760
+ "threat-modeling-methodology"
761
+ ]
762
+ },
763
+ "HIPAA-Security-Rule-164.312(a)(1)": {
764
+ "count": 2,
765
+ "skills": [
766
+ "dlp-gap-analysis",
767
+ "sector-healthcare"
768
+ ]
769
+ },
770
+ "SLSA-v1.0-Build-L3": {
771
+ "count": 4,
772
+ "skills": [
773
+ "container-runtime-security",
774
+ "mlops-security",
775
+ "sector-federal-government",
776
+ "supply-chain-integrity"
777
+ ]
778
+ },
779
+ "VEX-CSAF-v2.1": {
780
+ "count": 1,
781
+ "skills": [
782
+ "supply-chain-integrity"
783
+ ]
784
+ },
785
+ "CycloneDX-v1.6-SBOM": {
786
+ "count": 1,
787
+ "skills": [
788
+ "supply-chain-integrity"
789
+ ]
790
+ },
791
+ "SPDX-v3.0-SBOM": {
792
+ "count": 1,
793
+ "skills": [
794
+ "supply-chain-integrity"
795
+ ]
796
+ },
797
+ "HITRUST-CSF-v11.4-09.l": {
798
+ "count": 2,
799
+ "skills": [
800
+ "sector-healthcare",
801
+ "supply-chain-integrity"
802
+ ]
803
+ },
804
+ "NIST-800-63B-rev4": {
805
+ "count": 1,
806
+ "skills": [
807
+ "identity-assurance"
808
+ ]
809
+ },
810
+ "PSD2-RTS-SCA": {
811
+ "count": 2,
812
+ "skills": [
813
+ "identity-assurance",
814
+ "sector-financial"
815
+ ]
816
+ },
817
+ "NIST-800-82r3": {
818
+ "count": 2,
819
+ "skills": [
820
+ "ot-ics-security",
821
+ "sector-energy"
822
+ ]
823
+ },
824
+ "IEC-62443-3-3": {
825
+ "count": 2,
826
+ "skills": [
827
+ "ot-ics-security",
828
+ "sector-energy"
829
+ ]
830
+ },
831
+ "NERC-CIP-007-6-R4": {
832
+ "count": 2,
833
+ "skills": [
834
+ "ot-ics-security",
835
+ "sector-energy"
836
+ ]
837
+ }
838
+ },
839
+ "atlas_refs": {
840
+ "AML.T0043": {
841
+ "count": 5,
842
+ "skills": [
843
+ "ai-attack-surface",
844
+ "attack-surface-pentest",
845
+ "fuzz-testing-strategy",
846
+ "mlops-security",
847
+ "rag-pipeline-security"
848
+ ]
849
+ },
850
+ "AML.T0051": {
851
+ "count": 9,
852
+ "skills": [
853
+ "ai-attack-surface",
854
+ "ai-risk-management",
855
+ "attack-surface-pentest",
856
+ "dlp-gap-analysis",
857
+ "identity-assurance",
858
+ "incident-response-playbook",
859
+ "rag-pipeline-security",
860
+ "sector-healthcare",
861
+ "webapp-security"
862
+ ]
863
+ },
864
+ "AML.T0054": {
865
+ "count": 2,
866
+ "skills": [
867
+ "ai-attack-surface",
868
+ "rag-pipeline-security"
869
+ ]
870
+ },
871
+ "AML.T0020": {
872
+ "count": 3,
873
+ "skills": [
874
+ "ai-attack-surface",
875
+ "mlops-security",
876
+ "rag-pipeline-security"
877
+ ]
878
+ },
879
+ "AML.T0096": {
880
+ "count": 8,
881
+ "skills": [
882
+ "ai-attack-surface",
883
+ "ai-c2-detection",
884
+ "ai-risk-management",
885
+ "api-security",
886
+ "dlp-gap-analysis",
887
+ "incident-response-playbook",
888
+ "mcp-agent-trust",
889
+ "sector-financial"
890
+ ]
891
+ },
892
+ "AML.T0016": {
893
+ "count": 2,
894
+ "skills": [
895
+ "ai-attack-surface",
896
+ "mcp-agent-trust"
897
+ ]
898
+ },
899
+ "AML.T0017": {
900
+ "count": 10,
901
+ "skills": [
902
+ "ai-attack-surface",
903
+ "ai-c2-detection",
904
+ "ai-risk-management",
905
+ "api-security",
906
+ "cloud-security",
907
+ "dlp-gap-analysis",
908
+ "incident-response-playbook",
909
+ "mlops-security",
910
+ "sector-financial",
911
+ "sector-healthcare"
912
+ ]
913
+ },
914
+ "AML.T0018": {
915
+ "count": 3,
916
+ "skills": [
917
+ "ai-attack-surface",
918
+ "mlops-security",
919
+ "supply-chain-integrity"
920
+ ]
921
+ },
922
+ "AML.T0010": {
923
+ "count": 7,
924
+ "skills": [
925
+ "attack-surface-pentest",
926
+ "cloud-security",
927
+ "container-runtime-security",
