@hungpg/skill-audit 0.1.0 → 0.2.0

package/README.md

@@ -13,37 +13,38 @@ Security auditing CLI for AI agent skills.
 ## Installation
 
 ```bash
-cd skill-audit
-npm install
-npm run build
+npm install -g @hungpg/skill-audit
 ```
 
 ## Usage
 
 ```bash
 # Audit global skills
-npx skill-audit -g
+skill-audit -g
 
 # Audit with verbose output
-npx skill-audit -v
+skill-audit -v
 
 # JSON output for CI
-npx skill-audit --json > audit-results.json
+skill-audit --json > audit-results.json
 
 # Fail if risk score exceeds threshold
-npx skill-audit --threshold 5.0
+skill-audit --threshold 5.0
 
 # Skip dependency scanning (faster)
-npx skill-audit --no-deps
+skill-audit --no-deps
 
 # Filter by agent
-npx skill-audit -a "Claude Code" "Qwen Code"
+skill-audit -a "Claude Code" "Qwen Code"
 
 # Project-level skills only
-npx skill-audit --project
+skill-audit --project
 
 # Lint mode (spec validation only)
-npx skill-audit --mode lint
+skill-audit --mode lint
+
+# Update vulnerability DB manually
+skill-audit --update-db
 ```
 
 ## Options
@@ -88,9 +89,11 @@ Feeds are cached locally with automatic freshness checks:
 
 | Source | Update Frequency | Cache Lifetime |
 |--------|------------------|----------------|
-| CISA KEV | Daily | 7 days |
-| FIRST EPSS | Daily | 7 days |
+| CISA KEV | Daily | 1 day |
+| NIST NVD | Daily | 1 day |
+| FIRST EPSS | Daily | 3 days |
 | OSV.dev | On-query | 7 days |
+| GHSA | On-query | 3 days |
 
 **Automatic updates:**
 - Runs on `npm install` via `postinstall` hook
@@ -99,6 +102,20 @@ Feeds are cached locally with automatic freshness checks:
 
 **Stale cache warning:** Audit output warns if feeds are >3 days old.
 
+### NVD Synchronization
+
+The `--update-db` command fetches CVEs modified in the last 24 hours only.
+For initial setup or after extended offline periods, run multiple times to build historical data:
+
+```bash
+# Multiple updates to build historical data
+skill-audit --update-db
+skill-audit --update-db
+skill-audit --update-db
+```
+
+Note: NVD API rate limits apply (5 requests/30 sec without API key). Set `NVD_API_KEY` environment variable for 50 requests/30 sec.
+
 ## Trust Sources
 
 1. Static pattern matching for known attack vectors
@@ -115,7 +132,7 @@ Feeds are cached locally with automatic freshness checks:
 
 **False positives**: Review finding at file:line, add inline comment explaining legitimate use
 
-**Stale DB warning**: Run `npx skill-audit --update-db` to refresh KEV/EPSS/OSV feeds
+**Stale DB warning**: Run `skill-audit --update-db` to refresh KEV/EPSS/OSV feeds
 
 **Skill not found**: Verify `SKILL.md` exists in root or `skills/` directory
 

package/SKILL.md

@@ -1,6 +1,6 @@
 ---
 name: skill-audit
-description: This skill should be used when the user asks to "audit AI agent skills for security vulnerabilities", "evaluate third-party skills before installing", "check for prompt injection or secrets leakage", "scan skills for code execution risks", "validate skills against Agent Skills specification", or "assess skill security posture with CVE/GHSA/KEV/EPSS intelligence".
+description: This skill should be used when the user asks to "audit AI agent skills for security vulnerabilities", "evaluate third-party skills before installing", "check for prompt injection or secrets leakage", "scan skills for code execution risks", "validate skills against Agent Skills specification", or "assess skill security posture with CVE/GHSA/KEV/EPSS/NVD intelligence".
 license: MIT
 compatibility: Node.js 18+ with npm or yarn
 metadata:
@@ -75,6 +75,8 @@ Full security audit including:
 Pulls latest vulnerability intelligence:
 - CISA KEV (Known Exploited Vulnerabilities)
 - FIRST EPSS (Exploit Prediction Scoring) - via api.first.org/data/v1
+- NIST NVD (National Vulnerability Database) - CVSS scores, CWE mappings
+- GitHub Security Advisories (GHSA) - ecosystem-specific advisories
 - OSV.dev vulnerabilities
 
 Caches to `.cache/skill-audit/feeds/` for offline use.
@@ -148,7 +150,7 @@ npx skill-audit -g -o ./audit-report.json
 npx skill-audit -g -t 3.0
 
 # Update intelligence feeds
-npx skill-audit --update-db --source kev epss
+npx skill-audit --update-db --source kev epss nvd
 
 # Audit project-level skills only
 npx skill-audit -p --mode audit -v
@@ -164,7 +166,7 @@ Found 3 skills
    Safe: 1 | Risky: 1 | Dangerous: 1 | Malicious: 0
    Skills with spec issues: 1 | Security issues: 2
 
-⚠️  Vulnerability DB is stale (4.2 days for KEV, 5.1 days for EPSS)
+⚠️  Vulnerability DB is stale (4.2 days for KEV, 5.1 days for EPSS, 2.0 days for NVD)
    Run: npx skill-audit --update-db
 
 ❌ 1 skills exceed threshold 3.0
@@ -189,8 +191,9 @@ Three-layer validation approach:
    - Maps to OWASP Agentic Top 10
 
 3. **Intelligence Service**
-   - Caches CVE/GHSA/KEV/EPSS data
+   - Caches CVE/GHSA/KEV/EPSS/NVD data
    - Native HTTP/fetch (no shell dependencies)
+   - Differentiated cache lifetimes by source (KEV/NVD: 1 day, EPSS/GHSA: 3 days, OSV: 7 days)
 
