@blamejs/exceptd-skills 0.9.1

package/manifest.json

@@ -0,0 +1,2108 @@
+{
+  "name": "exceptd-security",
+  "version": "0.9.1",
+  "description": "AI security skills grounded in mid-2026 threat reality, not stale framework documentation",
+  "homepage": "https://exceptd.com",
+  "license": "Apache-2.0",
+  "atlas_version": "5.1.0",
+  "attack_version": "17",
+  "attack_version_date": "2025-06-25",
+  "threat_review_date": "2026-05-01",
+  "sources_dir": "sources/",
+  "agents_dir": "agents/",
+  "reports_dir": "reports/",
+  "skills": [
+    {
+      "name": "kernel-lpe-triage",
+      "version": "1.0.0",
+      "path": "skills/kernel-lpe-triage/skill.md",
+      "description": "Assess Linux kernel LPE exposure — Copy Fail, Dirty Frag, live-patch vs. reboot remediation",
+      "triggers": [
+        "kernel lpe",
+        "privilege escalation",
+        "copy fail",
+        "dirty frag",
+        "cve-2026-31431",
+        "cve-2026-43284",
+        "linux root",
+        "kernel patch",
+        "live kernel patch"
+      ],
+      "data_deps": [
+        "cve-catalog.json",
+        "exploit-availability.json"
+      ],
+      "atlas_refs": [],
+      "attack_refs": [
+        "T1068",
+        "T1548.001"
+      ],
+      "framework_gaps": [
+        "NIST-800-53-SI-2",
+        "ISO-27001-2022-A.8.8",
+        "PCI-DSS-4.0-6.3.3",
+        "NIS2-Art21-patch-management",
+        "NIST-800-53-SC-8",
+        "CIS-Controls-v8-Control7"
+      ],
+      "rfc_refs": [
+        "RFC-4301",
+        "RFC-4303",
+        "RFC-7296"
+      ],
+      "last_threat_review": "2026-05-01",
+      "signature": "WprHkO1KOjQtCBj6/EJghBTNyNKJhn7O2HDbAQZPi5jn4flwHpSrtP8LC15a4Unoh+xiIIgGhvTHZIQFHGMpBQ==",
+      "signed_at": "2026-05-11T23:30:00.498Z",
+      "cwe_refs": [
+        "CWE-125",
+        "CWE-362",
+        "CWE-416",
+        "CWE-672",
+        "CWE-787"
+      ],
+      "d3fend_refs": [
+        "D3-ASLR",
+        "D3-EAL",
+        "D3-PHRA",
+        "D3-PSEP"
+      ]
+    },
+    {
+      "name": "ai-attack-surface",
+      "version": "1.0.0",
+      "path": "skills/ai-attack-surface/skill.md",
+      "description": "Comprehensive AI/ML attack surface assessment mapped to MITRE ATLAS v5.1.0 with gap flags",
+      "triggers": [
+        "ai attack surface",
+        "prompt injection",
+        "llm security",
+        "ai security assessment",
+        "model security",
+        "ai threat model",
+        "ai red team",
+        "promptsteal",
+        "promptflux"
+      ],
+      "data_deps": [
+        "cve-catalog.json",
+        "atlas-ttps.json",
+        "framework-control-gaps.json"
+      ],
+      "atlas_refs": [
+        "AML.T0043",
+        "AML.T0051",
+        "AML.T0054",
+        "AML.T0020",
+        "AML.T0096",
+        "AML.T0016",
+        "AML.T0017",
+        "AML.T0018"
+      ],
+      "attack_refs": [
+        "T1566",
+        "T1059",
+        "T1190"
+      ],
+      "framework_gaps": [
+        "ALL-AI-PIPELINE-INTEGRITY",
+        "ALL-PROMPT-INJECTION-ACCESS-CONTROL",
+        "ISO-27001-2022-A.8.28",
+        "ISO-IEC-23894-2023-clause-7",
+        "NIST-800-53-AC-2",
+        "NIST-800-53-SI-3",
+        "OWASP-LLM-Top-10-2025-LLM01",
+        "OWASP-LLM-Top-10-2025-LLM02",
+        "SOC2-CC6-logical-access"
+      ],
+      "last_threat_review": "2026-05-01",
+      "signature": "fg20bOXGRkPUdLmegeXpTM4hnzl/ArgcVc88rItZN5DdsnFnzPgUU1PwCI82zooyj2GfxJHYjxNkq5qd2zNPBg==",
+      "signed_at": "2026-05-11T23:30:00.500Z",
+      "cwe_refs": [
+        "CWE-1039",
+        "CWE-1426",
+        "CWE-94"
+      ],
+      "d3fend_refs": [
+        "D3-IOPR",
+        "D3-NTA"
+      ]
+    },
+    {
+      "name": "mcp-agent-trust",
+      "version": "1.0.0",
+      "path": "skills/mcp-agent-trust/skill.md",
+      "description": "Enumerate MCP trust boundary failures — tool allowlisting, signed manifests, bearer auth, zero-interaction RCE",
+      "triggers": [
+        "mcp security",
+        "model context protocol",
+        "agent trust",
+        "tool trust",
+        "mcp rce",
+        "cve-2026-30615",
+        "cursor security",
+        "windsurf security",
+        "claude code security",
+        "ai agent security"
+      ],
+      "data_deps": [
+        "cve-catalog.json",
+        "atlas-ttps.json",
+        "framework-control-gaps.json"
+      ],
+      "atlas_refs": [
+        "AML.T0010",
+        "AML.T0016",
+        "AML.T0096"
+      ],
+      "attack_refs": [
+        "T1195.001",
+        "T1059",
+        "T1190"
+      ],
+      "framework_gaps": [
+        "ALL-MCP-TOOL-TRUST",
+        "ISO-27001-2022-A.8.30",
+        "NIST-800-53-CM-7",
+        "NIST-800-53-SA-12",
+        "OWASP-LLM-Top-10-2025-LLM06",
+        "SOC2-CC9-vendor-management",
+        "SWIFT-CSCF-v2026-1.1"
+      ],
+      "rfc_refs": [
+        "RFC-6749",
+        "RFC-7519",
+        "RFC-8446",
+        "RFC-8725",
+        "RFC-9114",
+        "RFC-9421",
+        "RFC-9700"
+      ],
+      "last_threat_review": "2026-05-01",
+      "signature": "6JuSzkSSFzFHEZ3ANzqjtIbKPOkwJeKhQ+8WAPB4+dTRvDSeg46n3D88XfGaNd2z7pmg/i8p9ZoImQcHFS4BCg==",
+      "signed_at": "2026-05-11T23:30:00.500Z",
+      "cwe_refs": [
+        "CWE-22",
+        "CWE-345",
+        "CWE-352",
+        "CWE-434",
+        "CWE-494",
+        "CWE-77",
+        "CWE-918",
+        "CWE-94"
+      ],
+      "d3fend_refs": [
+        "D3-CBAN",
+        "D3-CSPP",
+        "D3-EAL",
+        "D3-EHB",
+        "D3-MFA"
+      ]
+    },
+    {
+      "name": "framework-gap-analysis",
+      "version": "1.0.0",
+      "path": "skills/framework-gap-analysis/skill.md",
+      "description": "Feed a framework control ID and threat scenario — receive the gap between what the control covers and what current TTPs require",
+      "triggers": [
+        "framework gap",
+        "control gap",
+        "nist gap",
+        "iso 27001 gap",
+        "soc 2 gap",
+        "pci gap",
+        "nis2 gap",
+        "compliance gap",
+        "why doesn't this control cover"
+      ],
+      "data_deps": [
+        "framework-control-gaps.json",
+        "atlas-ttps.json",
+        "cve-catalog.json",
+        "global-frameworks.json"
+      ],
+      "atlas_refs": [],
+      "attack_refs": [],
+      "framework_gaps": [],
+      "last_threat_review": "2026-05-01",
+      "signature": "PYSw9abiYfW+y7IkY8udJG5LSds2a4rMimlw3rrdD0zE3vunEeV/y7oTmDD4o83OqHSCKNzF/7vMhvd/noqICQ==",
+      "signed_at": "2026-05-11T23:30:00.500Z"
+    },
+    {
+      "name": "compliance-theater",
+      "version": "1.0.0",
+      "path": "skills/compliance-theater/skill.md",
+      "description": "Detect where an organization passes an audit but remains exposed — seven documented compliance theater patterns",
+      "triggers": [
+        "compliance theater",
+        "paper compliance",
+        "audit but exposed",
+        "compliant but vulnerable",
+        "compliance gap",
+        "checkbox security",
+        "audit theater"
+      ],
+      "data_deps": [
+        "framework-control-gaps.json",
+        "cve-catalog.json",
+        "exploit-availability.json"
+      ],
+      "atlas_refs": [],
+      "attack_refs": [],
+      "framework_gaps": [
+        "ALL-AI-PIPELINE-INTEGRITY",
+        "ALL-PROMPT-INJECTION-ACCESS-CONTROL",
+        "FedRAMP-Rev5-Moderate",
+        "CMMC-2.0-Level-2"
+      ],
+      "last_threat_review": "2026-05-01",
+      "signature": "BMFmmJYP3HsHIjUqnhw8E3MiMGZJsI/eDq51we+nxUicZ8nFUQT9DhmRntAqOs6BUnsfiQNNLc/rrsNh8yg1CQ==",
+      "signed_at": "2026-05-11T23:30:00.501Z"
+    },
+    {
+      "name": "exploit-scoring",
+      "version": "1.0.0",
+      "path": "skills/exploit-scoring/skill.md",
+      "description": "Real-World Exploit Priority (RWEP) scoring — CVSS plus KEV, PoC, AI-acceleration, blast radius, live-patch factors",
+      "triggers": [
+        "exploit scoring",
+        "rwep",
+        "real world priority",
+        "how bad is this cve",
+        "prioritize cve",
+        "cve priority",
+        "patch priority",
+        "beyond cvss"
+      ],
+      "data_deps": [
+        "cve-catalog.json",
+        "exploit-availability.json"
+      ],
+      "atlas_refs": [],
+      "attack_refs": [],
+      "framework_gaps": [
+        "CWE-Top-25-2024-meta",
+        "CIS-Controls-v8-Control7"
+      ],
+      "last_threat_review": "2026-05-01",
+      "signature": "VGPyDwy5BRlpn1lZthhPB6ytb4ZcU2j0KtCZbaMkyLdMugQJtK2yEuwrsDH4yEtAhTB6/A4B3eSygJckum49Ag==",
+      "signed_at": "2026-05-11T23:30:00.502Z"
+    },
+    {
+      "name": "rag-pipeline-security",
+      "version": "1.0.0",
+      "path": "skills/rag-pipeline-security/skill.md",
+      "description": "RAG-specific threat model — embedding manipulation, vector store poisoning, retrieval filter bypass, indirect prompt injection",
+      "triggers": [
+        "rag security",
+        "retrieval security",
+        "vector store security",
+        "embedding attack",
+        "rag threat model",
+        "knowledge base security",
+        "vector poisoning"
+      ],
+      "data_deps": [
+        "atlas-ttps.json",
+        "framework-control-gaps.json"
+      ],
+      "atlas_refs": [
+        "AML.T0020",
