@vantagesec/socc 0.1.11 → 0.1.13

package/scripts/bootstrap-socc-soul.mjs

@@ -1,12 +1,36 @@
 import assert from 'node:assert/strict'
+import { createHash } from 'node:crypto'
 import { existsSync } from 'node:fs'
-import { mkdir, readFile, writeFile } from 'node:fs/promises'
+import {
+  cp,
+  mkdir,
+  readFile,
+  readdir,
+  rm,
+  stat,
+  writeFile,
+} from 'node:fs/promises'
 import { dirname, join, resolve } from 'node:path'
 import { fileURLToPath } from 'node:url'
 
-const SOC_COPILOT_DIR = ['socc-canonical', '.agents', 'soc-copilot']
-const GENERATED_DIR = ['socc-canonical', '.agents', 'generated']
-const RUNTIME_AGENT_PATH = ['.claude', 'agents', 'socc.md']
+const SOC_CANONICAL_ROOT = ['socc-canonical', '.agents']
+const SOC_COPILOT_DIR = [...SOC_CANONICAL_ROOT, 'soc-copilot']
+const RULES_DIR = [...SOC_CANONICAL_ROOT, 'rules']
+const WORKFLOWS_DIR = [...SOC_CANONICAL_ROOT, 'workflows']
+const GENERATED_DIR = [...SOC_CANONICAL_ROOT, 'generated']
+
+const RUNTIME_ROOT = ['.claude']
+const RUNTIME_AGENT_PATH = [...RUNTIME_ROOT, 'agents', 'socc.md']
+const RUNTIME_RULES_DIR = [...RUNTIME_ROOT, 'rules']
+const RUNTIME_SKILLS_DIR = [...RUNTIME_ROOT, 'skills']
+const RUNTIME_REFERENCES_DIR = [...RUNTIME_ROOT, 'references']
+
+const RULE_RUNTIME_FILES = [
+  { source: RULES_DIR, file: 'AGENT.md', title: 'Global Behavior Rules' },
+  { source: RULES_DIR, file: 'TOOLS.md', title: 'Global Tooling Rules' },
+  { source: RULES_DIR, file: 'MEMORY.md', title: 'Persistent Conventions' },
+  { source: WORKFLOWS_DIR, file: 'SOP.md', title: 'IOC Handling SOP' },
+]
 
 function findPackageRoot(startDir) {
   let current = resolve(startDir)
@@ -28,6 +52,77 @@ async function readRequiredFile(path) {
   return readFile(path, 'utf8')
 }
 
+async function readOptionalFile(path) {
+  if (!existsSync(path)) {
+    return ''
+  }
+  return readFile(path, 'utf8')
+}
+
+function sha256(content) {
+  return createHash('sha256').update(content).digest('hex')
+}
+
+async function fileMetadata(path) {
+  const content = await readFile(path, 'utf8')
+  const stats = await stat(path)
+  return {
+    path,
+    sha256: sha256(content),
+    mtimeMs: stats.mtimeMs,
+  }
+}
+
+async function collectFileList(rootDir) {
+  if (!existsSync(rootDir)) {
+    return []
+  }
+
+  const results = []
+
+  async function walk(currentDir) {
+    const entries = await readdir(currentDir, { withFileTypes: true })
+    entries.sort((a, b) => a.name.localeCompare(b.name))
+
+    for (const entry of entries) {
+      const fullPath = join(currentDir, entry.name)
+      if (entry.isDirectory()) {
+        await walk(fullPath)
+      } else if (entry.isFile()) {
+        results.push(fullPath)
+      }
+    }
+  }
+
+  await walk(rootDir)
+  return results
+}
+
+async function replaceDirectory(sourceDir, targetDir) {
+  if (!existsSync(sourceDir)) {
+    throw new Error(`Required source directory not found: ${sourceDir}`)
+  }
+
+  await rm(targetDir, { recursive: true, force: true })
+  await mkdir(dirname(targetDir), { recursive: true })
+  await cp(sourceDir, targetDir, { recursive: true })
+}
+
+function composeRuleBundle(sections) {
+  return [
+    '# SOCC Business Rules',
+    '',
+    '<!-- Generated from socc-canonical/.agents/rules and workflows. -->',
+    '',
+    ...sections.flatMap(section => [
+      `## ${section.title}`,
+      '',
+      section.content.trim(),
+      '',
+    ]),
+  ].join('\n')
+}
+
 export function composeSoccAgentPrompt(parts) {
   return `---
 name: socc
@@ -74,7 +169,200 @@ ${parts.skill.trim()}
 `
 }
 