 ## Related Skills
 
@@ -216,6 +219,8 @@ Three-layer validation approach:
 - **[OWASP AI Security Top 10](https://owasp.org/www-project-top-ten.html)** - ASI01-ASI10 threat categories
 - **[CISA KEV Catalog](https://www.cisa.gov/known-exploited-vulnerabilities-catalog)** - Actively exploited vulnerabilities
 - **[FIRST EPSS](https://www.first.org/epss/)** - Exploit Prediction Scoring System
+- **[NIST NVD](https://nvd.nist.gov/)** - National Vulnerability Database (official CVE database)
+- **[GitHub Security Advisories](https://github.com/advisories)** - GHSA vulnerability database
 - **[OSV.dev](https://osv.dev/)** - Open Source Vulnerability database
 
 ### Intelligence Cache
@@ -223,5 +228,7 @@ Three-layer validation approach:
 | Source | Update Frequency | Max Cache Age | Warning Threshold |
 |--------|-----------------|---------------|-------------------|
 | CISA KEV | Daily | 1 day | 3 days |
+| NIST NVD | Daily | 1 day | 3 days |
+| GitHub GHSA | 3 days | 3 days | 3 days |
 | FIRST EPSS | 3-day cycle | 3 days | 3 days |
 | OSV.dev | On-query | 7 days | 3 days |

