@blamejs/exceptd-skills 0.9.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (136) hide show
  1. package/AGENTS.md +232 -0
  2. package/ARCHITECTURE.md +267 -0
  3. package/CHANGELOG.md +616 -0
  4. package/CONTEXT.md +203 -0
  5. package/LICENSE +200 -0
  6. package/NOTICE +82 -0
  7. package/README.md +307 -0
  8. package/SECURITY.md +73 -0
  9. package/agents/README.md +81 -0
  10. package/agents/report-generator.md +156 -0
  11. package/agents/skill-updater.md +102 -0
  12. package/agents/source-validator.md +119 -0
  13. package/agents/threat-researcher.md +149 -0
  14. package/bin/exceptd.js +183 -0
  15. package/data/_indexes/_meta.json +88 -0
  16. package/data/_indexes/activity-feed.json +362 -0
  17. package/data/_indexes/catalog-summaries.json +229 -0
  18. package/data/_indexes/chains.json +7135 -0
  19. package/data/_indexes/currency.json +359 -0
  20. package/data/_indexes/did-ladders.json +451 -0
  21. package/data/_indexes/frequency.json +2072 -0
  22. package/data/_indexes/handoff-dag.json +476 -0
  23. package/data/_indexes/jurisdiction-clocks.json +967 -0
  24. package/data/_indexes/jurisdiction-map.json +536 -0
  25. package/data/_indexes/recipes.json +319 -0
  26. package/data/_indexes/section-offsets.json +3656 -0
  27. package/data/_indexes/stale-content.json +14 -0
  28. package/data/_indexes/summary-cards.json +1736 -0
  29. package/data/_indexes/theater-fingerprints.json +381 -0
  30. package/data/_indexes/token-budget.json +2137 -0
  31. package/data/_indexes/trigger-table.json +1374 -0
  32. package/data/_indexes/xref.json +818 -0
  33. package/data/atlas-ttps.json +282 -0
  34. package/data/cve-catalog.json +496 -0
  35. package/data/cwe-catalog.json +1017 -0
  36. package/data/d3fend-catalog.json +738 -0
  37. package/data/dlp-controls.json +1039 -0
  38. package/data/exploit-availability.json +67 -0
  39. package/data/framework-control-gaps.json +1255 -0
  40. package/data/global-frameworks.json +2913 -0
  41. package/data/rfc-references.json +324 -0
  42. package/data/zeroday-lessons.json +377 -0
  43. package/keys/public.pem +3 -0
  44. package/lib/framework-gap.js +328 -0
  45. package/lib/job-queue.js +195 -0
  46. package/lib/lint-skills.js +536 -0
  47. package/lib/prefetch.js +372 -0
  48. package/lib/refresh-external.js +713 -0
  49. package/lib/schemas/cve-catalog.schema.json +151 -0
  50. package/lib/schemas/manifest.schema.json +106 -0
  51. package/lib/schemas/skill-frontmatter.schema.json +113 -0
  52. package/lib/scoring.js +149 -0
  53. package/lib/sign.js +197 -0
  54. package/lib/ttp-mapper.js +80 -0
  55. package/lib/validate-catalog-meta.js +198 -0
  56. package/lib/validate-cve-catalog.js +213 -0
  57. package/lib/validate-indexes.js +83 -0
  58. package/lib/validate-package.js +162 -0
  59. package/lib/validate-vendor.js +85 -0
  60. package/lib/verify.js +216 -0
  61. package/lib/worker-pool.js +84 -0
  62. package/manifest-snapshot.json +1833 -0
  63. package/manifest.json +2108 -0
  64. package/orchestrator/README.md +124 -0
  65. package/orchestrator/dispatcher.js +140 -0
  66. package/orchestrator/event-bus.js +146 -0
  67. package/orchestrator/index.js +874 -0
  68. package/orchestrator/pipeline.js +201 -0
  69. package/orchestrator/scanner.js +327 -0
  70. package/orchestrator/scheduler.js +137 -0
  71. package/package.json +113 -0
  72. package/sbom.cdx.json +158 -0
  73. package/scripts/audit-cross-skill.js +261 -0
  74. package/scripts/audit-perf.js +160 -0
  75. package/scripts/bootstrap.js +205 -0
  76. package/scripts/build-indexes.js +721 -0
  77. package/scripts/builders/activity-feed.js +79 -0
  78. package/scripts/builders/catalog-summaries.js +67 -0
  79. package/scripts/builders/currency.js +109 -0
  80. package/scripts/builders/cwe-chains.js +105 -0
  81. package/scripts/builders/did-ladders.js +149 -0
  82. package/scripts/builders/frequency.js +89 -0
  83. package/scripts/builders/jurisdiction-clocks.js +126 -0
  84. package/scripts/builders/recipes.js +159 -0
  85. package/scripts/builders/section-offsets.js +162 -0
  86. package/scripts/builders/stale-content.js +171 -0
  87. package/scripts/builders/summary-cards.js +166 -0
  88. package/scripts/builders/theater-fingerprints.js +198 -0
  89. package/scripts/builders/token-budget.js +96 -0
  90. package/scripts/check-manifest-snapshot.js +217 -0
  91. package/scripts/predeploy.js +267 -0
  92. package/scripts/refresh-manifest-snapshot.js +57 -0
  93. package/scripts/refresh-sbom.js +222 -0
  94. package/skills/age-gates-child-safety/skill.md +456 -0
  95. package/skills/ai-attack-surface/skill.md +282 -0
  96. package/skills/ai-c2-detection/skill.md +440 -0
  97. package/skills/ai-risk-management/skill.md +311 -0
  98. package/skills/api-security/skill.md +287 -0
  99. package/skills/attack-surface-pentest/skill.md +381 -0
  100. package/skills/cloud-security/skill.md +384 -0
  101. package/skills/compliance-theater/skill.md +365 -0
  102. package/skills/container-runtime-security/skill.md +379 -0
  103. package/skills/coordinated-vuln-disclosure/skill.md +473 -0
  104. package/skills/defensive-countermeasure-mapping/skill.md +300 -0
  105. package/skills/dlp-gap-analysis/skill.md +337 -0
  106. package/skills/email-security-anti-phishing/skill.md +206 -0
  107. package/skills/exploit-scoring/skill.md +331 -0
  108. package/skills/framework-gap-analysis/skill.md +374 -0
  109. package/skills/fuzz-testing-strategy/skill.md +313 -0
  110. package/skills/global-grc/skill.md +564 -0
  111. package/skills/identity-assurance/skill.md +272 -0
  112. package/skills/incident-response-playbook/skill.md +546 -0
  113. package/skills/kernel-lpe-triage/skill.md +303 -0
  114. package/skills/mcp-agent-trust/skill.md +326 -0
  115. package/skills/mlops-security/skill.md +325 -0
  116. package/skills/ot-ics-security/skill.md +340 -0
  117. package/skills/policy-exception-gen/skill.md +437 -0
  118. package/skills/pqc-first/skill.md +546 -0
  119. package/skills/rag-pipeline-security/skill.md +294 -0
  120. package/skills/researcher/skill.md +310 -0
  121. package/skills/sector-energy/skill.md +409 -0
  122. package/skills/sector-federal-government/skill.md +302 -0
  123. package/skills/sector-financial/skill.md +398 -0
  124. package/skills/sector-healthcare/skill.md +373 -0
  125. package/skills/security-maturity-tiers/skill.md +464 -0
  126. package/skills/skill-update-loop/skill.md +463 -0
  127. package/skills/supply-chain-integrity/skill.md +318 -0
  128. package/skills/threat-model-currency/skill.md +404 -0
  129. package/skills/threat-modeling-methodology/skill.md +312 -0
  130. package/skills/webapp-security/skill.md +281 -0
  131. package/skills/zeroday-gap-learn/skill.md +350 -0
  132. package/vendor/blamejs/LICENSE +201 -0
  133. package/vendor/blamejs/README.md +54 -0
  134. package/vendor/blamejs/_PROVENANCE.json +54 -0
  135. package/vendor/blamejs/retry.js +335 -0
  136. package/vendor/blamejs/worker-pool.js +418 -0
package/data/_indexes/section-offsets.json ADDED
@@ -0,0 +1,3656 @@
1
+ {
2
+ "_meta": {
3
+ "schema_version": "1.0.0",
4
+ "note": "Per-skill byte/line offsets of every H2 section. Use byte_start/byte_end to slice a specific section. normalized_name collapses phrasing variants (e.g. 'Threat Context (mid-2026)' → 'threat-context').",
5
+ "canonical_section_names": [
6
+ "threat-context",
7
+ "framework-lag-declaration",
8
+ "ttp-mapping",
9
+ "exploit-availability-matrix",
10
+ "compliance-theater-check",
11
+ "analysis-procedure",
12
+ "defensive-countermeasure-mapping",
13
+ "output-format",
14
+ "hand-off",
15
+ "detection-rules",
16
+ "exposure-assessment"
17
+ ]
18
+ },
19
+ "skills": {
20
+ "kernel-lpe-triage": {
21
+ "path": "skills/kernel-lpe-triage/skill.md",
22
+ "total_bytes": 19039,
23
+ "total_lines": 304,
24
+ "frontmatter": {
25
+ "line_start": 1,
26
+ "line_end": 45,
27
+ "byte_start": 0,
28
+ "byte_end": 853
29
+ },
30
+ "sections": [
31
+ {
32
+ "name": "Threat Context (mid-2026)",
33
+ "normalized_name": "threat-context",
34
+ "line": 49,
35
+ "byte_start": 875,
36
+ "byte_end": 4031,
37
+ "bytes": 3156,
38
+ "h3_count": 2
39
+ },
40
+ {
41
+ "name": "Framework Lag Declaration",
42
+ "normalized_name": "framework-lag-declaration",
43
+ "line": 94,
44
+ "byte_start": 4031,
45
+ "byte_end": 6550,
46
+ "bytes": 2519,
47
+ "h3_count": 0
48
+ },
49
+ {
50
+ "name": "TTP Mapping (MITRE ATT&CK Enterprise, mid-2026)",
51
+ "normalized_name": "ttp-mapping",
52
+ "line": 110,
53
+ "byte_start": 6550,
54
+ "byte_end": 9467,
55
+ "bytes": 2917,
56
+ "h3_count": 0
57
+ },
58
+ {
59
+ "name": "Exploit Availability Matrix",
60
+ "normalized_name": "exploit-availability-matrix",
61
+ "line": 127,
62
+ "byte_start": 9467,
63
+ "byte_end": 10083,
64
+ "bytes": 616,
65
+ "h3_count": 0
66
+ },
67
+ {
68
+ "name": "Analysis Procedure",
69
+ "normalized_name": "analysis-procedure",
70
+ "line": 137,
71
+ "byte_start": 10083,
72
+ "byte_end": 14674,
73
+ "bytes": 4591,
74
+ "h3_count": 6
75
+ },
76
+ {
77
+ "name": "Output Format",
78
+ "normalized_name": "output-format",
79
+ "line": 231,
80
+ "byte_start": 14674,
81
+ "byte_end": 16081,
82
+ "bytes": 1407,
83
+ "h3_count": 7
84
+ },
85
+ {
86
+ "name": "Detection Rules",
87
+ "normalized_name": "detection-rules",
88
+ "line": 272,
89
+ "byte_start": 16081,
90
+ "byte_end": 16770,
91
+ "bytes": 689,
92
+ "h3_count": 0
93
+ },
94
+ {
95
+ "name": "Hand-Off / Related Skills",
96
+ "normalized_name": "hand-off",
97
+ "line": 295,
98
+ "byte_start": 16770,
99
+ "byte_end": 19039,
100
+ "bytes": 2269,
101
+ "h3_count": 0
102
+ }
103
+ ]
104
+ },
105
+ "ai-attack-surface": {
106
+ "path": "skills/ai-attack-surface/skill.md",
107
+ "total_bytes": 16241,
108
+ "total_lines": 283,
109
+ "frontmatter": {
110
+ "line_start": 1,
111
+ "line_end": 50,
112
+ "byte_start": 0,
113
+ "byte_end": 999
114
+ },
115
+ "sections": [
116
+ {
117
+ "name": "Threat Context (mid-2026)",
118
+ "normalized_name": "threat-context",
119
+ "line": 54,
120
+ "byte_start": 1032,
121
+ "byte_end": 5860,
122
+ "bytes": 4828,
123
+ "h3_count": 9
124
+ },
125
+ {
126
+ "name": "Framework Lag Declaration",
127
+ "normalized_name": "framework-lag-declaration",
128
+ "line": 126,
129
+ "byte_start": 5860,
130
+ "byte_end": 8325,
131
+ "bytes": 2465,
132
+ "h3_count": 0
133
+ },
134
+ {
135
+ "name": "TTP Mapping (MITRE ATLAS v5.1.0)",
136
+ "normalized_name": "ttp-mapping",
137
+ "line": 143,
138
+ "byte_start": 8325,
139
+ "byte_end": 10091,
140
+ "bytes": 1766,
141
+ "h3_count": 0
142
+ },
143
+ {
144
+ "name": "Exploit Availability Matrix",
145
+ "normalized_name": "exploit-availability-matrix",
146
+ "line": 159,
147
+ "byte_start": 10091,
148
+ "byte_end": 10711,
149
+ "bytes": 620,
150
+ "h3_count": 0
151
+ },
152
+ {
153
+ "name": "Analysis Procedure",
154
+ "normalized_name": "analysis-procedure",
155
+ "line": 171,
156
+ "byte_start": 10711,
157
+ "byte_end": 14038,
158
+ "bytes": 3327,
159
+ "h3_count": 6
160
+ },
161
+ {
162
+ "name": "Output Format",
163
+ "normalized_name": "output-format",
164
+ "line": 241,
165
+ "byte_start": 14038,
166
+ "byte_end": 15155,
167
+ "bytes": 1117,
168
+ "h3_count": 8
169
+ },
170
+ {
171
+ "name": "Compliance Theater Check",
172
+ "normalized_name": "compliance-theater-check",
173
+ "line": 278,
174
+ "byte_start": 15155,
175
+ "byte_end": 16241,
176
+ "bytes": 1086,
177
+ "h3_count": 0
178
+ }
179
+ ]
180
+ },
181
+ "mcp-agent-trust": {
182
+ "path": "skills/mcp-agent-trust/skill.md",
183
+ "total_bytes": 19649,
184
+ "total_lines": 327,
185
+ "frontmatter": {
186
+ "line_start": 1,
187
+ "line_end": 60,
188
+ "byte_start": 0,
189
+ "byte_end": 1066
190
+ },
191
+ "sections": [
192
+ {
193
+ "name": "Threat Context (mid-2026)",
194
+ "normalized_name": "threat-context",
195
+ "line": 64,
196
+ "byte_start": 1097,
197
+ "byte_end": 4470,
198
+ "bytes": 3373,
199
+ "h3_count": 3
200
+ },
201
+ {
202
+ "name": "Framework Lag Declaration",
203
+ "normalized_name": "framework-lag-declaration",
204
+ "line": 117,
205
+ "byte_start": 4470,
206
+ "byte_end": 8307,
207
+ "bytes": 3837,
208
+ "h3_count": 0
209
+ },
210
+ {
211
+ "name": "TTP Mapping",
212
+ "normalized_name": "ttp-mapping",
213
+ "line": 137,
214