-export async function syncSoccSoul(packageRoot) {
+async function buildRuntimeRules(packageRoot) {
+  const sections = []
+  for (const section of RULE_RUNTIME_FILES) {
+    const sourcePath = join(packageRoot, ...section.source, section.file)
+    const content = await readOptionalFile(sourcePath)
+    if (!content.trim()) {
+      continue
+    }
+    sections.push({
+      title: section.title,
+      sourcePath,
+      content,
+    })
+  }
+
+  const runtimeRulesDir = join(packageRoot, ...RUNTIME_RULES_DIR)
+  const runtimeRulesPath = join(runtimeRulesDir, 'socc-business-rules.md')
+
+  await rm(runtimeRulesDir, { recursive: true, force: true })
+  await mkdir(runtimeRulesDir, { recursive: true })
+  await writeFile(runtimeRulesPath, composeRuleBundle(sections), 'utf8')
+
+  return {
+    runtimeRulesDir,
+    runtimeRulesPath,
+    sections: await Promise.all(
+      sections.map(async section => ({
+        title: section.title,
+        ...(await fileMetadata(section.sourcePath)),
+      })),
+    ),
+  }
+}
+
+async function buildRuntimeReferences(packageRoot) {
+  const sourceDir = join(packageRoot, ...SOC_COPILOT_DIR, 'references')
+  const targetDir = join(packageRoot, ...RUNTIME_REFERENCES_DIR)
+
+  await rm(targetDir, { recursive: true, force: true })
+  if (existsSync(sourceDir)) {
+    await mkdir(dirname(targetDir), { recursive: true })
+    await cp(sourceDir, targetDir, { recursive: true })
+  }
+
+  return {
+    runtimeReferencesDir: targetDir,
+    referenceFiles: await Promise.all(
+      (await collectFileList(targetDir)).map(fileMetadata),
+    ),
+  }
+}
+
+async function discoverSkillNames(skillsRoot) {
+  if (!existsSync(skillsRoot)) {
+    return []
+  }
+
+  const entries = await readdir(skillsRoot, { withFileTypes: true })
+  const names = []
+
+  for (const entry of entries.sort((a, b) => a.name.localeCompare(b.name))) {
+    if (!entry.isDirectory()) {
+      continue
+    }
+    if (existsSync(join(skillsRoot, entry.name, 'SKILL.md'))) {
+      names.push(entry.name)
+    }
+  }
+
+  return names
+}
+
+async function buildRuntimeSkills(packageRoot, skillNames = null) {
+  const sourceSkillsRoot = join(packageRoot, ...SOC_COPILOT_DIR, 'skills')
+  const runtimeSkillsDir = join(packageRoot, ...RUNTIME_SKILLS_DIR)
+  const namesToSync = skillNames ?? (await discoverSkillNames(sourceSkillsRoot))
+
+  await rm(runtimeSkillsDir, { recursive: true, force: true })
+  await mkdir(runtimeSkillsDir, { recursive: true })
+
+  const copied = []
+  for (const skillName of namesToSync) {
+    const sourceDir = join(sourceSkillsRoot, skillName)
+    if (!existsSync(sourceDir)) {
+      throw new Error(`Skill not found in canonical source: ${skillName}`)
+    }
+    const targetDir = join(runtimeSkillsDir, skillName)
+    await cp(sourceDir, targetDir, { recursive: true })
+    copied.push({
+      name: skillName,
+      path: targetDir,
+      ...(await fileMetadata(join(sourceDir, 'SKILL.md'))),
+    })
+  }
+
+  return {
