nsauditor-ai-agent-skill 0.1.34 → 0.1.36

package/CHANGELOG.md

@@ -4,6 +4,121 @@ Release notes for **`nsauditor-ai-agent-skill`** — installable knowledge packa
 
 ---
 
+## 0.1.36 — Catalog refresh: EE 0.9.0 HIPAA FRAMEWORK CYCLE (first 0.9.x release; HIPAA Security Rule §164.312 Technical Safeguards ships as second supported compliance framework alongside SOC 2; HIPAA coverage matrix 7 covered + 3 partial + 45 OOS; HHS Required/Addressable discipline per control; §164.312(c)(1) ransomware-defense substrate via Logically Air-Gapped Backup Vault cross-verification; per-framework SLA-citation map closes cross-framework citation leak class; 6 same-session reviewer folds; +85 new tests across 3 new suites; plugin count UNCHANGED at 24; SOC 2 coverage matrix UNCHANGED at 10/4/33; EE regression 5890/5890 across 928 suites; 69-session 100% green streak preserved; twenty-sixth consecutive trio-publish; no breaking changes — additive only; agent-skill catalog refresh: SKILL.md HIPAA framework coverage block added, README "Plugin awareness" + "Compliance frameworks" capability rows updated, references/plugins.md Enterprise Plugins header corrected 18 → 24 with HIPAA framework mention)
+
+**Trio-publish institutionalization continued.** Paired with EE 0.9.0 + CE 0.1.69 — **twenty-sixth consecutive trio-publish across EE + CE + agent-skill in a single session** (0.4.5–0.9.0).
+
+### Headline — EE 0.9.0 HIPAA framework cycle (first 0.9.x release)
+
+HIPAA Security Rule §164.312 Technical Safeguards ships as the second supported compliance framework alongside SOC 2. Closes the long-standing "planned" gap in EE's `docs/architecture.md` for the highest-demand next framework after SOC 2.
+
+**New deliverables in EE 0.9.0:**
+
+- `data/compliance/hipaa.json` — 175 mappings across 10 §164.312 controls (7 covered + 3 partial) + 45 explicit OOS specs. Patterns inherited from soc2.json's grep-verified pattern set with HIPAA-grounded rationales. Schema-additive HHS-discipline fields: `requiredOrAddressable: 'R'|'A'` + `standardOrSpec: 'standard'|'implementation-specification'` + `ruleText: <HHS rule text>` per control.
+- `docs/hipaa-coverage.md` (~440 lines) — mirror of `docs/soc2-coverage.md` shape; auditor-grade per-sub-criterion coverage doc with explicit §164.308 + §164.310 OOS framing.
+- Per-framework SLA-citation map in `utils/soc2_renderer.mjs` — new `frameworkControlCitation(framework, slot)` helper threaded through markdown + HTML renderers. HIPAA reports cite `§164.312(b) audit-controls cadence` (SLA), `§164.308 administrative-safeguards governance — OOS for §164.312 Technical-Safeguards report` (governance sentinel), `§164.312(d) Person or Entity Authentication` (identity). SOC 2 reports remain byte-identical.
+
+### HIPAA coverage matrix (7 covered + 3 partial + 45 OOS)
+
+Within §164.312 Technical Safeguards:
+- **Covered (7)**: §164.312(a)(1) Access Control, (a)(2)(i) Unique User ID, (a)(2)(iv) Encryption-at-rest, (b) Audit Controls, (d) Person/Entity Auth, (e)(1) Transmission Security, (e)(2)(ii) Transmission Encryption
+- **Partial (3)**: §164.312(c)(1) Integrity (ransomware-defense substrate), (c)(2) ePHI integrity verification, (e)(2)(i) Transmission Integrity Controls
+- **OOS within §164.312 (2)**: §164.312(a)(2)(ii) Emergency Access Procedure (procedural break-glass), (a)(2)(iii) Automatic Logoff (application-tier)
+
+Plus:
+- **§164.308 Administrative Safeguards entire (31 specs)** — workforce training, sanction policies, BAAs, contingency planning, incident procedures. Pair with HIPAA-focused GRC platforms (Drata HIPAA, Vanta HIPAA, Compliancy Group, Tugboat Logic).