928
+ "mcp-agent-trust",
929
+ "mlops-security",
930
+ "ot-ics-security",
931
+ "supply-chain-integrity"
932
+ ]
933
+ }
934
+ },
935
+ "attack_refs": {
936
+ "T1068": {
937
+ "count": 3,
938
+ "skills": [
939
+ "container-runtime-security",
940
+ "kernel-lpe-triage",
941
+ "ot-ics-security"
942
+ ]
943
+ },
944
+ "T1548.001": {
945
+ "count": 1,
946
+ "skills": [
947
+ "kernel-lpe-triage"
948
+ ]
949
+ },
950
+ "T1566": {
951
+ "count": 2,
952
+ "skills": [
953
+ "ai-attack-surface",
954
+ "email-security-anti-phishing"
955
+ ]
956
+ },
957
+ "T1059": {
958
+ "count": 4,
959
+ "skills": [
960
+ "ai-attack-surface",
961
+ "attack-surface-pentest",
962
+ "mcp-agent-trust",
963
+ "webapp-security"
964
+ ]
965
+ },
966
+ "T1190": {
967
+ "count": 12,
968
+ "skills": [
969
+ "ai-attack-surface",
970
+ "api-security",
971
+ "attack-surface-pentest",
972
+ "cloud-security",
973
+ "container-runtime-security",
974
+ "fuzz-testing-strategy",
975
+ "mcp-agent-trust",
976
+ "ot-ics-security",
977
+ "sector-energy",
978
+ "sector-federal-government",
979
+ "sector-financial",
980
+ "webapp-security"
981
+ ]
982
+ },
983
+ "T1195.001": {
984
+ "count": 4,
985
+ "skills": [
986
+ "mcp-agent-trust",
987
+ "mlops-security",
988
+ "sector-federal-government",
989
+ "supply-chain-integrity"
990
+ ]
991
+ },
992
+ "T1565": {
993
+ "count": 2,
994
+ "skills": [
995
+ "mlops-security",
996
+ "rag-pipeline-security"
997
+ ]
998
+ },
999
+ "T1071": {
1000
+ "count": 1,
1001
+ "skills": [
1002
+ "ai-c2-detection"
1003
+ ]
1004
+ },
1005
+ "T1102": {
1006
+ "count": 1,
1007
+ "skills": [
1008
+ "ai-c2-detection"
1009
+ ]
1010
+ },
1011
+ "T1568": {
1012
+ "count": 1,
1013
+ "skills": [
1014
+ "ai-c2-detection"
1015
+ ]
1016
+ },
1017
+ "T1133": {
1018
+ "count": 1,
1019
+ "skills": [
1020
+ "attack-surface-pentest"
1021
+ ]
1022
+ },
1023
+ "T1078": {
1024
+ "count": 10,
1025
+ "skills": [
1026
+ "age-gates-child-safety",
1027
+ "api-security",
1028
+ "attack-surface-pentest",
1029
+ "cloud-security",
1030
+ "email-security-anti-phishing",
1031
+ "identity-assurance",
1032
+ "incident-response-playbook",
1033
+ "sector-energy",
1034
+ "sector-financial",
1035
+ "sector-healthcare"
1036
+ ]
1037
+ },
1038
+ "T1567": {
1039
+ "count": 6,
1040
+ "skills": [
1041
+ "age-gates-child-safety",
1042
+ "api-security",
1043
+ "dlp-gap-analysis",
1044
+ "incident-response-playbook",
1045
+ "sector-financial",
1046
+ "sector-healthcare"
1047
+ ]
1048
+ },
1049
+ "T1530": {
1050
+ "count": 3,
1051
+ "skills": [
1052
+ "cloud-security",
1053
+ "dlp-gap-analysis",
1054
+ "sector-healthcare"
1055
+ ]
1056
+ },
1057
+ "T1213": {
1058
+ "count": 1,
1059
+ "skills": [
1060
+ "dlp-gap-analysis"
1061
+ ]
1062
+ },
1063
+ "T1041": {
1064
+ "count": 2,
1065
+ "skills": [
1066
+ "dlp-gap-analysis",
1067
+ "incident-response-playbook"
1068
+ ]
1069
+ },
1070
+ "T1195.002": {
1071
+ "count": 1,
1072
+ "skills": [
1073
+ "supply-chain-integrity"
1074
+ ]
1075
+ },
1076
+ "T1554": {
1077
+ "count": 2,
1078
+ "skills": [
1079
+ "sector-federal-government",
1080
+ "supply-chain-integrity"
1081
+ ]
1082
+ },
1083
+ "T1556": {
1084
+ "count": 1,
1085
+ "skills": [
1086
+ "identity-assurance"
1087
+ ]
1088
+ },
1089
+ "T1110": {
1090
+ "count": 1,
1091
+ "skills": [
1092
+ "identity-assurance"
1093
+ ]
1094
+ },
1095
+ "T0855": {
1096
+ "count": 2,
1097
+ "skills": [
1098
+ "ot-ics-security",
1099
+ "sector-energy"
