@blamejs/exceptd-skills 0.9.4 → 0.10.0

package/orchestrator/scanner.js

@@ -19,12 +19,34 @@ const DATA_DIR = process.env.EXCEPTD_DATA_DIR || path.join(__dirname, '..', 'dat
 
 /**
  * Run all scanners and return consolidated findings.
+ *
+ * DEPRECATED in v0.10.0. This is the pre-seven-phase legacy scanner that
+ * shells out from Node — kept as a safety-net path for non-AI operators.
+ * New code should call the playbook runner instead:
+ *
+ *   const runner = require('../lib/playbook-runner');
+ *   const result = await runner.run('kernel', 'all-catalogued-kernel-cves', agentSubmission);
+ *
+ * The runner emits seven-phase findings (govern through close) with full
+ * GRC closure: CSAF-2.0 evidence bundles, jurisdiction-aware notification
+ * deadlines, auditor-ready exception language, regression schedules.
+ * `exceptd scan` will be removed in v1.0.
+ *
  * @returns {{ timestamp: string, host: object, findings: object[], summary: object }}
  */
 async function scan() {
   const timestamp = new Date().toISOString();
   const findings = [];
 
+  // Deprecation banner — surfaces via stderr so JSON consumers aren't broken.
+  if (process.stderr.isTTY && !process.env.EXCEPTD_SUPPRESS_DEPRECATION) {
+    process.stderr.write(
+      '[scan] DEPRECATION: `exceptd scan` is legacy. Prefer `exceptd plan` + `exceptd run <playbook>` ' +
+      '(seven-phase contract with full GRC closure). See AGENTS.md "Seven-phase playbook contract". ' +
+      'Suppress this notice with EXCEPTD_SUPPRESS_DEPRECATION=1.\n'
+    );
+  }
+
   const host = hostInfo();
   findings.push(...kernelScan());
   findings.push(...mcpScan());
@@ -33,7 +55,7 @@ async function scan() {
   findings.push(...frameworkScan());
 
   const summary = summarize(findings);
-  return { timestamp, host, findings, summary };
+  return { timestamp, host, findings, summary, _deprecation: 'Use `exceptd plan` + `exceptd run <playbook>` for the seven-phase contract.' };
 }
 
 /**
@@ -152,16 +174,34 @@ function cryptoScan() {
     const [major, minor] = version.split('.').map(Number);
     const isPqcReady = major > 3 || (major === 3 && minor >= 5);
 
+    // Probe the full NIST PQC suite + stateful hash signatures.
+    // Reports per-algo via boolean flags so downstream callers can
+    // decide which gaps matter for their threat model (ML-KEM for
+    // HNDL exposure, LMS/XMSS for firmware signing, etc.).
+    const pqc = probePqcAlgorithms();
+    const pqcDetail = [
+      `ML-KEM=${pqc.ml_kem ? 'avail' : 'missing'}`,    // FIPS 203
+      `ML-DSA=${pqc.ml_dsa ? 'avail' : 'missing'}`,    // FIPS 204
+      `SLH-DSA=${pqc.slh_dsa ? 'avail' : 'missing'}`,  // FIPS 205
+      `FN-DSA=${pqc.fn_dsa ? 'avail' : 'missing'}`,    // FIPS 206 draft (Falcon)
+      `HQC=${pqc.hqc ? 'avail' : 'missing'}`,          // alternate KEM (March 2025)
+      `LMS=${pqc.lms ? 'avail' : 'missing'}`,          // RFC 8554 (firmware)
+      `XMSS=${pqc.xmss ? 'avail' : 'missing'}`,        // RFC 8391
+    ].join(' ');
+
     findings.push({
       domain: 'crypto',
       signal: 'openssl_version',
       value: version,
       pqc_ready: isPqcReady,
-      severity: isPqcReady ? 'info' : 'high',
+      pqc_algorithms: pqc,
+      severity: isPqcReady && pqc.ml_kem ? 'info' : (isPqcReady ? 'medium' : 'high'),
       skill_hint: 'pqc-first',
       action_required: isPqcReady
-        ? `OpenSSL ${version} — PQC-capable. Verify ML-KEM/ML-DSA algorithm availability.`
-        : `OpenSSL ${version} — below 3.5. Upgrade required for PQC support (ML-KEM, ML-DSA, SLH-DSA).`
+        ? (pqc.ml_kem
+          ? `OpenSSL ${version} — PQC-capable. Probed: ${pqcDetail}.`
+          : `OpenSSL ${version} — claims PQC support but probe found no ML-KEM. Check provider config; may need OQS-Provider or Node 24 crypto.kemEncapsulate. Probed: ${pqcDetail}.`)
+        : `OpenSSL ${version} — below 3.5. Upgrade required for PQC support (ML-KEM, ML-DSA, SLH-DSA, FN-DSA, HQC, LMS, XMSS).`
     });
   }
 