+        "AML.T0043",
+        "AML.T0051",
+        "AML.T0054"
+      ],
+      "attack_refs": [
+        "T1565"
+      ],
+      "framework_gaps": [
+        "ISO-27001-2022-A.8.28",
+        "NIST-800-53-SI-12",
+        "NIST-AI-RMF-MEASURE-2.5",
+        "OWASP-LLM-Top-10-2025-LLM08"
+      ],
+      "last_threat_review": "2026-05-01",
+      "signature": "XkFGpsNnXBVslkQ48usEu9l1LjPiV2ppW+M4B63zXFBP2Puh52qYCffEPjUHYhoO5bjgTM7yCbK8XF/Dzk5wBw==",
+      "signed_at": "2026-05-11T23:30:00.502Z",
+      "cwe_refs": [
+        "CWE-1395",
+        "CWE-1426"
+      ],
+      "d3fend_refs": [
+        "D3-CSPP",
+        "D3-IOPR",
+        "D3-NTA"
+      ]
+    },
+    {
+      "name": "ai-c2-detection",
+      "version": "1.0.0",
+      "path": "skills/ai-c2-detection/skill.md",
+      "description": "Detect adversary use of AI APIs as covert C2 — SesameOp pattern, PROMPTFLUX/PROMPTSTEAL behavioral signatures",
+      "triggers": [
+        "ai c2",
+        "ai command and control",
+        "sesameop",
+        "promptflux",
+        "promptsteal",
+        "ai api abuse",
+        "llm c2",
+        "covert channel ai",
+        "aml.t0096"
+      ],
+      "data_deps": [
+        "atlas-ttps.json",
+        "cve-catalog.json",
+        "framework-control-gaps.json"
+      ],
+      "atlas_refs": [
+        "AML.T0096",
+        "AML.T0017"
+      ],
+      "attack_refs": [
+        "T1071",
+        "T1102",
+        "T1568"
+      ],
+      "framework_gaps": [
+        "NIST-800-53-SI-3",
+        "NIST-800-53-SC-7",
+        "ISO-27001-2022-A.8.16",
+        "SOC2-CC7-anomaly-detection"
+      ],
+      "rfc_refs": [
+        "RFC-8446",
+        "RFC-9180",
+        "RFC-9458",
+        "RFC-9421",
+        "RFC-9114",
+        "RFC-9000"
+      ],
+      "last_threat_review": "2026-05-01",
+      "signature": "1Xqy7Kxxy6GpTvuYJPdllPzVDRFxb7N6AuxKuoaO4v91CiZLmiXt0sTIWImKJ3p9Eup6rJNDdsY71dolFhHNBA==",
+      "signed_at": "2026-05-11T23:30:00.502Z",
+      "d3fend_refs": [
+        "D3-CA",
+        "D3-CSPP",
+        "D3-DA",
+        "D3-IOPR",
+        "D3-NI",
+        "D3-NTA",
+        "D3-NTPM"
+      ]
+    },
+    {
+      "name": "policy-exception-gen",
+      "version": "1.0.0",
+      "path": "skills/policy-exception-gen/skill.md",
+      "description": "Generate defensible policy exceptions for architectural realities — ephemeral infra, AI pipelines, ZTA, no-reboot patching",
+      "triggers": [
+        "policy exception",
+        "exception request",
+        "control exception",
+        "ephemeral exception",
+        "serverless exception",
+        "ai pipeline exception",
+        "zero trust exception",
+        "compensating control"
+      ],
+      "data_deps": [
+        "framework-control-gaps.json",
+        "global-frameworks.json"
+      ],
+      "atlas_refs": [],
+      "attack_refs": [],
+      "framework_gaps": [],
+      "last_threat_review": "2026-05-01",
+      "signature": "QNLOmAL54S/Cmk4cdO4L2BCGkqZ/FgY4UBsKWtg/EEW+YXF5ev+a8XsUT8q5veuUa2VYcYna7rD1iAnE+2PDBA==",
+      "signed_at": "2026-05-11T23:30:00.502Z",
+      "cwe_refs": [
+        "CWE-1188"
+      ]
+    },
+    {
+      "name": "threat-model-currency",
+      "version": "1.0.0",
+      "path": "skills/threat-model-currency/skill.md",
+      "description": "Score how current an org's threat model is against 2026 reality — 14-item checklist, currency percentage, prioritized update roadmap",
+      "triggers": [
+        "threat model currency",
+        "update threat model",
+        "threat model review",
+        "is our threat model current",
+        "threat model gap",
+        "threat intelligence gap"
+      ],
+      "data_deps": [
+        "atlas-ttps.json",
+        "cve-catalog.json",
+        "framework-control-gaps.json"
+      ],
+      "atlas_refs": [],
+      "attack_refs": [],
+      "framework_gaps": [],
+      "last_threat_review": "2026-05-01",
+      "signature": "aFHq4cSl3CKchnVITxx+BrAEWD33WtFFJoQtwAug5g9R3/3ABtjaXYGVQaZcdcG1AIZkMoGSPywgLQWDY7ZDCw==",
+      "signed_at": "2026-05-11T23:30:00.503Z"
+    },
+    {
+      "name": "global-grc",
+      "version": "1.0.0",
+      "path": "skills/global-grc/skill.md",
+      "description": "Multi-jurisdiction GRC mapping — EU (GDPR/NIS2/DORA/EU AI Act/CRA), UK, AU, SG, JP, IN, CA, ISO 27001:2022, CSA CCM v4",
+      "triggers": [
+        "global grc",
+        "international compliance",
+        "gdpr security",
+        "nis2",
+        "dora compliance",
+        "eu ai act",
+        "cyber resilience act",
+        "mas trm",
+        "cert-in",
+        "essential 8",
+        "apra cps 234",
+        "multi-jurisdiction",
+        "global compliance"
+      ],
+      "data_deps": [
+        "global-frameworks.json",
+        "framework-control-gaps.json",
+        "atlas-ttps.json"
+      ],
+      "atlas_refs": [],
+      "attack_refs": [],
+      "framework_gaps": [],
+      "last_threat_review": "2026-05-01",
+      "signature": "viCTUWdy6euvd2KTAo6sLvarK/FZkDtYGocxBt0H+fY94kLQGW8K5cSpqIWdUF5NUytSHBCiG4YcSze8P9Z/BQ==",
+      "signed_at": "2026-05-11T23:30:00.503Z"
+    },
+    {
+      "name": "zeroday-gap-learn",
+      "version": "1.0.0",
+      "path": "skills/zeroday-gap-learn/skill.md",
+      "description": "Run the zero-day learning loop — CVE to attack vector to control gap to framework gap to new control requirement",
+      "triggers": [
+        "zero day lesson",
+        "zeroday gap",
+        "what control gap enabled this",
+        "learn from exploit",
+        "exploit to control gap",
+        "what should have caught this",
+        "0day learning"
+      ],
+      "data_deps": [
+        "cve-catalog.json",
+        "zeroday-lessons.json",
+        "framework-control-gaps.json",
+        "atlas-ttps.json"
+      ],
+      "atlas_refs": [],
+      "attack_refs": [],
+      "framework_gaps": [],
+      "last_threat_review": "2026-05-01",
+      "signature": "6PkUaHQi3Hxuqq/Jp4GYckvfqVEofmeT87NUH0T+pwyjlc+xZkoqNPn65f7ldciEPL86JIPi3/dDTKQbIFFBCw==",
+      "signed_at": "2026-05-11T23:30:00.503Z"
+    },
+    {
+      "name": "pqc-first",
+      "version": "1.0.0",
+      "path": "skills/pqc-first/skill.md",
+      "description": "Post-quantum cryptography first mentality — hard version gates (OpenSSL 3.5+), algorithm sunset tracking, HNDL assessment, loopback learning for NIST/IETF evolution",
+      "triggers": [
+        "pqc",
+        "post-quantum",
+        "quantum cryptography",
+        "quantum safe",
+        "ml-kem",
+        "ml-dsa",
+        "slh-dsa",
+        "harvest now decrypt later",
+        "quantum migration",
+        "crypto migration",
+        "openssl pqc",
+        "fips 203",
+        "fips 204",
+        "fips 205"
+      ],
+      "data_deps": [
+        "cve-catalog.json",
+        "framework-control-gaps.json"
+      ],
+      "atlas_refs": [],
+      "attack_refs": [],
+      "framework_gaps": [
+        "NIST-800-53-SC-8",
+        "NIST-800-53-SC-28"
+      ],
+      "rfc_refs": [
+        "RFC-8446",
+        "DRAFT-IETF-TLS-ECDHE-MLKEM",
+        "DRAFT-IETF-TLS-HYBRID-DESIGN",
+        "RFC-9180",
+        "RFC-9420",
+        "RFC-9794",
+        "RFC-8032",
+        "RFC-9106"
+      ],
+      "forward_watch": [
+        "FIPS 206 (HQC) finalization",
+        "X25519+ML-KEM TLS RFC publication",
+        "OpenSSL FIPS 140-3 certification",
+        "ENISA PQC mandate",
+        "CRQC timeline estimate changes"
+      ],
+      "last_threat_review": "2026-05-01",
+      "signature": "ZenFTEzWx+DzrSXlNXhbZ70vOdJSXfrnKkAwqMlBf5nlDf38V1/hG4XCKj43snQXWr4mVJOX6ilqFLTYNIjnBw==",
+      "signed_at": "2026-05-11T23:30:00.504Z",
+      "cwe_refs": [
+        "CWE-327"
+      ],
+      "d3fend_refs": [
+        "D3-FE",
+        "D3-MENCR"
+      ]
+    },
+    {
+      "name": "skill-update-loop",
+      "version": "1.0.0",
+      "path": "skills/skill-update-loop/skill.md",
+      "description": "Meta-skill for keeping all exceptd skills current — CISA KEV triggers, ATLAS version updates, framework amendments, forward_watch resolution, currency scoring",
+      "triggers": [
+        "update skills",
+        "skill review",
+        "check skill currency",
+        "forward watch",
+        "are skills current",
+        "update threat intel",
+        "skill maintenance",
+        "new cve update",
+        "atlas update",
+        "framework update"
+      ],
+      "data_deps": [
+        "cve-catalog.json",
+        "atlas-ttps.json",
+        "framework-control-gaps.json",
+        "global-frameworks.json",
+        "zeroday-lessons.json",
+        "exploit-availability.json"
+      ],
+      "atlas_refs": [],
+      "attack_refs": [],
+      "framework_gaps": [],
+      "forward_watch": [
+        "MITRE ATLAS version releases",
+        "CISA KEV additions",
+        "NIST PQC standards finalization",
+        "Major kernel CVEs",
+        "AI/MCP platform CVEs",
+        "Framework publication updates"
+      ],
+      "last_threat_review": "2026-05-01",
+      "signature": "ih0vpd2v2zS31JSJv7SnABoya8JlJdrXZXx4rBnrsV3Assj+dbjAP0pQ1HMT/5RX8yTTswRQsg0bJV3qmbJ3Bw==",
+      "signed_at": "2026-05-11T23:30:00.504Z"
+    },
+    {