1100
+ ]
1101
+ },
1102
+ "T0883": {
1103
+ "count": 2,
1104
+ "skills": [
1105
+ "ot-ics-security",
1106
+ "sector-energy"
1107
+ ]
1108
+ },
1109
+ "T1505": {
1110
+ "count": 1,
1111
+ "skills": [
1112
+ "webapp-security"
1113
+ ]
1114
+ },
1115
+ "T1486": {
1116
+ "count": 2,
1117
+ "skills": [
1118
+ "incident-response-playbook",
1119
+ "sector-financial"
1120
+ ]
1121
+ },
1122
+ "T1552": {
1123
+ "count": 1,
1124
+ "skills": [
1125
+ "cloud-security"
1126
+ ]
1127
+ },
1128
+ "T1610": {
1129
+ "count": 1,
1130
+ "skills": [
1131
+ "container-runtime-security"
1132
+ ]
1133
+ },
1134
+ "T1611": {
1135
+ "count": 1,
1136
+ "skills": [
1137
+ "container-runtime-security"
1138
+ ]
1139
+ },
1140
+ "T1566.001": {
1141
+ "count": 1,
1142
+ "skills": [
1143
+ "email-security-anti-phishing"
1144
+ ]
1145
+ },
1146
+ "T1566.002": {
1147
+ "count": 1,
1148
+ "skills": [
1149
+ "email-security-anti-phishing"
1150
+ ]
1151
+ },
1152
+ "T1566.003": {
1153
+ "count": 1,
1154
+ "skills": [
1155
+ "email-security-anti-phishing"
1156
+ ]
1157
+ }
1158
+ },
1159
+ "rfc_refs": {
1160
+ "RFC-4301": {
1161
+ "count": 1,
1162
+ "skills": [
1163
+ "kernel-lpe-triage"
1164
+ ]
1165
+ },
1166
+ "RFC-4303": {
1167
+ "count": 1,
1168
+ "skills": [
1169
+ "kernel-lpe-triage"
1170
+ ]
1171
+ },
1172
+ "RFC-7296": {
1173
+ "count": 1,
1174
+ "skills": [
1175
+ "kernel-lpe-triage"
1176
+ ]
1177
+ },
1178
+ "RFC-6749": {
1179
+ "count": 3,
1180
+ "skills": [
1181
+ "api-security",
1182
+ "identity-assurance",
1183
+ "mcp-agent-trust"
1184
+ ]
1185
+ },
1186
+ "RFC-7519": {
1187
+ "count": 7,
1188
+ "skills": [
1189
+ "api-security",
1190
+ "cloud-security",
1191
+ "identity-assurance",
1192
+ "mcp-agent-trust",
1193
+ "sector-financial",
1194
+ "sector-healthcare",
1195
+ "webapp-security"
1196
+ ]
1197
+ },
1198
+ "RFC-8446": {
1199
+ "count": 10,
1200
+ "skills": [
1201
+ "ai-c2-detection",
1202
+ "api-security",
1203
+ "cloud-security",
1204
+ "container-runtime-security",
1205
+ "dlp-gap-analysis",
1206
+ "mcp-agent-trust",
1207
+ "pqc-first",
1208
+ "sector-federal-government",
1209
+ "sector-financial",
1210
+ "webapp-security"
1211
+ ]
1212
+ },
1213
+ "RFC-8725": {
1214
+ "count": 6,
1215
+ "skills": [
1216
+ "api-security",
1217
+ "cloud-security",
1218
+ "identity-assurance",
1219
+ "mcp-agent-trust",
1220
+ "sector-financial",
1221
+ "webapp-security"
1222
+ ]
1223
+ },
1224
+ "RFC-9114": {
1225
+ "count": 4,
1226
+ "skills": [
1227
+ "ai-c2-detection",
1228
+ "api-security",
1229
+ "mcp-agent-trust",
1230
+ "webapp-security"
1231
+ ]
1232
+ },
1233
+ "RFC-9421": {
1234
+ "count": 5,
1235
+ "skills": [
1236
+ "ai-c2-detection",
1237
+ "api-security",
1238
+ "mcp-agent-trust",
1239
+ "sector-financial",
1240
+ "sector-healthcare"
1241
+ ]
1242
+ },
1243
+ "RFC-9700": {
1244
+ "count": 3,
1245
+ "skills": [
1246
+ "api-security",
1247
+ "identity-assurance",
1248
+ "mcp-agent-trust"
1249
+ ]
1250
+ },
1251
+ "RFC-9180": {
1252
+ "count": 3,
1253
+ "skills": [
1254
+ "ai-c2-detection",
1255
+ "cloud-security",
1256
+ "pqc-first"
1257
+ ]
1258
+ },
1259
+ "RFC-9458": {
1260
+ "count": 2,
1261
+ "skills": [
1262
+ "ai-c2-detection",
1263
+ "dlp-gap-analysis"
1264
+ ]
1265
+ },
1266
+ "RFC-9000": {
1267
+ "count": 1,
1268
+ "skills": [
1269
+ "ai-c2-detection"
1270
+ ]
1271
+ },
1272
+ "DRAFT-IETF-TLS-ECDHE-MLKEM": {
1273
+ "count": 1,
1274
+ "skills": [
1275
+ "pqc-first"
1276
+ ]
1277