@@ -296,6 +336,153 @@ function safeExecFile(cmd, args) {
   }
 }
 
+/**
+ * Probe runtime for PQC algorithm availability across the full
+ * emerging-standards landscape. Returns boolean flags per algorithm
+ * + a `provider_hint` indicating which surface confirmed each one.
+ *
+ *   --- NIST PQC finalized (FIPS 203/204/205, 2024) ---
+ *   ml_kem      ML-KEM (Kyber) — FIPS 203, key encapsulation
+ *   ml_dsa      ML-DSA (Dilithium) — FIPS 204, signatures
+ *   slh_dsa     SLH-DSA (SPHINCS+) — FIPS 205, stateless hash sigs
+ *
+ *   --- NIST PQC draft / alternate (2025+) ---
+ *   fn_dsa      FN-DSA (Falcon) — FIPS 206 draft, compact lattice sigs
+ *   hqc         HQC — alternate KEM selected March 2025
+ *
+ *   --- NIST PQC Round-4 alternates (still relevant in niche / archival) ---
+ *   frodo       FrodoKEM — conservative lattice KEM
+ *   ntru        NTRU / NTRU-Prime / sNTRU — original lattice KEM family
+ *   mceliece    Classic McEliece — code-based, long-term archival use
+ *   bike        BIKE — code-based KEM, OQS-Provider exposed
+ *
+ *   --- NIST additional signature on-ramp (2023+ Round 2) ---
+ *   hawk        HAWK — NTRU-based lattice signatures
+ *   mayo        MAYO — multivariate
+ *   sqisign     SQIsign — isogeny-based, small signatures
+ *   cross       CROSS — code-based
+ *   uov         UOV / SNOVA — Unbalanced Oil & Vinegar multivariate
+ *   sdith       SDitH — code-based (Syndrome Decoding in the Head)
+ *   mirath      MIRATH — code-based (rank metric)
+ *   faest       FAEST — symmetric-key/AES-based signatures
+ *   perk        PERK — code-based (Permuted Kernel Problem)
+ *
+ *   --- Stateful hash signatures (RFC 8391 / 8554) ---
+ *   lms         LMS — Leighton-Micali Signatures (firmware)
+ *   xmss        XMSS — eXtended Merkle Signature Scheme
+ *   hss         HSS — Hierarchical Signature System
+ *
+ *   --- IETF hybrid / composite sigs (emerging RFC drafts) ---
+ *   composite_sig   Composite Signatures (e.g. RSA+ML-DSA, ECDSA+ML-DSA)
+ *   composite_kem   Composite KEMs (e.g. X25519+ML-KEM)
+ */
+function probePqcAlgorithms() {
+  const result = {
+    // NIST finalized
+    ml_kem: false, ml_dsa: false, slh_dsa: false,
+    // NIST draft / alternate
+    fn_dsa: false, hqc: false,
+    // NIST Round-4 / niche
+    frodo: false, ntru: false, mceliece: false, bike: false,
+    // NIST signature on-ramp (Round 2)
+    hawk: false, mayo: false, sqisign: false, cross: false,
+    uov: false, sdith: false, mirath: false, faest: false, perk: false,
+    // Stateful hash sigs
+    lms: false, xmss: false, hss: false,
+    // IETF composite / hybrid
+    composite_sig: false, composite_kem: false,
+    provider_hint: {},
+  };
+  const crypto = require('crypto');
+
+  // Pattern table — values are regexes matching common spellings
+  // emitted by Node / OpenSSL / OQS-Provider / Bouncy Castle. Tested
+  // against algorithm-list output specifically (no English-prose
+  // false positives expected; the lists contain only algo names).
+  const PATTERNS = {
+    // NIST finalized
+    ml_kem:        /\b(ml-?kem|kyber)\b/i,
+    ml_dsa:        /\b(ml-?dsa|dilithium)\b/i,
+    slh_dsa:       /\b(slh-?dsa|sphincs(?:\+|plus)?)\b/i,
+    // NIST draft / alternate
+    fn_dsa:        /\b(fn-?dsa|falcon-?\d{3,4})\b/i,