+- **§164.310 Physical Safeguards entire (12 specs)** — facility access, workstation security, device/media disposal. Pair with facilities-management + endpoint-management + asset-disposal vendors.
+
+### §164.312(c)(1) Integrity ransomware-defense substrate (HHS-OCR 2024 enforcement-relevant)
+
+EE's `aws-backup-auditor` Logically Air-Gapped Backup Vault cross-verification (KMS policy + Grants + replicas + VPC-endpoint composite attestation) produces the strongest substrate evidence available on the AWS layer. A composite-attestation PASS evidences that ePHI backups would survive a full source-account compromise — exactly the §164.312(c)(1) integrity-preservation posture HHS-OCR has highlighted in 2024 enforcement actions.
+
+### Zero engine / CLI changes required
+
+EE's `loadFrameworkMap` was already framework-agnostic (reads `data/compliance/{framework}.json` by parameter); CE's `--compliance` flag already accepts CSV (wired since EE 0.3.0). Multi-framework workflow shipping today: `nsauditor-ai scan --host aws --plugins all --compliance soc2,hipaa --out evidence/` produces separate `scan_compliance_soc2.{md,html,json}` AND `scan_compliance_hipaa.{md,html,json}` artifact sets in one scan.
+
+### Zero BAA required (HIPAA §160.103)
+
+Zero Data Exfiltration architecture means ePHI never leaves customer infrastructure. Nsasoft does not see, store, or process customer ePHI under any condition — no Business Associate Agreement needed. This is a self-hosted scanner, not a SaaS service.
+
+### 6 same-session reviewer folds applied (2 R-HIGH + 2 R-MEDIUM + 1 R-LOW + 1 docstring; 0 R-CRITICAL)
+
+Two parallel reviewers (HIPAA Security Officer perspective + senior code reviewer perspective). Confirmed: §164.312 sub-criteria routing clean (no CloudTrail in (a)(1), no MFA in (a)(1), no TLS in (a)(2)(iv)); HHS R/A classification correct per control; §164.308 + §164.310 OOS enumerations complete against 45 CFR; rationale spot-check zero cross-framework citation leak.
+
+### +85 new tests across 3 new test suites
+
+- `tests/hipaa_mapping_anchor_drift.test.mjs` (32) — load-bearing anchor-drift defense via INHERITANCE CONTRACT (every hipaa.json (source, titlePattern) pair MUST exist in soc2.json, which has its own plugin-side anchor-drift defenses).
+- `tests/hipaa_mapping.test.mjs` (36) — engine-end-to-end fixture tests across all 7 covered + 3 partial §164.312 controls + sub-criteria discrimination tests + OOS-routing assertions.
+- `tests/hipaa_renderer.test.mjs` (17) — per-framework citation correctness + SOC 2 regression-protection + helper API ergonomics (case-insensitivity, defensive type guard, sentinel-on-unknown-slot).
+
+### AWS-dogfood verified — 2026-05-21 smoke scan
+
+Against operator's test AWS account: 207 findings analyzed, all routed to correct §164.312 sub-criteria; per-framework citation map confirmed firing in production reports; ransomware-defense substrate §164.312(c)(1) surfaces correctly with 12 violations (S3 versioning disabled, Object Lock not configured, RDS BackupRetentionPeriod below baseline, single-AZ). Zero regression on SOC 2 path (same 207 findings → 9 FAIL + 4 PASS + 1 partial + 33 OOS matching 10/4/33 exactly).
+
+### Agent-skill catalog refresh (this release — 0.1.36)
+