package/dist/deps.js

@@ -14,6 +14,52 @@ const OSV_ECOSYSTEMS = {
     'RubyGems': 'ruby',
     'Packagist': 'php',
     'Pub': 'dart',
+    'NuGet': 'dotnet',
+    'Hex': 'elixir',
+    'ConanCenter': 'cpp',
+    'Bioconductor': 'r',
+    'SwiftURL': 'swift',
+};
+// Supported lockfile patterns and their ecosystems
+const LOCKFILE_PATTERNS = {
+    // JavaScript/TypeScript
+    'package-lock.json': { ecosystem: 'npm', parser: 'json' },
+    'yarn.lock': { ecosystem: 'npm', parser: 'yarn' },
+    'pnpm-lock.yaml': { ecosystem: 'npm', parser: 'yaml' },
+    'bun.lockb': { ecosystem: 'npm', parser: 'binary' },
+    // Python
+    'requirements.txt': { ecosystem: 'PyPI', parser: 'text' },
+    'Pipfile.lock': { ecosystem: 'PyPI', parser: 'json' },
+    'poetry.lock': { ecosystem: 'PyPI', parser: 'toml' },
+    'pdm.lock': { ecosystem: 'PyPI', parser: 'toml' },
+    'uv.lock': { ecosystem: 'PyPI', parser: 'toml' },
+    'pylock.toml': { ecosystem: 'PyPI', parser: 'toml' },
+    // Rust
+    'Cargo.lock': { ecosystem: 'crates.io', parser: 'toml' },
+    // Ruby
+    'Gemfile.lock': { ecosystem: 'RubyGems', parser: 'text' },
+    'gems.locked': { ecosystem: 'RubyGems', parser: 'text' },
+    // PHP
+    'composer.lock': { ecosystem: 'Packagist', parser: 'json' },
+    // Java
+    'pom.xml': { ecosystem: 'Maven', parser: 'xml' },
+    'buildscript-gradle.lockfile': { ecosystem: 'Maven', parser: 'text' },
+    'gradle.lockfile': { ecosystem: 'Maven', parser: 'text' },
+    // Go
+    'go.mod': { ecosystem: 'Go', parser: 'text' },
+    'go.sum': { ecosystem: 'Go', parser: 'text' },
+    // .NET
+    'packages.lock.json': { ecosystem: 'NuGet', parser: 'json' },
+    'deps.json': { ecosystem: 'NuGet', parser: 'json' },
+    'packages.config': { ecosystem: 'NuGet', parser: 'xml' },
+    // Dart
+    'pubspec.lock': { ecosystem: 'Pub', parser: 'yaml' },
+    // Elixir
+    'mix.lock': { ecosystem: 'Hex', parser: 'elixir' },
+    // C/C++
+    'conan.lock': { ecosystem: 'ConanCenter', parser: 'text' },
+    // R
+    'renv.lock': { ecosystem: 'Bioconductor', parser: 'json' },
 };
 // Check if a scanner is available
 function isScannerAvailable(scanner) {
@@ -251,62 +297,214 @@ function extractPackagesFromLockfiles(resolvedPath) {
     const packages = [];
     try {
         const files = readdirSync(resolvedPath);
-        // Parse package-lock.json
-        const pkgLock = files.find(f => f === 'package-lock.json');
-        if (pkgLock) {
-            const content = JSON.parse(readFileSync(join(resolvedPath, pkgLock), 'utf-8'));
-            if (content.packages) {
-                for (const [path, pkg] of Object.entries(content.packages)) {
+        // Iterate through all supported lockfile patterns
+        for (const [filename, config] of Object.entries(LOCKFILE_PATTERNS)) {
+            const lockfile = files.find(f => f === filename);
+            if (!lockfile)
+                continue;
+            const filepath = join(resolvedPath, lockfile);
+            const content = readFileSync(filepath, 'utf-8');
+            try {
+                switch (config.parser) {
+                    case 'json':
+                        parseJSONLockfile(content, config.ecosystem, packages);
+                        break;
+                    case 'yaml':
+                        parseYAMLLockfile(content, config.ecosystem, packages);
+                        break;
+                    case 'toml':
+                        parseTOMLLockfile(content, config.ecosystem, packages);
+                        break;
+                    case 'text':
+                        parseTextLockfile(content, config.ecosystem, packages, filename);
+                        break;
+                    // Binary and XML parsers would require additional dependencies
+                    // For now, skip binary files and use basic XML parsing
+                }
+            }
+            catch (e) {
+                console.warn(`Failed to parse ${filename}:`, e);
+            }
+        }
+    }
+    catch (e) {
+        // Ignore top-level errors
+    }
+    return packages;
+}
+// Parse JSON lockfiles (package-lock.json, Pipfile.lock, composer.lock, etc.)
+function parseJSONLockfile(content, ecosystem, packages) {
+    const data = JSON.parse(content);
+    // package-lock.json format (object with packages)
+    if (data.packages && typeof data.packages === 'object' && !Array.isArray(data.packages)) {
+        for (const [path, pkg] of Object.entries(data.packages)) {
+            const p = pkg;
+            if (p.version && path !== '') {
+                const name = p.name || path.split('node_modules/').pop()?.split('/')[0];
+                if (name) {
+                    packages.push({ name, version: p.version.replace(/^\^|~/, ''), ecosystem });
+                }
+            }
+        }
+    }
+    // Pipfile.lock format
+    if (data.default || data.develop) {
+        for (const section of ['default', 'develop']) {
+            if (data[section]) {
+                for (const [name, pkg] of Object.entries(data[section])) {
                     const p = pkg;
-                    if (p.version && path !== '') {
-                        // Extract package name from path
-                        const name = path.split('node_modules/').pop()?.split('/')[0];
-                        if (name) {
-                            packages.push({ name, version: p.version.replace(/^\^|~/, ''), ecosystem: 'npm' });
-                        }
+                    if (p.version) {
+                        packages.push({ name: name.toLowerCase(), version: p.version.replace(/^[=<>!~]+/, ''), ecosystem });
                     }
                 }
             }
         }
-        // Parse requirements.txt
-        const reqTxt = files.find(f => f === 'requirements.txt');
-        if (reqTxt) {
-            const content = readFileSync(join(resolvedPath, reqTxt), 'utf-8');
-            for (const line of content.split('\n')) {
-                const match = line.match(/^([a-zA-Z0-9_-]+)([=<>!~]+)(.+)$/);
+    }
+    // composer.lock format (array of packages)
+    if (Array.isArray(data.packages)) {
+        for (const pkg of data.packages) {
+            if (pkg.name && pkg.version) {
+                packages.push({ name: pkg.name, version: pkg.version.replace(/^[=<>!~v]+/, ''), ecosystem });
+            }
+        }
+    }
+    // renv.lock format
+    if (data.Packages) {
+        for (const [name, pkg] of Object.entries(data.Packages)) {
+            const p = pkg;
+            if (p.Version) {
+                packages.push({ name, version: p.Version, ecosystem });
+            }
+        }
+    }
+}
+// Parse YAML lockfiles (yarn.lock, pubspec.lock, pnpm-lock.yaml)
+function parseYAMLLockfile(content, ecosystem, packages) {
+    // Simple YAML parsing without external dependency
+    // For production, consider using a YAML parser library
+    const lines = content.split('\n');
+    let currentPackage = '';
+    for (const line of lines) {
+        // yarn.lock format: "package@version":
+        const yarnMatch = line.match(/^"?([^@"]+)@([^"]+)":/);
+        if (yarnMatch) {
+            packages.push({ name: yarnMatch[1], version: yarnMatch[2].replace(/^[^0-9]*/, ''), ecosystem });
+            continue;
+        }
+        // pubspec.lock format
+        const pubMatch = line.match(/^\s+name:\s*(.+)$/);
+        if (pubMatch) {
+            currentPackage = pubMatch[1].trim();
+            continue;
+        }
+        const pubVersion = line.match(/^\s+version:\s*"?(.+)"?$/);
+        if (pubVersion && currentPackage) {
+            packages.push({ name: currentPackage, version: pubVersion[1], ecosystem });
+            currentPackage = '';
+        }
+    }
+}
+// Parse TOML lockfiles (Cargo.lock, poetry.lock, etc.)
+function parseTOMLLockfile(content, ecosystem, packages) {
+    // Simple TOML parsing without external dependency
+    const lines = content.split('\n');
+    let currentPackage = '';
+    for (const line of lines) {
+        // Cargo.lock format: [[package]]
+        if (line.startsWith('[[')) {
+            currentPackage = '';
+            continue;
+        }
+        const nameMatch = line.match(/^name\s*=\s*"(.+)"$/);
+        if (nameMatch) {
+            currentPackage = nameMatch[1];
+            continue;
+        }
+        const versionMatch = line.match(/^version\s*=\s*"(.+)"$/);
+        if (versionMatch && currentPackage) {
+            packages.push({ name: currentPackage, version: versionMatch[1], ecosystem });
+        }
+    }
+}
+// Parse text-based lockfiles (requirements.txt, Gemfile.lock, go.mod, etc.)
+function parseTextLockfile(content, ecosystem, packages, filename) {
+    const lines = content.split('\n');
+    // requirements.txt format
+    if (filename === 'requirements.txt') {
+        for (const line of lines) {
+            const match = line.match(/^([a-zA-Z0-9_-]+)([=<>!~]+)(.+)$/);
+            if (match) {
+                packages.push({ name: match[1], version: match[3].trim(), ecosystem });
+            }
+        }
+        return;
+    }
+    // Gemfile.lock format
+    if (filename === 'Gemfile.lock') {
+        let inSpecs = false;
+        for (const line of lines) {
+            if (line.includes('specs:')) {
+                inSpecs = true;
+                continue;
+            }
+            if (inSpecs && line.startsWith('    ')) {
+                const match = line.match(/^\s+([a-zA-Z0-9_-]+)\s+\(([^)]+)\)/);
                 if (match) {
-                    packages.push({ name: match[1], version: match[3].trim(), ecosystem: 'PyPI' });
+                    packages.push({ name: match[1], version: match[2], ecosystem });
                 }
             }
+            if (inSpecs && line.trim() && !line.startsWith(' ')) {
+                inSpecs = false;
+            }
         }
-        // Parse go.mod
-        const goMod = files.find(f => f === 'go.mod');
-        if (goMod) {
-            const content = readFileSync(join(resolvedPath, goMod), 'utf-8');
-            for (const line of content.split('\n')) {
-                const match = line.match(/^\s+([a-zA-Z0-9\/]+)\s+v?(.+)$/);
-                if (match && !match[1].startsWith('gopkg.in') && !match[1].startsWith('github.com/')) {
-                    packages.push({ name: match[1], version: match[2].replace(/^v/, ''), ecosystem: 'Go' });
+        return;
+    }
+    // go.mod format
+    if (filename === 'go.mod') {
+        let inRequire = false;
+        for (const line of lines) {
+            if (line.startsWith('require (')) {
+                inRequire = true;
+                continue;
+            }
+            if (inRequire) {
+                if (line === ')') {
+                    inRequire = false;
+                    continue;
+                }
+                const match = line.match(/^\s*([a-zA-Z0-9\/]+)\s+v?(.+)$/);
+                if (match) {
+                    packages.push({ name: match[1], version: match[2].replace(/^v/, ''), ecosystem });
                 }
             }
+            // Single-line require
+            const singleMatch = line.match(/^require\s+([a-zA-Z0-9\/]+)\s+v?(.+)$/);
+            if (singleMatch) {
+                packages.push({ name: singleMatch[1], version: singleMatch[2].replace(/^v/, ''), ecosystem });
+            }
         }
-        // Parse Cargo.lock
-        const cargoLock = files.find(f => f === 'Cargo.lock');
-        if (cargoLock) {
-            const content = JSON.parse(readFileSync(join(resolvedPath, cargoLock), 'utf-8'));
-            if (content.package) {
-                for (const pkg of content.package) {
-                    if (pkg.name && pkg.version) {
-                        packages.push({ name: pkg.name, version: pkg.version, ecosystem: 'crates.io' });
-                    }
-                }
+        return;
+    }
+    // go.sum format
+    if (filename === 'go.sum') {
+        for (const line of lines) {
+            const match = line.match(/^([a-zA-Z0-9\/]+)\s+v?([^\/\s]+)\//);
+            if (match) {
+                packages.push({ name: match[1], version: match[2].replace(/^v/, ''), ecosystem });
             }
         }
+        return;
     }
-    catch (e) {
-        // Ignore parse errors
+    // gradle.lockfile format
+    if (filename.includes('gradle.lockfile')) {
+        for (const line of lines) {
+            const match = line.match(/:([a-zA-Z0-9_-]+):([a-zA-Z0-9._-]+):([a-zA-Z0-9._-]+)/);
+            if (match) {
+                packages.push({ name: `${match[2]}:${match[3]}`, version: match[3], ecosystem });
+            }
+        }
+        return;
     }
-    return packages;
 }
 export function scanDependencies(skillPath) {
     const findings = [];