+ "byte_start": 8307,
215
+ "byte_end": 9502,
216
+ "bytes": 1195,
217
+ "h3_count": 0
218
+ },
219
+ {
220
+ "name": "Exploit Availability Matrix",
221
+ "normalized_name": "exploit-availability-matrix",
222
+ "line": 150,
223
+ "byte_start": 9502,
224
+ "byte_end": 11859,
225
+ "bytes": 2357,
226
+ "h3_count": 0
227
+ },
228
+ {
229
+ "name": "Analysis Procedure",
230
+ "normalized_name": "analysis-procedure",
231
+ "line": 165,
232
+ "byte_start": 11859,
233
+ "byte_end": 15718,
234
+ "bytes": 3859,
235
+ "h3_count": 5
236
+ },
237
+ {
238
+ "name": "Output Format",
239
+ "normalized_name": "output-format",
240
+ "line": 277,
241
+ "byte_start": 15718,
242
+ "byte_end": 16695,
243
+ "bytes": 977,
244
+ "h3_count": 7
245
+ },
246
+ {
247
+ "name": "Hand-Off / Related Skills",
248
+ "normalized_name": "hand-off",
249
+ "line": 310,
250
+ "byte_start": 16695,
251
+ "byte_end": 19136,
252
+ "bytes": 2441,
253
+ "h3_count": 0
254
+ },
255
+ {
256
+ "name": "Compliance Theater Check",
257
+ "normalized_name": "compliance-theater-check",
258
+ "line": 324,
259
+ "byte_start": 19136,
260
+ "byte_end": 19649,
261
+ "bytes": 513,
262
+ "h3_count": 0
263
+ }
264
+ ]
265
+ },
266
+ "framework-gap-analysis": {
267
+ "path": "skills/framework-gap-analysis/skill.md",
268
+ "total_bytes": 25733,
269
+ "total_lines": 375,
270
+ "frontmatter": {
271
+ "line_start": 1,
272
+ "line_end": 24,
273
+ "byte_start": 0,
274
+ "byte_end": 559
275
+ },
276
+ "sections": [
277
+ {
278
+ "name": "Threat Context (mid-2026)",
279
+ "normalized_name": "threat-context",
280
+ "line": 30,
281
+ "byte_start": 817,
282
+ "byte_end": 2276,
283
+ "bytes": 1459,
284
+ "h3_count": 0
285
+ },
286
+ {
287
+ "name": "Framework Lag Declaration",
288
+ "normalized_name": "framework-lag-declaration",
289
+ "line": 40,
290
+ "byte_start": 2276,
291
+ "byte_end": 5551,
292
+ "bytes": 3275,
293
+ "h3_count": 1
294
+ },
295
+ {
296
+ "name": "TTP Mapping (MITRE ATLAS v5.1.0 and ATT&CK)",
297
+ "normalized_name": "ttp-mapping",
298
+ "line": 70,
299
+ "byte_start": 5551,
300
+ "byte_end": 7351,
301
+ "bytes": 1800,
302
+ "h3_count": 0
303
+ },
304
+ {
305
+ "name": "Exploit Availability Matrix",
306
+ "normalized_name": "exploit-availability-matrix",
307
+ "line": 88,
308
+ "byte_start": 7351,
309
+ "byte_end": 8695,
310
+ "bytes": 1344,
311
+ "h3_count": 0
312
+ },
313
+ {
314
+ "name": "Built-In Gap Catalog",
315
+ "normalized_name": "built-in-gap-catalog",
316
+ "line": 101,
317
+ "byte_start": 8695,
318
+ "byte_end": 18819,
319
+ "bytes": 10124,
320
+ "h3_count": 9
321
+ },
322
+ {
323
+ "name": "Analysis Procedure",
324
+ "normalized_name": "analysis-procedure",
325
+ "line": 232,
326
+ "byte_start": 18819,
327
+ "byte_end": 20537,
328
+ "bytes": 1718,
329
+ "h3_count": 9
330
+ },
331
+ {
332
+ "name": "Universal Gaps (No Framework Covers These Adequately)",
333
+ "normalized_name": "universal-gaps-no-framework-covers-these-adequately",
334
+ "line": 290,
335
+ "byte_start": 20537,
336
+ "byte_end": 21632,
337
+ "bytes": 1095,
338
+ "h3_count": 0
339
+ },
340
+ {
341
+ "name": "Output Format",
342
+ "normalized_name": "output-format",
343
+ "line": 310,
344
+ "byte_start": 21632,
345
+ "byte_end": 23566,
346
+ "bytes": 1934,
347
+ "h3_count": 6
348
+ },
349
+ {
350
+ "name": "Compliance Theater Check",
351
+ "normalized_name": "compliance-theater-check",
352
+ "line": 353,
353
+ "byte_start": 23566,
354
+ "byte_end": 25733,
355
+ "bytes": 2167,
356
+ "h3_count": 0
357
+ }
358
+ ]
359
+ },
360
+ "compliance-theater": {
361
+ "path": "skills/compliance-theater/skill.md",
362
+ "total_bytes": 27568,
363
+ "total_lines": 366,
364
+ "frontmatter": {
365
+ "line_start": 1,
366
+ "line_end": 25,
367
+ "byte_start": 0,
368
+ "byte_end": 662
369
+ },
370
+ "sections": [
371
+ {
372
+ "name": "Threat Context (mid-2026)",
373
+ "normalized_name": "threat-context",
374
+ "line": 35,
375
+ "byte_start": 1149,
376
+ "byte_end": 2953,
377
+ "bytes": 1804,
378
+ "h3_count": 0
379
+ },
380
+ {
381
+ "name": "Framework Lag Declaration",
382
+ "normalized_name": "framework-lag-declaration",
383
+ "line": 47,
384
+ "byte_start": 2953,
385
+ "byte_end": 6717,
386
+ "bytes": 3764,
387
+ "h3_count": 0
388
+ },
389
+ {
390
+ "name": "TTP Mapping (MITRE ATLAS v5.1.0 and ATT&CK)",
391
+ "normalized_name": "ttp-mapping",
392
+ "line": 67,
393
+ "byte_start": 6717,
394
+ "byte_end": 8891,
395
+ "bytes": 2174,
396
+ "h3_count": 0
397
+ },
398
+ {
399
+ "name": "Exploit Availability Matrix",
400
+ "normalized_name": "exploit-availability-matrix",
401
+ "line": 85,
402
+ "byte_start": 8891,
403
+ "byte_end": 10654,
404
+ "bytes": 1763,
405
+ "h3_count": 0
406
+ },
407
+ {
408
+ "name": "Theater Pattern Library",
409
+ "normalized_name": "theater-pattern-library",
410
+ "line": 103,
411
+ "byte_start": 10654,
412
+ "byte_end": 22646,
413
+ "bytes": 11992,
414
+ "h3_count": 7
415
+ },
416
+ {
417
+ "name": "Analysis Procedure",
418
+ "normalized_name": "analysis-procedure",
419
+ "line": 280,
420
+ "byte_start": 22646,
421
+ "byte_end": 23589,
422
+ "bytes": 943,
423
+ "h3_count": 4
424
+ },
425
+ {
426
+ "name": "Output Format",
427
+ "normalized_name": "output-format",
428
+ "line": 309,
429
+ "byte_start": 23589,
430
+ "byte_end": 24852,
431
+ "bytes": 1263,
432
+ "h3_count": 4
433
+ },
434
+ {
435
+ "name": "Compliance Theater Check",
436
+ "normalized_name": "compliance-theater-check",
437
+ "line": 341,
438
+ "byte_start": 24852,
439
+ "byte_end": 27568,
440
+ "bytes": 2716,
441
+ "h3_count": 0
442
+ }
443
+ ]
444
+ },
445
+ "exploit-scoring": {
446
+ "path": "skills/exploit-scoring/skill.md",
447
+ "total_bytes": 20459,
448
+ "total_lines": 332,
449
+ "frontmatter": {
450
+ "line_start": 1,
451
+ "line_end": 23,
452
+ "byte_start": 0,
453
+ "byte_end": 531
454
+ },
455
+ "sections": [
456
+ {
457
+ "name": "Threat Context (mid-2026)",
458
+ "normalized_name": "threat-context",
459
+ "line": 33,
460
+ "byte_start": 1084,
461
+ "byte_end": 2769,
462
+ "bytes": 1685,
463
+ "h3_count": 0
464
+ },
465
+ {
466
+ "name": "Framework Lag Declaration",
467
+ "normalized_name": "framework-lag-declaration",
468
+ "line": 44,
469
+ "byte_start": 2769,
470
+ "byte_end": 5179,
471
+ "bytes": 2410,
472
+ "h3_count": 0
473
+ },
474
+ {
475
+ "name": "TTP Mapping",
476
+ "normalized_name": "ttp-mapping",
477
+ "line": 61,
478
+ "byte_start": 5179,
479
+ "byte_end": 6342,
480
+ "bytes": 1163,
481
+ "h3_count": 0
482
+ },
483
+ {
484
+ "name": "Exploit Availability Matrix",
485
+ "normalized_name": "exploit-availability-matrix",
486
+ "line": 76,
487
+ "byte_start": 6342,
488
+ "byte_end": 7629,
489
+ "bytes": 1287,
490
+ "h3_count": 0
491
+ },
492
+ {
493
+ "name": "RWEP Formula",
494
+ "normalized_name": "rwep-formula",
495
+ "line": 92,
496
+ "byte_start": 7629,
497
+ "byte_end": 10495,
498
+ "bytes": 2866,
499
+ "h3_count": 1
500
+ },
501
+ {
502
+ "name": "Pre-Calculated RWEP Scores",
503
+ "normalized_name": "pre-calculated-rwep-scores",
504
+ "line": 147,
505
+ "byte_start": 10495,
506
+ "byte_end": 14523,
507
+ "bytes": 4028,
508
+ "h3_count": 4
509
+ },
510
+ {
511
+ "name": "RWEP vs. CVSS Delta Analysis",
512
+ "normalized_name": "rwep-vs-cvss-delta-analysis",
513
+ "line": 223,
514
+ "byte_start": 14523,
515
+ "byte_end": 15918,
516
+ "bytes": 1395,
517
+ "h3_count": 0
518
+ },
519
+ {
520
+ "name": "Analysis Procedure",
521
+ "normalized_name": "analysis-procedure",
522
+ "line": 247,
523
+ "byte_start": 15918,
524
+ "byte_end": 17609,
525
+ "bytes": 1691,
526
+ "h3_count": 4
527
+ },
528
+ {
529
+ "name": "Output Format",
530
+ "normalized_name": "output-format",
531
+ "line": 285,
532
+ "byte_start": 17609,
533
+ "byte_end": 18663,
534
+ "bytes": 1054,
535
+ "h3_count": 4
536
+ },
537
+ {
538
+ "name": "Compliance Theater Check",
539
+ "normalized_name": "compliance-theater-check",
540
+ "line": 323,
541
+ "byte_start": 18663,
542
+ "byte_end": 20459,
543
+ "bytes": 1796,
544
+ "h3_count": 0
545
+ }
546
+ ]
547
+ },
548
+ "rag-pipeline-security": {
549
+ "path": "skills/rag-pipeline-security/skill.md",
550
+ "total_bytes": 24056,
551
+ "total_lines": 295,
552
+ "frontmatter": {
553
+ "line_start": 1,
554
+ "line_end": 36,
555
+ "byte_start": 0,
556
+ "byte_end": 791
557
+ },
558
+ "sections": [
559
+ {
560
+ "name": "Threat Context (mid-2026)",
561
+ "normalized_name": "threat-context",
562
+ "line": 40,
563
+ "byte_start": 828,
564
+ "byte_end": 1775,
565
+ "bytes": 947,
566
+ "h3_count": 0
567
+ },
568
+ {
569
+ "name": "Attack Class 1: Embedding Manipulation for Data Exfiltration",
570
+ "normalized_name": "attack-class-1-embedding-manipulation-for-data-exfiltration",
571
+ "line": 60,
572
+ "byte_start": 1775,
573
+ "byte_end": 3416,
574
+ "bytes": 1641,
575
+ "h3_count": 0
576
+ },
577
+ {
578
+ "name": "Attack Class 2: Vector Store Poisoning",
579
+ "normalized_name": "attack-class-2-vector-store-poisoning",
580
+ "line": 81,
581
+ "byte_start": 3416,
582
+ "byte_end": 5429,
583
+ "bytes": 2013,
584
+ "h3_count": 0
585
+ },
586
+ {
587
+ "name": "Attack Class 3: Chunking Exploitation",
588
+ "normalized_name": "attack-class-3-chunking-exploitation",
589
+ "line": 105,
590
+ "byte_start": 5429,
591
+ "byte_end": 6652,
592
+ "bytes": 1223,
593
+ "h3_count": 0
594
+ },
595
+ {
596
+ "name": "Attack Class 4: Retrieval Filter Bypass",
597
+ "normalized_name": "attack-class-4-retrieval-filter-bypass",
598
+ "line": 122,
599
+ "byte_start": 6652,
600
+ "byte_end": 7855,
601
+ "bytes": 1203,
602
+ "h3_count": 0
603
+ },
604
+ {
605
+ "name": "Attack Class 5: Indirect Prompt Injection via Retrieved Documents",
606
+ "normalized_name": "attack-class-5-indirect-prompt-injection-via-retrieved-documents",
607
+ "line": 140,
608
+ "byte_start": 7855,
609
+ "byte_end": 9550,
610
+ "bytes": 1695,
611
+ "h3_count": 0
612
+ },
613
+ {
614
+ "name": "Framework Lag Declaration",
615
+ "normalized_name": "framework-lag-declaration",
616
+ "line": 161,
617
+ "byte_start": 9550,
618
+ "byte_end": 10958,
619
+ "bytes": 1408,
620
+ "h3_count": 0
621
+ },
622
+ {
623
+ "name": "TTP Mapping (MITRE ATLAS v5.1.0)",
624
+ "normalized_name": "ttp-mapping",
625
+ "line": 174,
626
+ "byte_start": 10958,
627
+ "byte_end": 14600,
628
+ "bytes": 3642,
629
+ "h3_count": 0
630
+ },
631
+ {
632
+ "name": "Exploit Availability Matrix",
633
+ "normalized_name": "exploit-availability-matrix",
634
+ "line": 188,
635
+ "byte_start": 14600,
636
+ "byte_end": 18210,
637
+ "bytes": 3610,
638
+ "h3_count": 0
639
+ },
640
+ {
641
+ "name": "Analysis Procedure",
642
+ "normalized_name": "analysis-procedure",
643
+ "line": 204,
644
+ "byte_start": 18210,
645
+ "byte_end": 19930,
646
+ "bytes": 1720,
647
+ "h3_count": 4
648
+ },
649
+ {
650
+ "name": "Output Format",
651
+ "normalized_name": "output-format",
652
+ "line": 246,
653
+ "byte_start": 19930,
654
+ "byte_end": 20773,
655
+ "bytes": 843,
656
+ "h3_count": 5
657
+ },
658
+ {
659
+ "name": "Hand-Off / Related Skills",
660
+ "normalized_name": "hand-off",
661
+ "line": 278,
662
+ "byte_start": 20773,
663
+ "byte_end": 23412,
664
+ "bytes": 2639,
665
+ "h3_count": 0
666
+ },
667
+ {
668
+ "name": "Compliance Theater Check",
669
+ "normalized_name": "compliance-theater-check",
670
+ "line": 292,
671
+ "byte_start": 23412,
672
+ "byte_end": 24056,
673
+ "bytes": 644,
674
+ "h3_count": 0
675
+ }
676
+ ]
677
+ },
678
+ "ai-c2-detection": {
679
+ "path": "skills/ai-c2-detection/skill.md",
680
+ "total_bytes": 29528,
681
+ "total_lines": 441,
682
+ "frontmatter": {
683
+ "line_start": 1,
684
+ "line_end": 47,
685
+ "byte_start": 0,
686
+ "byte_end": 839
687
+ },
688
+ "sections": [
689
+ {
690
+ "name": "Threat Context (mid-2026)",
691
+ "normalized_name": "threat-context",
692
+ "line": 51,
693
+ "byte_start": 859,
694
+ "byte_end": 5650,
695
+ "bytes": 4791,
696
+ "h3_count": 3
697
+ },
698
+ {
699
+ "name": "Framework Lag Declaration",
700
+ "normalized_name": "framework-lag-declaration",
701
+ "line": 139,
702
+ "byte_start": 5650,
703
+ "byte_end": 7136,
704
+ "bytes": 1486,
705
+ "h3_count": 0
706
+ },
707
+ {
708
+ "name": "Detection Architecture",
709
+ "normalized_name": "detection-architecture",
710
+ "line": 152,
711
+ "byte_start": 7136,
712
+ "byte_end": 9755,
713
+ "bytes": 2619,