+- `SKILL.md` — "EE SOC 2 substrate-evidence coverage" block updated to "post-EE 0.9.0" + SOC 2 matrix UNCHANGED note + NEW "EE HIPAA §164.312 Technical Safeguards substrate-evidence coverage" block enumerating 7+3+45 + R/A discipline + ransomware-substrate angle + Zero-BAA framing. `compliance_check` tool description updated to surface both SOC 2 AND HIPAA as actively shipped frameworks (previously listed alongside planned-only NIST/HIPAA/GDPR/PCI-DSS).
+- `README.md` — "Plugin awareness" capability row updated 44+ → 50 (17 core + 6 discovery + 3 pro + 24 enterprise; corrects pre-existing stale 18-enterprise claim from when EE had 18 plugins); NEW "Compliance frameworks" capability row enumerating SOC 2 + HIPAA + multi-framework dual-publish + Zero-BAA. `references/plugins.md` reference description updated 44+ → 50.
+- `references/plugins.md` — "Enterprise Plugins (18)" header corrected to "Enterprise Plugins (24)" (pre-existing stale count; EE has had 24 plugins since EE 0.7.0). Plugin-catalog intro extended to mention dual-framework SOC 2 + HIPAA support + multi-framework `--compliance soc2,hipaa` CSV workflow + Zero-BAA architecture for HIPAA.
+
+### No breaking changes — additive only
+
+The 0.8.0 customer migration carryover (suppressions targeting `match.source: 'azure-cloud-scanner'` silently no-op post-0.8.0) remains as-is. HIPAA framework cycle is opt-in via `--compliance hipaa` or `--compliance soc2,hipaa`.
+
+**Plugin count UNCHANGED at 24**. **SOC 2 coverage matrix UNCHANGED at 10/4/33** (additive-only cycle; no SOC 2 mappings changed). **HIPAA coverage matrix introduced at 7/3/45**.
+
+---
+
+## 0.1.35 — Catalog refresh: EE 0.8.0 MINOR VERSION MILESTONE (EE-RT.23 Move B plugin 1022 per-dim source-attribution refactor + Engine `details.category` projection contract + Key Vault soc2.json gap closure +13 mappings; 7 same-session reviewer folds; +23 new tests / +6 new suites; plugin count UNCHANGED at 24; coverage matrix UNCHANGED at 10/4/33; EE regression 5805/5805 across 907 suites; 68-session 100% green streak preserved; twenty-fifth consecutive trio-publish; ⚠️ customer migration: `match.source: 'azure-cloud-scanner'` suppressions silently no-op post-0.8.0)
+
+**Trio-publish institutionalization continued.** Paired with EE 0.8.0 + CE 0.1.68 — **twenty-fifth consecutive trio-publish across EE + CE + agent-skill in a single session** (0.4.5–0.8.0).
+
+### Headline — MINOR VERSION MILESTONE: EE-RT.23 Move B plugin 1022 Azure scanner per-dim source-attribution refactor
+
+EE 0.8.0 closes the long-standing blocker (originally flagged in EE 0.6.9 R1-MEDIUM-1) for routing Azure storage findings into Appendix A "Cloud Bucket Exposure Attestation" without commingling NSG / RBAC / Key Vault. Plugin 1022 refactored so each of the 4 helpers (`auditNsgRules` / `auditRbac` / `auditStorageAccounts` / `auditKeyVaults`) attaches its own per-dim `source` field on every emission:
+
+- `azure-nsg-auditor`
+- `azure-rbac-auditor`
+- `azure-storage-auditor`
+- `azure-keyvault-auditor`
+
+PLUGIN_ID stays `"1022"`; `--plugins 1022` continues to work. The umbrella `azure-cloud-scanner` source stays in `CLOUD_PLUGIN_SOURCE_MAP` as defense-in-depth fallback only (no soc2.json mappings).
+
+### Engine `details.category` projection contract — minor-bump justification
+
+EE 0.8.0's `normalizeFindings` + `analyseAgainstFramework` violation surface now carry `category` (additive, backward-compat via raw escape hatch). This is the institutional rationale for the **0.7.x → 0.8.0 MINOR bump** — touches the engine-side projection that every framework consumer reads. Future plugins (plugin 1024 GCS, plugin 1025 GCP IAM, and beyond) gain `v.category` as a first-class violation field for dim-discriminator use cases without the untyped `v.raw.details` escape hatch.