+      "name": "security-maturity-tiers",
+      "version": "1.0.0",
+      "path": "skills/security-maturity-tiers/skill.md",
+      "description": "Three-tier implementation roadmap — MVP (ship this week), Practical (scalable today), Overkill (defense-in-depth)",
+      "triggers": [
+        "security maturity",
+        "implementation roadmap",
+        "what should we do first",
+        "security tiers",
+        "mvp security",
+        "where to start",
+        "security roadmap",
+        "minimum viable security",
+        "what's practical",
+        "security best practices",
+        "defense in depth",
+        "how do we get from here to there"
+      ],
+      "data_deps": [
+        "cve-catalog.json",
+        "framework-control-gaps.json",
+        "global-frameworks.json"
+      ],
+      "atlas_refs": [],
+      "attack_refs": [],
+      "framework_gaps": [],
+      "forward_watch": [
+        "New attack classes that change MVP requirements (especially zero-interaction RCE)",
+        "Framework updates that change minimum compliance baselines",
+        "New tooling that makes higher tiers more accessible",
+        "PQC tooling maturity shifting overkill to practical"
+      ],
+      "last_threat_review": "2026-05-01",
+      "signature": "Lv8dHiwIqUbNsywCCB/+pYWGF+MHCvxVn1IAvR7Cnif5fy0sICv0N4SVsSb621qAAkHNshpfxqwuhbuQnE1TBA==",
+      "signed_at": "2026-05-11T23:30:00.505Z",
+      "cwe_refs": [
+        "CWE-1188"
+      ]
+    },
+    {
+      "name": "researcher",
+      "version": "1.0.0",
+      "path": "skills/researcher/skill.md",
+      "description": "Triage entry-point for raw threat intel — researches an input across all exceptd data catalogs, RWEP-scores it, and routes the operator to the right specialized skill(s)",
+      "triggers": [
+        "research this cve",
+        "what should I do about",
+        "new threat",
+        "new advisory",
+        "new exploit",
+        "triage threat",
+        "where do I start",
+        "which skill should I use",
+        "threat intel triage",
+        "exceptd research"
+      ],
+      "data_deps": [
+        "cve-catalog.json",
+        "atlas-ttps.json",
+        "framework-control-gaps.json",
+        "zeroday-lessons.json",
+        "exploit-availability.json",
+        "global-frameworks.json"
+      ],
+      "atlas_refs": [],
+      "attack_refs": [],
+      "framework_gaps": [],
+      "last_threat_review": "2026-05-11",
+      "signature": "BS+wrL28HHYhBpe+v84VLoq9KPBXu6alfG968katfGIoLNYQueaHP931bRmlkrjfeb6qbDf067GWdPEh7nroAw==",
+      "signed_at": "2026-05-11T23:30:00.505Z"
+    },
+    {
+      "name": "attack-surface-pentest",
+      "version": "1.0.0",
+      "path": "skills/attack-surface-pentest/skill.md",
+      "description": "Modern attack surface management + pen testing methodology for AI-era environments — NIST 800-115, OWASP WSTG, PTES, ATT&CK-driven adversary emulation, TIBER-EU",
+      "triggers": [
+        "attack surface",
+        "pen test",
+        "penetration testing",
+        "red team",
+        "adversary emulation",
+        "threat-led testing",
+        "tlpt",
+        "tiber-eu",
+        "asset inventory",
+        "external footprint",
+        "asm"
+      ],
+      "data_deps": [
+        "cve-catalog.json",
+        "atlas-ttps.json",
+        "framework-control-gaps.json",
+        "cwe-catalog.json",
+        "d3fend-catalog.json"
+      ],
+      "atlas_refs": [
+        "AML.T0043",
+        "AML.T0051",
+        "AML.T0010"
+      ],
+      "attack_refs": [
+        "T1190",
+        "T1133",
+        "T1059",
+        "T1078"
+      ],
+      "framework_gaps": [
+        "NIST-800-115",
+        "OWASP-Pen-Testing-Guide-v5",
+        "PTES-Pre-engagement",
+        "NIS2-Art21-patch-management"
+      ],
+      "rfc_refs": [],
+      "cwe_refs": [
+        "CWE-1395",
+        "CWE-22",
+        "CWE-269",
+        "CWE-352",
+        "CWE-434",
+        "CWE-732",
+        "CWE-78",
+        "CWE-787",
+        "CWE-79",
+        "CWE-89",
+        "CWE-918"
+      ],
+      "d3fend_refs": [
+        "D3-CSPP",
+        "D3-EAL",
+        "D3-NTA"
+      ],
+      "last_threat_review": "2026-05-11",
+      "forward_watch": [
+        "NIST SP 800-115 successor publication (the 2008 original is the active gap)",
+        "TIBER-EU scenario library refresh under DORA Year-2 supervisory cycle",
+        "OWASP WSTG v5.x AI/MCP test cases (currently in working-group draft)",
+        "PTES revision incorporating AI-surface enumeration"
+      ],
+      "signature": "vLhIYT/CC3IzxMRa+UPeqGSZTvthuwUeTMGNFMm37+TaEk0TtfwPrPyrBJLHw4W6Wt7+pufjHs46X3nTgzoRAg==",
+      "signed_at": "2026-05-11T23:30:00.505Z"
+    },
+    {
+      "name": "fuzz-testing-strategy",
+      "version": "1.0.0",
+      "path": "skills/fuzz-testing-strategy/skill.md",
+      "description": "Continuous fuzzing as a security control — coverage-guided fuzz (AFL++/libFuzzer), AI-assisted fuzz, OSS-Fuzz integration, kernel fuzz (syzkaller), AI-API fuzz, integration into CI/CD as compliance evidence",
+      "triggers": [
+        "fuzz testing",
+        "fuzzing",
+        "oss-fuzz",
+        "syzkaller",
+        "libfuzzer",
+        "afl",
+        "coverage-guided fuzz",
+        "ai-assisted fuzz",
+        "continuous fuzz",
+        "prompt fuzz",
+        "api fuzz"
+      ],
+      "data_deps": [
+        "cve-catalog.json",
+        "atlas-ttps.json",
+        "framework-control-gaps.json",
+        "cwe-catalog.json",
+        "d3fend-catalog.json"
+      ],
+      "atlas_refs": [
+        "AML.T0043"
+      ],
+      "attack_refs": [
+        "T1190"
+      ],
+      "framework_gaps": [
+        "NIST-800-218-SSDF",
+        "NIST-800-115",
+        "OWASP-ASVS-v5.0-V14"
+      ],
+      "rfc_refs": [],
+      "cwe_refs": [
+        "CWE-125",
+        "CWE-20",
+        "CWE-362",
+        "CWE-416",
+        "CWE-78",
+        "CWE-787"
+      ],
+      "d3fend_refs": [
+        "D3-EAL",
+        "D3-IOPR",
+        "D3-PSEP"
+      ],
+      "last_threat_review": "2026-05-11",
+      "forward_watch": [
+        "NIST SP 800-218A (AI-specific SSDF practices) for any explicit fuzz requirement on model-serving stacks",
+        "OpenSSF Scorecard \"fuzzing\" check threshold evolution",
+        "syzkaller eBPF and io_uring surface expansion as new kernel attack surfaces ship",
+        "OSS-Fuzz-Gen / AI-assisted harness generation becoming the default expectation for OSS maintainers"
+      ],
+      "signature": "TOcQLy/427cuf0Lw90J7A0oIeuhUmf9NXb6tOUS5K3SazCKTJujPgYSVAPZOYf1zZrRAY/aq0iqELd5cLyk5DA==",
+      "signed_at": "2026-05-11T23:30:00.506Z"
+    },
+    {
+      "name": "dlp-gap-analysis",
+      "version": "1.0.0",
+      "path": "skills/dlp-gap-analysis/skill.md",
+      "description": "DLP gap analysis for mid-2026 — legacy DLP misses LLM prompts, MCP tool args, RAG retrievals, embedding-store exfil, and code-completion telemetry. Audit channels, classifiers, protected surfaces, enforcement actions, and evidence trails against modern threat reality and cross-jurisdictional privacy regimes",
+      "triggers": [
+        "dlp",
+        "data loss prevention",
+        "data leak",
+        "egress",
+        "exfiltration",
+        "data classification",
+        "llm dlp",
+        "prompt dlp",
+        "rag exfil",
+        "copilot data leak",
+        "data exfiltration",
+        "mcp tool arg dlp",
+        "embedding store exfil",
+        "clipboard ai paste"
+      ],
+      "data_deps": [
+        "dlp-controls.json",
+        "cve-catalog.json",
+        "atlas-ttps.json",
+        "framework-control-gaps.json",
+        "global-frameworks.json",
+        "cwe-catalog.json",
+        "d3fend-catalog.json"
+      ],
+      "atlas_refs": [
+        "AML.T0096",
+        "AML.T0017",
+        "AML.T0051"
+      ],
+      "attack_refs": [
+        "T1567",
+        "T1530",
+        "T1213",
+        "T1041"
+      ],
+      "framework_gaps": [
+        "NIST-800-53-SC-7",
+        "ISO-27001-2022-A.8.16",
+        "ISO-IEC-42001-2023-clause-6.1.2",
+        "HIPAA-Security-Rule-164.312(a)(1)",
+        "SOC2-CC7-anomaly-detection",
+        "NIST-800-53-SC-28"
+      ],
+      "rfc_refs": [
+        "RFC-8446",
+        "RFC-9458"
+      ],
+      "cwe_refs": [
+        "CWE-1426",
+        "CWE-200"
+      ],
+      "d3fend_refs": [
+        "D3-CSPP",
+        "D3-EAL",
+        "D3-IOPR",
+        "D3-NTA",
+        "D3-NTPM"
+      ],
+      "last_threat_review": "2026-05-11",
+      "forward_watch": [
+        "EU AI Office secondary legislation under EU AI Act Art 10 / Art 15 that may operationalise inference-time data-flow controls",
+        "ISO/IEC 42001 amendments expected 2026-2027 likely to add prescriptive data-flow guidance for AI systems",
+        "Microsoft Purview AI Hub, Nightfall, Netskope GenAI, Cloudflare AI Gateway feature deltas — SDK-level prompt capture coverage is the differentiator",
+        "MCP gateway / proxy standardisation (Anthropic enterprise MCP gateway, Portkey MCP) — tool-call argument inspection is the missing primary control",
+        "Quebec Law 25, India DPDPA, KSA PDPL enforcement actions naming AI-tool prompt data as in-scope personal information"