+    runtimeSkillsDir,
+    runtimeSkills: copied,
+  }
+}
+
+async function buildManifest({
+  packageRoot,
+  upstreamRoot,
+  generatedAgentPath,
+  generatedManifestPath,
+  runtimeAgentPath,
+  runtimeRulesPath,
+  runtimeSkillsDir,
+  runtimeReferencesDir,
+  runtimeSkills,
+}) {
+  const canonicalRoot = join(packageRoot, ...SOC_COPILOT_DIR)
+  const sourceFiles = {
+    identity: join(canonicalRoot, 'identity.md'),
+    soul: join(canonicalRoot, 'SOUL.md'),
+    user: join(canonicalRoot, 'USER.md'),
+    agents: join(canonicalRoot, 'AGENTS.md'),
+    tools: join(canonicalRoot, 'TOOLS.md'),
+    memory: join(canonicalRoot, 'MEMORY.md'),
+    skills: join(canonicalRoot, 'skills.md'),
+    skill: join(canonicalRoot, 'SKILL.md'),
+    rulesAgent: join(packageRoot, ...RULES_DIR, 'AGENT.md'),
+    rulesTools: join(packageRoot, ...RULES_DIR, 'TOOLS.md'),
+    rulesMemory: join(packageRoot, ...RULES_DIR, 'MEMORY.md'),
+    workflowSop: join(packageRoot, ...WORKFLOWS_DIR, 'SOP.md'),
+  }
+
+  const sourceBlocks = {}
+  for (const [name, path] of Object.entries(sourceFiles)) {
+    if (existsSync(path)) {
+      sourceBlocks[name] = await fileMetadata(path)
+    }
+  }
+
+  return {
+    generatedAt: new Date().toISOString(),
+    sourceRoot: canonicalRoot,
+    upstreamRoot: upstreamRoot || null,
+    generatedAgentPath,
+    generatedManifestPath,
+    runtimeAgentPath,
+    runtimeRulesPath,
+    runtimeSkillsDir,
+    runtimeReferencesDir,
+    runtimeSkillNames: runtimeSkills.map(skill => skill.name),
+    sourceFiles,
+    sourceBlocks,
+    runtimeSkills,
+  }
+}
+
+export async function syncSoccCanonicalFromUpstream(packageRoot, upstreamRoot) {
+  if (!upstreamRoot) {
+    throw new Error('upstreamRoot is required for canonical sync')
+  }
+
+  const canonicalRoot = join(packageRoot, ...SOC_CANONICAL_ROOT)
+  const syncTargets = [
+    { source: join(upstreamRoot, 'rules'), target: join(canonicalRoot, 'rules') },
+    {
+      source: join(upstreamRoot, 'soc-copilot'),
+      target: join(canonicalRoot, 'soc-copilot'),
+    },
+    {
+      source: join(upstreamRoot, 'workflows'),
+      target: join(canonicalRoot, 'workflows'),
+    },
+  ]
+
+  await mkdir(canonicalRoot, { recursive: true })
+  await Promise.all(syncTargets.map(target => replaceDirectory(target.source, target.target)))
+
+  return {
+    upstreamRoot,
+    canonicalRoot,
+    syncedPaths: syncTargets.map(target => ({
+      source: target.source,
+      target: target.target,
+    })),
+  }
+}
+
+export async function syncSoccSoul(
+  packageRoot,
+  {
+    upstreamRoot = null,
+    skillNames = null,
+  } = {},
+) {
+  if (upstreamRoot) {
+    await syncSoccCanonicalFromUpstream(packageRoot, upstreamRoot)
+  }
+
   const canonicalRoot = join(packageRoot, ...SOC_COPILOT_DIR)
   const generatedDir = join(packageRoot, ...GENERATED_DIR)
   const runtimeAgentPath = join(packageRoot, ...RUNTIME_AGENT_PATH)
@@ -112,52 +400,85 @@ export async function syncSoccSoul(packageRoot) {
     skill,
   })
 