+
+### Key Vault soc2.json gap closure — 13 new mappings
+
+Pre-0.8.0 the Key Vault dim emitted 10 distinct `details.category` values but had ZERO soc2.json mapping coverage — latent silent false-clean class on CC6.1 / CC6.3 / C1.1 / A1.2 substrate evidence. Post-0.8.0:
+
+- **CC6.1**: 3 entries (network-acl-allow, network-acl-absent, PASS attestation)
+- **CC6.3**: 3 entries (legacy-access-policies, rbac-authorization-unknown, PASS attestation)
+- **C1.1**: 3 entries (purge-protection-disabled, purge-protection-unknown, PASS attestation)
+- **A1.2**: 4 entries (soft-delete-below-floor, soft-delete-below-institutional, soft-delete-unknown, PASS attestation)
+
+All 10 KV anchor regexes use `^Key Vault '[^']+' <distinguishing-clause>` shape (literal-space anchors per `[[soc2_titlepattern_anchor_drift]]` discipline).
+
+### 7 same-session reviewer folds applied (2 R-HIGH + 3 R-MEDIUM + 2 R-LOW; 0 R-CRITICAL)
+
+- **F1 R-HIGH**: anchor-drift defense test now loads patterns from shipped soc2.json directly (single source of truth — closes test/production-regex drift structurally; pre-fold the test regex array was MORE permissive than the production regex — EE-RT.20-class-recurrence INSIDE the defense test).
+- **F2 R-HIGH**: `computeBucketStats` dedup key provider-qualified `${source}::${resource}` (closes cross-cloud bucket-name collision for multi-cloud customers using shared naming conventions).
+- **F3 R-MEDIUM**: empty-string `details.category` projects null (consistency with harvester source-preservation `length > 0` guard).
+- **F4 R-MEDIUM**: SDK-error path coverage tests (KV throw + Storage throw — verifies soft-degrade doesn't accidentally emit findings with wrong source).
+- **F5 R-MEDIUM**: partial-failure backward-compat test (RBAC helper throws; NSG/Storage/KV findings still surface with correct per-dim sources).
+- **F6 R-LOW**: JSDoc documents `category` field on `analyseAgainstFramework` return shape.
+- **F7 R-LOW**: NSG soc2.json regex tightened from `~/^NSG rule .* allows inbound/` to `~/^NSG rule "[^"]+" allows inbound/` (rule-name closure anchor; preemptive cross-mapping defense).
+
+### ⚠️ Customer migration required
+
+Any suppression file with `match.source: 'azure-cloud-scanner'` will silently no-op post-0.8.0. Split into per-dim entries — see CHANGELOG.md migration snippet.
+
+### Regression preserved
+
+EE full regression: **5805/5805 across 907 suites** (was 5782/900 at 0.7.3; +23 tests / +7 suites). **68-session 100% green streak preserved.** Plugin count UNCHANGED at 24. Coverage matrix UNCHANGED at 10/4/33 (pure substrate-evidence depth uplift on already-covered controls — but KV gap closure was a silent false-clean class).
+
+---
+
 ## 0.1.34 — Catalog refresh: EE 0.7.3 R-CRITICAL hotfix closing 2 production bugs surfaced by EE 0.7.2 dogfood scan against operator's GCP test infra (cross-version google-auth-library fragmentation broke SA impersonation chains [R-CRITICAL — 100% false-clean impact on free-trial/gmail GCP customers + business GCP customers with no-long-lived-SA-keys policy]; GOOGLE_CLOUD_PROJECT_ID env-var alias silently skipped [R-MEDIUM]; +14 new tests across 2 new suites incl. regression pin replicating gax 5.x grpc adapter idiom; plugin count UNCHANGED at 24; coverage matrix UNCHANGED at 10/4/33; EE regression 5782/5782 across 900 suites; 67-session 100% green streak preserved; twenty-fourth consecutive trio-publish)
 