+      ],
+      "signature": "u4IN7escQa5V+OgdtaJXLdvhmNiGZsdmGOvebTLZ30WoImT+WiksvaqSa0POGdbr6HzFkALe2RrZEH9Tr0U6Dg==",
+      "signed_at": "2026-05-11T23:30:00.506Z"
+    },
+    {
+      "name": "supply-chain-integrity",
+      "version": "1.0.0",
+      "path": "skills/supply-chain-integrity/skill.md",
+      "description": "Supply-chain integrity for mid-2026 — SLSA L3+, in-toto attestations, Sigstore signing, SBOM (CycloneDX/SPDX), VEX via CSAF 2.0, AI-generated code provenance, model weights as supply-chain artifacts",
+      "triggers": [
+        "supply chain",
+        "slsa",
+        "sbom",
+        "vex",
+        "sigstore",
+        "cosign",
+        "in-toto",
+        "cyclonedx",
+        "spdx",
+        "software composition",
+        "model provenance",
+        "ai bom",
+        "aibom",
+        "csaf"
+      ],
+      "data_deps": [
+        "cve-catalog.json",
+        "atlas-ttps.json",
+        "framework-control-gaps.json",
+        "rfc-references.json",
+        "cwe-catalog.json",
+        "d3fend-catalog.json"
+      ],
+      "atlas_refs": [
+        "AML.T0010",
+        "AML.T0018"
+      ],
+      "attack_refs": [
+        "T1195.001",
+        "T1195.002",
+        "T1554"
+      ],
+      "framework_gaps": [
+        "NIST-800-218-SSDF",
+        "SLSA-v1.0-Build-L3",
+        "VEX-CSAF-v2.1",
+        "CycloneDX-v1.6-SBOM",
+        "SPDX-v3.0-SBOM",
+        "NIST-800-53-SA-12",
+        "HITRUST-CSF-v11.4-09.l",
+        "SWIFT-CSCF-v2026-1.1",
+        "FedRAMP-Rev5-Moderate",
+        "CMMC-2.0-Level-2"
+      ],
+      "rfc_refs": [
+        "RFC-8032"
+      ],
+      "cwe_refs": [
+        "CWE-1357",
+        "CWE-1395",
+        "CWE-494",
+        "CWE-502",
+        "CWE-829"
+      ],
+      "d3fend_refs": [
+        "D3-CBAN",
+        "D3-EAL",
+        "D3-EHB"
+      ],
+      "last_threat_review": "2026-05-11",
+      "forward_watch": [
+        "SLSA v1.1 (draft) — adds attestation chain requirements above L3 and a hardened-builder profile; track for re-baselining",
+        "CSAF 2.1 finalization — VEX status vocabulary expansion and machine-readable advisory pivoting",
+        "CycloneDX 1.7 — ML-BOM enrichment, model card embedding, training-data lineage fields",
+        "SPDX 3.1 — AI profile maturation, dataset provenance schema stabilization",
+        "EU CRA (Regulation 2024/2847) — implementing acts for technical documentation and SBOM submission expected through 2027",
+        "OpenSSF model-signing — emerging Sigstore-based signing standard for ML model weights; track for production adoption"
+      ],
+      "signature": "eTGQJ3gnG24WggfwuFNNIFOWV/ttPxTa3pvx9OH28m5KDS1a4ZmOR7K8y01wk/su8bH0ClYYRfoBfKQOtRswAg==",
+      "signed_at": "2026-05-11T23:30:00.506Z"
+    },
+    {
+      "name": "defensive-countermeasure-mapping",
+      "version": "1.0.0",
+      "path": "skills/defensive-countermeasure-mapping/skill.md",
+      "description": "Map offensive findings (CVE / TTP / framework gap) to MITRE D3FEND defensive countermeasures with explicit defense-in-depth, least-privilege, and zero-trust layering",
+      "triggers": [
+        "defensive mapping",
+        "d3fend",
+        "countermeasure",
+        "blue team",
+        "defense in depth",
+        "least privilege",
+        "zero trust",
+        "control mapping",
+        "mitigation",
+        "defensive coverage",
+        "blue team map"
+      ],
+      "data_deps": [
+        "d3fend-catalog.json",
+        "atlas-ttps.json",
+        "cve-catalog.json",
+        "framework-control-gaps.json",
+        "cwe-catalog.json",
+        "dlp-controls.json"
+      ],
+      "atlas_refs": [],
+      "attack_refs": [],
+      "framework_gaps": [],
+      "rfc_refs": [],
+      "cwe_refs": [],
+      "d3fend_refs": [
+        "D3-ASLR",
+        "D3-CA",
+        "D3-CBAN",
+        "D3-CSPP",
+        "D3-DA",
+        "D3-EAL",
+        "D3-EHB",
+        "D3-FAPA",
+        "D3-FE",
+        "D3-IOPR",
+        "D3-MENCR",
+        "D3-MFA",
+        "D3-NI",
+        "D3-NTA",
+        "D3-NTPM",
+        "D3-PA",
+        "D3-PHRA",
+        "D3-PSEP",
+        "D3-RPA",
+        "D3-SCP"
+      ],
+      "last_threat_review": "2026-05-11",
+      "signature": "q7gFLPoqf/8bqATR6gt/nj0EoyUOlfzi+bZ0bT3pC9KW7O6M/ji9fT+AXSGNp6PKd+70ACb3mkMGmWgjLpQXCg==",
+      "signed_at": "2026-05-11T23:30:00.506Z"
+    },
+    {
+      "name": "identity-assurance",
+      "version": "1.0.0",
+      "path": "skills/identity-assurance/skill.md",
+      "description": "Identity assurance for mid-2026 — NIST 800-63 AAL/IAL/FAL, FIDO2/WebAuthn passkeys, OIDC/SAML/SCIM, agent-as-principal identity, short-lived workload tokens, OAuth 2.0 + RFC 9700 BCP",
+      "triggers": [
+        "identity assurance",
+        "aal",
+        "ial",
+        "fal",
+        "nist 800-63",
+        "fido2",
+        "webauthn",
+        "passkey",
+        "oidc",
+        "saml",
+        "scim",
+        "agent identity",
+        "workload identity",
+        "service account",
+        "federation",
+        "phishing-resistant"
+      ],
+      "data_deps": [
+        "cve-catalog.json",
+        "atlas-ttps.json",
+        "framework-control-gaps.json",
+        "cwe-catalog.json",
+        "d3fend-catalog.json",
+        "rfc-references.json"
+      ],
+      "atlas_refs": [
+        "AML.T0051"
+      ],
+      "attack_refs": [
+        "T1078",
+        "T1556",
+        "T1110"
+      ],
+      "framework_gaps": [
+        "NIST-800-63B-rev4",
+        "NIST-800-53-AC-2",
+        "ISO-27001-2022-A.8.30",
+        "SOC2-CC6-logical-access",
+        "PSD2-RTS-SCA"
+      ],
+      "rfc_refs": [
+        "RFC-7519",
+        "RFC-8725",
+        "RFC-6749",
+        "RFC-9700",
+        "RFC-8032"
+      ],
+      "cwe_refs": [
+        "CWE-269",
+        "CWE-287",
+        "CWE-306",
+        "CWE-732",
+        "CWE-798",
+        "CWE-862",
+        "CWE-863"
+      ],
+      "d3fend_refs": [],
+      "last_threat_review": "2026-05-11",
+      "signature": "pX8rhrrzuyG3iRrPORLqTZAjzGdWK/bKPUGJG5WHSZcv4LB0kQXOit4sHG0exdXxI6HY8jyX67QY4r5vEHHACw==",
+      "signed_at": "2026-05-11T23:30:00.507Z"
+    },
+    {
+      "name": "ot-ics-security",
+      "version": "1.0.0",
+      "path": "skills/ot-ics-security/skill.md",
+      "description": "OT / ICS security for mid-2026 — NIST 800-82r3, IEC 62443-3-3, NERC CIP, IT/OT convergence risks, AI-augmented HMI threats, ICS-specific TTPs (ATT&CK for ICS)",
+      "triggers": [
+        "ot security",
+        "ics security",
+        "scada",
+        "plc security",
+        "operational technology",
+        "industrial control",
+        "iec 62443",
+        "nist 800-82",
+        "nerc cip",
+        "it ot convergence",
+        "hmi security",
+        "air gap",
+        "level 0",
+        "level 1",
+        "purdue"
+      ],
+      "data_deps": [
+        "cve-catalog.json",
+        "atlas-ttps.json",
+        "framework-control-gaps.json",
+        "cwe-catalog.json",
+        "d3fend-catalog.json"
+      ],
+      "atlas_refs": [
+        "AML.T0010"
+      ],
+      "attack_refs": [
+        "T0855",
+        "T0883",
+        "T1190",
+        "T1068"
+      ],
+      "framework_gaps": [
+        "NIST-800-82r3",
+        "IEC-62443-3-3",
+        "NERC-CIP-007-6-R4",
+        "NIS2-Art21-patch-management"
+      ],
+      "rfc_refs": [],
+      "cwe_refs": [
+        "CWE-287",
+        "CWE-798",
+        "CWE-306",
+        "CWE-1037"
+      ],
+      "d3fend_refs": [],
+      "last_threat_review": "2026-05-11",
+      "signature": "ypb8kNZQRdyu5mWeveB7sjCjNKXS1yXvjDJv88muzwhOs/a4Fu/Gb532js5NKyy+eCw/emrphpTZaL8R9a2lBA==",
+      "signed_at": "2026-05-11T23:30:00.507Z"
+    },
+    {
+      "name": "coordinated-vuln-disclosure",
+      "version": "1.0.0",
+      "path": "skills/coordinated-vuln-disclosure/skill.md",
+      "description": "Coordinated Vulnerability Disclosure for mid-2026 — ISO 29147 (disclosure) + ISO 30111 (handling) + VDP + bug bounty + CSAF 2.0 advisories + security.txt + EU CRA / NIS2 regulator-mandated disclosure + AI vulnerability classes",
+      "triggers": [
+        "cvd",
+        "coordinated vulnerability disclosure",
+        "vdp",
+        "vulnerability disclosure program",
+        "bug bounty",
+        "responsible disclosure",
+        "iso 29147",
+        "iso 30111",
+        "csaf",
+        "security.txt",
+        "90-day disclosure",
+        "project zero"
+      ],
+      "data_deps": [
+        "cve-catalog.json",
+        "atlas-ttps.json",
+        "framework-control-gaps.json",
+        "zeroday-lessons.json",
+        "rfc-references.json",
+        "cwe-catalog.json",
+        "d3fend-catalog.json"
+      ],
+      "atlas_refs": [],
+      "attack_refs": [],
+      "framework_gaps": [
+        "NIST-800-218-SSDF",
+        "ISO-27001-2022-A.8.8",
+        "SOC2-CC9-vendor-management"
+      ],
+      "rfc_refs": [],
+      "cwe_refs": [
+        "CWE-1357"
+      ],
+      "d3fend_refs": [],
+      "last_threat_review": "2026-05-11",
+      "forward_watch": [