package/dist/index.js

@@ -5,12 +5,12 @@ import { auditSecurity } from "./security.js";
 import { validateSkillSpec } from "./spec.js";
 import { createGroupedAuditResult } from "./scoring.js";
 import { scanDependencies } from "./deps.js";
-import { getKEV, getEPSS, isCacheStale } from "./intel.js";
+import { getKEV, getEPSS, getNVD, isCacheStale, downloadOfflineDB } from "./intel.js";
 import { writeFileSync } from "fs";
 // Build CLI - no subcommands, just options + action
 const program = new Command();
 program
-    .name("skills-audit")
+    .name("skill-audit")
     .description("Security auditing CLI for AI agent skills")
     .version("0.1.0")
     .option("-g, --global", "Audit global skills only (default: true)")
@@ -23,11 +23,17 @@ program
     .option("--no-deps", "Skip dependency scanning (faster)")
     .option("--mode <mode>", "Audit mode: 'lint' (spec only) or 'audit' (full)", "audit")
     .option("--update-db", "Update advisory intelligence feeds")
-    .option("--source <sources...>", "Sources for update-db: kev, epss, all", ["all"])
+    .option("--source <sources...>", "Sources for update-db: kev, epss, nvd, all", ["all"])
     .option("--strict", "Fail if feeds are stale")
-    .option("--quiet", "Suppress non-error output");
+    .option("--quiet", "Suppress non-error output")
+    .option("--download-offline-db <dir>", "Download offline vulnerability databases to directory");
 program.parse(process.argv);
 const options = program.opts();
+// Handle download-offline-db action
+if (options.downloadOfflineDb) {
+    await downloadOfflineDB(options.downloadOfflineDb);
+    process.exit(0);
+}
 // Handle update-db action
 if (options.updateDb) {
     await updateAdvisoryDB({ source: options.source, strict: options.strict });
@@ -75,7 +81,7 @@ reportGroupedResults(results, {
     mode
 });
 async function updateAdvisoryDB(opts) {
-    const sources = opts.source.includes("all") ? ["kev", "epss"] : opts.source;
+    const sources = opts.source.includes("all") ? ["kev", "epss", "nvd"] : opts.source;
     const quiet = program.opts().quiet;
     if (!quiet) {
         console.log("📥 Updating advisory intelligence feeds...\n");
@@ -98,6 +104,12 @@ async function updateAdvisoryDB(opts) {
                     console.log(`   ✓ EPSS: ${result.findings.length} scores cached (stale: ${result.stale})`);
                 }
             }
+            else if (source === "nvd") {
+                const result = await getNVD();
+                if (!quiet) {
+                    console.log(`   ✓ NVD: ${result.findings.length} CVEs cached (stale: ${result.stale})`);
+                }
+            }
         }
         catch (e) {
             console.error(`   ✗ Failed to fetch ${source}:`, e);
@@ -159,8 +171,16 @@ function reportGroupedResults(results, options) {
     // Check cache freshness and warn if stale
     const kevStale = isCacheStale("kev");
     const epssStale = isCacheStale("epss");
-    if (!options.json && (kevStale.warn || epssStale.warn)) {
-        console.log(`\n⚠️  Vulnerability DB is stale (${kevStale.age?.toFixed(1)} days for KEV, ${epssStale.age?.toFixed(1)} days for EPSS)`);
+    const nvdStale = isCacheStale("nvd");
+    if (!options.json && (kevStale.warn || epssStale.warn || nvdStale.warn)) {
+        const ages = [];
+        if (kevStale.age)
+            ages.push(`${kevStale.age.toFixed(1)} days for KEV`);
+        if (epssStale.age)
+            ages.push(`${epssStale.age.toFixed(1)} days for EPSS`);
+        if (nvdStale.age)
+            ages.push(`${nvdStale.age.toFixed(1)} days for NVD`);
+        console.log(`\n⚠️  Vulnerability DB is stale (${ages.join(", ")})`);
         console.log(`   Run: npx skill-audit --update-db`);
     }
     if (threshold !== undefined) {