 **Trio-publish institutionalization continued.** Paired with EE 0.7.3 + CE 0.1.67 — **twenty-fourth consecutive trio-publish across EE + CE + agent-skill in a single session** (0.4.5–0.7.3).

package/README.md

@@ -17,7 +17,7 @@ nsauditor-ai-agent-skill/
 ├── references/
 │   ├── workflows.md                  # Multi-step workflow recipes (full audit, CI/CD, CTEM)
 │   ├── schemas.md                    # Complete data structures (scan results, CVEs, findings)
-│   └── plugins.md                    # Full plugin catalog (44+ scanners with ports & protocols)
+│   └── plugins.md                    # Full plugin catalog (50 scanners with ports & protocols — 17 core + 6 discovery + 3 pro + 24 enterprise)
 ├── examples/
 │   └── agent-interactions.md         # Example agent reasoning chains (9 scenarios)
 ├── package.json
@@ -74,7 +74,8 @@ When an AI agent loads this skill, it gains:
 | **Workflow patterns** | Multi-step chains: scan → CVE lookup → remediation report |
 | **Schema knowledge** | Complete data structures for parsing and presenting results |
 | **CPE construction** | How to map detected services to NVD vulnerability lookups |
-| **Plugin awareness** | 44+ scanner plugins (23 CE + 3 Pro + 18 Enterprise) with protocols, ports, capabilities, and SOC 2 substrate-evidence dimensions |
+| **Plugin awareness** | 50 scanner plugins (23 CE + 3 Pro + 24 Enterprise) with protocols, ports, capabilities, and SOC 2 + HIPAA §164.312 substrate-evidence dimensions |
+| **Compliance frameworks** | SOC 2 (AICPA TSC 2017 — 10 covered + 4 partial controls) AND **HIPAA Security Rule §164.312 Technical Safeguards (NEW EE 0.9.0 — 7 covered + 3 partial + 45 OOS; HHS Required/Addressable discipline per control)**. Multi-framework dual-publish via `--compliance soc2,hipaa`. Zero BAA required for HIPAA — ePHI never leaves customer infrastructure. |
 | **Security rules** | ZDE, SSRF protection, redaction, scan authorization requirements |
 | **Error handling** | License gates, SSRF blocks, timeout resolution, CPE format errors |
 | **Decision routing** | When to use scan_host vs probe_service vs CLI vs get_vulnerabilities |

package/SKILL.md

@@ -144,7 +144,7 @@ These tools return a license upgrade prompt on CE installations:
 | `save_finding` | Pro | Persist a validated finding to the finding queue |
 | `start_assessment` | Enterprise | Multi-host orchestrated security assessment |
 | `prioritize_risks` | Enterprise | Cross-host risk prioritization and ranking |
-| `compliance_check` | Enterprise | NIST/HIPAA/GDPR/PCI-DSS gap analysis |
+| `compliance_check` | Enterprise | SOC 2 (AICPA TSC 2017) + HIPAA (§164.312 Technical Safeguards) gap analysis — both shipped EE 0.9.0; NIST CSF / PCI-DSS / ISO 27001 / CIS planned. Multi-framework via `--compliance soc2,hipaa`. |
 | `export_report` | Enterprise | Formatted compliance/risk report (PDF, HTML) |
 
 ---
@@ -297,13 +297,36 @@ CE collision. CE reserves 001-099.
 