+        "EU CRA Art. 11 implementing regulations and ENISA single-reporting-platform rollout (target operational 2026-09; first manufacturer notifications due 2027-12 per CRA transition timeline)",
+        "ISO/IEC 29147 and ISO/IEC 30111 revisions expected post-CRA to align \"method-neutral\" language with EU 24h-notification reality",
+        "CSAF 2.1 draft (CISA + OASIS working group) — VEX status profile extensions for AI/ML components and SBOM-aligned advisory shape",
+        "Forthcoming IETF work on AI vulnerability disclosure (proposed BoF under SECDISPATCH) and any update to RFC 9116 (security.txt) covering AI/model artifact disclosure endpoints",
+        "UK NCSC Vulnerability Disclosure Toolkit revisions and AU ISM CVD guidance updates",
+        "NYDFS 23 NYCRR 500 amendments potentially adding explicit CVD program requirements"
+      ],
+      "signature": "346Lt+277ycRNsyAOGwLSONi4awgxKy3hP9G+BWjwaa8ySmTeqbYsbyyhtxjeohk9bV2SF+Hl2q4JdSvc/2qCQ==",
+      "signed_at": "2026-05-11T23:30:00.507Z"
+    },
+    {
+      "name": "threat-modeling-methodology",
+      "version": "1.0.0",
+      "path": "skills/threat-modeling-methodology/skill.md",
+      "description": "Threat modeling methodologies for mid-2026 — STRIDE, PASTA, LINDDUN (privacy), Cyber Kill Chain, Diamond Model, MITRE Unified Kill Chain, AI-system threat modeling, agent-based threat modeling",
+      "triggers": [
+        "threat model",
+        "threat modeling",
+        "stride",
+        "pasta",
+        "linddun",
+        "kill chain",
+        "diamond model",
+        "unified kill chain",
+        "attack tree",
+        "threat modeling methodology",
+        "data flow diagram",
+        "dfd",
+        "trust boundary"
+      ],
+      "data_deps": [
+        "atlas-ttps.json",
+        "framework-control-gaps.json",
+        "cve-catalog.json",
+        "cwe-catalog.json",
+        "d3fend-catalog.json"
+      ],
+      "atlas_refs": [],
+      "attack_refs": [],
+      "framework_gaps": [
+        "ISO-27001-2022-A.8.28",
+        "ISO-IEC-23894-2023-clause-7",
+        "ISO-IEC-42001-2023-clause-6.1.2",
+        "NIST-800-218-SSDF"
+      ],
+      "rfc_refs": [],
+      "cwe_refs": [],
+      "d3fend_refs": [],
+      "last_threat_review": "2026-05-11",
+      "forward_watch": [
+        "ISO/IEC 27005 revision integrating AI-system threats",
+        "OWASP Threat Modeling Manifesto v2 (post-2020)",
+        "MITRE ATLAS v6 publication and any methodology guidance attached",
+        "Unified Kill Chain successor revision (Pols, post-v3.0)",
+        "LINDDUN-GO and LINDDUN-PRO updates incorporating LLM privacy threats",
+        "PASTA v2 updates incorporating AI/ML application threats"
+      ],
+      "signature": "ewTvG5vu3ngFHyXgBur5vSKDFQsOZx0x79djGMricl7LCvQf5//OG6LZKXa+AOuEq58prRS+HgzrFA1DiTfeCQ==",
+      "signed_at": "2026-05-11T23:30:00.508Z"
+    },
+    {
+      "name": "webapp-security",
+      "version": "1.0.0",
+      "path": "skills/webapp-security/skill.md",
+      "description": "Web application security for mid-2026 — OWASP Top 10 2025, OWASP ASVS v5, CWE root-cause coverage, AI-generated code weakness drift, server-rendered vs SPA tradeoffs, defense-in-depth across the request lifecycle",
+      "triggers": [
+        "webapp security",
+        "web application security",
+        "owasp top 10",
+        "owasp asvs",
+        "xss",
+        "csrf",
+        "sqli",
+        "sql injection",
+        "path traversal",
+        "ssrf",
+        "file upload",
+        "command injection",
+        "unsafe deserialization",
+        "broken access control",
+        "ai generated code"
+      ],
+      "data_deps": [
+        "cve-catalog.json",
+        "atlas-ttps.json",
+        "framework-control-gaps.json",
+        "cwe-catalog.json",
+        "d3fend-catalog.json",
+        "rfc-references.json"
+      ],
+      "atlas_refs": [
+        "AML.T0051"
+      ],
+      "attack_refs": [
+        "T1190",
+        "T1059",
+        "T1505"
+      ],
+      "framework_gaps": [
+        "OWASP-ASVS-v5.0-V14",
+        "OWASP-LLM-Top-10-2025-LLM01",
+        "NIST-800-218-SSDF",
+        "ISO-27001-2022-A.8.28"
+      ],
+      "rfc_refs": [
+        "RFC-8446",
+        "RFC-9114",
+        "RFC-7519",
+        "RFC-8725"
+      ],
+      "cwe_refs": [
+        "CWE-22",
+        "CWE-77",
+        "CWE-78",
+        "CWE-79",
+        "CWE-89",
+        "CWE-94",
+        "CWE-200",
+        "CWE-269",
+        "CWE-287",
+        "CWE-352",
+        "CWE-434",
+        "CWE-502",
+        "CWE-732",
+        "CWE-862",
+        "CWE-863",
+        "CWE-918",
+        "CWE-1188"
+      ],
+      "d3fend_refs": [],
+      "last_threat_review": "2026-05-11",
+      "signature": "ZHjbKu0Em92Kimr2esL1g93mf9TmcsChBhVEMWf/lFrjeLcg8nyHEIcDstIZ3FWYgc6MQNHnc3Rup3Xp/Za1Cw==",
+      "signed_at": "2026-05-11T23:30:00.508Z"
+    },
+    {
+      "name": "ai-risk-management",
+      "version": "1.0.0",
+      "path": "skills/ai-risk-management/skill.md",
+      "description": "AI governance and risk management for mid-2026 — ISO/IEC 23894 risk process, ISO/IEC 42001 management system, NIST AI RMF, EU AI Act high-risk obligations, AI impact assessments, AI red-team programs, AI incident lifecycle",
+      "triggers": [
+        "ai risk management",
+        "ai governance",
+        "ai impact assessment",
+        "aia",
+        "dpia ai",
+        "iso 23894",
+        "iso 42001",
+        "nist ai rmf",
+        "ai red team program",
+        "ai incident response",
+        "eu ai act high-risk",
+        "ai vendor risk",
+        "ai management system"
+      ],
+      "data_deps": [
+        "atlas-ttps.json",
+        "framework-control-gaps.json",
+        "global-frameworks.json",
+        "cwe-catalog.json",
+        "d3fend-catalog.json",
+        "zeroday-lessons.json"
+      ],
+      "atlas_refs": [
+        "AML.T0051",
+        "AML.T0096",
+        "AML.T0017"
+      ],
+      "attack_refs": [],
+      "framework_gaps": [
+        "ISO-IEC-42001-2023-clause-6.1.2",
+        "ISO-IEC-23894-2023-clause-7",
+        "NIST-AI-RMF-MEASURE-2.5",
+        "OWASP-LLM-Top-10-2025-LLM01"
+      ],
+      "rfc_refs": [],
+      "cwe_refs": [
+        "CWE-1426",
+        "CWE-1039"
+      ],
+      "d3fend_refs": [],
+      "last_threat_review": "2026-05-11",
+      "signature": "1KRxjCbAX0Rs5NTOioi1w/f1SOzDQrtRoXjTDtzEwJ+d1QzFf9cqmBlp0uXmGpL0bzEaHWIctjigSychmoL2Dw==",
+      "signed_at": "2026-05-11T23:30:00.508Z"
+    },
+    {
+      "name": "sector-healthcare",
+      "version": "1.0.0",
+      "path": "skills/sector-healthcare/skill.md",
+      "description": "Healthcare sector cybersecurity for mid-2026 — HIPAA + HITRUST + HL7 FHIR security, medical device cyber (FDA + EU MDR), AI-in-healthcare under EU AI Act + FDA AI/ML SaMD guidance, patient data flows through LLM clinical tools",
+      "triggers": [
+        "healthcare security",
+        "hipaa",
+        "hitrust",
+        "hl7",
+        "fhir",
+        "phi",
+        "protected health information",
+        "medical device security",
+        "samd",
+        "fda cyber",
+        "eu mdr",
+        "clinical decision support",
+        "ai diagnostic",
+        "patient data"
+      ],
+      "data_deps": [
+        "cve-catalog.json",
+        "atlas-ttps.json",
+        "framework-control-gaps.json",
+        "global-frameworks.json",
+        "cwe-catalog.json",
+        "d3fend-catalog.json",
+        "dlp-controls.json"
+      ],
+      "atlas_refs": [
+        "AML.T0051",
+        "AML.T0017"
+      ],
+      "attack_refs": [
+        "T1078",
+        "T1530",
+        "T1567"
+      ],
+      "framework_gaps": [
+        "HIPAA-Security-Rule-164.312(a)(1)",
+        "HITRUST-CSF-v11.4-09.l",
+        "ISO-27001-2022-A.8.30",
+        "NIST-800-53-AC-2"
+      ],
+      "rfc_refs": [
+        "RFC-7519",
+        "RFC-9421"
+      ],
+      "cwe_refs": [
+        "CWE-200",
+        "CWE-287",
+        "CWE-862",
+        "CWE-1426"
+      ],
+      "d3fend_refs": [],
+      "last_threat_review": "2026-05-11",
+      "signature": "eiajFh7w7d4g+/crGalTtw9Qsu0deVsdHkdthZSy595ifGmgu0zaFD8usKThbPhOdUCCclTYkZYz5GalQmkhCw==",
+      "signed_at": "2026-05-11T23:30:00.509Z"
+    },
+    {
+      "name": "sector-financial",
+      "version": "1.0.0",
+      "path": "skills/sector-financial/skill.md",
+      "description": "Financial services cybersecurity for mid-2026 — EU DORA TLPT, PSD2 RTS-SCA, SWIFT CSCF v2026, NYDFS 23 NYCRR 500, FFIEC CAT, MAS TRM, APRA CPS 234, IL BoI Directive 361, OSFI B-13; Threat-Led Pen Testing schemes TIBER-EU + CBEST + iCAST",
+      "triggers": [
+        "financial security",
+        "banking security",
+        "dora",
+        "psd2",
+        "psd3",
+        "sca",
+        "strong customer authentication",
+        "swift cscf",
+        "nydfs",
+        "23 nycrr 500",
+        "ffiec",
+        "mas trm",
+        "apra cps 234",
+        "tiber-eu",
+        "cbest",
+        "icast",
+        "tlpt"
+      ],
+      "data_deps": [
+        "cve-catalog.json",
+        "atlas-ttps.json",
+        "framework-control-gaps.json",
+        "global-frameworks.json",
+        "cwe-catalog.json",
+        "d3fend-catalog.json",