package/dist/intel.js

@@ -8,6 +8,8 @@ const METRICS_FILE = join(PACKAGE_ROOT, ".cache/skill-audit/metrics.json");
 // Cache configuration - differentiated by source update frequency
 const MAX_CACHE_AGE_DAYS = {
     kev: 1, // Daily updates - critical for actively exploited vulns
+    nvd: 1, // Daily - official NVD database updates frequently
+    ghsa: 3, // 3 days - GitHub Security Advisories
     epss: 3, // Matches FIRST.org update cycle
     osv: 7 // Stable database - weekly acceptable
 };
@@ -15,6 +17,21 @@ const WARN_CACHE_AGE_DAYS = 3;
 const FETCH_TIMEOUT_MS = 30000; // 30 seconds
 const MAX_RETRIES = 3;
 const RETRY_DELAY_MS = 1000; // Base delay for exponential backoff
+// Map internal ecosystem names to GitHub GraphQL enum values
+const GHSA_ECOSYSTEM_MAP = {
+    'npm': 'NPM',
+    'PyPI': 'PIP',
+    'pypi': 'PIP',
+    'crates.io': 'RUST',
+    'RubyGems': 'RUBYGEMS',
+    'Maven': 'MAVEN',
+    'Packagist': 'COMPOSER',
+    'Go': 'GO',
+    'NuGet': 'NUGET',
+    'Pub': 'PUB',
+    'Hex': 'ERLANG',
+    'SwiftURL': 'SWIFT',
+};
 /**
  * Ensure cache directory exists
  */
@@ -101,6 +118,12 @@ function recordFetchResult(source, count, durationMs, error) {
     else if (source === 'epss') {
         metrics.epssCount = count;
     }
+    else if (source === 'nvd') {
+        metrics.nvdCount = count;
+    }
+    else if (source === 'ghsa') {
+        metrics.ghsaCount = count;
+    }
     if (error) {
         metrics.errors.push(`${source}: ${error}`);
         // Keep only last 10 errors
@@ -228,28 +251,98 @@ export async function queryOSV(ecosystem, packageName) {
     }
 }
 /**
- * Query GHSA via GitHub API
+ * Query GHSA via GitHub GraphQL API
+ *
+ * Note: GHSA integration requires GitHub API authentication.
+ * For now, OSV provides comprehensive coverage for most ecosystems.
+ *
+ * To implement GHSA:
+ * 1. Get GitHub token: https://github.com/settings/tokens
+ * 2. Set GITHUB_TOKEN environment variable
+ * 3. Use GraphQL API with SecurityAdvisory query
+ *
+ * Example:
+ * ```
+ * const token = process.env.GITHUB_TOKEN;
+ * const response = await fetch('https://api.github.com/graphql', {
+ *   method: 'POST',
+ *   headers: {
+ *     'Authorization': `Bearer ${token}`,
+ *     'Content-Type': 'application/json'
+ *   },
+ *   body: JSON.stringify({
+ *     query: `query {
+ *       securityVulnerabilities(first: 100, ecosystem: NPM, package: "packageName") {
+ *         nodes {
+ *           advisory { ghsaId, summary, severity }
+ *         }
+ *       }
+ *     }`
+ *   })
+ * });
+ * ```
  */
 export async function queryGHSA(ecosystem, packageName) {
-    // GHSA API requires authentication for higher rate limits
-    // This is a placeholder - in production, use a GitHub token
-    try {
-        const ghsaEcosystemMap = {
-            'npm': 'npm',
-            'pypi': 'PyPI',
-            'go': 'Go',
-            'cargo': 'Cargo',
-            'rubygems': 'RubyGems',
-            'maven': 'Maven',
-            'nuget': 'NuGet'
-        };
-        const ghsaQuery = encodeURIComponent(`${packageName} repo:github/advisory-database`);
-        // Note: This is a simplified approach - production would use GraphQL API
-        console.log(`GHSA query: ${ecosystem}/${packageName} (API token recommended for production)`);
+    const token = process.env.GITHUB_TOKEN;
+    if (!token) {
+        // GHSA requires authentication - skip silently
+        // OSV provides comprehensive coverage as fallback
         return [];
     }
+    try {
+        const response = await fetchWithRetry('https://api.github.com/graphql', FETCH_TIMEOUT_MS, {
+            method: 'POST',
+            headers: {
+                'Authorization': `Bearer ${token}`,
+                'Content-Type': 'application/json',
+                'User-Agent': 'skill-audit/0.1.0 (Vulnerability Intelligence Scanner)'
+            },
+            body: JSON.stringify({
+                query: `
+          query GetAdvisories($ecosystem: SecurityAdvisoryEcosystem!, $package: String!) {
+            securityVulnerabilities(first: 100, ecosystem: $ecosystem, package: $package) {
+              nodes {
+                advisory {
+                  ghsaId
+                  summary
+                  severity
+                  publishedAt
+                  identifiers { type, value }
+                }
+                severity
+                vulnerableVersionRange
+              }
+            }
+          }
+        `,
+                variables: {
+                    ecosystem: GHSA_ECOSYSTEM_MAP[ecosystem] || ecosystem.toUpperCase(),
+                    package: packageName
+                }
+            })
+        });
+        if (!response.ok) {
+            console.error(`GHSA API error: ${response.status}`);
+            return [];
+        }
+        const data = await response.json();
+        if (!data.data?.securityVulnerabilities?.nodes) {
+            return [];
+        }
+        return data.data.securityVulnerabilities.nodes.map(node => ({
+            id: node.advisory?.ghsaId || `GHSA-unknown`,
+            aliases: node.advisory?.identifiers?.map(i => i.value) || [],
+            source: "GHSA",
+            ecosystem,
+            packageName,
+            severity: node.advisory?.severity || node.severity,
+            published: node.advisory?.publishedAt,
+            summary: node.advisory?.summary,
+            references: []
+        }));
+    }
     catch (error) {
-        console.error(`GHSA query failed:`, error);
+        console.error(`GHSA query failed for ${ecosystem}/${packageName}:`, error);
         return [];
     }
 }
@@ -316,6 +409,80 @@ export async function fetchEPSS() {
         return [];
     }
 }
+/**
+ * Fetch NIST NVD (National Vulnerability Database)
+ * Uses NVD API v2.0 with CVSS scoring
+ * API: https://nvd.nist.gov/developers/vulnerabilities
+ */
+export async function fetchNVD() {
+    const startTime = Date.now();
+    const apiKey = process.env.NVD_API_KEY;
+    // Calculate date range for last 24 hours
+    const now = new Date();
+    const yesterday = new Date(now.getTime() - 24 * 60 * 60 * 1000);
+    // NVD API requires ISO8601 format without milliseconds
+    const formatDate = (date) => date.toISOString().replace(/\.\d{3}Z$/, 'Z');
+    const lastModStartDate = formatDate(yesterday);
+    const lastModEndDate = formatDate(now);
+    const url = `https://services.nvd.nist.gov/rest/json/cves/2.0?lastModStartDate=${lastModStartDate}&lastModEndDate=${lastModEndDate}`;
+    try {
+        const headers = {
+            'User-Agent': 'skill-audit/0.1.0 (Vulnerability Intelligence Scanner)'
+        };