-  const manifest = {
-    generatedAt: new Date().toISOString(),
-    sourceRoot: canonicalRoot,
-    generatedAgentPath,
-    runtimeAgentPath,
-    sourceFiles: {
-      identity: join(canonicalRoot, 'identity.md'),
-      soul: join(canonicalRoot, 'SOUL.md'),
-      user: join(canonicalRoot, 'USER.md'),
-      agents: join(canonicalRoot, 'AGENTS.md'),
-      tools: join(canonicalRoot, 'TOOLS.md'),
-      memory: join(canonicalRoot, 'MEMORY.md'),
-      skills: join(canonicalRoot, 'skills.md'),
-      skill: join(canonicalRoot, 'SKILL.md'),
-    },
-  }
-
   await mkdir(dirname(runtimeAgentPath), { recursive: true })
   await mkdir(generatedDir, { recursive: true })
 
   await Promise.all([
     writeFile(generatedAgentPath, prompt, 'utf8'),
-    writeFile(generatedManifestPath, JSON.stringify(manifest, null, 2), 'utf8'),
     writeFile(runtimeAgentPath, prompt, 'utf8'),
   ])
 
+  const runtimeRules = await buildRuntimeRules(packageRoot)
+  const runtimeReferences = await buildRuntimeReferences(packageRoot)
+  const runtimeSkills = await buildRuntimeSkills(packageRoot, skillNames)
+
+  const manifest = await buildManifest({
+    packageRoot,
+    upstreamRoot,
+    generatedAgentPath,
+    generatedManifestPath,
+    runtimeAgentPath,
+    runtimeRulesPath: runtimeRules.runtimeRulesPath,
+    runtimeSkillsDir: runtimeSkills.runtimeSkillsDir,
+    runtimeReferencesDir: runtimeReferences.runtimeReferencesDir,
+    runtimeSkills: runtimeSkills.runtimeSkills,
+  })
+
+  await writeFile(
+    generatedManifestPath,
+    JSON.stringify(manifest, null, 2),
+    'utf8',
+  )
+
   return {
     generatedAgentPath,
     generatedManifestPath,
     runtimeAgentPath,
+    runtimeRulesPath: runtimeRules.runtimeRulesPath,
+    runtimeSkillsDir: runtimeSkills.runtimeSkillsDir,
+    runtimeReferencesDir: runtimeReferences.runtimeReferencesDir,
+    upstreamRoot,
+    runtimeSkillNames: runtimeSkills.runtimeSkills.map(skill => skill.name),
   }
 }
 
+function parseArgs(argv) {
+  const args = [...argv]
+  let upstreamRoot =
+    process.env.SOCC_AGENTS_UPSTREAM?.trim() || null
+
+  for (let index = 0; index < args.length; index += 1) {
+    const arg = args[index]
+    if (arg === '--upstream') {
+      upstreamRoot = args[index + 1] ? resolve(args[index + 1]) : null
+      index += 1
+    }
+  }
+
+  return { upstreamRoot }
+}
+
 async function main() {
   const scriptDir = dirname(fileURLToPath(import.meta.url))
   const packageRoot = findPackageRoot(scriptDir)
-  const result = await syncSoccSoul(packageRoot)
+  const { upstreamRoot } = parseArgs(process.argv.slice(2))
+  const result = await syncSoccSoul(packageRoot, { upstreamRoot })
 
   assert.ok(result.generatedAgentPath)
   assert.ok(result.generatedManifestPath)
   assert.ok(result.runtimeAgentPath)
+  assert.ok(result.runtimeRulesPath)
+  assert.ok(result.runtimeSkillsDir)
 
-  console.log(`SOCC soul synced from canonical source.`)
-  console.log(`Generated: ${result.generatedAgentPath}`)
+  console.log('SOCC soul synced from canonical source.')
+  if (result.upstreamRoot) {
+    console.log(`Upstream synced: ${result.upstreamRoot}`)
+  }
+  console.log(`Generated agent: ${result.generatedAgentPath}`)
   console.log(`Manifest: ${result.generatedManifestPath}`)
   console.log(`Runtime agent: ${result.runtimeAgentPath}`)
+  console.log(`Runtime rules: ${result.runtimeRulesPath}`)
+  console.log(`Runtime skills: ${result.runtimeSkillsDir}`)
 }
 