+ },
1278
+ "DRAFT-IETF-TLS-HYBRID-DESIGN": {
1279
+ "count": 1,
1280
+ "skills": [
1281
+ "pqc-first"
1282
+ ]
1283
+ },
1284
+ "RFC-9420": {
1285
+ "count": 1,
1286
+ "skills": [
1287
+ "pqc-first"
1288
+ ]
1289
+ },
1290
+ "RFC-9794": {
1291
+ "count": 1,
1292
+ "skills": [
1293
+ "pqc-first"
1294
+ ]
1295
+ },
1296
+ "RFC-8032": {
1297
+ "count": 6,
1298
+ "skills": [
1299
+ "container-runtime-security",
1300
+ "identity-assurance",
1301
+ "mlops-security",
1302
+ "pqc-first",
1303
+ "sector-federal-government",
1304
+ "supply-chain-integrity"
1305
+ ]
1306
+ },
1307
+ "RFC-9106": {
1308
+ "count": 1,
1309
+ "skills": [
1310
+ "pqc-first"
1311
+ ]
1312
+ }
1313
+ },
1314
+ "dlp_refs": {}
1315
+ },
1316
+ "top_cited": {
1317
+ "cwe_refs": [
1318
+ {
1319
+ "id": "CWE-287",
1320
+ "count": 9,
1321
+ "skills": [
1322
+ "age-gates-child-safety",
1323
+ "api-security",
1324
+ "cloud-security",
1325
+ "identity-assurance",
1326
+ "ot-ics-security",
1327
+ "sector-energy",
1328
+ "sector-financial",
1329
+ "sector-healthcare",
1330
+ "webapp-security"
1331
+ ]
1332
+ },
1333
+ {
1334
+ "id": "CWE-862",
1335
+ "count": 7,
1336
+ "skills": [
1337
+ "age-gates-child-safety",
1338
+ "api-security",
1339
+ "cloud-security",
1340
+ "identity-assurance",
1341
+ "sector-financial",
1342
+ "sector-healthcare",
1343
+ "webapp-security"
1344
+ ]
1345
+ },
1346
+ {
1347
+ "id": "CWE-1188",
1348
+ "count": 6,
1349
+ "skills": [
1350
+ "api-security",
1351
+ "cloud-security",
1352
+ "container-runtime-security",
1353
+ "policy-exception-gen",
1354
+ "security-maturity-tiers",
1355
+ "webapp-security"
1356
+ ]
1357
+ },
1358
+ {
1359
+ "id": "CWE-1395",
1360
+ "count": 6,
1361
+ "skills": [
1362
+ "attack-surface-pentest",
1363
+ "container-runtime-security",
1364
+ "mlops-security",
1365
+ "rag-pipeline-security",
1366
+ "sector-federal-government",
1367
+ "supply-chain-integrity"
1368
+ ]
1369
+ },
1370
+ {
1371
+ "id": "CWE-1426",
1372
+ "count": 6,
1373
+ "skills": [
1374
+ "ai-attack-surface",
1375
+ "ai-risk-management",
1376
+ "dlp-gap-analysis",
1377
+ "mlops-security",
1378
+ "rag-pipeline-security",
1379
+ "sector-healthcare"
1380
+ ]
1381
+ },
1382
+ {
1383
+ "id": "CWE-200",
1384
+ "count": 6,
1385
+ "skills": [
1386
+ "age-gates-child-safety",
1387
+ "api-security",
1388
+ "cloud-security",
1389
+ "dlp-gap-analysis",
1390
+ "sector-healthcare",
1391
+ "webapp-security"
1392
+ ]
1393
+ },
1394
+ {
1395
+ "id": "CWE-352",
1396
+ "count": 5,
1397
+ "skills": [
1398
+ "api-security",
1399
+ "attack-surface-pentest",
1400
+ "mcp-agent-trust",
1401
+ "sector-financial",
1402
+ "webapp-security"
1403
+ ]
1404
+ },
1405
+ {
1406
+ "id": "CWE-732",
1407
+ "count": 5,
1408
+ "skills": [
1409
+ "attack-surface-pentest",
1410
+ "cloud-security",
1411
+ "container-runtime-security",
1412
+ "identity-assurance",
1413
+ "webapp-security"
1414
+ ]
1415
+ },
1416
+ {
1417
+ "id": "CWE-798",
1418
+ "count": 5,
1419
+ "skills": [
1420
+ "cloud-security",
1421
+ "identity-assurance",
1422
+ "ot-ics-security",
1423
+ "sector-energy",
1424
+ "sector-financial"
1425
+ ]
1426
+ },
1427
+ {
1428
+ "id": "CWE-1357",
1429
+ "count": 4,
1430
+ "skills": [
1431
+ "coordinated-vuln-disclosure",
1432
+ "mlops-security",
1433
+ "sector-federal-government",
1434
+ "supply-chain-integrity"
1435
+ ]
1436
+ }
1437
+ ],
1438
+ "d3fend_refs": [
1439
+ {
1440
+ "id": "D3-EAL",
1441
+ "count": 7,
1442
+ "skills": [