+        if (apiKey) {
+            headers['apiKey'] = apiKey;
+        }
+        const response = await fetchWithRetry(url, FETCH_TIMEOUT_MS, { headers });
+        const data = await response.json();
+        if (!data.vulnerabilities) {
+            recordFetchResult('nvd', 0, Date.now() - startTime, 'No vulnerabilities in response');
+            return [];
+        }
+        const records = data.vulnerabilities.map(v => {
+            // Extract CVSS score (prefer v3.1, fallback to v3.0)
+            let cvss;
+            let cvssVector;
+            let severity;
+            if (v.cve.metrics?.cvssMetricV31?.[0]?.cvssData) {
+                const cvss31 = v.cve.metrics.cvssMetricV31[0].cvssData;
+                cvss = cvss31.baseScore;
+                cvssVector = cvss31.vectorString;
+                severity = cvss31.baseSeverity;
+            }
+            else if (v.cve.metrics?.cvssMetricV30?.[0]?.cvssData) {
+                const cvss30 = v.cve.metrics.cvssMetricV30[0].cvssData;
+                cvss = cvss30.baseScore;
+                cvssVector = cvss30.vectorString;
+                severity = cvss30.baseSeverity;
+            }
+            // Extract CWE
+            const cwe = v.cve.weaknesses?.[0]?.description?.map(d => d.value) || [];
+            // Extract description as summary
+            const summary = v.cve.descriptions?.find(d => d.lang === 'en')?.value;
+            return {
+                id: v.cve.id,
+                aliases: [v.cve.id],
+                source: "NVD",
+                severity,
+                cvss,
+                cvssVector,
+                cwe,
+                published: v.cve.published,
+                modified: v.cve.lastModified,
+                summary,
+                references: v.cve.references?.map(r => r.url) || []
+            };
+        });
+        recordFetchResult('nvd', records.length, Date.now() - startTime);
+        return records;
+    }
+    catch (error) {
+        const errorMsg = error instanceof Error ? error.message : 'Unknown error';
+        recordFetchResult('nvd', 0, Date.now() - startTime, errorMsg);
+        console.error(`NVD fetch failed:`, error);
+        return [];
+    }
+}
 /**
  * Query vulnerability intelligence for a package
  */
@@ -373,6 +540,48 @@ export async function getEPSS() {
         warn
     };
 }
+/**
+ * Get NVD vulnerabilities (enriched)
+ */
+export async function getNVD() {
+    const { stale, age, warn } = isCacheStale("nvd");
+    let records = loadFromCache("nvd");
+    if (records.length === 0 || stale) {
+        records = await fetchNVD();
+        if (records.length > 0) {
+            saveToCache("nvd", records);
+        }
+    }
+    return {
+        findings: records,
+        cacheAge: age,
+        stale,
+        warn
+    };
+}
+/**
+ * Get GHSA advisories (enriched)
+ */
+export async function getGHSA() {
+    const { stale, age, warn } = isCacheStale("ghsa");
+    let records = loadFromCache("ghsa");
+    if (records.length === 0 || stale) {
+        // GHSA doesn't have a bulk feed - would need to query per-package
+        // For now, return empty - GHSA integration is via queryGHSA() per-package
+        return {
+            findings: [],
+            cacheAge: age,
+            stale,
+            warn
+        };
+    }
+    return {
+        findings: records,
+        cacheAge: age,
+        stale,
+        warn
+    };
+}
 /**
  * Merge advisory records by alias
  */
@@ -414,3 +623,71 @@ export function prioritizeRecords(records) {
         return 0;
     });
 }
+/**
+ * Download offline vulnerability databases
+ * @param outputDir - Directory to save offline databases
+ * @returns Object with download statistics
+ */
+export async function downloadOfflineDB(outputDir) {
+    const results = {
+        kev: { success: false, count: 0 },
+        epss: { success: false, count: 0 },
+        nvd: { success: false, count: 0 },
+        osv: { success: false, message: '' }
+    };
+    try {
+        // Ensure output directory exists
+        if (!existsSync(outputDir)) {
+            mkdirSync(outputDir, { recursive: true });
+        }
+        // Download KEV
+        console.log('📥 Downloading CISA KEV...');
+        const kevRecords = await fetchKEV();
+        if (kevRecords.length > 0) {
+            writeFileSync(join(outputDir, 'kev.json'), JSON.stringify({ fetchedAt: new Date().toISOString(), records: kevRecords }, null, 2));
+            results.kev = { success: true, count: kevRecords.length };
+            console.log(`   ✓ KEV: ${kevRecords.length} vulnerabilities`);
+        }
+        // Download EPSS
+        console.log('📥 Downloading EPSS scores...');
+        const epssRecords = await fetchEPSS();
+        if (epssRecords.length > 0) {
+            writeFileSync(join(outputDir, 'epss.json'), JSON.stringify({ fetchedAt: new Date().toISOString(), records: epssRecords }, null, 2));
+            results.epss = { success: true, count: epssRecords.length };
+            console.log(`   ✓ EPSS: ${epssRecords.length} scores`);
+        }
+        // Download NVD
+        console.log('📥 Downloading NIST NVD...');
+        const nvdRecords = await fetchNVD();
+        if (nvdRecords.length > 0) {
+            writeFileSync(join(outputDir, 'nvd.json'), JSON.stringify({ fetchedAt: new Date().toISOString(), records: nvdRecords }, null, 2));
+            results.nvd = { success: true, count: nvdRecords.length };
+            console.log(`   ✓ NVD: ${nvdRecords.length} CVEs`);
+        }
+        // Note: OSV is query-based, not a bulk download
+        // Users would need to query OSV API per-package
+        results.osv = {
+            success: true,
+            message: 'OSV uses on-demand API queries (not bulk download). Use OSV CLI for offline scanning.'
+        };
+        console.log('   ℹ️  OSV: Query-based API (use --update-db for caching)');
+        // Save metadata
+        const metadata = {
+            downloadedAt: new Date().toISOString(),
+            sources: results,
+            cacheAges: {
+                kev: MAX_CACHE_AGE_DAYS.kev,
+                epss: MAX_CACHE_AGE_DAYS.epss,
+                nvd: MAX_CACHE_AGE_DAYS.nvd,
+                osv: MAX_CACHE_AGE_DAYS.osv
+            }
+        };
+        writeFileSync(join(outputDir, 'metadata.json'), JSON.stringify(metadata, null, 2));
+        console.log('\n✅ Offline databases downloaded to:', outputDir);
+    }
+    catch (error) {
+        console.error('❌ Download failed:', error);
+        results.osv.message = error instanceof Error ? error.message : 'Download error';
+    }
+    return results;
+}