 const isDirectExecution =

package/socc-canonical/.agents/generated/socc-agent-manifest.json

@@ -1,8 +1,35 @@
 {
-  "generatedAt": "2026-04-11T20:09:04.252Z",
+  "generatedAt": "2026-04-12T18:33:01.785Z",
   "sourceRoot": "/home/nilsonpmjr/.gemini/antigravity/scratch/socc/socc-canonical/.agents/soc-copilot",
+  "upstreamRoot": "/home/nilsonpmjr/Modelos/socc/.agents",
   "generatedAgentPath": "/home/nilsonpmjr/.gemini/antigravity/scratch/socc/socc-canonical/.agents/generated/socc-agent.md",
+  "generatedManifestPath": "/home/nilsonpmjr/.gemini/antigravity/scratch/socc/socc-canonical/.agents/generated/socc-agent-manifest.json",
   "runtimeAgentPath": "/home/nilsonpmjr/.gemini/antigravity/scratch/socc/.claude/agents/socc.md",
+  "runtimeRulesPath": "/home/nilsonpmjr/.gemini/antigravity/scratch/socc/.claude/rules/socc-business-rules.md",
+  "runtimeSkillsDir": "/home/nilsonpmjr/.gemini/antigravity/scratch/socc/.claude/skills",
+  "runtimeReferencesDir": "/home/nilsonpmjr/.gemini/antigravity/scratch/socc/.claude/references",
+  "runtimeSkillNames": [
+    "code-review-excellence",
+    "cybersecurity-analyst",
+    "data-visualization",
+    "deep-research",
+    "excel-analysis",
+    "find-skills",
+    "humanizer",
+    "malware-behavior",
+    "mitre",
+    "observability-logs-search",
+    "payload-triage",
+    "phishing-analysis",
+    "prd",
+    "remembering-conversations",
+    "sequential-thinking",
+    "soc-generalist",
+    "suspicious-url",
+    "systematic-debugging",
+    "translation-expertise",
+    "web-search"
+  ],
   "sourceFiles": {
     "identity": "/home/nilsonpmjr/.gemini/antigravity/scratch/socc/socc-canonical/.agents/soc-copilot/identity.md",
     "soul": "/home/nilsonpmjr/.gemini/antigravity/scratch/socc/socc-canonical/.agents/soc-copilot/SOUL.md",
@@ -11,6 +38,194 @@
     "tools": "/home/nilsonpmjr/.gemini/antigravity/scratch/socc/socc-canonical/.agents/soc-copilot/TOOLS.md",
     "memory": "/home/nilsonpmjr/.gemini/antigravity/scratch/socc/socc-canonical/.agents/soc-copilot/MEMORY.md",
     "skills": "/home/nilsonpmjr/.gemini/antigravity/scratch/socc/socc-canonical/.agents/soc-copilot/skills.md",
-    "skill": "/home/nilsonpmjr/.gemini/antigravity/scratch/socc/socc-canonical/.agents/soc-copilot/SKILL.md"
-  }
+    "skill": "/home/nilsonpmjr/.gemini/antigravity/scratch/socc/socc-canonical/.agents/soc-copilot/SKILL.md",
+    "rulesAgent": "/home/nilsonpmjr/.gemini/antigravity/scratch/socc/socc-canonical/.agents/rules/AGENT.md",
+    "rulesTools": "/home/nilsonpmjr/.gemini/antigravity/scratch/socc/socc-canonical/.agents/rules/TOOLS.md",
+    "rulesMemory": "/home/nilsonpmjr/.gemini/antigravity/scratch/socc/socc-canonical/.agents/rules/MEMORY.md",
+    "workflowSop": "/home/nilsonpmjr/.gemini/antigravity/scratch/socc/socc-canonical/.agents/workflows/SOP.md"
+  },
+  "sourceBlocks": {
+    "identity": {
+      "path": "/home/nilsonpmjr/.gemini/antigravity/scratch/socc/socc-canonical/.agents/soc-copilot/identity.md",