714
+ "h3_count": 4
715
+ },
716
+ {
717
+ "name": "Incident Response Playbook — AI C2",
718
+ "normalized_name": "incident-response-playbook-ai-c2",
719
+ "line": 211,
720
+ "byte_start": 9755,
721
+ "byte_end": 12116,
722
+ "bytes": 2361,
723
+ "h3_count": 6
724
+ },
725
+ {
726
+ "name": "Detection Rule Examples",
727
+ "normalized_name": "detection-rules",
728
+ "line": 264,
729
+ "byte_start": 12116,
730
+ "byte_end": 13316,
731
+ "bytes": 1200,
732
+ "h3_count": 2
733
+ },
734
+ {
735
+ "name": "TTP Mapping (MITRE ATLAS v5.1.0 + MITRE ATT&CK)",
736
+ "normalized_name": "ttp-mapping",
737
+ "line": 317,
738
+ "byte_start": 13316,
739
+ "byte_end": 16300,
740
+ "bytes": 2984,
741
+ "h3_count": 0
742
+ },
743
+ {
744
+ "name": "Exploit Availability Matrix",
745
+ "normalized_name": "exploit-availability-matrix",
746
+ "line": 329,
747
+ "byte_start": 16300,
748
+ "byte_end": 20253,
749
+ "bytes": 3953,
750
+ "h3_count": 1
751
+ },
752
+ {
753
+ "name": "Analysis Procedure",
754
+ "normalized_name": "analysis-procedure",
755
+ "line": 348,
756
+ "byte_start": 20253,
757
+ "byte_end": 24337,
758
+ "bytes": 4084,
759
+ "h3_count": 7
760
+ },
761
+ {
762
+ "name": "Compliance Theater Check",
763
+ "normalized_name": "compliance-theater-check",
764
+ "line": 393,
765
+ "byte_start": 24337,
766
+ "byte_end": 25727,
767
+ "bytes": 1390,
768
+ "h3_count": 0
769
+ },
770
+ {
771
+ "name": "Output Format",
772
+ "normalized_name": "output-format",
773
+ "line": 399,
774
+ "byte_start": 25727,
775
+ "byte_end": 26585,
776
+ "bytes": 858,
777
+ "h3_count": 5
778
+ },
779
+ {
780
+ "name": "Hand-Off / Related Skills",
781
+ "normalized_name": "hand-off",
782
+ "line": 430,
783
+ "byte_start": 26585,
784
+ "byte_end": 29528,
785
+ "bytes": 2943,
786
+ "h3_count": 0
787
+ }
788
+ ]
789
+ },
790
+ "policy-exception-gen": {
791
+ "path": "skills/policy-exception-gen/skill.md",
792
+ "total_bytes": 28403,
793
+ "total_lines": 438,
794
+ "frontmatter": {
795
+ "line_start": 1,
796
+ "line_end": 26,
797
+ "byte_start": 0,
798
+ "byte_end": 832
799
+ },
800
+ "sections": [
801
+ {
802
+ "name": "Threat Context (mid-2026)",
803
+ "normalized_name": "threat-context",
804
+ "line": 41,
805
+ "byte_start": 1417,
806
+ "byte_end": 3649,
807
+ "bytes": 2232,
808
+ "h3_count": 0
809
+ },
810
+ {
811
+ "name": "Framework Lag Declaration",
812
+ "normalized_name": "framework-lag-declaration",
813
+ "line": 56,
814
+ "byte_start": 3649,
815
+ "byte_end": 6206,
816
+ "bytes": 2557,
817
+ "h3_count": 0
818
+ },
819
+ {
820
+ "name": "TTP Mapping (MITRE ATLAS v5.1.0 and ATT&CK)",
821
+ "normalized_name": "ttp-mapping",
822
+ "line": 77,
823
+ "byte_start": 6206,
824
+ "byte_end": 8171,
825
+ "bytes": 1965,
826
+ "h3_count": 0
827
+ },
828
+ {
829
+ "name": "Exploit Availability Matrix",
830
+ "normalized_name": "exploit-availability-matrix",
831
+ "line": 92,
832
+ "byte_start": 8171,
833
+ "byte_end": 10095,
834
+ "bytes": 1924,
835
+ "h3_count": 0
836
+ },
837
+ {
838
+ "name": "Exception Template Library",
839
+ "normalized_name": "exception-template-library",
840
+ "line": 108,
841
+ "byte_start": 10095,
842
+ "byte_end": 23313,
843
+ "bytes": 13218,
844
+ "h3_count": 4
845
+ },
846
+ {
847
+ "name": "Analysis Procedure",
848
+ "normalized_name": "analysis-procedure",
849
+ "line": 358,
850
+ "byte_start": 23313,
851
+ "byte_end": 24858,
852
+ "bytes": 1545,
853
+ "h3_count": 6
854
+ },
855
+ {
856
+ "name": "Output Format",
857
+ "normalized_name": "output-format",
858
+ "line": 400,
859
+ "byte_start": 24858,
860
+ "byte_end": 25221,
861
+ "bytes": 363,
862
+ "h3_count": 0
863
+ },
864
+ {
865
+ "name": "Compliance Theater Check",
866
+ "normalized_name": "compliance-theater-check",
867
+ "line": 413,
868
+ "byte_start": 25221,
869
+ "byte_end": 28403,
870
+ "bytes": 3182,
871
+ "h3_count": 0
872
+ }
873
+ ]
874
+ },
875
+ "threat-model-currency": {
876
+ "path": "skills/threat-model-currency/skill.md",
877
+ "total_bytes": 24982,
878
+ "total_lines": 405,
879
+ "frontmatter": {
880
+ "line_start": 1,
881
+ "line_end": 26,
882
+ "byte_start": 0,
883
+ "byte_end": 807
884
+ },
885
+ "sections": [
886
+ {
887
+ "name": "Purpose",
888
+ "normalized_name": "purpose",
889
+ "line": 30,
890
+ "byte_start": 844,
891
+ "byte_end": 1389,
892
+ "bytes": 545,
893
+ "h3_count": 0
894
+ },
895
+ {
896
+ "name": "The 14 Threat Class Checklist",
897
+ "normalized_name": "the-14-threat-class-checklist",
898
+ "line": 38,
899
+ "byte_start": 1389,
900
+ "byte_end": 11535,
901
+ "bytes": 10146,
902
+ "h3_count": 14
903
+ },
904
+ {
905
+ "name": "Threat Context",
906
+ "normalized_name": "threat-context",
907
+ "line": 222,
908
+ "byte_start": 11535,
909
+ "byte_end": 13363,
910
+ "bytes": 1828,
911
+ "h3_count": 0
912
+ },
913
+ {
914
+ "name": "Framework Lag Declaration",
915
+ "normalized_name": "framework-lag-declaration",
916
+ "line": 236,
917
+ "byte_start": 13363,
918
+ "byte_end": 15951,
919
+ "bytes": 2588,
920
+ "h3_count": 0
921
+ },
922
+ {
923
+ "name": "TTP Mapping",
924
+ "normalized_name": "ttp-mapping",
925
+ "line": 258,
926
+ "byte_start": 15951,
927
+ "byte_end": 18848,
928
+ "bytes": 2897,
929
+ "h3_count": 0
930
+ },
931
+ {
932
+ "name": "Exploit Availability Matrix",
933
+ "normalized_name": "exploit-availability-matrix",
934
+ "line": 283,
935
+ "byte_start": 18848,
936
+ "byte_end": 20647,
937
+ "bytes": 1799,
938
+ "h3_count": 0
939
+ },
940
+ {
941
+ "name": "Compliance Theater Check",
942
+ "normalized_name": "compliance-theater-check",
943
+ "line": 301,
944
+ "byte_start": 20647,
945
+ "byte_end": 22215,
946
+ "bytes": 1568,
947
+ "h3_count": 0
948
+ },
949
+ {
950
+ "name": "Scoring",
951
+ "normalized_name": "scoring",
952
+ "line": 317,
953
+ "byte_start": 22215,
954
+ "byte_end": 22757,
955
+ "bytes": 542,
956
+ "h3_count": 0
957
+ },
958
+ {
959
+ "name": "Analysis Procedure",
960
+ "normalized_name": "analysis-procedure",
961
+ "line": 336,
962
+ "byte_start": 22757,
963
+ "byte_end": 23687,
964
+ "bytes": 930,
965
+ "h3_count": 4
966
+ },
967
+ {
968
+ "name": "Output Format",
969
+ "normalized_name": "output-format",
970
+ "line": 368,
971
+ "byte_start": 23687,
972
+ "byte_end": 24982,
973
+ "bytes": 1295,
974
+ "h3_count": 4
975
+ }
976
+ ]
977
+ },
978
+ "global-grc": {
979
+ "path": "skills/global-grc/skill.md",
980
+ "total_bytes": 39735,
981
+ "total_lines": 565,
982
+ "frontmatter": {
983
+ "line_start": 1,
984
+ "line_end": 27,
985
+ "byte_start": 0,
986
+ "byte_end": 591
987
+ },
988
+ "sections": [
989
+ {
990
+ "name": "Framework Registry (mid-2026 currency)",
991
+ "normalized_name": "framework-registry-mid-2026-currency",
992
+ "line": 35,
993
+ "byte_start": 935,
994
+ "byte_end": 18683,
995
+ "bytes": 17748,
996
+ "h3_count": 8
997
+ },
998
+ {
999
+ "name": "Universal Gaps (No Jurisdiction Covers These)",
1000
+ "normalized_name": "universal-gaps-no-jurisdiction-covers-these",
1001
+ "line": 347,
1002
+ "byte_start": 18683,
1003
+ "byte_end": 19787,
1004
+ "bytes": 1104,
1005
+ "h3_count": 0
1006
+ },
1007
+ {
1008
+ "name": "Notification Timeline Summary",
1009
+ "normalized_name": "notification-timeline-summary",
1010
+ "line": 365,
1011
+ "byte_start": 19787,
1012
+ "byte_end": 20711,
1013
+ "bytes": 924,
1014
+ "h3_count": 0
1015
+ },
1016
+ {
1017
+ "name": "Threat Context",
1018
+ "normalized_name": "threat-context",
1019
+ "line": 385,
1020
+ "byte_start": 20711,
1021
+ "byte_end": 23273,
1022
+ "bytes": 2562,
1023
+ "h3_count": 0
1024
+ },
1025
+ {
1026
+ "name": "Framework Lag Declaration",
1027
+ "normalized_name": "framework-lag-declaration",
1028
+ "line": 401,
1029
+ "byte_start": 23273,
1030
+ "byte_end": 31033,
1031
+ "bytes": 7760,
1032
+ "h3_count": 0
1033
+ },
1034
+ {
1035
+ "name": "TTP Mapping",
1036
+ "normalized_name": "ttp-mapping",
1037
+ "line": 444,
1038
+ "byte_start": 31033,
1039
+ "byte_end": 33023,
1040
+ "bytes": 1990,
1041
+ "h3_count": 0
1042
+ },
1043
+ {
1044
+ "name": "Exploit Availability Matrix",
1045
+ "normalized_name": "exploit-availability-matrix",
1046
+ "line": 466,
1047
+ "byte_start": 33023,
1048
+ "byte_end": 35922,
1049
+ "bytes": 2899,
1050
+ "h3_count": 0
1051
+ },
1052
+ {
1053
+ "name": "Compliance Theater Check",
1054
+ "normalized_name": "compliance-theater-check",
1055
+ "line": 494,
1056
+ "byte_start": 35922,
1057
+ "byte_end": 37885,
1058
+ "bytes": 1963,
1059
+ "h3_count": 0
1060
+ },
1061
+ {
1062
+ "name": "Analysis Procedure",
1063
+ "normalized_name": "analysis-procedure",
1064
+ "line": 508,
1065
+ "byte_start": 37885,
1066
+ "byte_end": 38921,
1067
+ "bytes": 1036,
1068
+ "h3_count": 4
1069
+ },
1070
+ {
1071
+ "name": "Output Format",
1072
+ "normalized_name": "output-format",
1073
+ "line": 537,
1074
+ "byte_start": 38921,
1075
+ "byte_end": 39735,
1076
+ "bytes": 814,
1077
+ "h3_count": 6
1078
+ }
1079
+ ]
1080
+ },
1081
+ "zeroday-gap-learn": {
1082
+ "path": "skills/zeroday-gap-learn/skill.md",
1083
+ "total_bytes": 22177,
1084
+ "total_lines": 351,
1085
+ "frontmatter": {
1086
+ "line_start": 1,
1087
+ "line_end": 27,
1088
+ "byte_start": 0,
1089
+ "byte_end": 750
1090
+ },
1091
+ "sections": [
1092
+ {
1093
+ "name": "Threat Context (mid-2026)",
1094
+ "normalized_name": "threat-context",
1095
+ "line": 37,
1096
+ "byte_start": 1266,
1097
+ "byte_end": 2939,
1098
+ "bytes": 1673,
1099
+ "h3_count": 0
1100
+ },
1101
+ {
1102
+ "name": "Framework Lag Declaration",
1103
+ "normalized_name": "framework-lag-declaration",
1104
+ "line": 50,
1105
+ "byte_start": 2939,
1106
+ "byte_end": 5484,
1107
+ "bytes": 2545,
1108
+ "h3_count": 0
1109
+ },
1110
+ {
1111
+ "name": "TTP Mapping",
1112
+ "normalized_name": "ttp-mapping",
1113
+ "line": 68,
1114
+ "byte_start": 5484,
1115
+ "byte_end": 6679,
1116
+ "bytes": 1195,
1117
+ "h3_count": 0
1118
+ },
1119
+ {
1120
+ "name": "Exploit Availability Matrix",
1121
+ "normalized_name": "exploit-availability-matrix",
1122
+ "line": 83,
1123
+ "byte_start": 6679,
1124
+ "byte_end": 8268,
1125
+ "bytes": 1589,
1126
+ "h3_count": 0
1127
+ },
1128
+ {
1129
+ "name": "The Learning Loop",
1130
+ "normalized_name": "the-learning-loop",
1131
+ "line": 99,
1132
+ "byte_start": 8268,
1133
+ "byte_end": 9685,
1134
+ "bytes": 1417,
1135
+ "h3_count": 0
1136
+ },
1137
+ {
1138
+ "name": "Pre-Run Lessons (Encoded from Documented Zero-Days)",
1139
+ "normalized_name": "pre-run-lessons-encoded-from-documented-zero-days",
1140
+ "line": 137,
1141
+ "byte_start": 9685,
1142
+ "byte_end": 17358,
1143
+ "bytes": 7673,
1144
+ "h3_count": 5
1145
+ },
1146
+ {
1147
+ "name": "Analysis Procedure for New Zero-Days",
1148
+ "normalized_name": "analysis-procedure",
1149
+ "line": 245,
1150
+ "byte_start": 17358,
1151
+ "byte_end": 19480,
1152
+ "bytes": 2122,
1153
+ "h3_count": 6
1154
+ },
1155
+ {
1156
+ "name": "Output Format",
1157
+ "normalized_name": "output-format",
1158
+ "line": 305,
1159
+ "byte_start": 19480,
1160
+ "byte_end": 20339,
1161
+ "bytes": 859,
1162
+ "h3_count": 7
1163
+ },
1164
+ {
1165
+ "name": "Compliance Theater Check",
1166
+ "normalized_name": "compliance-theater-check",
1167
+ "line": 342,
1168
+ "byte_start": 20339,
1169
+ "byte_end": 22177,
1170
+ "bytes": 1838,
1171
+ "h3_count": 0
1172
+ }
1173
+ ]
1174
+ },
1175
+ "pqc-first": {
1176
+ "path": "skills/pqc-first/skill.md",
1177
+ "total_bytes": 33339,
1178
+ "total_lines": 547,
1179
+ "frontmatter": {
1180
+ "line_start": 1,
1181
+ "line_end": 55,
1182
+ "byte_start": 0,
1183
+ "byte_end": 1485
1184
+ },
1185
+ "sections": [
1186
+ {
1187
+ "name": "Threat Context (mid-2026)",
1188
+ "normalized_name": "threat-context",
1189
+ "line": 59,
1190
+ "byte_start": 1509,
1191
+ "byte_end": 4137,
1192
+ "bytes": 2628,
1193
+ "h3_count": 0
1194
+ },
1195
+ {
1196
+ "name": "Framework Lag Declaration",
1197
+ "normalized_name": "framework-lag-declaration",
1198
+ "line": 87,
1199
+ "byte_start": 4137,
1200
+ "byte_end": 12066,
1201
+ "bytes": 7929,
1202
+ "h3_count": 2
1203
+ },
1204
+ {
1205
+ "name": "TTP Mapping",
1206
+ "normalized_name": "ttp-mapping",
1207
+ "line": 132,
1208
+ "byte_start": 12066,
1209
+ "byte_end": 14168,
1210
+ "bytes": 2102,
1211
+ "h3_count": 0
1212
+ },
1213
+ {
1214
+ "name": "Exploit Availability Matrix",
1215
