nsauditor-ai-agent-skill 0.1.44 → 0.1.46

package/CHANGELOG.md

@@ -4,7 +4,15 @@ Release notes for **`nsauditor-ai-agent-skill`** — installable knowledge packa
 
 ---
 
-## 0.1.44 (STAGED — paired trio publish pending) — Paired-release pin for EE 0.13.2 + CE 0.1.77 — NEW plugin 1220 (Azure Storage Account Data-Protection Auditor)
+## 0.1.46 (STAGED — paired trio publish pending) — Paired-release pin for EE 0.14.0 + CE 0.1.79 — NEW plugin 1221 (Azure NSG Perimeter Auditor)
+
+Paired-release pin for the EE 0.14.0 cycle (Move C-2.2): NEW **plugin 1221 `azure-nsg-perimeter-auditor`** — the Azure analog of AWS plugin 1170 — takes the EE plugin count **26 → 27** (cloud-substrate 24 → 25). A CC6.6 network-segmentation perimeter auditor for Azure Network Security Groups that evaluates each NSG's inbound rules in Azure priority order (first match wins; DenyAllInbound default) across all-protocol public Allow + public-source (`*`/`0.0.0.0/0`/`Internet`) to a restricted management/data-tier port + `::/0` IPv6-wildcard (the dimension the multi-purpose 1022 scanner's flat per-rule NSG lint misses) + public→non-restricted INFO + PASS substrate, with attachment-aware severity (attached → CRITICAL effective; orphaned → MEDIUM latent), effective priority/deny-override resolution, and `0.0.0.0/1` split-range coverage. Non-overlapping-by-depth with 1022's coarse NSG dim. Findings route across all six frameworks (SOC 2 CC6.6 / HIPAA / NIST CSF / PCI DSS / ISO 27001 / CIS v8) — all coverage matrices UNCHANGED. SKILL.md + README + `references/plugins.md` updated to the full 27-plugin catalog (1020-1221; 25 cloud-substrate auditors). No standalone agent-skill code changes.
+
+## 0.1.45 (PUBLISHED 2026-05-26) — Paired-release pin for EE 0.13.3 + CE 0.1.78 — plugin 1220 deepening (blob-recoverability + per-container public-access dims)
+
+Paired-release pin for the EE 0.13.3 cycle (Move C-2.1): plugin 1220 gains two new secondary-resource-path data-protection dims — blob recoverability (soft-delete + versioning via `blobServices.getServiceProperties`) + per-container anonymous public access (account-toggle-aware via `blobContainers.list`). Plugin count UNCHANGED at 26 (deepening, not a new plugin); all six coverage matrices UNCHANGED. `references/plugins.md` 1220 row updated to the 7-dim surface. No standalone agent-skill code changes.
+
+## 0.1.44 (PUBLISHED 2026-05-26) — Paired-release pin for EE 0.13.2 + CE 0.1.77 — NEW plugin 1220 (Azure Storage Account Data-Protection Auditor)
 
 Paired-release pin for the EE 0.13.2 cycle (Move C-2): NEW **plugin 1220 `azure-storage-hardening-auditor`** — the first dedicated Azure auditor beyond the multi-purpose 1022 scanner — takes the EE plugin count **25 → 26** (cloud-substrate 23 → 24). It audits the Azure Storage Account encryption-at-rest / in-transit / authorization-mode surface (HTTPS-only + minimum TLS + Shared Key authorization + infrastructure double encryption + customer-managed-key reachability + rotation), non-overlapping with the 1022 scanner's network-exposure dims. Findings route across all six frameworks — all coverage matrices UNCHANGED. SKILL.md + README + `references/plugins.md` updated to the full 26-plugin catalog (1020-1220; 24 cloud-substrate auditors). No standalone agent-skill code changes.
 

package/README.md

@@ -109,7 +109,7 @@ This package provides **knowledge about** NSAuditor AI. To actually **run** scan
 |---------|-------|-----------|
 | **Community** | Free / MIT | 27 plugins (service probes + host/network discovery + intelligence/meta), basic AI, SARIF, CTEM, scan history |
 | **Pro** | $49/mo | + CVE matching, verification probes, risk scoring, 3 Pro plugins (040 TLS / 050 TRIBE / 060 DNS) |
-| **Enterprise** | $2k+/yr | + 24 cloud-substrate auditor plugins (1020-1220 range; AWS / GCP / Azure SOC 2 evidence-pack), Zero Trust, RFC 3161 timestamps, chain-of-custody attestations, air-gapped deployment |
+| **Enterprise** | $2k+/yr | + 25 cloud-substrate auditor plugins (1020-1221 range; AWS / GCP / Azure SOC 2 evidence-pack), Zero Trust, RFC 3161 timestamps, chain-of-custody attestations, air-gapped deployment |
 