package/dist/patterns.js

@@ -0,0 +1,67 @@
+import { readFileSync, existsSync } from "fs";
+import { join, dirname } from "path";
+import { fileURLToPath } from "url";
+const PACKAGE_ROOT = join(dirname(fileURLToPath(import.meta.url)), "..");
+const RULES_DIR = join(PACKAGE_ROOT, "rules");
+const DEFAULT_PATTERNS_FILE = join(RULES_DIR, "default-patterns.json");
+/**
+ * Load patterns from JSON file
+ */
+export function loadPatterns(patternsFile = DEFAULT_PATTERNS_FILE) {
+    if (!existsSync(patternsFile)) {
+        throw new Error(`Patterns file not found: ${patternsFile}`);
+    }
+    const content = readFileSync(patternsFile, "utf-8");
+    return JSON.parse(content);
+}
+/**
+ * Compile patterns to RegExp objects
+ */
+export function compilePatterns(patterns) {
+    const compiled = new Map();
+    for (const [categoryKey, category] of Object.entries(patterns.categories)) {
+        const categoryPatterns = [];
+        for (const rule of category.patterns) {
+            try {
+                const regex = new RegExp(rule.pattern, rule.flags || "i");
+                categoryPatterns.push({
+                    regex,
+                    id: rule.id,
+                    severity: rule.severity,
+                    message: rule.message,
+                    category: categoryKey
+                });
+            }
+            catch (error) {
+                console.error(`Failed to compile pattern ${rule.id}:`, error);
+            }
+        }
+        compiled.set(categoryKey, categoryPatterns);
+    }
+    return compiled;
+}
+/**
+ * Load and compile patterns in one step
+ */
+export function loadAndCompile(patternsFile) {
+    const patterns = loadPatterns(patternsFile);
+    return compilePatterns(patterns);
+}
+/**
+ * Get pattern metadata (version, update date)
+ */
+export function getPatternMetadata(patternsFile = DEFAULT_PATTERNS_FILE) {
+    try {
+        const patterns = loadPatterns(patternsFile);
+        return { version: patterns.version, updated: patterns.updated };
+    }
+    catch {
+        return { version: "unknown", updated: "unknown" };
+    }
+}
+/**
+ * Check if patterns file exists
+ */
+export function hasPatternsFile(patternsFile = DEFAULT_PATTERNS_FILE) {
+    return existsSync(patternsFile);
+}