+ "normalized_name": "exploit-availability-matrix",
1216
+ "line": 149,
1217
+ "byte_start": 14168,
1218
+ "byte_end": 16640,
1219
+ "bytes": 2472,
1220
+ "h3_count": 0
1221
+ },
1222
+ {
1223
+ "name": "Core Principle",
1224
+ "normalized_name": "core-principle",
1225
+ "line": 165,
1226
+ "byte_start": 16640,
1227
+ "byte_end": 17367,
1228
+ "bytes": 727,
1229
+ "h3_count": 0
1230
+ },
1231
+ {
1232
+ "name": "Version Gates — Non-Negotiable Minimums",
1233
+ "normalized_name": "version-gates-non-negotiable-minimums",
1234
+ "line": 177,
1235
+ "byte_start": 17367,
1236
+ "byte_end": 19801,
1237
+ "bytes": 2434,
1238
+ "h3_count": 7
1239
+ },
1240
+ {
1241
+ "name": "Algorithm Registry",
1242
+ "normalized_name": "algorithm-registry",
1243
+ "line": 254,
1244
+ "byte_start": 19801,
1245
+ "byte_end": 23370,
1246
+ "bytes": 3569,
1247
+ "h3_count": 4
1248
+ },
1249
+ {
1250
+ "name": "Hybrid Construction Requirements",
1251
+ "normalized_name": "hybrid-construction-requirements",
1252
+ "line": 327,
1253
+ "byte_start": 23370,
1254
+ "byte_end": 24642,
1255
+ "bytes": 1272,
1256
+ "h3_count": 3
1257
+ },
1258
+ {
1259
+ "name": "Harvest-Now-Decrypt-Later (HNDL) Threat Assessment",
1260
+ "normalized_name": "harvest-now-decrypt-later-hndl-threat-assessment",
1261
+ "line": 370,
1262
+ "byte_start": 24642,
1263
+ "byte_end": 26273,
1264
+ "bytes": 1631,
1265
+ "h3_count": 2
1266
+ },
1267
+ {
1268
+ "name": "Loopback Learning — Standards Evolution Tracking",
1269
+ "normalized_name": "loopback-learning-standards-evolution-tracking",
1270
+ "line": 403,
1271
+ "byte_start": 26273,
1272
+ "byte_end": 28818,
1273
+ "bytes": 2545,
1274
+ "h3_count": 2
1275
+ },
1276
+ {
1277
+ "name": "Framework Coverage",
1278
+ "normalized_name": "framework-coverage",
1279
+ "line": 448,
1280
+ "byte_start": 28818,
1281
+ "byte_end": 30416,
1282
+ "bytes": 1598,
1283
+ "h3_count": 1
1284
+ },
1285
+ {
1286
+ "name": "Analysis Procedure",
1287
+ "normalized_name": "analysis-procedure",
1288
+ "line": 469,
1289
+ "byte_start": 30416,
1290
+ "byte_end": 31915,
1291
+ "bytes": 1499,
1292
+ "h3_count": 5
1293
+ },
1294
+ {
1295
+ "name": "Output Format",
1296
+ "normalized_name": "output-format",
1297
+ "line": 513,
1298
+ "byte_start": 31915,
1299
+ "byte_end": 32679,
1300
+ "bytes": 764,
1301
+ "h3_count": 6
1302
+ },
1303
+ {
1304
+ "name": "Compliance Theater Check",
1305
+ "normalized_name": "compliance-theater-check",
1306
+ "line": 544,
1307
+ "byte_start": 32679,
1308
+ "byte_end": 33339,
1309
+ "bytes": 660,
1310
+ "h3_count": 0
1311
+ }
1312
+ ]
1313
+ },
1314
+ "skill-update-loop": {
1315
+ "path": "skills/skill-update-loop/skill.md",
1316
+ "total_bytes": 39993,
1317
+ "total_lines": 464,
1318
+ "frontmatter": {
1319
+ "line_start": 1,
1320
+ "line_end": 36,
1321
+ "byte_start": 0,
1322
+ "byte_end": 1305
1323
+ },
1324
+ "sections": [
1325
+ {
1326
+ "name": "Why Skills Decay",
1327
+ "normalized_name": "why-skills-decay",
1328
+ "line": 44,
1329
+ "byte_start": 1514,
1330
+ "byte_end": 2401,
1331
+ "bytes": 887,
1332
+ "h3_count": 0
1333
+ },
1334
+ {
1335
+ "name": "Update Triggers and Assigned Skills",
1336
+ "normalized_name": "update-triggers-and-assigned-skills",
1337
+ "line": 61,
1338
+ "byte_start": 2401,
1339
+ "byte_end": 29845,
1340
+ "bytes": 27444,
1341
+ "h3_count": 12
1342
+ },
1343
+ {
1344
+ "name": "Skill Currency Scores",
1345
+ "normalized_name": "skill-currency-scores",
1346
+ "line": 310,
1347
+ "byte_start": 29845,
1348
+ "byte_end": 30435,
1349
+ "bytes": 590,
1350
+ "h3_count": 0
1351
+ },
1352
+ {
1353
+ "name": "Running the Update Loop",
1354
+ "normalized_name": "running-the-update-loop",
1355
+ "line": 331,
1356
+ "byte_start": 30435,
1357
+ "byte_end": 31387,
1358
+ "bytes": 952,
1359
+ "h3_count": 3
1360
+ },
1361
+ {
1362
+ "name": "Analysis Procedure",
1363
+ "normalized_name": "analysis-procedure",
1364
+ "line": 360,
1365
+ "byte_start": 31387,
1366
+ "byte_end": 32279,
1367
+ "bytes": 892,
1368
+ "h3_count": 4
1369
+ },
1370
+ {
1371
+ "name": "Output Format",
1372
+ "normalized_name": "output-format",
1373
+ "line": 392,
1374
+ "byte_start": 32279,
1375
+ "byte_end": 32801,
1376
+ "bytes": 522,
1377
+ "h3_count": 4
1378
+ },
1379
+ {
1380
+ "name": "Framework Lag Declaration",
1381
+ "normalized_name": "framework-lag-declaration",
1382
+ "line": 417,
1383
+ "byte_start": 32801,
1384
+ "byte_end": 35604,
1385
+ "bytes": 2803,
1386
+ "h3_count": 0
1387
+ },
1388
+ {
1389
+ "name": "Exploit Availability Matrix",
1390
+ "normalized_name": "exploit-availability-matrix",
1391
+ "line": 436,
1392
+ "byte_start": 35604,
1393
+ "byte_end": 38322,
1394
+ "bytes": 2718,
1395
+ "h3_count": 0
1396
+ },
1397
+ {
1398
+ "name": "Compliance Theater Check",
1399
+ "normalized_name": "compliance-theater-check",
1400
+ "line": 457,
1401
+ "byte_start": 38322,
1402
+ "byte_end": 39993,
1403
+ "bytes": 1671,
1404
+ "h3_count": 0
1405
+ }
1406
+ ]
1407
+ },
1408
+ "security-maturity-tiers": {
1409
+ "path": "skills/security-maturity-tiers/skill.md",
1410
+ "total_bytes": 26953,
1411
+ "total_lines": 465,
1412
+ "frontmatter": {
1413
+ "line_start": 1,
1414
+ "line_end": 31,
1415
+ "byte_start": 0,
1416
+ "byte_end": 960
1417
+ },
1418
+ "sections": [
1419
+ {
1420
+ "name": "How to Use This Skill",
1421
+ "normalized_name": "how-to-use-this-skill",
1422
+ "line": 41,
1423
+ "byte_start": 1305,
1424
+ "byte_end": 1716,
1425
+ "bytes": 411,
1426
+ "h3_count": 0
1427
+ },
1428
+ {
1429
+ "name": "Tier Framework",
1430
+ "normalized_name": "tier-framework",
1431
+ "line": 52,
1432
+ "byte_start": 1716,
1433
+ "byte_end": 2230,
1434
+ "bytes": 514,
1435
+ "h3_count": 0
1436
+ },
1437
+ {
1438
+ "name": "Domain: Kernel LPE (Copy Fail / Dirty Frag Class)",
1439
+ "normalized_name": "domain-kernel-lpe-copy-fail-dirty-frag-class",
1440
+ "line": 62,
1441
+ "byte_start": 2230,
1442
+ "byte_end": 6298,
1443
+ "bytes": 4068,
1444
+ "h3_count": 3
1445
+ },
1446
+ {
1447
+ "name": "Domain: AI Attack Surface",
1448
+ "normalized_name": "domain-ai-attack-surface",
1449
+ "line": 172,
1450
+ "byte_start": 6298,
1451
+ "byte_end": 9004,
1452
+ "bytes": 2706,
1453
+ "h3_count": 3
1454
+ },
1455
+ {
1456
+ "name": "Domain: Cryptography / PQC",
1457
+ "normalized_name": "domain-cryptography-pqc",
1458
+ "line": 224,
1459
+ "byte_start": 9004,
1460
+ "byte_end": 11048,
1461
+ "bytes": 2044,
1462
+ "h3_count": 3
1463
+ },
1464
+ {
1465
+ "name": "Domain: GRC / Compliance",
1466
+ "normalized_name": "domain-grc-compliance",
1467
+ "line": 263,
1468
+ "byte_start": 11048,
1469
+ "byte_end": 13008,
1470
+ "bytes": 1960,
1471
+ "h3_count": 3
1472
+ },
1473
+ {
1474
+ "name": "Analysis Procedure",
1475
+ "normalized_name": "analysis-procedure",
1476
+ "line": 297,
1477
+ "byte_start": 13008,
1478
+ "byte_end": 14659,
1479
+ "bytes": 1651,
1480
+ "h3_count": 4
1481
+ },
1482
+ {
1483
+ "name": "Output Format",
1484
+ "normalized_name": "output-format",
1485
+ "line": 340,
1486
+ "byte_start": 14659,
1487
+ "byte_end": 15652,
1488
+ "bytes": 993,
1489
+ "h3_count": 3
1490
+ },
1491
+ {
1492
+ "name": "The Anti-Pattern: Tier 3 Security Theater",
1493
+ "normalized_name": "the-anti-pattern-tier-3-security-theater",
1494
+ "line": 376,
1495
+ "byte_start": 15652,
1496
+ "byte_end": 16296,
1497
+ "bytes": 644,
1498
+ "h3_count": 0
1499
+ },
1500
+ {
1501
+ "name": "Threat Context",
1502
+ "normalized_name": "threat-context",
1503
+ "line": 392,
1504
+ "byte_start": 16296,
1505
+ "byte_end": 18291,
1506
+ "bytes": 1995,
1507
+ "h3_count": 0
1508
+ },
1509
+ {
1510
+ "name": "Framework Lag Declaration",
1511
+ "normalized_name": "framework-lag-declaration",
1512
+ "line": 404,
1513
+ "byte_start": 18291,
1514
+ "byte_end": 22202,
1515
+ "bytes": 3911,
1516
+ "h3_count": 0
1517
+ },
1518
+ {
1519
+ "name": "TTP Mapping",
1520
+ "normalized_name": "ttp-mapping",
1521
+ "line": 428,
1522
+ "byte_start": 22202,
1523
+ "byte_end": 24575,
1524
+ "bytes": 2373,
1525
+ "h3_count": 0
1526
+ },
1527
+ {
1528
+ "name": "Exploit Availability Matrix",
1529
+ "normalized_name": "exploit-availability-matrix",
1530
+ "line": 450,
1531
+ "byte_start": 24575,
1532
+ "byte_end": 26953,
1533
+ "bytes": 2378,
1534
+ "h3_count": 0
1535
+ }
1536
+ ]
1537
+ },
1538
+ "researcher": {
1539
+ "path": "skills/researcher/skill.md",
1540
+ "total_bytes": 28472,
1541
+ "total_lines": 311,
1542
+ "frontmatter": {
1543
+ "line_start": 1,
1544
+ "line_end": 27,
1545
+ "byte_start": 0,
1546
+ "byte_end": 696
1547
+ },
1548
+ "sections": [
1549
+ {
1550
+ "name": "Threat Context (mid-2026)",
1551
+ "normalized_name": "threat-context",
1552
+ "line": 35,
1553
+ "byte_start": 1324,
1554
+ "byte_end": 4269,
1555
+ "bytes": 2945,
1556
+ "h3_count": 0
1557
+ },
1558
+ {
1559
+ "name": "Framework Lag Declaration",
1560
+ "normalized_name": "framework-lag-declaration",
1561
+ "line": 54,
1562
+ "byte_start": 4269,
1563
+ "byte_end": 6682,
1564
+ "bytes": 2413,
1565
+ "h3_count": 0
1566
+ },
1567
+ {
1568
+ "name": "TTP Mapping",
1569
+ "normalized_name": "ttp-mapping",
1570
+ "line": 74,
1571
+ "byte_start": 6682,
1572
+ "byte_end": 8259,
1573
+ "bytes": 1577,
1574
+ "h3_count": 0
1575
+ },
1576
+ {
1577
+ "name": "Exploit Availability Matrix",
1578
+ "normalized_name": "exploit-availability-matrix",
1579
+ "line": 98,
1580
+ "byte_start": 8259,
1581
+ "byte_end": 9771,
1582
+ "bytes": 1512,
1583
+ "h3_count": 0
1584
+ },
1585
+ {
1586
+ "name": "Analysis Procedure",
1587
+ "normalized_name": "analysis-procedure",
1588
+ "line": 119,
1589
+ "byte_start": 9771,
1590
+ "byte_end": 23770,
1591
+ "bytes": 13999,
1592
+ "h3_count": 8
1593
+ },
1594
+ {
1595
+ "name": "Output Format",
1596
+ "normalized_name": "output-format",
1597
+ "line": 243,
1598
+ "byte_start": 23770,
1599
+ "byte_end": 26359,
1600
+ "bytes": 2589,
1601
+ "h3_count": 0
1602
+ },
1603
+ {
1604
+ "name": "Compliance Theater Check",
1605
+ "normalized_name": "compliance-theater-check",
1606
+ "line": 300,
1607
+ "byte_start": 26359,
1608
+ "byte_end": 28472,
1609
+ "bytes": 2113,
1610
+ "h3_count": 0
1611
+ }
1612
+ ]
1613
+ },
1614
+ "attack-surface-pentest": {
1615
+ "path": "skills/attack-surface-pentest/skill.md",
1616
+ "total_bytes": 32038,
1617
+ "total_lines": 382,
1618
+ "frontmatter": {
1619
+ "line_start": 1,
1620
+ "line_end": 60,
1621
+ "byte_start": 0,
1622
+ "byte_end": 1314
1623
+ },
1624
+ "sections": [
1625
+ {
1626
+ "name": "Threat Context (mid-2026)",
1627
+ "normalized_name": "threat-context",
1628
+ "line": 64,
1629
+ "byte_start": 1366,
1630
+ "byte_end": 5813,
1631
+ "bytes": 4447,
1632
+ "h3_count": 8
1633
+ },
1634
+ {
1635
+ "name": "Framework Lag Declaration",
1636
+ "normalized_name": "framework-lag-declaration",
1637
+ "line": 102,
1638
+ "byte_start": 5813,
1639
+ "byte_end": 10374,
1640
+ "bytes": 4561,
1641
+ "h3_count": 0
1642
+ },
1643
+ {
1644
+ "name": "TTP Mapping (MITRE ATLAS v5.1.0 + MITRE ATT&CK v17)",
1645
+ "normalized_name": "ttp-mapping",
1646
+ "line": 120,
1647
+ "byte_start": 10374,
1648
+ "byte_end": 12591,
1649
+ "bytes": 2217,
1650
+ "h3_count": 0
1651
+ },
1652
+ {
1653
+ "name": "Exploit Availability Matrix",
1654
+ "normalized_name": "exploit-availability-matrix",
1655
+ "line": 139,
1656
+ "byte_start": 12591,
1657
+ "byte_end": 15059,
1658
+ "bytes": 2468,
1659
+ "h3_count": 0
1660
+ },
1661
+ {
1662
+ "name": "Analysis Procedure",
1663
+ "normalized_name": "analysis-procedure",
1664
+ "line": 156,
1665
+ "byte_start": 15059,
1666
+ "byte_end": 24762,
1667
+ "bytes": 9703,
1668
+ "h3_count": 4
1669
+ },
1670
+ {
1671
+ "name": "Output Format",
1672
+ "normalized_name": "output-format",
1673
+ "line": 277,
1674
+ "byte_start": 24762,
1675
+ "byte_end": 28111,
1676
+ "bytes": 3349,
1677
+ "h3_count": 9
1678
+ },
1679
+ {
1680
+ "name": "Compliance Theater Check",
1681
+ "normalized_name": "compliance-theater-check",
1682
+ "line": 357,
1683
+ "byte_start": 28111,
1684
+ "byte_end": 30427,
1685
+ "bytes": 2316,
1686
+ "h3_count": 0
1687
+ },
1688
+ {
1689
+ "name": "Defensive Countermeasure Mapping (D3FEND)",
1690
+ "normalized_name": "defensive-countermeasure-mapping",
1691
+ "line": 371,
1692
+ "byte_start": 30427,
1693
+ "byte_end": 32038,
1694
+ "bytes": 1611,
1695