+      "sha256": "7f4e655bcab4cf2d3f662d76687b616e9e5da461aed80b669e38233272b6d433",
+      "mtimeMs": 1776018781684.7075
+    },
+    "soul": {
+      "path": "/home/nilsonpmjr/.gemini/antigravity/scratch/socc/socc-canonical/.agents/soc-copilot/SOUL.md",
+      "sha256": "d337ef58227c7eb3ec4638b4a56edf12283f2521b19e03583ce22e5d3d84afd8",
+      "mtimeMs": 1776018781683.391
+    },
+    "user": {
+      "path": "/home/nilsonpmjr/.gemini/antigravity/scratch/socc/socc-canonical/.agents/soc-copilot/USER.md",
+      "sha256": "44af3a21476a83abd9a9aed93d201573f4729d63ef2be87d1fa84e2073b47690",
+      "mtimeMs": 1776018781683.9214
+    },
+    "agents": {
+      "path": "/home/nilsonpmjr/.gemini/antigravity/scratch/socc/socc-canonical/.agents/soc-copilot/AGENTS.md",
+      "sha256": "055615392fb01fa08118d35ae53dcdace9bc1c2596a7f16678224bf165f664d1",
+      "mtimeMs": 1776018781681.4995
+    },
+    "tools": {
+      "path": "/home/nilsonpmjr/.gemini/antigravity/scratch/socc/socc-canonical/.agents/soc-copilot/TOOLS.md",
+      "sha256": "dbbf7bf495c4f23baa0a0fc92bba4635bfb89c3ca53279700c4967ae2d72f0cb",
+      "mtimeMs": 1776018781683.6643
+    },
+    "memory": {
+      "path": "/home/nilsonpmjr/.gemini/antigravity/scratch/socc/socc-canonical/.agents/soc-copilot/MEMORY.md",
+      "sha256": "1507bbae85098cf81c83b399bff0c4d316d187a1a4e3bb0df3029ed7a22861b2",
+      "mtimeMs": 1776018781682.1475
+    },
+    "skills": {
+      "path": "/home/nilsonpmjr/.gemini/antigravity/scratch/socc/socc-canonical/.agents/soc-copilot/skills.md",
+      "sha256": "0f8a8c0fd0af23751c083fe8b84866dba35784b2ea590b94c5b298a35108b6d3",
+      "mtimeMs": 1776018781688.3726
+    },
+    "skill": {
+      "path": "/home/nilsonpmjr/.gemini/antigravity/scratch/socc/socc-canonical/.agents/soc-copilot/SKILL.md",
+      "sha256": "97f59e20347142fb39bcedc1e1455c9755c34cdbc9af08fd1903fc596aeca1f3",
+      "mtimeMs": 1776018781683.0076
+    },
+    "rulesAgent": {
+      "path": "/home/nilsonpmjr/.gemini/antigravity/scratch/socc/socc-canonical/.agents/rules/AGENT.md",
+      "sha256": "76b4b210fec68acb2b026959e87f620aa1d30f1fae9cadcfdab7cc8ea2aa994a",
+      "mtimeMs": 1776018781680.1848
+    },
+    "rulesTools": {
+      "path": "/home/nilsonpmjr/.gemini/antigravity/scratch/socc/socc-canonical/.agents/rules/TOOLS.md",
+      "sha256": "3f8793720f5419f5864f782c7a8f2b25bc9a99134e6dac0ef8b4e878138b88e3",
+      "mtimeMs": 1776018781682.1475
+    },
+    "rulesMemory": {
+      "path": "/home/nilsonpmjr/.gemini/antigravity/scratch/socc/socc-canonical/.agents/rules/MEMORY.md",
+      "sha256": "08e860acc31384fc720a141193773182793c476af6ff496d516b686b20425c45",
+      "mtimeMs": 1776018781681.4995
+    },
+    "workflowSop": {
+      "path": "/home/nilsonpmjr/.gemini/antigravity/scratch/socc/socc-canonical/.agents/workflows/SOP.md",
+      "sha256": "e314e638fe1dcb238b503af90c9fdada060db67a2fc3b9319cd88dde99358942",
+      "mtimeMs": 1776018781680.2153
+    }
+  },
+  "runtimeSkills": [
+    {
+      "name": "code-review-excellence",