1443
+ "attack-surface-pentest",
1444
+ "defensive-countermeasure-mapping",
1445
+ "dlp-gap-analysis",
1446
+ "fuzz-testing-strategy",
1447
+ "kernel-lpe-triage",
1448
+ "mcp-agent-trust",
1449
+ "supply-chain-integrity"
1450
+ ]
1451
+ },
1452
+ {
1453
+ "id": "D3-CSPP",
1454
+ "count": 6,
1455
+ "skills": [
1456
+ "ai-c2-detection",
1457
+ "attack-surface-pentest",
1458
+ "defensive-countermeasure-mapping",
1459
+ "dlp-gap-analysis",
1460
+ "mcp-agent-trust",
1461
+ "rag-pipeline-security"
1462
+ ]
1463
+ },
1464
+ {
1465
+ "id": "D3-IOPR",
1466
+ "count": 6,
1467
+ "skills": [
1468
+ "ai-attack-surface",
1469
+ "ai-c2-detection",
1470
+ "defensive-countermeasure-mapping",
1471
+ "dlp-gap-analysis",
1472
+ "fuzz-testing-strategy",
1473
+ "rag-pipeline-security"
1474
+ ]
1475
+ },
1476
+ {
1477
+ "id": "D3-NTA",
1478
+ "count": 6,
1479
+ "skills": [
1480
+ "ai-attack-surface",
1481
+ "ai-c2-detection",
1482
+ "attack-surface-pentest",
1483
+ "defensive-countermeasure-mapping",
1484
+ "dlp-gap-analysis",
1485
+ "rag-pipeline-security"
1486
+ ]
1487
+ },
1488
+ {
1489
+ "id": "D3-CBAN",
1490
+ "count": 3,
1491
+ "skills": [
1492
+ "defensive-countermeasure-mapping",
1493
+ "mcp-agent-trust",
1494
+ "supply-chain-integrity"
1495
+ ]
1496
+ },
1497
+ {
1498
+ "id": "D3-EHB",
1499
+ "count": 3,
1500
+ "skills": [
1501
+ "defensive-countermeasure-mapping",
1502
+ "mcp-agent-trust",
1503
+ "supply-chain-integrity"
1504
+ ]
1505
+ },
1506
+ {
1507
+ "id": "D3-NTPM",
1508
+ "count": 3,
1509
+ "skills": [
1510
+ "ai-c2-detection",
1511
+ "defensive-countermeasure-mapping",
1512
+ "dlp-gap-analysis"
1513
+ ]
1514
+ },
1515
+ {
1516
+ "id": "D3-PSEP",
1517
+ "count": 3,
1518
+ "skills": [
1519
+ "defensive-countermeasure-mapping",
1520
+ "fuzz-testing-strategy",
1521
+ "kernel-lpe-triage"
1522
+ ]
1523
+ },
1524
+ {
1525
+ "id": "D3-ASLR",
1526
+ "count": 2,
1527
+ "skills": [
1528
+ "defensive-countermeasure-mapping",
1529
+ "kernel-lpe-triage"
1530
+ ]
1531
+ },
1532
+ {
1533
+ "id": "D3-CA",
1534
+ "count": 2,
1535
+ "skills": [
1536
+ "ai-c2-detection",
1537
+ "defensive-countermeasure-mapping"
1538
+ ]
1539
+ }
1540
+ ],
1541
+ "framework_gaps": [
1542
+ {
1543
+ "id": "NIST-800-218-SSDF",
1544
+ "count": 8,
1545
+ "skills": [
1546
+ "api-security",
1547
+ "coordinated-vuln-disclosure",
1548
+ "fuzz-testing-strategy",
1549
+ "mlops-security",
1550
+ "sector-federal-government",
1551
+ "supply-chain-integrity",
1552
+ "threat-modeling-methodology",
1553
+ "webapp-security"
1554
+ ]
1555
+ },
1556
+ {
1557
+ "id": "NIST-800-53-AC-2",
1558
+ "count": 7,
1559
+ "skills": [
1560
+ "age-gates-child-safety",
1561
+ "ai-attack-surface",
1562
+ "api-security",
1563
+ "identity-assurance",
1564
+ "incident-response-playbook",
1565
+ "sector-financial",
1566
+ "sector-healthcare"
1567
+ ]
1568
+ },
1569
+ {
1570
+ "id": "ISO-27001-2022-A.8.28",
1571
+ "count": 6,
1572
+ "skills": [
1573
+ "ai-attack-surface",
1574
+ "api-security",
1575
+ "container-runtime-security",
1576
+ "rag-pipeline-security",
1577
+ "threat-modeling-methodology",
1578
+ "webapp-security"
1579
+ ]
1580
+ },
1581
+ {
1582
+ "id": "ISO-27001-2022-A.8.30",
1583
+ "count": 5,
1584
+ "skills": [
1585
+ "age-gates-child-safety",
1586
+ "cloud-security",
1587
+ "identity-assurance",
1588
+ "mcp-agent-trust",
1589
+ "sector-healthcare"
1590
+ ]
1591
+ },
1592
+ {
1593
+ "id": "FedRAMP-Rev5-Moderate",
1594
+ "count": 4,