 → [Pricing](https://www.nsauditor.com/ai/pricing/)
 

package/SKILL.md

@@ -488,7 +488,7 @@ Add to your MCP configuration with the same command/args pattern.
 |---------|-------|-------------|
 | **Community** | Free / MIT | 27 plugins (service probes + host/network discovery + intelligence/meta), basic AI, CTEM, SARIF, scan history |
 | **Pro** | $49/mo | + CVE matching, verification probes, risk scoring, Pro plugins (040 TLS / 050 TRIBE / 060 DNS) |
-| **Enterprise** | $2k+/yr | + 24 cloud-substrate auditor plugins (1020-1220 range) covering AWS / GCP / Azure against SOC 2 (10 covered + 4 partial controls); Zero Trust; SOC 2 evidence-pack generation; RFC 3161 timestamps; chain-of-custody attestations; air-gapped deployment |
+| **Enterprise** | $2k+/yr | + 25 cloud-substrate auditor plugins (1020-1221 range) covering AWS / GCP / Azure against SOC 2 (10 covered + 4 partial controls); Zero Trust; SOC 2 evidence-pack generation; RFC 3161 timestamps; chain-of-custody attestations; air-gapped deployment |
 
 → [Pricing](https://www.nsauditor.com/ai/pricing/)
 

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "nsauditor-ai-agent-skill",
-  "version": "0.1.44",
+  "version": "0.1.46",
   "description": "AI Agent Skill for NSAuditor AI — gives any AI coding agent built-in knowledge of NSAuditor's MCP tools, schemas, plugins, and security audit workflows.",
   "keywords": [
     "nsauditor",