+    hqc:           /\bhqc(-?\d+)?\b/i,
+    // NIST Round-4 / niche
+    frodo:         /\bfrodo(-?\d+)?(kem)?\b/i,
+    ntru:          /\b(s?ntru(-?prime)?(-?\d+)?|hrss\d*|hps\d+)\b/i,
+    mceliece:      /\b(classic-?)?mceliece(-?\d+)?\b/i,
+    bike:          /\bbike(-?l?\d+)?\b/i,
+    // NIST signature on-ramp (Round 2, 2024+)
+    hawk:          /\bhawk(-?\d+)?\b/i,
+    mayo:          /\bmayo(-?\d+)?\b/i,
+    sqisign:       /\bsqi-?sign(?:hd)?\b/i,
+    cross:         /\bcross-?(rsdp|rsdpg)?-?(small|fast|balanced)?-?[lns]?\d*\b/i,
+    uov:           /\b(uov|snova)(-?\d+)?\b/i,
+    sdith:         /\bsd-?i?t?h(-?gf\d+)?(-?cat\d+)?\b/i,
+    mirath:        /\bmirath(-?\d+)?\b/i,
+    faest:         /\bfaest(-em)?(-?\d+)?\b/i,
+    perk:          /\bperk-?[ls]?-?\d*\b/i,
+    // Stateful hash signatures
+    lms:           /\blms(?!-sha)\b/i,
+    xmss:          /\bxmss(\^?mt)?\b/i,
+    hss:           /\bhss(?!-sha)\b/i,
+    // Composite / hybrid (IETF drafts)
+    composite_sig: /\bcomposite-?(sig|signature)\b|\bhybrid-?sig\b|\b(rsa|ecdsa|eddsa)-?(\+|with)-?(ml-?dsa|dilithium|slh-?dsa|sphincs|falcon|fn-?dsa)\b/i,
+    composite_kem: /\bcomposite-?kem\b|\b(x25519|x448|secp\d+)-?(\+|with)-?(ml-?kem|kyber)\b|\bml-?kem-?(\+|with)-?(x25519|x448)\b/i,
+  };
+
+  function record(algo, source) {
+    if (!result[algo]) {
+      result[algo] = true;
+      result.provider_hint[algo] = source;
+    }
+  }
+
+  // Channel 1 — Node's crypto APIs (no shellouts). Node 24+ exposes
+  // crypto.kemEncapsulate as an experimental ML-KEM gateway; its
+  // presence is itself an ML-KEM availability signal.
+  try {
+    if (typeof crypto.kemEncapsulate === 'function') {
+      record('ml_kem', 'node:crypto.kemEncapsulate');
+    }
+    const allNames = [
+      ...(crypto.getCurves ? crypto.getCurves() : []),
+      ...(crypto.getHashes ? crypto.getHashes() : []),
+      ...(crypto.getCiphers ? crypto.getCiphers() : []),
+    ];
+    for (const name of allNames) {
+      for (const [algo, re] of Object.entries(PATTERNS)) {
+        if (re.test(name)) record(algo, `node:${name}`);
+      }
+    }
+  } catch (_) { /* probe failure → fall through to openssl */ }
+
+  // Channel 2 — `openssl list` enumerations. KEMs and signature
+  // algorithms split across two list commands; OQS-Provider exposes
+  // the on-ramp / niche algos when installed.
+  const kemList = safeExecFile('openssl', ['list', '-kem-algorithms']);
+  if (kemList) {
+    const kemAlgos = ['ml_kem', 'hqc', 'frodo', 'ntru', 'mceliece', 'bike', 'composite_kem'];
+    for (const algo of kemAlgos) {
+      if (PATTERNS[algo].test(kemList)) record(algo, 'openssl:list -kem-algorithms');
+    }
+  }
+  const sigList = safeExecFile('openssl', ['list', '-signature-algorithms']);
+  if (sigList) {
+    const sigAlgos = [
+      'ml_dsa', 'slh_dsa', 'fn_dsa',
+      'hawk', 'mayo', 'sqisign', 'cross', 'uov', 'sdith', 'mirath', 'faest', 'perk',
+      'lms', 'xmss', 'hss',
+      'composite_sig',
+    ];
+    for (const algo of sigAlgos) {
+      if (PATTERNS[algo].test(sigList)) record(algo, 'openssl:list -signature-algorithms');
+    }
+  }
+
+  return result;
+}
+
 function probeTls() {
   const result = spawnSync('openssl', ['s_client', '-connect', 'google.com:443', '-brief'], {
     input: '',