+      "path": "/home/nilsonpmjr/.gemini/antigravity/scratch/socc/socc-canonical/.agents/soc-copilot/skills/code-review-excellence/SKILL.md",
+      "sha256": "a765bd62c6ee22eab0cb56e96b5a811b49a9b4dfc1f85a86776aa1d3d6e87532",
+      "mtimeMs": 1776018781689.2603
+    },
+    {
+      "name": "cybersecurity-analyst",
+      "path": "/home/nilsonpmjr/.gemini/antigravity/scratch/socc/socc-canonical/.agents/soc-copilot/skills/cybersecurity-analyst/SKILL.md",
+      "sha256": "c15b191bf605c3e8760db5e95950e0abdfcc78017160d6141a6a41856e345a2e",
+      "mtimeMs": 1776018781690.7214
+    },
+    {
+      "name": "data-visualization",
+      "path": "/home/nilsonpmjr/.gemini/antigravity/scratch/socc/socc-canonical/.agents/soc-copilot/skills/data-visualization/SKILL.md",
+      "sha256": "728d3b95b9ebc744594076a2263c02b2a3f8f16a947437e66c035ef2329a12df",
+      "mtimeMs": 1776018781691.8608
+    },
+    {
+      "name": "deep-research",
+      "path": "/home/nilsonpmjr/.gemini/antigravity/scratch/socc/socc-canonical/.agents/soc-copilot/skills/deep-research/SKILL.md",
+      "sha256": "5637feab59dcc091d307fb0881907d9dfae74d3eccdf51b9bc8acf879c28c682",
+      "mtimeMs": 1776018781692.3916
+    },
+    {
+      "name": "excel-analysis",
+      "path": "/home/nilsonpmjr/.gemini/antigravity/scratch/socc/socc-canonical/.agents/soc-copilot/skills/excel-analysis/SKILL.md",
+      "sha256": "fb681b860b4d3bc20938cfbe490ebdc39d679d1634f1a6c12727bd4ab7ac91d0",
+      "mtimeMs": 1776018781693.162
+    },
+    {
+      "name": "find-skills",
+      "path": "/home/nilsonpmjr/.gemini/antigravity/scratch/socc/socc-canonical/.agents/soc-copilot/skills/find-skills/SKILL.md",
+      "sha256": "54b44dc9539df865fbb060f62fb062e8232e765852a0cf14c38301fe0c1eb264",
+      "mtimeMs": 1776018781693.7205
+    },
+    {
+      "name": "humanizer",
+      "path": "/home/nilsonpmjr/.gemini/antigravity/scratch/socc/socc-canonical/.agents/soc-copilot/skills/humanizer/SKILL.md",
+      "sha256": "6688e4e292ab4f235e2a27f5193a7d048657c74b26ed6000398ee3371c9c3a4b",
+      "mtimeMs": 1776018781694.4724
+    },
+    {
+      "name": "malware-behavior",
+      "path": "/home/nilsonpmjr/.gemini/antigravity/scratch/socc/socc-canonical/.agents/soc-copilot/skills/malware-behavior/SKILL.md",
+      "sha256": "82a86882c355771571269d63c826ee75b1866201f7e6b45e2a1e6bda8b01c2c0",
+      "mtimeMs": 1776018781695.041
+    },
+    {
+      "name": "mitre",
+      "path": "/home/nilsonpmjr/.gemini/antigravity/scratch/socc/socc-canonical/.agents/soc-copilot/skills/mitre/SKILL.md",
+      "sha256": "4e9d3a0f3ecb9cfc89f7518a3a1658d282a2137e4cf76c1f5b443a7570ce9ba7",
+      "mtimeMs": 1776018781695.5784
+    },
+    {
+      "name": "observability-logs-search",
+      "path": "/home/nilsonpmjr/.gemini/antigravity/scratch/socc/socc-canonical/.agents/soc-copilot/skills/observability-logs-search/SKILL.md",
+      "sha256": "ec434341ea8f420fe35851f3edb4a18bf77ff325e1075fc383f74231834f9277",
+      "mtimeMs": 1776018781696.0745
+    },
+    {
+      "name": "payload-triage",