 **Plugin 1170 v3 (EE 0.6.6) SG→SG transitive chain reachability** — `aws-ec2-sg-perimeter-auditor` v3 extension. Pre-v3 each Security Group was audited in isolation; a SG with no direct public-CIDR ingress would emit the PASS-tier "no direct public-internet ingress CIDR rules" finding even if transitively reachable from the internet through a `UserIdGroupPairs` chain. v3 builds the SG-reference graph (`_buildSgReferenceGraph`), identifies public-CIDR roots (`_findPubliclyReachableSgs` — 0.0.0.0/0 / ::/0 ingress), and BFS-walks the graph (`_walkTransitiveReachability`) with cycle defense + depth cap (default 5, max 20) + per-target chain cap (default 10, max 100). 2-hop chains emit **HIGH**; 3+ hop chains emit **CRITICAL** (operator-blindness principle — deeper chains less likely to be noticed). Cross-VPC edges skipped (out-of-scope for v3 v1; INFO trailer). v3 v1 simplification: per-hop port-flow tracked but NOT intersected (`walkthroughRequired=true`). New operator opts: `skipTransitiveReachability` / `transitiveChainDepthCap` / `transitiveChainsPerTargetCap` / `transitiveChainSamplesPerFindingCap`. **v3 R-HIGH-1 fold**: BFS short-circuits enqueue past per-target cap (closes path-enumeration explosion on hub-and-spoke topologies — pre-fold the BFS kept cloning `path` and `visited` Sets and walking past the cap). **v3 R-LOW-2 fold**: depth-cap-hit surfaced separately from per-target-cap (closes silent-deep-truncation false-CLEAN class). 3 new soc2.json mappings under CC6.6 (transitive HIGH + CRITICAL + INFO truncation). **v3.1 EE 0.6.7 closes the edge-dedup R2-deferred item**: `_buildSgReferenceGraph` now dedupes edges by `(sourceGroupId, targetGroupId)` with `ports` aggregated as array of `{protocol, fromPort, toPort}`. Pre-fold a real-world ALB-fronting-app SG with 3 ingress perms on different ports (80/443/8080) referencing the same source SG emitted 3 distinct edges A→B; the BFS treated each as a separate chain, inflating `chainCount` 2-5× and exhausting per-target chain caps on noise. Post-fold the BFS sees exactly 1 chain per distinct (source, target) pair. `isCrossVpc` aggregation is AND-semantic — if ANY contributing pair is same-VPC, the merged edge is same-VPC (per `[[conservative_classifier_principle]]`: walk possibly-same-VPC chains rather than silently skip). Classifier port-render accepts both v3.1 array shape and v3 single-object shape (back-compat). **v3.1 R-MEDIUM-1 fold**: arrival-order independence locked with 2 regression fixtures + JSDoc tightening. **v3.1 R-LOW-1 fold**: partial-render contract on malformed port specs locked with 2 fixtures. **v3.1 R-LOW-2 fold**: `_portKeys` scratch-lifetime documented (MUST NOT escape).
 
-**EE SOC 2 substrate-evidence coverage (post-EE 0.7.3):** 10 covered controls (CC6.1 /
+**EE SOC 2 substrate-evidence coverage (post-EE 0.9.0):** 10 covered controls (CC6.1 /
 CC6.2 / CC6.6 / CC6.7 / CC6.8 / CC7.1 / CC7.2 / CC7.3 / C1.1 / C1.2) + 4 partial
-(CC6.3 / CC8.1 / A1.2 / PI1.5) + 33 OOS for static substrate scanning. Coverage matrix
-is institutionally honest: substrate-evidence depth grows release-over-release without
-the matrix being shifted (the matrix-shift requires net-new control coverage, not just
+(CC6.3 / CC8.1 / A1.2 / PI1.5) + 33 OOS for static substrate scanning. **SOC 2 matrix
+UNCHANGED post-EE 0.9.0 — the HIPAA cycle is additive-only; no SOC 2 mappings changed.**
+Coverage matrix is institutionally honest: substrate-evidence depth grows release-over-release
+without the matrix being shifted (the matrix-shift requires net-new control coverage, not just
 more evidence on already-covered controls).
 