+ "h3_count": 0
1696
+ }
1697
+ ]
1698
+ },
1699
+ "fuzz-testing-strategy": {
1700
+ "path": "skills/fuzz-testing-strategy/skill.md",
1701
+ "total_bytes": 30550,
1702
+ "total_lines": 314,
1703
+ "frontmatter": {
1704
+ "line_start": 1,
1705
+ "line_end": 49,
1706
+ "byte_start": 0,
1707
+ "byte_end": 1258
1708
+ },
1709
+ "sections": [
1710
+ {
1711
+ "name": "Threat Context (mid-2026)",
1712
+ "normalized_name": "threat-context",
1713
+ "line": 57,
1714
+ "byte_start": 1516,
1715
+ "byte_end": 4421,
1716
+ "bytes": 2905,
1717
+ "h3_count": 0
1718
+ },
1719
+ {
1720
+ "name": "Framework Lag Declaration",
1721
+ "normalized_name": "framework-lag-declaration",
1722
+ "line": 70,
1723
+ "byte_start": 4421,
1724
+ "byte_end": 9741,
1725
+ "bytes": 5320,
1726
+ "h3_count": 0
1727
+ },
1728
+ {
1729
+ "name": "TTP Mapping (MITRE ATLAS v5.1.0 + MITRE ATT&CK Enterprise)",
1730
+ "normalized_name": "ttp-mapping",
1731
+ "line": 90,
1732
+ "byte_start": 9741,
1733
+ "byte_end": 11805,
1734
+ "bytes": 2064,
1735
+ "h3_count": 0
1736
+ },
1737
+ {
1738
+ "name": "Exploit Availability Matrix (Fuzz Tool Landscape)",
1739
+ "normalized_name": "exploit-availability-matrix",
1740
+ "line": 106,
1741
+ "byte_start": 11805,
1742
+ "byte_end": 14510,
1743
+ "bytes": 2705,
1744
+ "h3_count": 0
1745
+ },
1746
+ {
1747
+ "name": "Analysis Procedure",
1748
+ "normalized_name": "analysis-procedure",
1749
+ "line": 127,
1750
+ "byte_start": 14510,
1751
+ "byte_end": 21668,
1752
+ "bytes": 7158,
1753
+ "h3_count": 2
1754
+ },
1755
+ {
1756
+ "name": "Output Format",
1757
+ "normalized_name": "output-format",
1758
+ "line": 218,
1759
+ "byte_start": 21668,
1760
+ "byte_end": 24845,
1761
+ "bytes": 3177,
1762
+ "h3_count": 10
1763
+ },
1764
+ {
1765
+ "name": "Compliance Theater Check",
1766
+ "normalized_name": "compliance-theater-check",
1767
+ "line": 281,
1768
+ "byte_start": 24845,
1769
+ "byte_end": 27782,
1770
+ "bytes": 2937,
1771
+ "h3_count": 0
1772
+ },
1773
+ {
1774
+ "name": "Defensive Countermeasure Mapping",
1775
+ "normalized_name": "defensive-countermeasure-mapping",
1776
+ "line": 301,
1777
+ "byte_start": 27782,
1778
+ "byte_end": 30550,
1779
+ "bytes": 2768,
1780
+ "h3_count": 0
1781
+ }
1782
+ ]
1783
+ },
1784
+ "dlp-gap-analysis": {
1785
+ "path": "skills/dlp-gap-analysis/skill.md",
1786
+ "total_bytes": 40215,
1787
+ "total_lines": 338,
1788
+ "frontmatter": {
1789
+ "line_start": 1,
1790
+ "line_end": 63,
1791
+ "byte_start": 0,
1792
+ "byte_end": 1967
1793
+ },
1794
+ "sections": [
1795
+ {
1796
+ "name": "Threat Context (mid-2026)",
1797
+ "normalized_name": "threat-context",
1798
+ "line": 67,
1799
+ "byte_start": 1988,
1800
+ "byte_end": 4348,
1801
+ "bytes": 2360,
1802
+ "h3_count": 0
1803
+ },
1804
+ {
1805
+ "name": "Framework Lag Declaration",
1806
+ "normalized_name": "framework-lag-declaration",
1807
+ "line": 77,
1808
+ "byte_start": 4348,
1809
+ "byte_end": 14921,
1810
+ "bytes": 10573,
1811
+ "h3_count": 1
1812
+ },
1813
+ {
1814
+ "name": "TTP Mapping (MITRE ATLAS v5.1.0 + MITRE ATT&CK)",
1815
+ "normalized_name": "ttp-mapping",
1816
+ "line": 125,
1817
+ "byte_start": 14921,
1818
+ "byte_end": 18459,
1819
+ "bytes": 3538,
1820
+ "h3_count": 0
1821
+ },
1822
+ {
1823
+ "name": "Exploit Availability Matrix",
1824
+ "normalized_name": "exploit-availability-matrix",
1825
+ "line": 139,
1826
+ "byte_start": 18459,
1827
+ "byte_end": 22798,
1828
+ "bytes": 4339,
1829
+ "h3_count": 0
1830
+ },
1831
+ {
1832
+ "name": "Analysis Procedure",
1833
+ "normalized_name": "analysis-procedure",
1834
+ "line": 156,
1835
+ "byte_start": 22798,
1836
+ "byte_end": 31271,
1837
+ "bytes": 8473,
1838
+ "h3_count": 4
1839
+ },
1840
+ {
1841
+ "name": "Output Format",
1842
+ "normalized_name": "output-format",
1843
+ "line": 238,
1844
+ "byte_start": 31271,
1845
+ "byte_end": 33658,
1846
+ "bytes": 2387,
1847
+ "h3_count": 9
1848
+ },
1849
+ {
1850
+ "name": "Compliance Theater Check",
1851
+ "normalized_name": "compliance-theater-check",
1852
+ "line": 293,
1853
+ "byte_start": 33658,
1854
+ "byte_end": 36260,
1855
+ "bytes": 2602,
1856
+ "h3_count": 0
1857
+ },
1858
+ {
1859
+ "name": "Defensive Countermeasure Mapping",
1860
+ "normalized_name": "defensive-countermeasure-mapping",
1861
+ "line": 311,
1862
+ "byte_start": 36260,
1863
+ "byte_end": 40215,
1864
+ "bytes": 3955,
1865
+ "h3_count": 0
1866
+ }
1867
+ ]
1868
+ },
1869
+ "supply-chain-integrity": {
1870
+ "path": "skills/supply-chain-integrity/skill.md",
1871
+ "total_bytes": 37908,
1872
+ "total_lines": 319,
1873
+ "frontmatter": {
1874
+ "line_start": 1,
1875
+ "line_end": 65,
1876
+ "byte_start": 0,
1877
+ "byte_end": 1782
1878
+ },
1879
+ "sections": [
1880
+ {
1881
+ "name": "Threat Context (mid-2026)",
1882
+ "normalized_name": "threat-context",
1883
+ "line": 69,
1884
+ "byte_start": 1820,
1885
+ "byte_end": 5452,
1886
+ "bytes": 3632,
1887
+ "h3_count": 0
1888
+ },
1889
+ {
1890
+ "name": "Framework Lag Declaration",
1891
+ "normalized_name": "framework-lag-declaration",
1892
+ "line": 87,
1893
+ "byte_start": 5452,
1894
+ "byte_end": 15935,
1895
+ "bytes": 10483,
1896
+ "h3_count": 1
1897
+ },
1898
+ {
1899
+ "name": "TTP Mapping",
1900
+ "normalized_name": "ttp-mapping",
1901
+ "line": 132,
1902
+ "byte_start": 15935,
1903
+ "byte_end": 19063,
1904
+ "bytes": 3128,
1905
+ "h3_count": 0
1906
+ },
1907
+ {
1908
+ "name": "Exploit Availability Matrix",
1909
+ "normalized_name": "exploit-availability-matrix",
1910
+ "line": 155,
1911
+ "byte_start": 19063,
1912
+ "byte_end": 23644,
1913
+ "bytes": 4581,
1914
+ "h3_count": 0
1915
+ },
1916
+ {
1917
+ "name": "Analysis Procedure",
1918
+ "normalized_name": "analysis-procedure",
1919
+ "line": 172,
1920
+ "byte_start": 23644,
1921
+ "byte_end": 31101,
1922
+ "bytes": 7457,
1923
+ "h3_count": 4
1924
+ },
1925
+ {
1926
+ "name": "Output Format",
1927
+ "normalized_name": "output-format",
1928
+ "line": 246,
1929
+ "byte_start": 31101,
1930
+ "byte_end": 33203,
1931
+ "bytes": 2102,
1932
+ "h3_count": 9
1933
+ },
1934
+ {
1935
+ "name": "Compliance Theater Check",
1936
+ "normalized_name": "compliance-theater-check",
1937
+ "line": 286,
1938
+ "byte_start": 33203,
1939
+ "byte_end": 35491,
1940
+ "bytes": 2288,
1941
+ "h3_count": 0
1942
+ },
1943
+ {
1944
+ "name": "Defensive Countermeasure Mapping",
1945
+ "normalized_name": "defensive-countermeasure-mapping",
1946
+ "line": 302,
1947
+ "byte_start": 35491,
1948
+ "byte_end": 37908,
1949
+ "bytes": 2417,
1950
+ "h3_count": 0
1951
+ }
1952
+ ]
1953
+ },
1954
+ "defensive-countermeasure-mapping": {
1955
+ "path": "skills/defensive-countermeasure-mapping/skill.md",
1956
+ "total_bytes": 32578,
1957
+ "total_lines": 301,
1958
+ "frontmatter": {
1959
+ "line_start": 1,
1960
+ "line_end": 51,
1961
+ "byte_start": 0,
1962
+ "byte_end": 949
1963
+ },
1964
+ "sections": [
1965
+ {
1966
+ "name": "Threat Context (mid-2026)",
1967
+ "normalized_name": "threat-context",
1968
+ "line": 59,
1969
+ "byte_start": 1846,
1970
+ "byte_end": 5385,
1971
+ "bytes": 3539,
1972
+ "h3_count": 0
1973
+ },
1974
+ {
1975
+ "name": "Framework Lag Declaration",
1976
+ "normalized_name": "framework-lag-declaration",
1977
+ "line": 79,
1978
+ "byte_start": 5385,
1979
+ "byte_end": 9805,
1980
+ "bytes": 4420,
1981
+ "h3_count": 0
1982
+ },
1983
+ {
1984
+ "name": "TTP Mapping",
1985
+ "normalized_name": "ttp-mapping",
1986
+ "line": 106,
1987
+ "byte_start": 9805,
1988
+ "byte_end": 11762,
1989
+ "bytes": 1957,
1990
+ "h3_count": 0
1991
+ },
1992
+ {
1993
+ "name": "Exploit Availability Matrix",
1994
+ "normalized_name": "exploit-availability-matrix",
1995
+ "line": 125,
1996
+ "byte_start": 11762,
1997
+ "byte_end": 14813,
1998
+ "bytes": 3051,
1999
+ "h3_count": 0
2000
+ },
2001
+ {
2002
+ "name": "Analysis Procedure",
2003
+ "normalized_name": "analysis-procedure",
2004
+ "line": 146,
2005
+ "byte_start": 14813,
2006
+ "byte_end": 21889,
2007
+ "bytes": 7076,
2008
+ "h3_count": 4
2009
+ },
2010
+ {
2011
+ "name": "Output Format",
2012
+ "normalized_name": "output-format",
2013
+ "line": 201,
2014
+ "byte_start": 21889,
2015
+ "byte_end": 26477,
2016
+ "bytes": 4588,
2017
+ "h3_count": 0
2018
+ },
2019
+ {
2020
+ "name": "Compliance Theater Check",
2021
+ "normalized_name": "compliance-theater-check",
2022
+ "line": 266,
2023
+ "byte_start": 26477,
2024
+ "byte_end": 29257,
2025
+ "bytes": 2780,
2026
+ "h3_count": 0
2027
+ },
2028
+ {
2029
+ "name": "Defensive Countermeasure Mapping",
2030
+ "normalized_name": "defensive-countermeasure-mapping",
2031
+ "line": 284,
2032
+ "byte_start": 29257,
2033
+ "byte_end": 32578,
2034
+ "bytes": 3321,
2035
+ "h3_count": 0
2036
+ }
2037
+ ]
2038
+ },
2039
+ "identity-assurance": {
2040
+ "path": "skills/identity-assurance/skill.md",
2041
+ "total_bytes": 32767,
2042
+ "total_lines": 273,
2043
+ "frontmatter": {
2044
+ "line_start": 1,
2045
+ "line_end": 57,
2046
+ "byte_start": 0,
2047
+ "byte_end": 1052
2048
+ },
2049
+ "sections": [
2050
+ {
2051
+ "name": "Threat Context (mid-2026)",
2052
+ "normalized_name": "threat-context",
2053
+ "line": 61,
2054
+ "byte_start": 1086,
2055
+ "byte_end": 3732,
2056
+ "bytes": 2646,
2057
+ "h3_count": 0
2058
+ },
2059
+ {
2060
+ "name": "Framework Lag Declaration",
2061
+ "normalized_name": "framework-lag-declaration",
2062
+ "line": 75,
2063
+ "byte_start": 3732,
2064
+ "byte_end": 11005,
2065
+ "bytes": 7273,
2066
+ "h3_count": 0
2067
+ },
2068
+ {
2069
+ "name": "TTP Mapping",
2070
+ "normalized_name": "ttp-mapping",
2071
+ "line": 106,
2072
+ "byte_start": 11005,
2073
+ "byte_end": 12887,
2074
+ "bytes": 1882,
2075
+ "h3_count": 0
2076
+ },
2077
+ {
2078
+ "name": "Exploit Availability Matrix",
2079
+ "normalized_name": "exploit-availability-matrix",
2080
+ "line": 117,
2081
+ "byte_start": 12887,
2082
+ "byte_end": 15777,
2083
+ "bytes": 2890,
2084
+ "h3_count": 0
2085
+ },
2086
+ {
2087
+ "name": "Analysis Procedure",
2088
+ "normalized_name": "analysis-procedure",
2089
+ "line": 133,
2090
+ "byte_start": 15777,
2091
+ "byte_end": 21605,
2092
+ "bytes": 5828,
2093
+ "h3_count": 4
2094
+ },
2095
+ {
2096
+ "name": "Output Format",
2097
+ "normalized_name": "output-format",
2098
+ "line": 189,
2099
+ "byte_start": 21605,
2100
+ "byte_end": 24298,
2101
+ "bytes": 2693,
2102
+ "h3_count": 9
2103
+ },
2104
+ {
2105
+ "name": "Compliance Theater Check",
2106
+ "normalized_name": "compliance-theater-check",
2107
+ "line": 235,
2108
+ "byte_start": 24298,
2109
+ "byte_end": 26355,
2110
+ "bytes": 2057,
2111
+ "h3_count": 0
2112
+ },
2113
+ {
2114
+ "name": "Defensive Countermeasure Mapping",
2115
+ "normalized_name": "defensive-countermeasure-mapping",
2116
+ "line": 249,
2117
+ "byte_start": 26355,
2118
+ "byte_end": 29976,
2119
+ "bytes": 3621,
2120
+ "h3_count": 0
2121
+ },
2122
+ {
2123
+ "name": "Hand-Off / Related Skills",
2124
+ "normalized_name": "hand-off",
2125
+ "line": 262,
2126
+ "byte_start": 29976,
2127
+ "byte_end": 32767,
2128
+ "bytes": 2791,
2129
+ "h3_count": 0
2130
+ }
2131
+ ]
2132
+ },
2133
+ "ot-ics-security": {
2134
+ "path": "skills/ot-ics-security/skill.md",
2135
+ "total_bytes": 36251,
2136
+ "total_lines": 341,
2137
+ "frontmatter": {
2138
+ "line_start": 1,
2139
+ "line_end": 47,
2140
+ "byte_start": 0,
2141
+ "byte_end": 905
2142
+ },
2143
+ "sections": [
2144
+ {
2145
+ "name": "Threat Context (mid-2026)",
2146
+ "normalized_name": "threat-context",
2147
+ "line": 51,
2148
+ "byte_start": 938,
2149
+ "byte_end": 4399,
2150
+ "bytes": 3461,
2151
+ "h3_count": 0
2152
+ },
2153
+ {
2154
+ "name": "Framework Lag Declaration",
2155
+ "normalized_name": "framework-lag-declaration",
2156
+ "line": 67,
2157
+ "byte_start": 4399,
2158
+ "byte_end": 8874,
2159
+ "bytes": 4475,
2160
+ "h3_count": 0
2161
+ },
2162
+ {
2163
+ "name": "TTP Mapping",
2164
+ "normalized_name": "ttp-mapping",
2165
+ "line": 88,
2166
+ "byte_start": 8874,
2167
+ "byte_end": 12606,
2168
+ "bytes": 3732,
2169
+ "h3_count": 0
2170
+ },
2171
+ {
2172
+ "name": "Exploit Availability Matrix",
2173
+ "normalized_name": "exploit-availability-matrix",
2174
+ "line": 110,
2175
+ "byte_start": 12606,
2176
+ "byte_end": 14888,
2177
+ "bytes": 2282,
2178
+ "h3_count": 0
2179
+ },
2180
+ {
2181
+ "name": "Analysis Procedure",
2182