+        "dlp-controls.json"
+      ],
+      "atlas_refs": [
+        "AML.T0096",
+        "AML.T0017"
+      ],
+      "attack_refs": [
+        "T1078",
+        "T1190",
+        "T1486",
+        "T1567"
+      ],
+      "framework_gaps": [
+        "PSD2-RTS-SCA",
+        "SWIFT-CSCF-v2026-1.1",
+        "NIST-800-53-AC-2",
+        "SOC2-CC6-logical-access"
+      ],
+      "rfc_refs": [
+        "RFC-8446",
+        "RFC-7519",
+        "RFC-8725",
+        "RFC-9421"
+      ],
+      "cwe_refs": [
+        "CWE-287",
+        "CWE-862",
+        "CWE-863",
+        "CWE-798",
+        "CWE-352"
+      ],
+      "d3fend_refs": [],
+      "last_threat_review": "2026-05-11",
+      "forward_watch": [
+        "PSD3 + PSR (Payment Services Regulation) trilogue and final adoption (expected 2026-2027); track agent-initiated payment treatment in final text",
+        "DORA Art. 26 TLPT first full cycle completion mid-2027; ESAs publishing aggregate findings under JC 2024/40 RTS",
+        "SWIFT CSCF v2027 (annual update cycle); track AI-mediated message generation controls",
+        "NYDFS 23 NYCRR 500 further amendments; track agentic-AI in CISO certification scope",
+        "FFIEC CAT replacement by CRI Profile v2 (Cyber Risk Institute) — US sector baseline migration",
+        "MAS Notice 655 / TRM Guidelines refresh tracking GenAI in financial services",
+        "HKMA CFI 3.0 cycle and iCAST scope expansion to AI/ML systems",
+        "APRA CPS 230 (Operational Risk Management) effective 2025-07-01 — operational resilience overlay on CPS 234",
+        "UK FCA / PRA operational resilience self-assessment cycle (SS1/21, SS2/21) and impact tolerances refresh post-2025",
+        "BCB Resolução BCB 85 (cyber policy for FIs) and Brazil PIX fraud-typology updates",
+        "OSFI B-13 (Technology and Cyber Risk Management) post-2024 examination findings",
+        "TIBER-EU framework v2.0 alignment with DORA TLPT RTS (JC 2024/40); cross-recognition with CBEST and iCAST"
+      ],
+      "signature": "iSZR/fYESQVyjkcqj+O+yzU0BQfaELH5s7WizzUTWvDPDTD2ZyOnZTT1r/Zfx2l4mbPmVeFGWdYnnVFTk/i3Aw==",
+      "signed_at": "2026-05-11T23:30:00.509Z"
+    },
+    {
+      "name": "sector-federal-government",
+      "version": "1.0.0",
+      "path": "skills/sector-federal-government/skill.md",
+      "description": "Federal government + defense contractor cybersecurity for mid-2026 — FedRAMP Rev5, CMMC 2.0, EO 14028, NIST 800-171/172 CUI, FISMA, M-22-09 federal Zero Trust, OMB M-24-04 AI risk, CISA BOD/ED; cross-jurisdiction NCSC UK, ENISA EUCC, AU PSPF, IL government cyber methodology",
+      "triggers": [
+        "federal cyber",
+        "government cybersecurity",
+        "fedramp",
+        "cmmc",
+        "eo 14028",
+        "nist 800-171",
+        "nist 800-172",
+        "cui",
+        "fisma",
+        "federal zero trust",
+        "m-22-09",
+        "omb m-24-04",
+        "jab authorization",
+        "cisa bod",
+        "cisa ed",
+        "stateramp"
+      ],
+      "data_deps": [
+        "cve-catalog.json",
+        "atlas-ttps.json",
+        "framework-control-gaps.json",
+        "global-frameworks.json",
+        "cwe-catalog.json",
+        "d3fend-catalog.json"
+      ],
+      "atlas_refs": [],
+      "attack_refs": [
+        "T1190",
+        "T1195.001",
+        "T1554"
+      ],
+      "framework_gaps": [
+        "FedRAMP-Rev5-Moderate",
+        "CMMC-2.0-Level-2",
+        "NIST-800-218-SSDF",
+        "SLSA-v1.0-Build-L3"
+      ],
+      "rfc_refs": [
+        "RFC-8032",
+        "RFC-8446"
+      ],
+      "cwe_refs": [
+        "CWE-1357",
+        "CWE-1395",
+        "CWE-829"
+      ],
+      "d3fend_refs": [],
+      "last_threat_review": "2026-05-11",
+      "forward_watch": [
+        "CMMC 2.0 phased rollout milestones through 2028 — Phase 1 (self-assessment) effective Dec 2024, Phase 2 (C3PAO assessments) ramping in 2025-2026, Phase 3 (DIBCAC-level assessments) and Phase 4 (full enforcement in all contracts) push into 2028",
+        "NIST SP 800-171 Rev 3 (May 2024) replacing Rev 2 in contracts — three-year transition; track which DoD / civilian agency contracts have crossed the Rev 3 boundary",
+        "NIST SP 800-172 Rev 3 (forthcoming) for the CMMC Level 3 \"enhanced security requirements\" baseline against APT",
+        "OMB M-24-04 federal AI risk-management implementation deadlines through 2025-2026 — agency CAIO appointments, AI use-case inventories, generative AI policies",
+        "FedRAMP 20x program (modernization effort, 2024-2026) — moving toward continuous authorization, machine-readable controls, OSCAL native, automated significant-change review",
+        "CISA Secure by Design and Secure by Default pledges — federal procurement leverage on commercial vendors, expanding through 2026",
+        "Cyber Incident Reporting for Critical Infrastructure Act (CIRCIA) final rule from CISA — 72-hour incident / 24-hour ransomware payment reporting, expected effective late 2026 / 2027 for federal contractors in covered CI sectors",
+        "UK GovAssure replacing the legacy IT Health Check (ITHC) scheme — phased rollout for departments and ALBs through 2026",
+        "EU Cybersecurity Certification Scheme on Common Criteria (EUCC) operational — first certificates issued 2024; high-assurance level for government use cases ramping",
+        "Australia PSPF 2024 revision and ISM quarterly updates — track for Essential Eight Maturity Level requirements for federal entities"
+      ],
+      "signature": "Wjdo5YXEL8XeNZkaEueG1DOUoyalstNPzQkxD/cwP5iMrJWg/Ly+sC0Oluuqm3aU7d63z55PrbGQCJD0XVZqBg==",
+      "signed_at": "2026-05-11T23:30:00.509Z"
+    },
+    {
+      "name": "sector-energy",
+      "version": "1.0.0",
+      "path": "skills/sector-energy/skill.md",
+      "description": "Electric power + oil & gas + water/wastewater + renewable-integration cybersecurity for mid-2026 — NERC CIP v6/v7, NIST 800-82r3, TSA Pipeline SD-2021-02C, AWWA cyber, EU NIS2 energy + NCCS-G (cross-border electricity), AU AESCSF + SOCI, ENISA energy sector",
+      "triggers": [
+        "energy security",
+        "electric grid security",
+        "oil gas cyber",
+        "pipeline cyber",
+        "water utility cyber",
+        "nerc cip",
+        "tsa sd-2021",
+        "awwa cyber",
+        "aescsf",
+        "nccs-g",
+        "grid resilience",
+        "renewable cyber",
+        "inverter security",
+        "der security",
+        "smart meter security"
+      ],
+      "data_deps": [
+        "cve-catalog.json",
+        "atlas-ttps.json",
+        "framework-control-gaps.json",
+        "global-frameworks.json",
+        "cwe-catalog.json",
+        "d3fend-catalog.json"
+      ],
+      "atlas_refs": [],
+      "attack_refs": [
+        "T0855",
+        "T0883",
+        "T1190",
+        "T1078"
+      ],
+      "framework_gaps": [
+        "NERC-CIP-007-6-R4",
+        "NIST-800-82r3",
+        "IEC-62443-3-3",
+        "NIS2-Art21-patch-management"
+      ],
+      "rfc_refs": [],
+      "cwe_refs": [
+        "CWE-287",
+        "CWE-798",
+        "CWE-306",
+        "CWE-1037"
+      ],
+      "d3fend_refs": [],
+      "last_threat_review": "2026-05-11",
+      "forward_watch": [
+        "NERC CIP v7 final FERC order (anticipated 2026–2027) — additions for low-impact BES Cyber Systems, supply chain, and INSM (internal network security monitoring)",
+        "CISA + EPA joint guidance evolution for water/wastewater following the 2023 Unitronics campaign and the 2024 EPA enforcement memorandum",
+        "TSA Pipeline Security Directive renewal cadence (SD Pipeline-2021-02C reissued mid-2025, next reissue cycle anticipated mid-2026)",
+        "EU NCCS-G (Network Code on Cybersecurity for Cross-Border Electricity Flows, Reg. (EU) 2024/1366) phased compliance milestones through 2027 for ENTSO-E, EU DSO Entity, and impact-tier classified operators",
+        "AESCSF 2025 refresh by AEMO with renewable/DER specific maturity indicators",
+        "UL 2941 (DER cybersecurity) and IEEE 1547.3-2023 (DER cyber) adoption into US state PUC interconnection rules",
+        "MadIoT-class research on consumer-IoT-driven grid frequency manipulation moving from proof-of-concept to attributed campaigns",
+        "ICS-CERT advisory feed (https://www.cisa.gov/news-events/cybersecurity-advisories/ics-advisories) for vendor CVEs in Siemens, Rockwell, Schneider Electric, ABB, GE Vernova, Hitachi Energy, AVEVA / OSIsoft PI"
+      ],
+      "signature": "c/l7dOHe0Zj6Ag3abUaEie6o0f8M4rhY5aPI9/wG4z6FDue9PzCVw8vUGoITFgg89g97lMfy2C3CE2PegQoFCw==",
+      "signed_at": "2026-05-11T23:30:00.510Z"
+    },
+    {
+      "name": "api-security",
+      "version": "1.0.0",
+      "path": "skills/api-security/skill.md",
+      "description": "API security for mid-2026 — OWASP API Top 10 2023, AI-API specific (rate limits, prompt-shape egress, MCP HTTP transport), GraphQL + gRPC + REST + WebSocket attack surfaces, API gateway posture, BOLA/BFLA/SSRF/Mass Assignment",
+      "triggers": [
+        "api security",
+        "owasp api top 10",
+        "bola",
+        "bfla",
+        "mass assignment",
+        "api gateway",
+        "rate limiting",