1595
+ "skills": [
1596
+ "cloud-security",
1597
+ "compliance-theater",
1598
+ "sector-federal-government",
1599
+ "supply-chain-integrity"
1600
+ ]
1601
+ },
1602
+ {
1603
+ "id": "ISO-27001-2022-A.8.16",
1604
+ "count": 4,
1605
+ "skills": [
1606
+ "ai-c2-detection",
1607
+ "dlp-gap-analysis",
1608
+ "email-security-anti-phishing",
1609
+ "incident-response-playbook"
1610
+ ]
1611
+ },
1612
+ {
1613
+ "id": "ISO-IEC-42001-2023-clause-6.1.2",
1614
+ "count": 4,
1615
+ "skills": [
1616
+ "ai-risk-management",
1617
+ "dlp-gap-analysis",
1618
+ "mlops-security",
1619
+ "threat-modeling-methodology"
1620
+ ]
1621
+ },
1622
+ {
1623
+ "id": "NIS2-Art21-patch-management",
1624
+ "count": 4,
1625
+ "skills": [
1626
+ "attack-surface-pentest",
1627
+ "kernel-lpe-triage",
1628
+ "ot-ics-security",
1629
+ "sector-energy"
1630
+ ]
1631
+ },
1632
+ {
1633
+ "id": "SLSA-v1.0-Build-L3",
1634
+ "count": 4,
1635
+ "skills": [
1636
+ "container-runtime-security",
1637
+ "mlops-security",
1638
+ "sector-federal-government",
1639
+ "supply-chain-integrity"
1640
+ ]
1641
+ },
1642
+ {
1643
+ "id": "SOC2-CC6-logical-access",
1644
+ "count": 4,
1645
+ "skills": [
1646
+ "age-gates-child-safety",
1647
+ "ai-attack-surface",
1648
+ "identity-assurance",
1649
+ "sector-financial"
1650
+ ]
1651
+ }
1652
+ ],
1653
+ "atlas_refs": [
1654
+ {
1655
+ "id": "AML.T0017",
1656
+ "count": 10,
1657
+ "skills": [
1658
+ "ai-attack-surface",
1659
+ "ai-c2-detection",
1660
+ "ai-risk-management",
1661
+ "api-security",
1662
+ "cloud-security",
1663
+ "dlp-gap-analysis",
1664
+ "incident-response-playbook",
1665
+ "mlops-security",
1666
+ "sector-financial",
1667
+ "sector-healthcare"
1668
+ ]
1669
+ },
1670
+ {
1671
+ "id": "AML.T0051",
1672
+ "count": 9,
1673
+ "skills": [
1674
+ "ai-attack-surface",
1675
+ "ai-risk-management",
1676
+ "attack-surface-pentest",
1677
+ "dlp-gap-analysis",
1678
+ "identity-assurance",
1679
+ "incident-response-playbook",
1680
+ "rag-pipeline-security",
1681
+ "sector-healthcare",
1682
+ "webapp-security"
1683
+ ]
1684
+ },
1685
+ {
1686
+ "id": "AML.T0096",
1687
+ "count": 8,
1688
+ "skills": [
1689
+ "ai-attack-surface",
1690
+ "ai-c2-detection",
1691
+ "ai-risk-management",
1692
+ "api-security",
1693
+ "dlp-gap-analysis",
1694
+ "incident-response-playbook",
1695
+ "mcp-agent-trust",
1696
+ "sector-financial"
1697
+ ]
1698
+ },
1699
+ {
1700
+ "id": "AML.T0010",
1701
+ "count": 7,
1702
+ "skills": [
1703
+ "attack-surface-pentest",
1704
+ "cloud-security",
1705
+ "container-runtime-security",
1706
+ "mcp-agent-trust",
1707
+ "mlops-security",
1708
+ "ot-ics-security",
1709
+ "supply-chain-integrity"
1710
+ ]
1711
+ },
1712
+ {
1713
+ "id": "AML.T0043",
1714
+ "count": 5,
1715
+ "skills": [
1716
+ "ai-attack-surface",
1717
+ "attack-surface-pentest",
1718
+ "fuzz-testing-strategy",
1719
+ "mlops-security",
1720
+ "rag-pipeline-security"
1721
+ ]
1722
+ },
1723
+ {
1724
+ "id": "AML.T0018",
1725
+ "count": 3,
1726
+ "skills": [
1727
+ "ai-attack-surface",
1728
+ "mlops-security",
1729
+ "supply-chain-integrity"
1730
+ ]
1731
+ },
1732
+ {
1733
+ "id": "AML.T0020",
1734
+ "count": 3,
1735
+ "skills": [
1736
+ "ai-attack-surface",
1737
+ "mlops-security",
1738
+ "rag-pipeline-security"
1739
+ ]
1740
+ },
1741
+ {
1742
+ "id": "AML.T0016",
1743
+ "count": 2,
1744
+ "skills": [
1745
+ "ai-attack-surface",
1746
+ "mcp-agent-trust"
1747
+ ]
1748
+ },
1749
+ {
1750