+ "normalized_name": "analysis-procedure",
2183
+ "line": 123,
2184
+ "byte_start": 14888,
2185
+ "byte_end": 23680,
2186
+ "bytes": 8792,
2187
+ "h3_count": 10
2188
+ },
2189
+ {
2190
+ "name": "Output Format",
2191
+ "normalized_name": "output-format",
2192
+ "line": 219,
2193
+ "byte_start": 23680,
2194
+ "byte_end": 25779,
2195
+ "bytes": 2099,
2196
+ "h3_count": 11
2197
+ },
2198
+ {
2199
+ "name": "Compliance Theater Check",
2200
+ "normalized_name": "compliance-theater-check",
2201
+ "line": 275,
2202
+ "byte_start": 25779,
2203
+ "byte_end": 28984,
2204
+ "bytes": 3205,
2205
+ "h3_count": 0
2206
+ },
2207
+ {
2208
+ "name": "Defensive Countermeasure Mapping",
2209
+ "normalized_name": "defensive-countermeasure-mapping",
2210
+ "line": 309,
2211
+ "byte_start": 28984,
2212
+ "byte_end": 32441,
2213
+ "bytes": 3457,
2214
+ "h3_count": 0
2215
+ },
2216
+ {
2217
+ "name": "Hand-Off / Related Skills",
2218
+ "normalized_name": "hand-off",
2219
+ "line": 325,
2220
+ "byte_start": 32441,
2221
+ "byte_end": 36251,
2222
+ "bytes": 3810,
2223
+ "h3_count": 0
2224
+ }
2225
+ ]
2226
+ },
2227
+ "coordinated-vuln-disclosure": {
2228
+ "path": "skills/coordinated-vuln-disclosure/skill.md",
2229
+ "total_bytes": 46794,
2230
+ "total_lines": 474,
2231
+ "frontmatter": {
2232
+ "line_start": 1,
2233
+ "line_end": 44,
2234
+ "byte_start": 0,
2235
+ "byte_end": 1755
2236
+ },
2237
+ "sections": [
2238
+ {
2239
+ "name": "Threat Context (mid-2026)",
2240
+ "normalized_name": "threat-context",
2241
+ "line": 54,
2242
+ "byte_start": 2867,
2243
+ "byte_end": 6341,
2244
+ "bytes": 3474,
2245
+ "h3_count": 0
2246
+ },
2247
+ {
2248
+ "name": "Framework Lag Declaration",
2249
+ "normalized_name": "framework-lag-declaration",
2250
+ "line": 69,
2251
+ "byte_start": 6341,
2252
+ "byte_end": 12627,
2253
+ "bytes": 6286,
2254
+ "h3_count": 0
2255
+ },
2256
+ {
2257
+ "name": "TTP Mapping",
2258
+ "normalized_name": "ttp-mapping",
2259
+ "line": 94,
2260
+ "byte_start": 12627,
2261
+ "byte_end": 14982,
2262
+ "bytes": 2355,
2263
+ "h3_count": 0
2264
+ },
2265
+ {
2266
+ "name": "Exploit Availability Matrix",
2267
+ "normalized_name": "exploit-availability-matrix",
2268
+ "line": 112,
2269
+ "byte_start": 14982,
2270
+ "byte_end": 18672,
2271
+ "bytes": 3690,
2272
+ "h3_count": 0
2273
+ },
2274
+ {
2275
+ "name": "Analysis Procedure",
2276
+ "normalized_name": "analysis-procedure",
2277
+ "line": 137,
2278
+ "byte_start": 18672,
2279
+ "byte_end": 31184,
2280
+ "bytes": 12512,
2281
+ "h3_count": 10
2282
+ },
2283
+ {
2284
+ "name": "Output Format",
2285
+ "normalized_name": "output-format",
2286
+ "line": 249,
2287
+ "byte_start": 31184,
2288
+ "byte_end": 37702,
2289
+ "bytes": 6518,
2290
+ "h3_count": 7
2291
+ },
2292
+ {
2293
+ "name": "Compliance Theater Check",
2294
+ "normalized_name": "compliance-theater-check",
2295
+ "line": 425,
2296
+ "byte_start": 37702,
2297
+ "byte_end": 40758,
2298
+ "bytes": 3056,
2299
+ "h3_count": 0
2300
+ },
2301
+ {
2302
+ "name": "Defensive Countermeasure Mapping",
2303
+ "normalized_name": "defensive-countermeasure-mapping",
2304
+ "line": 441,
2305
+ "byte_start": 40758,
2306
+ "byte_end": 44375,
2307
+ "bytes": 3617,
2308
+ "h3_count": 0
2309
+ },
2310
+ {
2311
+ "name": "Hand-Off / Related Skills",
2312
+ "normalized_name": "hand-off",
2313
+ "line": 461,
2314
+ "byte_start": 44375,
2315
+ "byte_end": 46794,
2316
+ "bytes": 2419,
2317
+ "h3_count": 0
2318
+ }
2319
+ ]
2320
+ },
2321
+ "threat-modeling-methodology": {
2322
+ "path": "skills/threat-modeling-methodology/skill.md",
2323
+ "total_bytes": 30464,
2324
+ "total_lines": 313,
2325
+ "frontmatter": {
2326
+ "line_start": 1,
2327
+ "line_end": 43,
2328
+ "byte_start": 0,
2329
+ "byte_end": 1253
2330
+ },
2331
+ "sections": [
2332
+ {
2333
+ "name": "Purpose",
2334
+ "normalized_name": "purpose",
2335
+ "line": 47,
2336
+ "byte_start": 1285,
2337
+ "byte_end": 1969,
2338
+ "bytes": 684,
2339
+ "h3_count": 0
2340
+ },
2341
+ {
2342
+ "name": "Threat Context",
2343
+ "normalized_name": "threat-context",
2344
+ "line": 55,
2345
+ "byte_start": 1969,
2346
+ "byte_end": 6334,
2347
+ "bytes": 4365,
2348
+ "h3_count": 0
2349
+ },
2350
+ {
2351
+ "name": "Framework Lag Declaration",
2352
+ "normalized_name": "framework-lag-declaration",
2353
+ "line": 81,
2354
+ "byte_start": 6334,
2355
+ "byte_end": 10905,
2356
+ "bytes": 4571,
2357
+ "h3_count": 0
2358
+ },
2359
+ {
2360
+ "name": "TTP Mapping",
2361
+ "normalized_name": "ttp-mapping",
2362
+ "line": 111,
2363
+ "byte_start": 10905,
2364
+ "byte_end": 14820,
2365
+ "bytes": 3915,
2366
+ "h3_count": 0
2367
+ },
2368
+ {
2369
+ "name": "Exploit Availability Matrix",
2370
+ "normalized_name": "exploit-availability-matrix",
2371
+ "line": 133,
2372
+ "byte_start": 14820,
2373
+ "byte_end": 17122,
2374
+ "bytes": 2302,
2375
+ "h3_count": 0
2376
+ },
2377
+ {
2378
+ "name": "Analysis Procedure",
2379
+ "normalized_name": "analysis-procedure",
2380
+ "line": 155,
2381
+ "byte_start": 17122,
2382
+ "byte_end": 23729,
2383
+ "bytes": 6607,
2384
+ "h3_count": 10
2385
+ },
2386
+ {
2387
+ "name": "Output Format",
2388
+ "normalized_name": "output-format",
2389
+ "line": 230,
2390
+ "byte_start": 23729,
2391
+ "byte_end": 25278,
2392
+ "bytes": 1549,
2393
+ "h3_count": 9
2394
+ },
2395
+ {
2396
+ "name": "Compliance Theater Check",
2397
+ "normalized_name": "compliance-theater-check",
2398
+ "line": 272,
2399
+ "byte_start": 25278,
2400
+ "byte_end": 27202,
2401
+ "bytes": 1924,
2402
+ "h3_count": 0
2403
+ },
2404
+ {
2405
+ "name": "Defensive Countermeasure Mapping",
2406
+ "normalized_name": "defensive-countermeasure-mapping",
2407
+ "line": 290,
2408
+ "byte_start": 27202,
2409
+ "byte_end": 28906,
2410
+ "bytes": 1704,
2411
+ "h3_count": 0
2412
+ },
2413
+ {
2414
+ "name": "Hand-Off / Related Skills",
2415
+ "normalized_name": "hand-off",
2416
+ "line": 303,
2417
+ "byte_start": 28906,
2418
+ "byte_end": 30464,
2419
+ "bytes": 1558,
2420
+ "h3_count": 0
2421
+ }
2422
+ ]
2423
+ },
2424
+ "webapp-security": {
2425
+ "path": "skills/webapp-security/skill.md",
2426
+ "total_bytes": 28609,
2427
+ "total_lines": 282,
2428
+ "frontmatter": {
2429
+ "line_start": 1,
2430
+ "line_end": 69,
2431
+ "byte_start": 0,
2432
+ "byte_end": 1267
2433
+ },
2434
+ "sections": [
2435
+ {
2436
+ "name": "Threat Context (mid-2026)",
2437
+ "normalized_name": "threat-context",
2438
+ "line": 73,
2439
+ "byte_start": 1307,
2440
+ "byte_end": 4750,
2441
+ "bytes": 3443,
2442
+ "h3_count": 0
2443
+ },
2444
+ {
2445
+ "name": "Framework Lag Declaration",
2446
+ "normalized_name": "framework-lag-declaration",
2447
+ "line": 87,
2448
+ "byte_start": 4750,
2449
+ "byte_end": 8311,
2450
+ "bytes": 3561,
2451
+ "h3_count": 0
2452
+ },
2453
+ {
2454
+ "name": "TTP Mapping (MITRE ATT&CK Enterprise + ATLAS v5.1.0)",
2455
+ "normalized_name": "ttp-mapping",
2456
+ "line": 107,
2457
+ "byte_start": 8311,
2458
+ "byte_end": 9829,
2459
+ "bytes": 1518,
2460
+ "h3_count": 0
2461
+ },
2462
+ {
2463
+ "name": "Exploit Availability Matrix",
2464
+ "normalized_name": "exploit-availability-matrix",
2465
+ "line": 119,
2466
+ "byte_start": 9829,
2467
+ "byte_end": 13275,
2468
+ "bytes": 3446,
2469
+ "h3_count": 0
2470
+ },
2471
+ {
2472
+ "name": "Analysis Procedure",
2473
+ "normalized_name": "analysis-procedure",
2474
+ "line": 137,
2475
+ "byte_start": 13275,
2476
+ "byte_end": 19776,
2477
+ "bytes": 6501,
2478
+ "h3_count": 1
2479
+ },
2480
+ {
2481
+ "name": "Output Format",
2482
+ "normalized_name": "output-format",
2483
+ "line": 185,
2484
+ "byte_start": 19776,
2485
+ "byte_end": 22918,
2486
+ "bytes": 3142,
2487
+ "h3_count": 6
2488
+ },
2489
+ {
2490
+ "name": "Compliance Theater Check",
2491
+ "normalized_name": "compliance-theater-check",
2492
+ "line": 244,
2493
+ "byte_start": 22918,
2494
+ "byte_end": 24895,
2495
+ "bytes": 1977,
2496
+ "h3_count": 0
2497
+ },
2498
+ {
2499
+ "name": "Defensive Countermeasure Mapping",
2500
+ "normalized_name": "defensive-countermeasure-mapping",
2501
+ "line": 258,
2502
+ "byte_start": 24895,
2503
+ "byte_end": 27414,
2504
+ "bytes": 2519,
2505
+ "h3_count": 0
2506
+ },
2507
+ {
2508
+ "name": "Hand-Off / Related Skills",
2509
+ "normalized_name": "hand-off",
2510
+ "line": 272,
2511
+ "byte_start": 27414,
2512
+ "byte_end": 28609,
2513
+ "bytes": 1195,
2514
+ "h3_count": 0
2515
+ }
2516
+ ]
2517
+ },
2518
+ "ai-risk-management": {
2519
+ "path": "skills/ai-risk-management/skill.md",
2520
+ "total_bytes": 33503,
2521
+ "total_lines": 312,
2522
+ "frontmatter": {
2523
+ "line_start": 1,
2524
+ "line_end": 43,
2525
+ "byte_start": 0,
2526
+ "byte_end": 1026
2527
+ },
2528
+ "sections": [
2529
+ {
2530
+ "name": "Purpose",
2531
+ "normalized_name": "purpose",
2532
+ "line": 47,
2533
+ "byte_start": 1068,
2534
+ "byte_end": 1847,
2535
+ "bytes": 779,
2536
+ "h3_count": 0
2537
+ },
2538
+ {
2539
+ "name": "Threat Context (mid-2026)",
2540
+ "normalized_name": "threat-context",
2541
+ "line": 55,
2542
+ "byte_start": 1847,
2543
+ "byte_end": 5449,
2544
+ "bytes": 3602,
2545
+ "h3_count": 0
2546
+ },
2547
+ {
2548
+ "name": "Framework Lag Declaration",
2549
+ "normalized_name": "framework-lag-declaration",
2550
+ "line": 81,
2551
+ "byte_start": 5449,
2552
+ "byte_end": 10735,
2553
+ "bytes": 5286,
2554
+ "h3_count": 0
2555
+ },
2556
+ {
2557
+ "name": "TTP Mapping",
2558
+ "normalized_name": "ttp-mapping",
2559
+ "line": 105,
2560
+ "byte_start": 10735,
2561
+ "byte_end": 12936,
2562
+ "bytes": 2201,
2563
+ "h3_count": 0
2564
+ },
2565
+ {
2566
+ "name": "Exploit Availability Matrix",
2567
+ "normalized_name": "exploit-availability-matrix",
2568
+ "line": 126,
2569
+ "byte_start": 12936,
2570
+ "byte_end": 15402,
2571
+ "bytes": 2466,
2572
+ "h3_count": 0
2573
+ },
2574
+ {
2575
+ "name": "Analysis Procedure",
2576
+ "normalized_name": "analysis-procedure",
2577
+ "line": 143,
2578
+ "byte_start": 15402,
2579
+ "byte_end": 24066,
2580
+ "bytes": 8664,
2581
+ "h3_count": 10
2582
+ },
2583
+ {
2584
+ "name": "Output Format",
2585
+ "normalized_name": "output-format",
2586
+ "line": 213,
2587
+ "byte_start": 24066,
2588
+ "byte_end": 26926,
2589
+ "bytes": 2860,
2590
+ "h3_count": 10
2591
+ },
2592
+ {
2593
+ "name": "Compliance Theater Check",
2594
+ "normalized_name": "compliance-theater-check",
2595
+ "line": 267,
2596
+ "byte_start": 26926,
2597
+ "byte_end": 29725,
2598
+ "bytes": 2799,
2599
+ "h3_count": 0
2600
+ },
2601
+ {
2602
+ "name": "Defensive Countermeasure Mapping",
2603
+ "normalized_name": "defensive-countermeasure-mapping",
2604
+ "line": 285,
2605
+ "byte_start": 29725,
2606
+ "byte_end": 31512,
2607
+ "bytes": 1787,
2608
+ "h3_count": 0
2609
+ },
2610
+ {
2611
+ "name": "Hand-Off / Related Skills",
2612
+ "normalized_name": "hand-off",
2613
+ "line": 299,
2614
+ "byte_start": 31512,
2615
+ "byte_end": 33503,
2616
+ "bytes": 1991,
2617
+ "h3_count": 0
2618
+ }
2619
+ ]
2620
+ },
2621
+ "sector-healthcare": {
2622
+ "path": "skills/sector-healthcare/skill.md",
2623
+ "total_bytes": 47318,
2624
+ "total_lines": 374,
2625
+ "frontmatter": {
2626
+ "line_start": 1,
2627
+ "line_end": 53,
2628
+ "byte_start": 0,
2629
+ "byte_end": 1097
2630
+ },
2631
+ "sections": [
2632
+ {
2633
+ "name": "Threat Context (mid-2026)",
2634
+ "normalized_name": "threat-context",
2635
+ "line": 57,
2636
+ "byte_start": 1144,
2637
+ "byte_end": 5368,
2638
+ "bytes": 4224,
2639
+ "h3_count": 0
2640
+ },
2641
+ {
2642
+ "name": "Framework Lag Declaration",
2643
+ "normalized_name": "framework-lag-declaration",
2644
+ "line": 80,
2645
+ "byte_start": 5368,
2646
+ "byte_end": 14994,
2647
+ "bytes": 9626,
2648
+ "h3_count": 0
2649
+ },
2650
+ {
2651
+ "name": "TTP Mapping",
2652
+ "normalized_name": "ttp-mapping",
2653
+ "line": 109,
2654
+ "byte_start": 14994,
2655
+ "byte_end": 19697,
2656
+ "bytes": 4703,
2657
+ "h3_count": 0
2658
+ },
2659
+ {
2660
+ "name": "Exploit Availability Matrix",
2661
+ "normalized_name": "exploit-availability-matrix",
2662
+ "line": 126,
2663
+ "byte_start": 19697,
2664
+ "byte_end": 23031,
2665
+ "bytes": 3334,
2666
+ "h3_count": 0
2667
+ },
2668
+ {
2669
+ "name": "Analysis Procedure",
2670
+ "normalized_name": "analysis-procedure",
2671
+ "line": 141,
2672
+ "byte_start": 23031,
2673