+        "graphql security",
+        "grpc security",
+        "rest security",
+        "websocket security",
+        "ai api security",
+        "mcp transport",
+        "openapi security"
+      ],
+      "data_deps": [
+        "cve-catalog.json",
+        "atlas-ttps.json",
+        "framework-control-gaps.json",
+        "cwe-catalog.json",
+        "d3fend-catalog.json",
+        "rfc-references.json"
+      ],
+      "atlas_refs": [
+        "AML.T0096",
+        "AML.T0017"
+      ],
+      "attack_refs": [
+        "T1190",
+        "T1078",
+        "T1567"
+      ],
+      "framework_gaps": [
+        "OWASP-ASVS-v5.0-V14",
+        "NIST-800-218-SSDF",
+        "ISO-27001-2022-A.8.28",
+        "NIST-800-53-AC-2"
+      ],
+      "rfc_refs": [
+        "RFC-8446",
+        "RFC-9114",
+        "RFC-7519",
+        "RFC-8725",
+        "RFC-6749",
+        "RFC-9700",
+        "RFC-9421"
+      ],
+      "cwe_refs": [
+        "CWE-287",
+        "CWE-862",
+        "CWE-863",
+        "CWE-918",
+        "CWE-200",
+        "CWE-352",
+        "CWE-22",
+        "CWE-77",
+        "CWE-1188"
+      ],
+      "d3fend_refs": [],
+      "last_threat_review": "2026-05-11",
+      "signature": "9FgcJvYeo07QxQ+mnVRQk4jYLDMO/AVSXMs8cueO2f/qMOTQmrhBMVhj5ze7hzvXpGkp7EK/3Q1XKqde61JMAg==",
+      "signed_at": "2026-05-11T23:30:00.510Z"
+    },
+    {
+      "name": "cloud-security",
+      "version": "1.0.0",
+      "path": "skills/cloud-security/skill.md",
+      "description": "Cloud security for mid-2026 — CSPM/CWPP/CNAPP posture, CSA CCM v4, AWS/Azure/GCP shared responsibility, cloud workload identity federation, runtime security with eBPF, AI workloads on cloud",
+      "triggers": [
+        "cloud security",
+        "cspm",
+        "cwpp",
+        "cnapp",
+        "csa ccm",
+        "aws security",
+        "azure security",
+        "gcp security",
+        "cloud iam",
+        "workload identity",
+        "irsa",
+        "cloud runtime",
+        "shared responsibility",
+        "multi cloud",
+        "falco"
+      ],
+      "data_deps": [
+        "cve-catalog.json",
+        "atlas-ttps.json",
+        "framework-control-gaps.json",
+        "cwe-catalog.json",
+        "d3fend-catalog.json",
+        "rfc-references.json"
+      ],
+      "atlas_refs": [
+        "AML.T0010",
+        "AML.T0017"
+      ],
+      "attack_refs": [
+        "T1078",
+        "T1530",
+        "T1190",
+        "T1552"
+      ],
+      "framework_gaps": [
+        "NIST-800-53-CM-7",
+        "ISO-27001-2022-A.8.30",
+        "SOC2-CC9-vendor-management",
+        "FedRAMP-Rev5-Moderate"
+      ],
+      "rfc_refs": [
+        "RFC-8446",
+        "RFC-9180",
+        "RFC-7519",
+        "RFC-8725"
+      ],
+      "cwe_refs": [
+        "CWE-287",
+        "CWE-862",
+        "CWE-732",
+        "CWE-200",
+        "CWE-1188",
+        "CWE-798"
+      ],
+      "d3fend_refs": [],
+      "last_threat_review": "2026-05-11",
+      "forward_watch": [
+        "CSA CCM v5 (in development) for AI-workload-aware control objectives and shared-responsibility refinement on managed AI services (Bedrock, Azure OpenAI, Vertex)",
+        "FedRAMP 20x continuous authorization transition through 2026 — machine-readable OSCAL controls, automated significant-change review, impact on commercial CSP authorizations",
+        "EU CRA (Cyber Resilience Act) digital-element requirements for cloud-shipped products and managed services starting Dec 2027 — three-year manufacturer transition already affecting CSP roadmaps",
+        "EU EUCS (European Cybersecurity Certification Scheme for Cloud Services) finalisation and adoption by ENISA — high-assurance tier requirements still being negotiated mid-2026",
+        "NIS2 essential-entity sectoral guidance maturation for cloud / managed-service-provider risk management (Art. 21 measures and supply-chain Art. 22 obligations)",
+        "DORA TLPT (threat-led penetration testing) extension to cloud-hosted critical ICT services — RTS adoption and supervisory practice still evolving",
+        "JP ISMAP-LIU (Information system Security Management and Assessment Program for Low Impact Use) acceptance into procurement workflows; ISMAP base programme audit cycle refresh",
+        "SG MTCS SS 584:2020 revision cycle for managed AI services and confidential computing",
+        "IN MeitY empanelment renewal and Cert-In CSP audit baseline updates following 2025 incident reporting directive amendments",
+        "CN MLPS 2.0 (Multi-Level Protection Scheme) cross-border cloud data-handling requirements under the 2024 Network Data Security Management Regulations",
+        "NYDFS 23 NYCRR 500 Amendment 2 (effective Nov 2024 with phased Nov 2025 / Nov 2026 milestones) third-party CSP risk assessment and MFA requirements",
+        "AWS Bedrock, Azure OpenAI, GCP Vertex AI shared-responsibility documentation drift — each major CSP refreshes the AI-service responsibility line every 6–12 months; track for control-mapping breakage",
+        "eBPF-based runtime detection coverage of confidential-computing enclaves (AWS Nitro Enclaves, Azure Confidential VMs, GCP Confidential Space) — partial visibility is a tracked detection gap",
+        "CISA KEV additions for cloud-control-plane CVEs (IMDSv1 abuses, federation token mishandling, cross-tenant boundary failures); CISA Cybersecurity Advisories for cross-cloud advisories"
+      ],
+      "signature": "xRA0XZf7VPtuBtbsm41bay9yBLphw/hlL3YxIUrpko5g9ldM3oJe9o1qSwzIj/wSnQSI29qqPpNsnlks+HEOCA==",
+      "signed_at": "2026-05-11T23:30:00.510Z"
+    },
+    {
+      "name": "container-runtime-security",
+      "version": "1.0.0",
+      "path": "skills/container-runtime-security/skill.md",
+      "description": "Container + Kubernetes runtime security for mid-2026 — CIS K8s Benchmark, NSA/CISA Hardening, Pod Security Standards, Kyverno/Gatekeeper admission, Sigstore policy-controller, eBPF runtime detection (Falco/Tetragon), AI inference workload hardening",
+      "triggers": [
+        "container security",
+        "kubernetes security",
+        "k8s security",
+        "cis kubernetes",
+        "nsa hardening",
+        "pod security standards",
+        "kyverno",
+        "gatekeeper",
+        "opa",
+        "falco",
+        "tetragon",
+        "sigstore policy",
+        "admission controller",
+        "networkpolicy",
+        "cilium",
+        "kserve",
+        "vllm"
+      ],
+      "data_deps": [
+        "cve-catalog.json",
+        "atlas-ttps.json",
+        "framework-control-gaps.json",
+        "cwe-catalog.json",
+        "d3fend-catalog.json",
+        "rfc-references.json"
+      ],
+      "atlas_refs": [
+        "AML.T0010"
+      ],
+      "attack_refs": [
+        "T1610",
+        "T1611",
+        "T1068",
+        "T1190"
+      ],
+      "framework_gaps": [
+        "NIST-800-53-CM-7",
+        "ISO-27001-2022-A.8.28",
+        "SLSA-v1.0-Build-L3"
+      ],
+      "rfc_refs": [
+        "RFC-8446",
+        "RFC-8032"
+      ],
+      "cwe_refs": [
+        "CWE-269",
+        "CWE-732",
+        "CWE-1188",
+        "CWE-787",
+        "CWE-1395"
+      ],
+      "d3fend_refs": [],
+      "last_threat_review": "2026-05-11",
+      "signature": "GcU50DStuN1gU/Evm/sFRgeieQbqffVp12rgbGnasRX89Q7kM4ltFXB+bgCXHIvICzYb78hPIifWQb9UVupWBQ==",
+      "signed_at": "2026-05-11T23:30:00.511Z"
+    },
+    {
+      "name": "mlops-security",
+      "version": "1.0.0",
+      "path": "skills/mlops-security/skill.md",
+      "description": "MLOps pipeline security for mid-2026 — training data integrity, model registry signing, deployment pipeline provenance, inference serving hardening, drift detection, feedback loop integrity; covers MLflow / Kubeflow / Vertex AI / SageMaker / Azure ML / Hugging Face",
+      "triggers": [
+        "mlops security",
+        "ml pipeline security",
+        "model registry security",
+        "training data integrity",
+        "mlflow",
+        "kubeflow",
+        "vertex ai",
+        "sagemaker",
+        "azure ml",
+        "hugging face",
+        "model signing",
+        "model card",
+        "data card",
+        "feature store",
+        "drift detection",
+        "model monitoring"
+      ],
+      "data_deps": [
+        "cve-catalog.json",
+        "atlas-ttps.json",
+        "framework-control-gaps.json",
+        "cwe-catalog.json",
+        "d3fend-catalog.json",
+        "rfc-references.json"
+      ],
+      "atlas_refs": [
+        "AML.T0010",
+        "AML.T0018",
+        "AML.T0020",
+        "AML.T0043",
+        "AML.T0017"
+      ],
+      "attack_refs": [
+        "T1195.001",
+        "T1565"
+      ],
+      "framework_gaps": [
+        "NIST-800-218-SSDF",
+        "SLSA-v1.0-Build-L3",
+        "ISO-IEC-42001-2023-clause-6.1.2",
+        "NIST-AI-RMF-MEASURE-2.5",
+        "OWASP-LLM-Top-10-2025-LLM08"
+      ],
+      "rfc_refs": [
+        "RFC-8032"
+      ],
+      "cwe_refs": [
+        "CWE-1426",
+        "CWE-1395",
+        "CWE-1357",
+        "CWE-502"
+      ],
+      "d3fend_refs": [],
+      "last_threat_review": "2026-05-11",
+      "forward_watch": [
+        "CycloneDX 1.7 ML-BOM enrichment — training-data lineage fields and model-card embedding stabilize; re-baseline ML-BOM coverage when published",