+ "id": "AML.T0054",
1751
+ "count": 2,
1752
+ "skills": [
1753
+ "ai-attack-surface",
1754
+ "rag-pipeline-security"
1755
+ ]
1756
+ }
1757
+ ],
1758
+ "attack_refs": [
1759
+ {
1760
+ "id": "T1190",
1761
+ "count": 12,
1762
+ "skills": [
1763
+ "ai-attack-surface",
1764
+ "api-security",
1765
+ "attack-surface-pentest",
1766
+ "cloud-security",
1767
+ "container-runtime-security",
1768
+ "fuzz-testing-strategy",
1769
+ "mcp-agent-trust",
1770
+ "ot-ics-security",
1771
+ "sector-energy",
1772
+ "sector-federal-government",
1773
+ "sector-financial",
1774
+ "webapp-security"
1775
+ ]
1776
+ },
1777
+ {
1778
+ "id": "T1078",
1779
+ "count": 10,
1780
+ "skills": [
1781
+ "age-gates-child-safety",
1782
+ "api-security",
1783
+ "attack-surface-pentest",
1784
+ "cloud-security",
1785
+ "email-security-anti-phishing",
1786
+ "identity-assurance",
1787
+ "incident-response-playbook",
1788
+ "sector-energy",
1789
+ "sector-financial",
1790
+ "sector-healthcare"
1791
+ ]
1792
+ },
1793
+ {
1794
+ "id": "T1567",
1795
+ "count": 6,
1796
+ "skills": [
1797
+ "age-gates-child-safety",
1798
+ "api-security",
1799
+ "dlp-gap-analysis",
1800
+ "incident-response-playbook",
1801
+ "sector-financial",
1802
+ "sector-healthcare"
1803
+ ]
1804
+ },
1805
+ {
1806
+ "id": "T1059",
1807
+ "count": 4,
1808
+ "skills": [
1809
+ "ai-attack-surface",
1810
+ "attack-surface-pentest",
1811
+ "mcp-agent-trust",
1812
+ "webapp-security"
1813
+ ]
1814
+ },
1815
+ {
1816
+ "id": "T1195.001",
1817
+ "count": 4,
1818
+ "skills": [
1819
+ "mcp-agent-trust",
1820
+ "mlops-security",
1821
+ "sector-federal-government",
1822
+ "supply-chain-integrity"
1823
+ ]
1824
+ },
1825
+ {
1826
+ "id": "T1068",
1827
+ "count": 3,
1828
+ "skills": [
1829
+ "container-runtime-security",
1830
+ "kernel-lpe-triage",
1831
+ "ot-ics-security"
1832
+ ]
1833
+ },
1834
+ {
1835
+ "id": "T1530",
1836
+ "count": 3,
1837
+ "skills": [
1838
+ "cloud-security",
1839
+ "dlp-gap-analysis",
1840
+ "sector-healthcare"
1841
+ ]
1842
+ },
1843
+ {
1844
+ "id": "T0855",
1845
+ "count": 2,
1846
+ "skills": [
1847
+ "ot-ics-security",
1848
+ "sector-energy"
1849
+ ]
1850
+ },
1851
+ {
1852
+ "id": "T0883",
1853
+ "count": 2,
1854
+ "skills": [
1855
+ "ot-ics-security",
1856
+ "sector-energy"
1857
+ ]
1858
+ },
1859
+ {
1860
+ "id": "T1041",
1861
+ "count": 2,
1862
+ "skills": [
1863
+ "dlp-gap-analysis",
1864
+ "incident-response-playbook"
1865
+ ]
1866
+ }
1867
+ ],
1868
+ "rfc_refs": [
1869
+ {
1870
+ "id": "RFC-8446",
1871
+ "count": 10,
1872
+ "skills": [
1873
+ "ai-c2-detection",
1874
+ "api-security",
1875
+ "cloud-security",
1876
+ "container-runtime-security",
1877
+ "dlp-gap-analysis",
1878
+ "mcp-agent-trust",
1879
+ "pqc-first",
1880
+ "sector-federal-government",
1881
+ "sector-financial",
1882
+ "webapp-security"
1883
+ ]
1884
+ },
1885
+ {
1886
+ "id": "RFC-7519",
1887
+ "count": 7,
1888
+ "skills": [
1889
+ "api-security",
1890
+ "cloud-security",
1891
+ "identity-assurance",
1892
+ "mcp-agent-trust",
1893
+ "sector-financial",
1894
+ "sector-healthcare",
1895
+ "webapp-security"
1896
+ ]
1897
+ },
1898
+ {
1899
+ "id": "RFC-8032",
1900
+ "count": 6,
1901
+ "skills": [
1902
+ "container-runtime-security",
1903
+ "identity-assurance",
1904
+ "mlops-security",
1905
+ "pqc-first",
1906
+ "sector-federal-government",
1907
+ "supply-chain-integrity"
1908
+ ]
1909
+ },
1910
+ {
1911
+ "id": "RFC-8725",
1912
+ "count": 6,
1913
+ "skills": [