+ "byte_end": 33586,
2674
+ "bytes": 10555,
2675
+ "h3_count": 12
2676
+ },
2677
+ {
2678
+ "name": "Output Format",
2679
+ "normalized_name": "output-format",
2680
+ "line": 238,
2681
+ "byte_start": 33586,
2682
+ "byte_end": 36477,
2683
+ "bytes": 2891,
2684
+ "h3_count": 14
2685
+ },
2686
+ {
2687
+ "name": "Compliance Theater Check",
2688
+ "normalized_name": "compliance-theater-check",
2689
+ "line": 307,
2690
+ "byte_start": 36477,
2691
+ "byte_end": 40045,
2692
+ "bytes": 3568,
2693
+ "h3_count": 0
2694
+ },
2695
+ {
2696
+ "name": "Defensive Countermeasure Mapping",
2697
+ "normalized_name": "defensive-countermeasure-mapping",
2698
+ "line": 342,
2699
+ "byte_start": 40045,
2700
+ "byte_end": 43459,
2701
+ "bytes": 3414,
2702
+ "h3_count": 0
2703
+ },
2704
+ {
2705
+ "name": "Hand-Off / Related Skills",
2706
+ "normalized_name": "hand-off",
2707
+ "line": 356,
2708
+ "byte_start": 43459,
2709
+ "byte_end": 47318,
2710
+ "bytes": 3859,
2711
+ "h3_count": 0
2712
+ }
2713
+ ]
2714
+ },
2715
+ "sector-financial": {
2716
+ "path": "skills/sector-financial/skill.md",
2717
+ "total_bytes": 49757,
2718
+ "total_lines": 399,
2719
+ "frontmatter": {
2720
+ "line_start": 1,
2721
+ "line_end": 74,
2722
+ "byte_start": 0,
2723
+ "byte_end": 2369
2724
+ },
2725
+ "sections": [
2726
+ {
2727
+ "name": "Threat Context (mid-2026)",
2728
+ "normalized_name": "threat-context",
2729
+ "line": 78,
2730
+ "byte_start": 2428,
2731
+ "byte_end": 9983,
2732
+ "bytes": 7555,
2733
+ "h3_count": 0
2734
+ },
2735
+ {
2736
+ "name": "Framework Lag Declaration",
2737
+ "normalized_name": "framework-lag-declaration",
2738
+ "line": 117,
2739
+ "byte_start": 9983,
2740
+ "byte_end": 18930,
2741
+ "bytes": 8947,
2742
+ "h3_count": 0
2743
+ },
2744
+ {
2745
+ "name": "TTP Mapping",
2746
+ "normalized_name": "ttp-mapping",
2747
+ "line": 147,
2748
+ "byte_start": 18930,
2749
+ "byte_end": 23427,
2750
+ "bytes": 4497,
2751
+ "h3_count": 0
2752
+ },
2753
+ {
2754
+ "name": "Exploit Availability Matrix",
2755
+ "normalized_name": "exploit-availability-matrix",
2756
+ "line": 166,
2757
+ "byte_start": 23427,
2758
+ "byte_end": 26313,
2759
+ "bytes": 2886,
2760
+ "h3_count": 0
2761
+ },
2762
+ {
2763
+ "name": "Analysis Procedure",
2764
+ "normalized_name": "analysis-procedure",
2765
+ "line": 182,
2766
+ "byte_start": 26313,
2767
+ "byte_end": 35067,
2768
+ "bytes": 8754,
2769
+ "h3_count": 10
2770
+ },
2771
+ {
2772
+ "name": "Output Format",
2773
+ "normalized_name": "output-format",
2774
+ "line": 271,
2775
+ "byte_start": 35067,
2776
+ "byte_end": 37822,
2777
+ "bytes": 2755,
2778
+ "h3_count": 15
2779
+ },
2780
+ {
2781
+ "name": "Compliance Theater Check",
2782
+ "normalized_name": "compliance-theater-check",
2783
+ "line": 333,
2784
+ "byte_start": 37822,
2785
+ "byte_end": 42160,
2786
+ "bytes": 4338,
2787
+ "h3_count": 0
2788
+ },
2789
+ {
2790
+ "name": "Defensive Countermeasure Mapping",
2791
+ "normalized_name": "defensive-countermeasure-mapping",
2792
+ "line": 368,
2793
+ "byte_start": 42160,
2794
+ "byte_end": 46004,
2795
+ "bytes": 3844,
2796
+ "h3_count": 0
2797
+ },
2798
+ {
2799
+ "name": "Hand-Off / Related Skills",
2800
+ "normalized_name": "hand-off",
2801
+ "line": 383,
2802
+ "byte_start": 46004,
2803
+ "byte_end": 49757,
2804
+ "bytes": 3753,
2805
+ "h3_count": 0
2806
+ }
2807
+ ]
2808
+ },
2809
+ "sector-federal-government": {
2810
+ "path": "skills/sector-federal-government/skill.md",
2811
+ "total_bytes": 44031,
2812
+ "total_lines": 303,
2813
+ "frontmatter": {
2814
+ "line_start": 1,
2815
+ "line_end": 62,
2816
+ "byte_start": 0,
2817
+ "byte_end": 2786
2818
+ },
2819
+ "sections": [
2820
+ {
2821
+ "name": "Threat Context (mid-2026)",
2822
+ "normalized_name": "threat-context",
2823
+ "line": 66,
2824
+ "byte_start": 2846,
2825
+ "byte_end": 8126,
2826
+ "bytes": 5280,
2827
+ "h3_count": 0
2828
+ },
2829
+ {
2830
+ "name": "Framework Lag Declaration",
2831
+ "normalized_name": "framework-lag-declaration",
2832
+ "line": 86,
2833
+ "byte_start": 8126,
2834
+ "byte_end": 17619,
2835
+ "bytes": 9493,
2836
+ "h3_count": 0
2837
+ },
2838
+ {
2839
+ "name": "TTP Mapping",
2840
+ "normalized_name": "ttp-mapping",
2841
+ "line": 116,
2842
+ "byte_start": 17619,
2843
+ "byte_end": 20035,
2844
+ "bytes": 2416,
2845
+ "h3_count": 0
2846
+ },
2847
+ {
2848
+ "name": "Exploit Availability Matrix",
2849
+ "normalized_name": "exploit-availability-matrix",
2850
+ "line": 134,
2851
+ "byte_start": 20035,
2852
+ "byte_end": 26174,
2853
+ "bytes": 6139,
2854
+ "h3_count": 0
2855
+ },
2856
+ {
2857
+ "name": "Analysis Procedure",
2858
+ "normalized_name": "analysis-procedure",
2859
+ "line": 153,
2860
+ "byte_start": 26174,
2861
+ "byte_end": 34214,
2862
+ "bytes": 8040,
2863
+ "h3_count": 4
2864
+ },
2865
+ {
2866
+ "name": "Output Format",
2867
+ "normalized_name": "output-format",
2868
+ "line": 210,
2869
+ "byte_start": 34214,
2870
+ "byte_end": 36702,
2871
+ "bytes": 2488,
2872
+ "h3_count": 10
2873
+ },
2874
+ {
2875
+ "name": "Compliance Theater Check",
2876
+ "normalized_name": "compliance-theater-check",
2877
+ "line": 264,
2878
+ "byte_start": 36702,
2879
+ "byte_end": 39570,
2880
+ "bytes": 2868,
2881
+ "h3_count": 0
2882
+ },
2883
+ {
2884
+ "name": "Defensive Countermeasure Mapping",
2885
+ "normalized_name": "defensive-countermeasure-mapping",
2886
+ "line": 278,
2887
+ "byte_start": 39570,
2888
+ "byte_end": 42570,
2889
+ "bytes": 3000,
2890
+ "h3_count": 0
2891
+ },
2892
+ {
2893
+ "name": "Hand-Off",
2894
+ "normalized_name": "hand-off",
2895
+ "line": 292,
2896
+ "byte_start": 42570,
2897
+ "byte_end": 44031,
2898
+ "bytes": 1461,
2899
+ "h3_count": 0
2900
+ }
2901
+ ]
2902
+ },
2903
+ "sector-energy": {
2904
+ "path": "skills/sector-energy/skill.md",
2905
+ "total_bytes": 53756,
2906
+ "total_lines": 410,
2907
+ "frontmatter": {
2908
+ "line_start": 1,
2909
+ "line_end": 61,
2910
+ "byte_start": 0,
2911
+ "byte_end": 2313
2912
+ },
2913
+ "sections": [
2914
+ {
2915
+ "name": "Threat Context (mid-2026)",
2916
+ "normalized_name": "threat-context",
2917
+ "line": 67,
2918
+ "byte_start": 3049,
2919
+ "byte_end": 8402,
2920
+ "bytes": 5353,
2921
+ "h3_count": 0
2922
+ },
2923
+ {
2924
+ "name": "Framework Lag Declaration",
2925
+ "normalized_name": "framework-lag-declaration",
2926
+ "line": 93,
2927
+ "byte_start": 8402,
2928
+ "byte_end": 16739,
2929
+ "bytes": 8337,
2930
+ "h3_count": 0
2931
+ },
2932
+ {
2933
+ "name": "TTP Mapping",
2934
+ "normalized_name": "ttp-mapping",
2935
+ "line": 118,
2936
+ "byte_start": 16739,
2937
+ "byte_end": 23115,
2938
+ "bytes": 6376,
2939
+ "h3_count": 0
2940
+ },
2941
+ {
2942
+ "name": "Exploit Availability Matrix",
2943
+ "normalized_name": "exploit-availability-matrix",
2944
+ "line": 144,
2945
+ "byte_start": 23115,
2946
+ "byte_end": 27105,
2947
+ "bytes": 3990,
2948
+ "h3_count": 0
2949
+ },
2950
+ {
2951
+ "name": "Analysis Procedure",
2952
+ "normalized_name": "analysis-procedure",
2953
+ "line": 162,
2954
+ "byte_start": 27105,
2955
+ "byte_end": 38051,
2956
+ "bytes": 10946,
2957
+ "h3_count": 13
2958
+ },
2959
+ {
2960
+ "name": "Output Format",
2961
+ "normalized_name": "output-format",
2962
+ "line": 274,
2963
+ "byte_start": 38051,
2964
+ "byte_end": 40839,
2965
+ "bytes": 2788,
2966
+ "h3_count": 13
2967
+ },
2968
+ {
2969
+ "name": "Compliance Theater Check",
2970
+ "normalized_name": "compliance-theater-check",
2971
+ "line": 339,
2972
+ "byte_start": 40839,
2973
+ "byte_end": 45830,
2974
+ "bytes": 4991,
2975
+ "h3_count": 0
2976
+ },
2977
+ {
2978
+ "name": "Defensive Countermeasure Mapping",
2979
+ "normalized_name": "defensive-countermeasure-mapping",
2980
+ "line": 377,
2981
+ "byte_start": 45830,
2982
+ "byte_end": 50381,
2983
+ "bytes": 4551,
2984
+ "h3_count": 0
2985
+ },
2986
+ {
2987
+ "name": "Hand-Off / Related Skills",
2988
+ "normalized_name": "hand-off",
2989
+ "line": 393,
2990
+ "byte_start": 50381,
2991
+ "byte_end": 53756,
2992
+ "bytes": 3375,
2993
+ "h3_count": 0
2994
+ }
2995
+ ]
2996
+ },
2997
+ "api-security": {
2998
+ "path": "skills/api-security/skill.md",
2999
+ "total_bytes": 34581,
3000
+ "total_lines": 288,
3001
+ "frontmatter": {
3002
+ "line_start": 1,
3003
+ "line_end": 64,
3004
+ "byte_start": 0,
3005
+ "byte_end": 1211
3006
+ },
3007
+ "sections": [
3008
+ {
3009
+ "name": "Threat Context (mid-2026)",
3010
+ "normalized_name": "threat-context",
3011
+ "line": 68,
3012
+ "byte_start": 1239,
3013
+ "byte_end": 6346,
3014
+ "bytes": 5107,
3015
+ "h3_count": 0
3016
+ },
3017
+ {
3018
+ "name": "Framework Lag Declaration",
3019
+ "normalized_name": "framework-lag-declaration",
3020
+ "line": 94,
3021
+ "byte_start": 6346,
3022
+ "byte_end": 9624,
3023
+ "bytes": 3278,
3024
+ "h3_count": 0
3025
+ },
3026
+ {
3027
+ "name": "TTP Mapping (MITRE ATT&CK Enterprise + ATLAS v5.1.0)",
3028
+ "normalized_name": "ttp-mapping",
3029
+ "line": 117,
3030
+ "byte_start": 9624,
3031
+ "byte_end": 11829,
3032
+ "bytes": 2205,
3033
+ "h3_count": 0
3034
+ },
3035
+ {
3036
+ "name": "Exploit Availability Matrix",
3037
+ "normalized_name": "exploit-availability-matrix",
3038
+ "line": 131,
3039
+ "byte_start": 11829,
3040
+ "byte_end": 16263,
3041
+ "bytes": 4434,
3042
+ "h3_count": 0
3043
+ },
3044
+ {
3045
+ "name": "Analysis Procedure",
3046
+ "normalized_name": "analysis-procedure",
3047
+ "line": 151,
3048
+ "byte_start": 16263,
3049
+ "byte_end": 24062,
3050
+ "bytes": 7799,
3051
+ "h3_count": 1
3052
+ },
3053
+ {
3054
+ "name": "Output Format",
3055
+ "normalized_name": "output-format",
3056
+ "line": 199,
3057
+ "byte_start": 24062,
3058
+ "byte_end": 27780,
3059
+ "bytes": 3718,
3060
+ "h3_count": 9
3061
+ },
3062
+ {
3063
+ "name": "Compliance Theater Check",
3064
+ "normalized_name": "compliance-theater-check",
3065
+ "line": 252,
3066
+ "byte_start": 27780,
3067
+ "byte_end": 30138,
3068
+ "bytes": 2358,
3069
+ "h3_count": 0
3070
+ },
3071
+ {
3072
+ "name": "Defensive Countermeasure Mapping",
3073
+ "normalized_name": "defensive-countermeasure-mapping",
3074
+ "line": 266,
3075
+ "byte_start": 30138,
3076
+ "byte_end": 33376,
3077
+ "bytes": 3238,
3078
+ "h3_count": 0
3079
+ },
3080
+ {
3081
+ "name": "Hand-Off / Related Skills",
3082
+ "normalized_name": "hand-off",
3083
+ "line": 280,
3084
+ "byte_start": 33376,
3085
+ "byte_end": 34581,
3086
+ "bytes": 1205,
3087
+ "h3_count": 0
3088
+ }
3089
+ ]
3090
+ },
3091
+ "cloud-security": {
3092
+ "path": "skills/cloud-security/skill.md",
3093
+ "total_bytes": 55577,
3094
+ "total_lines": 385,
3095
+ "frontmatter": {
3096
+ "line_start": 1,
3097
+ "line_end": 75,
3098
+ "byte_start": 0,
3099
+ "byte_end": 3452
3100
+ },
3101
+ "sections": [
3102
+ {
3103
+ "name": "Threat Context (mid-2026)",
3104
+ "normalized_name": "threat-context",
3105
+ "line": 79,
3106
+ "byte_start": 3482,
3107
+ "byte_end": 9871,
3108
+ "bytes": 6389,
3109
+ "h3_count": 0
3110
+ },
3111
+ {
3112
+ "name": "Framework Lag Declaration",
3113
+ "normalized_name": "framework-lag-declaration",
3114
+ "line": 97,
3115
+ "byte_start": 9871,
3116
+ "byte_end": 18930,
3117
+ "bytes": 9059,
3118
+ "h3_count": 0
3119
+ },
3120
+ {
3121
+ "name": "TTP Mapping",
3122
+ "normalized_name": "ttp-mapping",
3123
+ "line": 127,
3124
+ "byte_start": 18930,
3125
+ "byte_end": 22116,
3126
+ "bytes": 3186,
3127
+ "h3_count": 0
3128
+ },
3129
+ {
3130
+ "name": "Exploit Availability Matrix",
3131
+ "normalized_name": "exploit-availability-matrix",
3132
+ "line": 142,
3133
+ "byte_start": 22116,
3134
+ "byte_end": 27338,
3135
+ "bytes": 5222,
3136
+ "h3_count": 0
3137
+ },
3138
+ {
3139
+ "name": "Analysis Procedure",
3140
+ "normalized_name": "analysis-procedure",
3141
+ "line": 157,
3142
+ "byte_start": 27338,
3143
+ "byte_end": 40318,
3144
+ "bytes": 12980,
3145
+ "h3_count": 11
3146
+ },
3147
+ {
3148
+ "name": "Output Format",
3149
+ "normalized_name": "output-format",
3150
+ "line": 260,
3151
+ "byte_start": 40318,
3152
+ "byte_end": 42581,
3153
+ "bytes": 2263,
3154
+ "h3_count": 13
3155
+ },
3156
+ {
3157
+ "name": "Compliance Theater Check",
3158
+ "normalized_name": "compliance-theater-check",
3159
+ "line": 317,
3160
+ "byte_start": 42581,
3161
+ "byte_end": 46802,
3162
+ "bytes": 4221,
3163
+ "h3_count": 0
3164
+ },
3165
+ {
3166