+        "SPDX 3.1 AI / Dataset profile maturation — dataset provenance schema firms up; re-audit training-data lineage attestations",
+        "OpenSSF model-signing emergence to v1.0 — Sigstore-based model-weight signing; track for production adoption and admission-control integration",
+        "SLSA v1.1 ML profile (draft) — model-provenance extension for training-run attestation chains; track ID and section changes",
+        "EU AI Act high-risk technical-file implementing acts (2026-2027) — operational requirements for Article 10 / 13 / 15 documentation may pin ML-BOM or model-signing",
+        "MITRE ATLAS v5.2 — track AML.T0010 sub-technique expansion and any new MLOps-pipeline-specific TTPs"
+      ],
+      "signature": "onIazpFoL1t4PMNRsoF06ggnl7BzCKjt0x+ZmVfWfyt1V06DgllsrbN3AAz4+g4jW2Sc71q0vIFKfwEUWpGVAQ==",
+      "signed_at": "2026-05-11T23:30:00.511Z"
+    },
+    {
+      "name": "incident-response-playbook",
+      "version": "1.0.0",
+      "path": "skills/incident-response-playbook/skill.md",
+      "description": "Incident response playbook design for mid-2026 — NIST 800-61r3, ISO 27035, ATT&CK-driven detection, PICERL phases, AI-class incident handling (prompt injection breach, model exfiltration, AI-API C2), cross-jurisdiction breach notification timing",
+      "triggers": [
+        "incident response",
+        "ir playbook",
+        "csirt",
+        "picerl",
+        "nist 800-61",
+        "iso 27035",
+        "breach notification",
+        "incident handler",
+        "blue team",
+        "soc playbook",
+        "ai incident",
+        "prompt injection incident",
+        "model exfiltration incident"
+      ],
+      "data_deps": [
+        "cve-catalog.json",
+        "atlas-ttps.json",
+        "framework-control-gaps.json",
+        "global-frameworks.json",
+        "cwe-catalog.json",
+        "d3fend-catalog.json",
+        "zeroday-lessons.json"
+      ],
+      "atlas_refs": [
+        "AML.T0096",
+        "AML.T0017",
+        "AML.T0051"
+      ],
+      "attack_refs": [
+        "T1486",
+        "T1041",
+        "T1567",
+        "T1078"
+      ],
+      "framework_gaps": [
+        "NIST-800-53-AC-2",
+        "ISO-27001-2022-A.8.16",
+        "SOC2-CC7-anomaly-detection"
+      ],
+      "rfc_refs": [],
+      "cwe_refs": [],
+      "d3fend_refs": [],
+      "last_threat_review": "2026-05-11",
+      "forward_watch": [
+        "NIST 800-61r3 minor revisions (expected 2026-2027) aligning incident-handling language with the in-force EU CRA Art. 11 24h clock and EU AI Act Art. 73 serious-incident reporting",
+        "ISO/IEC 27035-3:2026 (technical incident response operations) — final publication expected Q3 2026, expected to formalize AI-class incident sub-types currently absent from 27035-1/-2",
+        "CSAF 2.1 inclusion of incident-status profile (separate from VEX) for correlated advisory + incident records",
+        "MITRE ATLAS additions for incident-response-relevant techniques: AI-agent-initiated unauthorized action, training-data exfiltration via inference-time prompts",
+        "ENISA single-reporting-platform expansion: CRA Art. 11 channel goes operational 2026-09, NIS2 Art. 23 incident-reporting overlap to be reconciled",
+        "AU SOCI Act expanded sector coverage (data-storage and processing entities added 2024; further mandatory-reporting tiers under review)",
+        "IL INCD Incident Response Process v4 (slated for 2026-2027) consolidating AI-incident sub-class",
+        "NYDFS 23 NYCRR 500.17 amendments tightening ransom-payment 24h disclosure operationalization"
+      ],
+      "signature": "P0Yv4CtqbnBNP6nSIxQUYYHL7T7ci+iE7iE2UXVfnMPeWVdKG2nvRePjBXc3JZTLima1Txn/I5ocDNhLTIeUAQ==",
+      "signed_at": "2026-05-11T23:30:00.512Z"
+    },
+    {
+      "name": "email-security-anti-phishing",
+      "version": "1.0.0",
+      "path": "skills/email-security-anti-phishing/skill.md",
+      "description": "Email security + anti-phishing for mid-2026 — SPF/DKIM/DMARC/BIMI/ARC/MTA-STS/TLSRPT, AI-augmented phishing (vishing, deepfake video, hyperpersonalized email), Business Email Compromise, secure email gateways",
+      "triggers": [
+        "email security",
+        "anti-phishing",
+        "phishing",
+        "spear phishing",
+        "bec",
+        "business email compromise",
+        "dmarc",
+        "dkim",
+        "spf",
+        "bimi",
+        "arc",
+        "mta-sts",
+        "tlsrpt",
+        "vishing",
+        "deepfake phishing",
+        "ai phishing",
+        "secure email gateway"
+      ],
+      "data_deps": [
+        "cve-catalog.json",
+        "atlas-ttps.json",
+        "framework-control-gaps.json",
+        "cwe-catalog.json",
+        "d3fend-catalog.json",
+        "rfc-references.json",
+        "dlp-controls.json"
+      ],
+      "atlas_refs": [],
+      "attack_refs": [
+        "T1566",
+        "T1566.001",
+        "T1566.002",
+        "T1566.003",
+        "T1078"
+      ],
+      "framework_gaps": [
+        "NIST-800-53-SI-3",
+        "ISO-27001-2022-A.8.16",
+        "SOC2-CC7-anomaly-detection"
+      ],
+      "rfc_refs": [],
+      "cwe_refs": [],
+      "d3fend_refs": [],
+      "last_threat_review": "2026-05-11",
+      "signature": "2pv81lLRbazpHqundCANb3YiLB4lkVsYctIDvI8rxSvHxhPS9jYXqmAoB5APSdDuOaew6XqpfZOehQUj9WmyBw==",
+      "signed_at": "2026-05-11T23:30:00.512Z"
+    },
+    {
+      "name": "age-gates-child-safety",
+      "version": "1.0.0",
+      "path": "skills/age-gates-child-safety/skill.md",
+      "description": "Age-related gates and child online safety for mid-2026 — COPPA + CIPA + California AADC + GDPR Art. 8 + DSA Art. 28 + UK Online Safety Act + UK Children's Code + AU Online Safety Act + IN DPDPA child provisions + KOSA pending; age verification standards (IEEE 2089-2021, OpenID Connect age claims); AI product age policies",
+      "triggers": [
+        "age gate",
+        "age gates",
+        "age verification",
+        "age assurance",
+        "child online safety",
+        "coppa",
+        "cipa",
+        "california aadc",
+        "children's code",
+        "uk online safety act",
+        "kosa",
+        "gdpr article 8",
+        "dsa article 28",
+        "parental consent",
+        "csam",
+        "child safety",
+        "ofcom",
+        "esafety",
+        "children's online safety"
+      ],
+      "data_deps": [
+        "cve-catalog.json",
+        "atlas-ttps.json",
+        "framework-control-gaps.json",
+        "global-frameworks.json",
+        "cwe-catalog.json",
+        "d3fend-catalog.json",
+        "dlp-controls.json"
+      ],
+      "atlas_refs": [],
+      "attack_refs": [
+        "T1078",
+        "T1567"
+      ],
+      "framework_gaps": [
+        "ISO-27001-2022-A.8.30",
+        "NIST-800-53-AC-2",
+        "SOC2-CC6-logical-access"
+      ],
+      "rfc_refs": [],
+      "cwe_refs": [
+        "CWE-200",
+        "CWE-287",
+        "CWE-862"
+      ],
+      "d3fend_refs": [],
+      "last_threat_review": "2026-05-11",
+      "forward_watch": [
+        "KOSA (Kids Online Safety Act) federal enactment status — reintroduced 2024-2025 with bipartisan support; if enacted, duty-of-care + safest-defaults + age-appropriate-design obligations become US federal floor",
+        "Ofcom UK Online Safety Act child-safety codes — illegal-content codes live July 2025; child-safety codes phasing through 2026 with iterative enforcement guidance",
+        "California AADC (AB-2273) — Sept 2023 federal injunction (NetChoice v. Bonta), 2024 partial revival; track Ninth Circuit / SCOTUS posture and state legislative response",
+        "AU social media under-16 ban — Online Safety Amendment (Social Media Minimum Age) Act 2024 passed Nov 2024; implementation deferred to late 2025; age-assurance method finalisation pending",
+        "EU CSAM Regulation (\"chat control\") — Commission proposal 2022, contested through 2024-2025; if adopted, automated detection on encrypted communications becomes mandatory with significant fundamental-rights challenge",
+        "NIST IR on Age Assurance — pending publication; will operationalise age-assurance levels for US federal procurement",
+        "euCONSENT pilot outcomes — EU age-verification interoperability scheme; if scaled, becomes the de facto Member State age-verification reference architecture",
+        "AI product age policy enforcement — Character.ai litigation (2024 minor-suicide complaint) testing duty-of-care for AI companion apps; ChatGPT / Claude / Gemini under-13 / under-18 enforcement evolving via FTC + state AG actions",
+        "France SREN (Securing and Regulating the Digital Space) Act 2024 — ARCOM age-verification referential for adult content services; double-anonymity model under deployment",
+        "US state adult-site age-verification laws — 19+ states by mid-2026 (TX HB 18 upheld by SCOTUS June 2025 in Free Speech Coalition v. Paxton); track ongoing challenges in remaining states"
+      ],
+      "signature": "BJ/YYnGVXeSBaR9oWAVrcNX7Wz+kE8R4CghX6+XEI/qY89fyrkKNNwo2veqqf49wffJhHVJ1wTp8ZDECjNp+Dw==",
+      "signed_at": "2026-05-11T23:30:00.512Z"
+    }
+  ]
+}