+**EE HIPAA §164.312 Technical Safeguards substrate-evidence coverage (NEW EE 0.9.0):**
+7 covered sub-criteria (§164.312(a)(1) Access Control, (a)(2)(i) Unique User ID,
+(a)(2)(iv) Encryption-at-rest, (b) Audit Controls, (d) Person/Entity Auth, (e)(1)
+Transmission Security, (e)(2)(ii) Transmission Encryption) + 3 partial (§164.312(c)(1)
+Integrity — ransomware-defense substrate via Logically Air-Gapped Backup Vault
+cross-verification, (c)(2) Mechanism to Authenticate ePHI, (e)(2)(i) Transmission
+Integrity Controls) + 45 OOS (2 within-§164.312 + entire §164.308 Administrative
+Safeguards [31 specs: workforce training, BAAs, contingency planning, etc.] + entire
+§164.310 Physical Safeguards [12 specs: facility access, workstation security, device
+disposal]). The §164.308 + §164.310 OOS sets are *architecturally* OOS for any
+infrastructure scanner — pair with HIPAA-focused GRC platforms (Drata HIPAA, Vanta HIPAA,
+Compliancy Group, Tugboat Logic) for those families. HHS Required vs Addressable
+discipline surfaced per control. **Zero BAA required** — Zero Data Exfiltration
+architecture means ePHI never leaves customer infrastructure. Use `--compliance hipaa`
+or `--compliance soc2,hipaa` (CSV; wired since EE 0.3.0) for HIPAA-only or dual-framework
+evidence packs from a single scan. 175 mappings inherited from soc2.json's grep-verified
+pattern set with HIPAA-grounded rationales. New `data/compliance/hipaa.json`. New
+`docs/hipaa-coverage.md`. **EE regression: 5890/5890 across 928 suites; 69-session
+100% green streak preserved.** AWS-dogfood verified against operator's test account
+(207 findings, per-framework citation map confirmed firing, ransomware-substrate
+surfaces correctly).
+
 Execution order: Discovery (100–150) → Service probes (200–400) → OS Detector (99000) →
 Result Concluder (100000). Plugins with unmet requirements auto-skip.
 

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "nsauditor-ai-agent-skill",
-  "version": "0.1.34",
+  "version": "0.1.36",
   "description": "AI Agent Skill for NSAuditor AI — gives any AI coding agent built-in knowledge of NSAuditor's MCP tools, schemas, plugins, and security audit workflows.",
   "keywords": [
     "nsauditor",

package/references/plugins.md

@@ -159,9 +159,9 @@ listings, and default pages.
 
 ---
 
-## Enterprise Plugins (18)
+## Enterprise Plugins (24)
 
-> **EE plugin ID range.** As of EE 0.3.9 (2026-05-12), all EE plugins use the disjoint **1000+ ID range** to avoid CE collision. The earlier 020/021/022/023/030/040/050/060 IDs were renumbered to 1020/1021/1022/1023/1030/1040/1050/1060. CE reserves 001-099. EE plugins audit AWS / GCP / Azure cloud substrate end-to-end against the AICPA Trust Services Criteria 2017 (SOC 2) framework; every plugin is enterprise-gated by the `cloudScanners` capability and runs against customer-supplied cloud credentials.
+> **EE plugin ID range.** As of EE 0.3.9 (2026-05-12), all EE plugins use the disjoint **1000+ ID range** to avoid CE collision. The earlier 020/021/022/023/030/040/050/060 IDs were renumbered to 1020/1021/1022/1023/1030/1040/1050/1060. CE reserves 001-099. EE plugins audit AWS / GCP / Azure cloud substrate end-to-end against **two compliance frameworks** (post-EE 0.9.0): the AICPA Trust Services Criteria 2017 (SOC 2) and the HIPAA Security Rule §164.312 Technical Safeguards (2013 Final Rule). Each plugin's findings route to BOTH frameworks via the framework-agnostic engine + per-framework SOC2-control-citation map. Every plugin is enterprise-gated by the `cloudScanners` capability and runs against customer-supplied cloud credentials. Multi-framework workflow: `--compliance soc2,hipaa` (CSV) produces separate per-framework artifact sets in one scan. **Zero BAA required** for HIPAA — Zero Data Exfiltration architecture means ePHI never leaves customer infrastructure.
 
 | ID | Name | Tier | Purpose | SOC 2 Controls |
 |----|------|------|---------|----------------|