+ "name": "Defensive Countermeasure Mapping",
3167
+ "normalized_name": "defensive-countermeasure-mapping",
3168
+ "line": 351,
3169
+ "byte_start": 46802,
3170
+ "byte_end": 51544,
3171
+ "bytes": 4742,
3172
+ "h3_count": 0
3173
+ },
3174
+ {
3175
+ "name": "Hand-Off / Related Skills",
3176
+ "normalized_name": "hand-off",
3177
+ "line": 367,
3178
+ "byte_start": 51544,
3179
+ "byte_end": 55577,
3180
+ "bytes": 4033,
3181
+ "h3_count": 0
3182
+ }
3183
+ ]
3184
+ },
3185
+ "container-runtime-security": {
3186
+ "path": "skills/container-runtime-security/skill.md",
3187
+ "total_bytes": 48744,
3188
+ "total_lines": 380,
3189
+ "frontmatter": {
3190
+ "line_start": 1,
3191
+ "line_end": 58,
3192
+ "byte_start": 0,
3193
+ "byte_end": 1152
3194
+ },
3195
+ "sections": [
3196
+ {
3197
+ "name": "Threat Context (mid-2026)",
3198
+ "normalized_name": "threat-context",
3199
+ "line": 62,
3200
+ "byte_start": 1207,
3201
+ "byte_end": 6730,
3202
+ "bytes": 5523,
3203
+ "h3_count": 0
3204
+ },
3205
+ {
3206
+ "name": "Framework Lag Declaration",
3207
+ "normalized_name": "framework-lag-declaration",
3208
+ "line": 89,
3209
+ "byte_start": 6730,
3210
+ "byte_end": 13142,
3211
+ "bytes": 6412,
3212
+ "h3_count": 0
3213
+ },
3214
+ {
3215
+ "name": "TTP Mapping",
3216
+ "normalized_name": "ttp-mapping",
3217
+ "line": 116,
3218
+ "byte_start": 13142,
3219
+ "byte_end": 17617,
3220
+ "bytes": 4475,
3221
+ "h3_count": 0
3222
+ },
3223
+ {
3224
+ "name": "Exploit Availability Matrix",
3225
+ "normalized_name": "exploit-availability-matrix",
3226
+ "line": 140,
3227
+ "byte_start": 17617,
3228
+ "byte_end": 21604,
3229
+ "bytes": 3987,
3230
+ "h3_count": 0
3231
+ },
3232
+ {
3233
+ "name": "Analysis Procedure",
3234
+ "normalized_name": "analysis-procedure",
3235
+ "line": 157,
3236
+ "byte_start": 21604,
3237
+ "byte_end": 32462,
3238
+ "bytes": 10858,
3239
+ "h3_count": 5
3240
+ },
3241
+ {
3242
+ "name": "Output Format",
3243
+ "normalized_name": "output-format",
3244
+ "line": 243,
3245
+ "byte_start": 32462,
3246
+ "byte_end": 35381,
3247
+ "bytes": 2919,
3248
+ "h3_count": 12
3249
+ },
3250
+ {
3251
+ "name": "Compliance Theater Check",
3252
+ "normalized_name": "compliance-theater-check",
3253
+ "line": 309,
3254
+ "byte_start": 35381,
3255
+ "byte_end": 38878,
3256
+ "bytes": 3497,
3257
+ "h3_count": 0
3258
+ },
3259
+ {
3260
+ "name": "Defensive Countermeasure Mapping",
3261
+ "normalized_name": "defensive-countermeasure-mapping",
3262
+ "line": 345,
3263
+ "byte_start": 38878,
3264
+ "byte_end": 44150,
3265
+ "bytes": 5272,
3266
+ "h3_count": 0
3267
+ },
3268
+ {
3269
+ "name": "Hand-Off / Related Skills",
3270
+ "normalized_name": "hand-off",
3271
+ "line": 362,
3272
+ "byte_start": 44150,
3273
+ "byte_end": 48744,
3274
+ "bytes": 4594,
3275
+ "h3_count": 0
3276
+ }
3277
+ ]
3278
+ },
3279
+ "mlops-security": {
3280
+ "path": "skills/mlops-security/skill.md",
3281
+ "total_bytes": 43634,
3282
+ "total_lines": 326,
3283
+ "frontmatter": {
3284
+ "line_start": 1,
3285
+ "line_end": 63,
3286
+ "byte_start": 0,
3287
+ "byte_end": 2064
3288
+ },
3289
+ "sections": [
3290
+ {
3291
+ "name": "Threat Context (mid-2026)",
3292
+ "normalized_name": "threat-context",
3293
+ "line": 67,
3294
+ "byte_start": 2103,
3295
+ "byte_end": 6453,
3296
+ "bytes": 4350,
3297
+ "h3_count": 0
3298
+ },
3299
+ {
3300
+ "name": "Framework Lag Declaration",
3301
+ "normalized_name": "framework-lag-declaration",
3302
+ "line": 84,
3303
+ "byte_start": 6453,
3304
+ "byte_end": 12235,
3305
+ "bytes": 5782,
3306
+ "h3_count": 0
3307
+ },
3308
+ {
3309
+ "name": "TTP Mapping",
3310
+ "normalized_name": "ttp-mapping",
3311
+ "line": 108,
3312
+ "byte_start": 12235,
3313
+ "byte_end": 16620,
3314
+ "bytes": 4385,
3315
+ "h3_count": 0
3316
+ },
3317
+ {
3318
+ "name": "Exploit Availability Matrix",
3319
+ "normalized_name": "exploit-availability-matrix",
3320
+ "line": 133,
3321
+ "byte_start": 16620,
3322
+ "byte_end": 22106,
3323
+ "bytes": 5486,
3324
+ "h3_count": 0
3325
+ },
3326
+ {
3327
+ "name": "Analysis Procedure",
3328
+ "normalized_name": "analysis-procedure",
3329
+ "line": 159,
3330
+ "byte_start": 22106,
3331
+ "byte_end": 31175,
3332
+ "bytes": 9069,
3333
+ "h3_count": 4
3334
+ },
3335
+ {
3336
+ "name": "Output Format",
3337
+ "normalized_name": "output-format",
3338
+ "line": 224,
3339
+ "byte_start": 31175,
3340
+ "byte_end": 33853,
3341
+ "bytes": 2678,
3342
+ "h3_count": 10
3343
+ },
3344
+ {
3345
+ "name": "Compliance Theater Check",
3346
+ "normalized_name": "compliance-theater-check",
3347
+ "line": 277,
3348
+ "byte_start": 33853,
3349
+ "byte_end": 36784,
3350
+ "bytes": 2931,
3351
+ "h3_count": 0
3352
+ },
3353
+ {
3354
+ "name": "Defensive Countermeasure Mapping",
3355
+ "normalized_name": "defensive-countermeasure-mapping",
3356
+ "line": 293,
3357
+ "byte_start": 36784,
3358
+ "byte_end": 40704,
3359
+ "bytes": 3920,
3360
+ "h3_count": 0
3361
+ },
3362
+ {
3363
+ "name": "Hand-Off / Related Skills",
3364
+ "normalized_name": "hand-off",
3365
+ "line": 313,
3366
+ "byte_start": 40704,
3367
+ "byte_end": 43634,
3368
+ "bytes": 2930,
3369
+ "h3_count": 0
3370
+ }
3371
+ ]
3372
+ },
3373
+ "incident-response-playbook": {
3374
+ "path": "skills/incident-response-playbook/skill.md",
3375
+ "total_bytes": 62895,
3376
+ "total_lines": 547,
3377
+ "frontmatter": {
3378
+ "line_start": 1,
3379
+ "line_end": 57,
3380
+ "byte_start": 0,
3381
+ "byte_end": 2221
3382
+ },
3383
+ "sections": [
3384
+ {
3385
+ "name": "Threat Context (mid-2026)",
3386
+ "normalized_name": "threat-context",
3387
+ "line": 67,
3388
+ "byte_start": 3570,
3389
+ "byte_end": 8458,
3390
+ "bytes": 4888,
3391
+ "h3_count": 0
3392
+ },
3393
+ {
3394
+ "name": "Framework Lag Declaration",
3395
+ "normalized_name": "framework-lag-declaration",
3396
+ "line": 82,
3397
+ "byte_start": 8458,
3398
+ "byte_end": 18656,
3399
+ "bytes": 10198,
3400
+ "h3_count": 0
3401
+ },
3402
+ {
3403
+ "name": "TTP Mapping",
3404
+ "normalized_name": "ttp-mapping",
3405
+ "line": 115,
3406
+ "byte_start": 18656,
3407
+ "byte_end": 23396,
3408
+ "bytes": 4740,
3409
+ "h3_count": 0
3410
+ },
3411
+ {
3412
+ "name": "Exploit Availability Matrix",
3413
+ "normalized_name": "exploit-availability-matrix",
3414
+ "line": 133,
3415
+ "byte_start": 23396,
3416
+ "byte_end": 27207,
3417
+ "bytes": 3811,
3418
+ "h3_count": 0
3419
+ },
3420
+ {
3421
+ "name": "Analysis Procedure",
3422
+ "normalized_name": "analysis-procedure",
3423
+ "line": 157,
3424
+ "byte_start": 27207,
3425
+ "byte_end": 41535,
3426
+ "bytes": 14328,
3427
+ "h3_count": 10
3428
+ },
3429
+ {
3430
+ "name": "Output Format",
3431
+ "normalized_name": "output-format",
3432
+ "line": 277,
3433
+ "byte_start": 41535,
3434
+ "byte_end": 50662,
3435
+ "bytes": 9127,
3436
+ "h3_count": 7
3437
+ },
3438
+ {
3439
+ "name": "Compliance Theater Check",
3440
+ "normalized_name": "compliance-theater-check",
3441
+ "line": 493,
3442
+ "byte_start": 50662,
3443
+ "byte_end": 54559,
3444
+ "bytes": 3897,
3445
+ "h3_count": 0
3446
+ },
3447
+ {
3448
+ "name": "Defensive Countermeasure Mapping",
3449
+ "normalized_name": "defensive-countermeasure-mapping",
3450
+ "line": 509,
3451
+ "byte_start": 54559,
3452
+ "byte_end": 59699,
3453
+ "bytes": 5140,
3454
+ "h3_count": 0
3455
+ },
3456
+ {
3457
+ "name": "Hand-Off / Related Skills",
3458
+ "normalized_name": "hand-off",
3459
+ "line": 528,
3460
+ "byte_start": 59699,
3461
+ "byte_end": 62895,
3462
+ "bytes": 3196,
3463
+ "h3_count": 0
3464
+ }
3465
+ ]
3466
+ },
3467
+ "email-security-anti-phishing": {
3468
+ "path": "skills/email-security-anti-phishing/skill.md",
3469
+ "total_bytes": 26321,
3470
+ "total_lines": 207,
3471
+ "frontmatter": {
3472
+ "line_start": 1,
3473
+ "line_end": 50,
3474
+ "byte_start": 0,
3475
+ "byte_end": 1020
3476
+ },
3477
+ "sections": [
3478
+ {
3479
+ "name": "Threat Context (mid-2026)",
3480
+ "normalized_name": "threat-context",
3481
+ "line": 54,
3482
+ "byte_start": 1068,
3483
+ "byte_end": 5430,
3484
+ "bytes": 4362,
3485
+ "h3_count": 0
3486
+ },
3487
+ {
3488
+ "name": "Framework Lag Declaration",
3489
+ "normalized_name": "framework-lag-declaration",
3490
+ "line": 72,
3491
+ "byte_start": 5430,
3492
+ "byte_end": 9113,
3493
+ "bytes": 3683,
3494
+ "h3_count": 0
3495
+ },
3496
+ {
3497
+ "name": "TTP Mapping",
3498
+ "normalized_name": "ttp-mapping",
3499
+ "line": 94,
3500
+ "byte_start": 9113,
3501
+ "byte_end": 10533,
3502
+ "bytes": 1420,
3503
+ "h3_count": 0
3504
+ },
3505
+ {
3506
+ "name": "Exploit Availability Matrix",
3507
+ "normalized_name": "exploit-availability-matrix",
3508
+ "line": 108,
3509
+ "byte_start": 10533,
3510
+ "byte_end": 12373,
3511
+ "bytes": 1840,
3512
+ "h3_count": 0
3513
+ },
3514
+ {
3515
+ "name": "Analysis Procedure",
3516
+ "normalized_name": "analysis-procedure",
3517
+ "line": 127,
3518
+ "byte_start": 12373,
3519
+ "byte_end": 19132,
3520
+ "bytes": 6759,
3521
+ "h3_count": 0
3522
+ },
3523
+ {
3524
+ "name": "Output Format",
3525
+ "normalized_name": "output-format",
3526
+ "line": 154,
3527
+ "byte_start": 19132,
3528
+ "byte_end": 20953,
3529
+ "bytes": 1821,
3530
+ "h3_count": 0
3531
+ },
3532
+ {
3533
+ "name": "Compliance Theater Check",
3534
+ "normalized_name": "compliance-theater-check",
3535
+ "line": 171,
3536
+ "byte_start": 20953,
3537
+ "byte_end": 22755,
3538
+ "bytes": 1802,
3539
+ "h3_count": 0
3540
+ },
3541
+ {
3542
+ "name": "Defensive Countermeasure Mapping",
3543
+ "normalized_name": "defensive-countermeasure-mapping",
3544
+ "line": 182,
3545
+ "byte_start": 22755,
3546
+ "byte_end": 25186,
3547
+ "bytes": 2431,
3548
+ "h3_count": 0
3549
+ },
3550
+ {
3551
+ "name": "Hand-Off / Related Skills",
3552
+ "normalized_name": "hand-off",
3553
+ "line": 195,
3554
+ "byte_start": 25186,
3555
+ "byte_end": 26321,
3556
+ "bytes": 1135,
3557
+ "h3_count": 0
3558
+ }
3559
+ ]
3560
+ },
3561
+ "age-gates-child-safety": {
3562
+ "path": "skills/age-gates-child-safety/skill.md",
3563
+ "total_bytes": 68846,
3564
+ "total_lines": 457,
3565
+ "frontmatter": {
3566
+ "line_start": 1,
3567
+ "line_end": 63,
3568
+ "byte_start": 0,
3569
+ "byte_end": 3073
3570
+ },
3571
+ "sections": [
3572
+ {
3573
+ "name": "Threat Context (mid-2026)",
3574
+ "normalized_name": "threat-context",
3575
+ "line": 67,
3576
+ "byte_start": 3122,
3577
+ "byte_end": 7926,
3578
+ "bytes": 4804,
3579
+ "h3_count": 0
3580
+ },
3581
+ {
3582
+ "name": "Framework Lag Declaration",
3583
+ "normalized_name": "framework-lag-declaration",
3584
+ "line": 86,
3585
+ "byte_start": 7926,
3586
+ "byte_end": 23898,
3587
+ "bytes": 15972,
3588
+ "h3_count": 0
3589
+ },
3590
+ {
3591
+ "name": "TTP Mapping",
3592
+ "normalized_name": "ttp-mapping",
3593
+ "line": 126,
3594
+ "byte_start": 23898,
3595
+ "byte_end": 27218,
3596
+ "bytes": 3320,
3597
+ "h3_count": 0
3598
+ },
3599
+ {
3600
+ "name": "Exploit Availability Matrix",
3601
+ "normalized_name": "exploit-availability-matrix",
3602
+ "line": 141,
3603
+ "byte_start": 27218,
3604
+ "byte_end": 34550,
3605
+ "bytes": 7332,
3606
+ "h3_count": 0
3607
+ },
3608
+ {
3609
+ "name": "Analysis Procedure",
3610
+ "normalized_name": "analysis-procedure",
3611
+ "line": 164,
3612
+ "byte_start": 34550,
3613
+ "byte_end": 48683,
3614
+ "bytes": 14133,
3615
+ "h3_count": 4
3616
+ },
3617
+ {
3618
+ "name": "Output Format",
3619
+ "normalized_name": "output-format",
3620
+ "line": 288,
3621
+ "byte_start": 48683,
3622
+ "byte_end": 53286,
3623
+ "bytes": 4603,
3624
+ "h3_count": 14
3625
+ },
3626
+ {
3627
+ "name": "Compliance Theater Check",
3628
+ "normalized_name": "compliance-theater-check",
3629
+ "line": 369,
3630
+ "byte_start": 53286,
3631
+ "byte_end": 59371,
3632
+ "bytes": 6085,
3633
+ "h3_count": 0
3634
+ },
3635
+ {
3636
+ "name": "Defensive Countermeasure Mapping",
3637
+ "normalized_name": "defensive-countermeasure-mapping",
3638
+ "line": 419,
3639
+ "byte_start": 59371,
3640
+ "byte_end": 64513,
3641
+ "bytes": 5142,
3642
+ "h3_count": 0
3643
+ },
3644
+ {
3645
+ "name": "Hand-Off / Related Skills",
3646
+ "normalized_name": "hand-off",
3647
+ "line": 439,
3648
+ "byte_start": 64513,
3649
+ "byte_end": 68846,
3650
+ "bytes": 4333,
3651
+ "h3_count": 0
3652
+ }
3653
+ ]
3654
+ }
3655
+ }
3656
+ }