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@blamejs/exceptd-skills",
-  "version": "0.9.4",
+  "version": "0.10.0",
   "description": "AI security skills grounded in mid-2026 threat reality, not stale framework documentation. 38 skills, 10 catalogs, 34 jurisdictions, pre-computed indexes, Ed25519-signed.",
   "keywords": [
     "ai-security",

package/sbom.cdx.json

@@ -1,10 +1,10 @@
 {
   "bomFormat": "CycloneDX",
   "specVersion": "1.6",
-  "serialNumber": "urn:uuid:03cec6e7-3ff8-4972-bcd1-769761ab963f",
+  "serialNumber": "urn:uuid:7ad6ee8c-6fb3-4eee-b37d-d9b770e964b6",
   "version": 1,
   "metadata": {
-    "timestamp": "2026-05-12T03:27:58.018Z",
+    "timestamp": "2026-05-12T05:38:55.099Z",
     "tools": [
       {
         "name": "hand-written",
@@ -13,10 +13,10 @@
       }
     ],
     "component": {
-      "bom-ref": "pkg:npm/@blamejs/exceptd-skills@0.9.4",
+      "bom-ref": "pkg:npm/@blamejs/exceptd-skills@0.10.0",
       "type": "application",
       "name": "@blamejs/exceptd-skills",
-      "version": "0.9.4",
+      "version": "0.10.0",
       "description": "AI security skills grounded in mid-2026 threat reality, not stale framework documentation. 38 skills, 10 catalogs, 34 jurisdictions, pre-computed indexes, Ed25519-signed.",
       "licenses": [
         {
@@ -25,11 +25,11 @@
           }
         }
       ],
-      "purl": "pkg:npm/%40blamejs/exceptd-skills@0.9.4",
+      "purl": "pkg:npm/%40blamejs/exceptd-skills@0.10.0",
       "externalReferences": [
         {
           "type": "distribution",
-          "url": "https://www.npmjs.com/package/@blamejs/exceptd-skills/v/0.9.4"
+          "url": "https://www.npmjs.com/package/@blamejs/exceptd-skills/v/0.10.0"
         },
         {
           "type": "vcs",

package/scripts/builders/currency.js

@@ -20,13 +20,15 @@
 const fs = require("fs");
 const path = require("path");
 
-function currencyScore(daysSinceReview, forwardWatchCount) {
+function currencyScore(daysSinceReview, _forwardWatchCount) {
+  // See orchestrator/pipeline.js — forward_watch count no longer
+  // affects currency score (it's a maintenance signal, not staleness).
+  // Param retained for ABI compatibility with callers.
   let score = 100;
   if (daysSinceReview > 180) score -= 30;
   else if (daysSinceReview > 90) score -= 20;
   else if (daysSinceReview > 60) score -= 10;
   else if (daysSinceReview > 30) score -= 5;
-  score -= forwardWatchCount * 5;
   return Math.max(0, score);
 }
 
@@ -99,7 +101,7 @@ function buildCurrency({ root, manifest, skills }) {
       schema_version: "1.0.0",
       reference_date: ref,
       note: "Pre-computed skill currency snapshot. Reference date is manifest.threat_review_date (deterministic). Re-runs of build-indexes against the same inputs produce byte-identical output. The orchestrator `currency` command produces a real-time view against today's date.",
-      decay_formula: "100 base; -30/-20/-10/-5 at 180/90/60/30-day thresholds; -5 per forward_watch entry. Label thresholds: ≥90 current, ≥70 acceptable, ≥50 stale, <50 critical_stale.",
+      decay_formula: "100 base; -30/-20/-10/-5 at 180/90/60/30-day thresholds. forward_watch count does NOT affect the score (it's a maintenance signal, not a staleness one). Label thresholds: ≥90 current, ≥70 acceptable, ≥50 stale, <50 critical_stale.",
     },
     summary,
     skills: rows,