1914
+ "api-security",
1915
+ "cloud-security",
1916
+ "identity-assurance",
1917
+ "mcp-agent-trust",
1918
+ "sector-financial",
1919
+ "webapp-security"
1920
+ ]
1921
+ },
1922
+ {
1923
+ "id": "RFC-9421",
1924
+ "count": 5,
1925
+ "skills": [
1926
+ "ai-c2-detection",
1927
+ "api-security",
1928
+ "mcp-agent-trust",
1929
+ "sector-financial",
1930
+ "sector-healthcare"
1931
+ ]
1932
+ },
1933
+ {
1934
+ "id": "RFC-9114",
1935
+ "count": 4,
1936
+ "skills": [
1937
+ "ai-c2-detection",
1938
+ "api-security",
1939
+ "mcp-agent-trust",
1940
+ "webapp-security"
1941
+ ]
1942
+ },
1943
+ {
1944
+ "id": "RFC-6749",
1945
+ "count": 3,
1946
+ "skills": [
1947
+ "api-security",
1948
+ "identity-assurance",
1949
+ "mcp-agent-trust"
1950
+ ]
1951
+ },
1952
+ {
1953
+ "id": "RFC-9180",
1954
+ "count": 3,
1955
+ "skills": [
1956
+ "ai-c2-detection",
1957
+ "cloud-security",
1958
+ "pqc-first"
1959
+ ]
1960
+ },
1961
+ {
1962
+ "id": "RFC-9700",
1963
+ "count": 3,
1964
+ "skills": [
1965
+ "api-security",
1966
+ "identity-assurance",
1967
+ "mcp-agent-trust"
1968
+ ]
1969
+ },
1970
+ {
1971
+ "id": "RFC-9458",
1972
+ "count": 2,
1973
+ "skills": [
1974
+ "ai-c2-detection",
1975
+ "dlp-gap-analysis"
1976
+ ]
1977
+ }
1978
+ ],
1979
+ "dlp_refs": []
1980
+ },
1981
+ "orphan_adjacent": {
1982
+ "cwe_refs": [
1983
+ "CWE-20",
1984
+ "CWE-327",
1985
+ "CWE-345",
1986
+ "CWE-672"
1987
+ ],
1988
+ "d3fend_refs": [
1989
+ "D3-FAPA",
1990
+ "D3-PA",
1991
+ "D3-RPA",
1992
+ "D3-SCP"
1993
+ ],
1994
+ "framework_gaps": [
1995
+ "ALL-MCP-TOOL-TRUST",
1996
+ "CWE-Top-25-2024-meta",
1997
+ "CycloneDX-v1.6-SBOM",
1998
+ "NIST-800-53-SI-12",
1999
+ "NIST-800-53-SI-2",
2000
+ "NIST-800-63B-rev4",
2001
+ "OWASP-LLM-Top-10-2025-LLM02",
2002
+ "OWASP-LLM-Top-10-2025-LLM06",
2003
+ "OWASP-Pen-Testing-Guide-v5",
2004
+ "PCI-DSS-4.0-6.3.3",
2005
+ "PTES-Pre-engagement",
2006
+ "SPDX-v3.0-SBOM",
2007
+ "VEX-CSAF-v2.1"
2008
+ ],
2009
+ "atlas_refs": [],
2010
+ "attack_refs": [
2011
+ "T1071",
2012
+ "T1102",
2013
+ "T1110",
2014
+ "T1133",
2015
+ "T1195.002",
2016
+ "T1213",
2017
+ "T1505",
2018
+ "T1548.001",
2019
+ "T1552",
2020
+ "T1556",
2021
+ "T1566.001",
2022
+ "T1566.002",
2023
+ "T1566.003",
2024
+ "T1568",
2025
+ "T1610",
2026
+ "T1611"
2027
+ ],
2028
+ "rfc_refs": [
2029
+ "DRAFT-IETF-TLS-ECDHE-MLKEM",
2030
+ "DRAFT-IETF-TLS-HYBRID-DESIGN",
2031
+ "RFC-4301",
2032
+ "RFC-4303",
2033
+ "RFC-7296",
2034
+ "RFC-9000",
2035
+ "RFC-9106",
2036
+ "RFC-9420",
2037
+ "RFC-9794"
2038
+ ],
2039
+ "dlp_refs": []
2040
+ },
2041
+ "uncited": {
2042
+ "cwe_refs": [],
2043
+ "atlas_refs": [],
2044
+ "d3fend_refs": [],
2045
+ "framework_gaps": [],
2046
+ "rfc_refs": [],
2047
+ "dlp_refs": [
2048
+ "DLP-CHAN-CLIPBOARD-AI",
2049
+ "DLP-CHAN-CODE-COMPLETION",
2050
+ "DLP-CHAN-EMAIL-OUT",
2051
+ "DLP-CHAN-IDE-TELEMETRY",
2052
+ "DLP-CHAN-LLM-CONTEXT",
2053
+ "DLP-CHAN-LLM-PROMPT",
2054
+ "DLP-CHAN-MCP-TOOL-ARG",
2055
+ "DLP-CHAN-USB-REMOVABLE",
2056
+ "DLP-CHAN-WEB-UPLOAD",
2057
+ "DLP-CLASS-EMBEDDING-MATCH",
2058
+ "DLP-CLASS-ML-CLASSIFIER",
2059
+ "DLP-CLASS-REGEX-PII",
2060
+ "DLP-CLASS-WATERMARK",
2061
+ "DLP-ENFORCE-BLOCK",
2062
+ "DLP-ENFORCE-COACH",
2063
+ "DLP-ENFORCE-REDACT",
2064
+ "DLP-EVIDENCE-AUDIT",
2065
+ "DLP-EVIDENCE-FORENSICS",
2066
+ "DLP-LAG-LEGACY-SCOPE",
2067
+ "DLP-SURFACE-EMBEDDING-STORE",
2068
+ "DLP-SURFACE-RAG-CORPUS",
2069
+ "DLP-SURFACE-TRAINING-DATA"
2070
+ ]
2071
+ }
2072
+ }