+      "path": "/home/nilsonpmjr/.gemini/antigravity/scratch/socc/socc-canonical/.agents/soc-copilot/skills/payload-triage/SKILL.md",
+      "sha256": "a6429e8aabc11a685889c290765dc596f937173488c07866e54ee79db214b20c",
+      "mtimeMs": 1776018781697.077
+    },
+    {
+      "name": "phishing-analysis",
+      "path": "/home/nilsonpmjr/.gemini/antigravity/scratch/socc/socc-canonical/.agents/soc-copilot/skills/phishing-analysis/SKILL.md",
+      "sha256": "41e4e01d06538c1d118a123c8c69747094c4196ed129ed468aff61df57cb1705",
+      "mtimeMs": 1776018781697.5767
+    },
+    {
+      "name": "prd",
+      "path": "/home/nilsonpmjr/.gemini/antigravity/scratch/socc/socc-canonical/.agents/soc-copilot/skills/prd/SKILL.md",
+      "sha256": "6772e6f0fcc7110d625c7f4595e4990e1910007676c36d217eda4e779041d5e5",
+      "mtimeMs": 1776018781698.0488
+    },
+    {
+      "name": "remembering-conversations",
+      "path": "/home/nilsonpmjr/.gemini/antigravity/scratch/socc/socc-canonical/.agents/soc-copilot/skills/remembering-conversations/SKILL.md",
+      "sha256": "84a2ffa55206e037450bc323e03b121f3742950c95f5838f9b9dec8e5c6d5978",
+      "mtimeMs": 1776018781698.8347
+    },
+    {
+      "name": "sequential-thinking",
+      "path": "/home/nilsonpmjr/.gemini/antigravity/scratch/socc/socc-canonical/.agents/soc-copilot/skills/sequential-thinking/SKILL.md",
+      "sha256": "c517ae710853ee2ea06111d72888fbe1eb432368b0a7984b9c31391ecbc2ef27",
+      "mtimeMs": 1776018781699.9058
+    },
+    {
+      "name": "soc-generalist",
+      "path": "/home/nilsonpmjr/.gemini/antigravity/scratch/socc/socc-canonical/.agents/soc-copilot/skills/soc-generalist/SKILL.md",
+      "sha256": "dd15bfda50a4f34394b7d249179db8885d614f671cff57be6fe34dbce876f804",
+      "mtimeMs": 1776018781701.126
+    },
+    {
+      "name": "suspicious-url",
+      "path": "/home/nilsonpmjr/.gemini/antigravity/scratch/socc/socc-canonical/.agents/soc-copilot/skills/suspicious-url/SKILL.md",
+      "sha256": "be1854a81f271853dd8fb19f434d01bc314a3ccb373bde6faf796236cd529eb0",
+      "mtimeMs": 1776018781701.6086
+    },
+    {
+      "name": "systematic-debugging",
+      "path": "/home/nilsonpmjr/.gemini/antigravity/scratch/socc/socc-canonical/.agents/soc-copilot/skills/systematic-debugging/SKILL.md",
+      "sha256": "4999cb851360485eca5074e727bbdd62ef20549c5d5b01216fcbf5831badb473",
+      "mtimeMs": 1776018781702.296
+    },
+    {
+      "name": "translation-expertise",
+      "path": "/home/nilsonpmjr/.gemini/antigravity/scratch/socc/socc-canonical/.agents/soc-copilot/skills/translation-expertise/SKILL.md",
+      "sha256": "246ec0c1751185e5ff30da40c698934e90dff71d2eb6d5fcc1448955567de3b2",
+      "mtimeMs": 1776018781704.7175
+    },
+    {
+      "name": "web-search",
+      "path": "/home/nilsonpmjr/.gemini/antigravity/scratch/socc/socc-canonical/.agents/soc-copilot/skills/web-search/SKILL.md",
+      "sha256": "8e652d2267c967700bf4ab4b416d0afc571ed05076082e1bc92b98b85ba7fcb4",
+      "mtimeMs": 1776018781706.654
+    }
+  ]
 }