package/dist/security.js

@@ -1,6 +1,7 @@
 import { readFileSync } from "fs";
 import { basename, extname } from "path";
 import { resolveSkillPath, getSkillFiles } from "./discover.js";
+import { loadAndCompile, hasPatternsFile, getPatternMetadata } from "./patterns.js";
 /**
  * Phase 1 - Layer 2: Security Auditor
  *
@@ -13,7 +14,37 @@ import { resolveSkillPath, getSkillFiles } from "./discover.js";
  * - ASI04: Secrets / Supply Chain
  * - ASI05: Code Execution
  * - ASI09: Behavioral Manipulation
+ *
+ * Pattern sources:
+ * 1. External patterns file (rules/default-patterns.json) - preferred
+ * 2. Hardcoded fallback patterns - used if external file missing
+ */
+// ============================================================
+// Pattern Loading
+// ============================================================
+let compiledPatterns = null;
+let patternMetadata = { version: "unknown", updated: "unknown" };
+/**
+ * Initialize patterns (load from file or use hardcoded fallback)
  */
+function initPatterns() {
+    if (compiledPatterns) {
+        return compiledPatterns;
+    }
+    try {
+        if (hasPatternsFile()) {
+            compiledPatterns = loadAndCompile();
+            patternMetadata = getPatternMetadata();
+            return compiledPatterns;
+        }
+    }
+    catch (error) {
+        console.warn("Failed to load external patterns, using hardcoded fallback:", error);
+    }
+    // Fallback to hardcoded patterns (original implementation)
+    compiledPatterns = new Map();
+    return compiledPatterns;
+}
 // ============================================================
 // PROMPT INJECTION PATTERNS (ASI01 - Goal Hijacking)
 // ============================================================
@@ -164,13 +195,19 @@ function getASIXXFromId(id) {
 function scanContent(content, file, patterns) {
     const findings = [];
     const lines = content.split("\n");
-    for (const { pattern, id, severity = "medium", message } of patterns) {
+    for (const patternDef of patterns) {
+        const regex = 'regex' in patternDef ? patternDef.regex : patternDef.pattern;
+        const id = patternDef.id;
+        const severity = 'severity' in patternDef ? patternDef.severity : patternDef.severity || "medium";
+        const message = patternDef.message;
+        const category = 'category' in patternDef ? patternDef.category : getCategoryFromId(id);
+        const asixx = 'category' in patternDef ? mapCategoryToASIXX(category) : getASIXXFromId(id);
         for (let i = 0; i < lines.length; i++) {
-            if (pattern.test(lines[i])) {
+            if (regex.test(lines[i])) {
                 findings.push({
                     id,
-                    category: getCategoryFromId(id),
-                    asixx: getASIXXFromId(id),
+                    category: category,
+                    asixx,
                     severity: severity,
                     file,
                     line: i + 1,
@@ -182,6 +219,18 @@ function scanContent(content, file, patterns) {
     }
     return findings;
 }
+function mapCategoryToASIXX(category) {
+    const map = {
+        "promptInjection": "ASI01",
+        "credentialLeaks": "ASI04",
+        "shellInjection": "ASI05",
+        "exfiltration": "ASI02",
+        "secrets": "ASI04",
+        "toolMisuse": "ASI02",
+        "behavioral": "ASI09"
+    };
+    return map[category] || "ASI04";
+}
 function scanCodeBlocksInMarkdown(content, file) {
     const findings = [];
     const codeBlockRegex = /```(\w+)?\n([\s\S]*?)```/g;
@@ -283,6 +332,9 @@ export function auditSecurity(skill, manifest) {
             unreadableFiles: []
         };
     }
+    // Initialize patterns (load from file or use hardcoded fallback)
+    const patterns = initPatterns();
+    const hasExternalPatterns = patterns.size > 0;
     const files = getSkillFiles(resolvedPath);
     const findings = [];
     const unreadableFiles = [];
@@ -290,20 +342,49 @@ export function auditSecurity(skill, manifest) {
         const filename = basename(file);
         try {
             const content = readFileSync(file, "utf-8");
-            if (filename === "SKILL.md" || filename === "AGENTS.md") {
-                findings.push(...scanContent(content, file, PROMPT_INJECTION_PATTERNS));
-                findings.push(...scanContent(content, file, CREDENTIAL_PATTERNS_MD));
-                findings.push(...scanContent(content, file, EXFILTRATION_PATTERNS));
-                findings.push(...scanContent(content, file, BEHAVIORAL_PATTERNS));
-                findings.push(...scanContent(content, file, DANGEROUS_PATTERNS));
+            if (filename === "SKILL.md" || filename === "SKILL.md") {
+                // Use external patterns if available, otherwise use hardcoded
+                if (hasExternalPatterns) {
+                    const piPatterns = patterns.get("promptInjection") || [];
+                    const clPatterns = patterns.get("credentialLeaks") || [];
+                    const exPatterns = patterns.get("exfiltration") || [];
+                    const bmPatterns = patterns.get("behavioral") || [];
+                    const cePatterns = patterns.get("shellInjection") || [];
+                    findings.push(...scanContent(content, file, piPatterns));
+                    findings.push(...scanContent(content, file, clPatterns));
+                    findings.push(...scanContent(content, file, exPatterns));
+                    findings.push(...scanContent(content, file, bmPatterns));
+                    findings.push(...scanContent(content, file, cePatterns));
+                }
+                else {
+                    findings.push(...scanContent(content, file, PROMPT_INJECTION_PATTERNS));
+                    findings.push(...scanContent(content, file, CREDENTIAL_PATTERNS_MD));
+                    findings.push(...scanContent(content, file, EXFILTRATION_PATTERNS));
+                    findings.push(...scanContent(content, file, BEHAVIORAL_PATTERNS));
+                    findings.push(...scanContent(content, file, DANGEROUS_PATTERNS));
+                }
                 findings.push(...scanCodeBlocksInMarkdown(content, file));
             }
             else if (isCodeFile(file)) {
-                findings.push(...scanContent(content, file, CREDENTIAL_PATTERNS_CODE));
-                findings.push(...scanContent(content, file, EXFILTRATION_PATTERNS));
-                findings.push(...scanContent(content, file, DANGEROUS_PATTERNS));
-                findings.push(...scanContent(content, file, SECRET_PATTERNS));
-                findings.push(...scanContent(content, file, TOOL_MISUSE_PATTERNS));
+                if (hasExternalPatterns) {
+                    const clPatterns = patterns.get("credentialLeaks") || [];
+                    const exPatterns = patterns.get("exfiltration") || [];
+                    const cePatterns = patterns.get("shellInjection") || [];
+                    const scPatterns = patterns.get("secrets") || [];
+                    const tmPatterns = patterns.get("toolMisuse") || [];
+                    findings.push(...scanContent(content, file, clPatterns));
+                    findings.push(...scanContent(content, file, exPatterns));
+                    findings.push(...scanContent(content, file, cePatterns));
+                    findings.push(...scanContent(content, file, scPatterns));
+                    findings.push(...scanContent(content, file, tmPatterns));
+                }
+                else {
+                    findings.push(...scanContent(content, file, CREDENTIAL_PATTERNS_CODE));
+                    findings.push(...scanContent(content, file, EXFILTRATION_PATTERNS));
+                    findings.push(...scanContent(content, file, DANGEROUS_PATTERNS));
+                    findings.push(...scanContent(content, file, SECRET_PATTERNS));
+                    findings.push(...scanContent(content, file, TOOL_MISUSE_PATTERNS));
+                }
             }
         }
         catch (e) {

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@hungpg/skill-audit",
-  "version": "0.1.0",
+  "version": "0.2.0",
   "description": "Security auditing CLI for AI agent skills",
   "type": "module",
   "bin": {