package/references/plugins.md

@@ -190,7 +190,8 @@ listings, and default pages.
 | 1200 | AWS Inspector2 / GuardDuty Enablement Auditor (NEW EE 0.6.1, EXTENDED EE 0.6.2 v2 multi-region + FindingPublishingFrequency + Inspector2 baseline expansion, EXTENDED EE 0.6.3 v3 alerting-destination dim closes substrate-without-sink false-PASS class, EXTENDED EE 0.6.4 v4 EventBridge target verification + multi-failedAccount + trigger uniformity, EXTENDED EE 0.6.5 v5 dead-target companion-LOW + sentinel observability + R-NIT named-constants, **EXTENDED EE 0.6.6 v6** — dead-target probe warm-up (IAM role + EventBridge API destination + CloudWatch Logs); plugin count UNCHANGED at 22 — existing plugin grew ~870 → ~1400 → ~2100 → ~2400 → ~2800 → ~3000 lines) | Enterprise | **v6 EE 0.6.6 dead-target probe warm-up** (closes the 0.6.5 R2-deferred long tail of unverifiable ARN shapes): three new branches in `_probeTargetLiveness` — **IAM role** (`iam:GetRole` on path-stripped role NAME extracted from `arn:aws:iam::ACCOUNT:role/[path/]NAME`; new SDK dep `@aws-sdk/client-iam`) + **EventBridge API destination** (`events:DescribeApiDestination` reuses existing `_EventBridgeSdk`) + **CloudWatch Logs log group** (`logs:DescribeLogGroups` with `logGroupNamePrefix` filter + **exact-name disambiguation guard** `groups.some((g) => g.logGroupName === logGroupName)` so prefix-match siblings don't false-LIVE; new SDK dep `@aws-sdk/client-cloudwatch-logs`). Companion-LOW emission contract unchanged (existing CC7.1 titlePattern is target-type-agnostic). **5 v6 R1 reviewer folds** (0 R-CRITICAL — clean review pass; 1 R-HIGH + 2 R-MEDIUM + 2 R-LOW): R-HIGH-1 (plugin 1170 v3) BFS short-circuits enqueue past per-target cap + **R-MEDIUM-1 IAM `NoSuchEntityException` / `NoSuchEntity` lifted into `_DEAD_TARGET_NOTFOUND_ERROR_NAMES` Set** (pre-fold the bare disjunction `err.name === "NoSuchEntityException"` at the IAM catch site bypassed the Set AND silently disabled `_retryOnNotFound` for IAM — the canonical worst-case for AWS eventual consistency with IAM lag 10-30s documented; **9th cumulative recurrence** of the `[[emit_literal_set_drift]]` class across the EE codebase; post-fold bare disjunction collapsed to `_isDeadTargetNotFoundError(err)` and eventual-consistency retry restored for IAM) + **R-MEDIUM-2 IAM partition-routing contract documented** at `_loadIamSdk` (`iam:GetRole` is a global API resolving per-partition — orchestrators wiring `opts._iamClient` must construct a single global IAM client per-partition NOT per-region; passing a commercial region in GovCloud / aws-cn / ISO flips the partition and routes to a wrong endpoint) + **R-LOW-2 (plugin 1200 v6) API destination ARN regex future-proofed** (trailing `/` made optional in `:api-destination\/([^/]+)` so future AWS ARN shapes without UUID suffix don't false-malformed). **v6.1 EE 0.6.7 closes the CloudWatch Logs probe retry-on-empty parity R2-deferred item**: `_retryOnNotFound` accepts an optional retry-on-result predicate; CWL Logs call site passes a predicate that fires retry when the response carries no exact-name match (covers both empty and prefix-only-sibling responses). **Restructured to two-phase to cap total network calls at 2 on compound paths** — Phase 1 = initial call + thrown-NotFound retry; Phase 2 = result-based retry; phases are MUTUALLY EXCLUSIVE (single retry total). A nested-try design would have layered both retries on compound paths (first-call empty → retry → second-call throws RNF → retry again), producing 3 network calls. The per-call-site outer catch routes a second-call thrown error (NotFound → DEAD; AccessDenied → UNVERIFIABLE). Existing call sites (Lambda / SNS / SQS / IAM / EventBridge API destination) pass only two args; the default `retryOnResultPredicate = null` cleanly skips Phase 2. **v6.1 R-LOW-1 fold**: compound-path coverage locked with 2 tests — transient empty → second-call AccessDenied → UNVERIFIABLE / transient empty → second-call thrown RNF → DEAD; both verify total network calls = 2 (drove the two-phase restructure decision). No new soc2.json mappings (companion-LOW pattern target-type-agnostic). v6 tests: +5 (2 IAM retry-regression: transient-NoSuchEntity-retry-succeeds + lowercase-NoSuchEntity-retry-then-DEAD; reviewer-fold regression pins also include 3 plugin 1170 v3 fixtures: hub-and-spoke per-target-cap + depthCapHit-true + depthCapHit-false). **v5 EE 0.6.5 v4-reviewer-cleanup cycle** (closes 4 R2-deferred items from EE-RT.20.3): **Dead-target companion-LOW** — closes the EE 0.6.4 R-HIGH-2 documented limitation. Per-target liveness probes for Lambda (`lambda:GetFunction` on full qualified ARN — alias/version correctness verified server-side) + SNS (`sns:GetTopicAttributes`) + SQS (`sqs:GetQueueUrl` + `GetQueueAttributes` — partition-aware via SDK URL resolution; works on aws-cn / aws-us-gov / aws-iso). New `_probeTargetLiveness` helper with parallel probes via Promise.all + per-target timeout (default 2s; operator-tunable via `deadTargetProbeTimeoutMs`). One-retry on NotFound with 750ms backoff (eventual-consistency defense). New MEDIUM verdict `*-alerting-destination-dead-targets` emitted as companion alongside PASS when at least one Target.Arn points to deleted resource. `deadTargetArnsTotal` + `deadTargetArnsTruncated` for JSON-consumer visibility on 11+ case. IAM role + API destination + CloudWatch Logs target probes deferred to 0.6.6 (3-4 more IAM grants). New operator opt `skipTargetLivenessProbe: true`. **Sentinel observability** — rule shape extended with `targetVerificationReason` (AccessDenied / SdkUnavailable / BeyondCap / SkippedByOpts) stable enum; classifier surfaces `targetVerificationReasonBreakdown` in unverifiable verdict details. **R-NIT named-constants** — `SH_HUB_NOT_ENABLED_ERROR_NAMES` frozen Set replaces 2 bare-string sites in SecurityHub helpers per `[[emit_literal_set_drift]]`. **Cross-plugin sessionToken sweep (catalog-wide)** — 18 EE AWS plugins (1020-1200) all thread `sessionToken` through their AWS-SDK credentials block. Closes AssumeRole-style auditor credential gap — auditors using `aws sts assume-role` (canonical cross-account audit pattern) had all auto-loaded clients fail signing pre-fold. **5 v5 R1 reviewer folds** (0 R-CRITICAL — clean review pass): R-HIGH-1 case-insensitive NotFound matching (defends against future AWS SDK case changes per `[[aws_string_case_normalization]]` 15× recurrent class) + R-HIGH-2 one-retry on NotFound (eventual-consistency defense; freshly-created resources transiently return NotFound for ~30s) + R-HIGH-3 Lambda probe passes FULL ARN to GetFunction.FunctionName (alias `PROD` pointing to deleted version surfaces as DEAD instead of false-LIVE) + R-HIGH (Explore) parallel probes via Promise.all + per-target timeout + R-MEDIUM-1 SQS partition-aware via `GetQueueUrl` (pre-fold synthesized `amazonaws.com` URL would have crashed on aws-cn / aws-us-gov / aws-iso partitions) + R-LOW-1 cap-constant lift to module-level + R-MEDIUM-2 truncation fields + R-NIT JSDoc accuracy. **R2 reviewer-deferred** (queued for 0.6.6): IAM role + API destination + CloudWatch Logs target liveness probes. 1 new soc2.json mapping rule (CC7.1 companion-LOW dead-target). New SDK deps `@aws-sdk/client-lambda` + `@aws-sdk/client-sns` + `@aws-sdk/client-sqs` (all already in optionalDependencies from prior cycles). v5 tests: +48 (1 R-NIT + 8 sentinel + 20 sessionToken-sweep + 15 dead-target base + 4 R-HIGH-fold regression pins). **v4 EE 0.6.4 reviewer-cleanup cycle** (closes 3 of 4 R2-deferred items from EE-RT.20.2): **R-HIGH-2 EventBridge target verification** — new `_listEventBridgeRuleTargets` helper with defensive NextToken pagination (hard cap 500); per-rule target verification via `events:ListTargetsByRule` (cap default 10 via `opts.targetVerificationRuleCap`; opt-out via `opts.skipEventBridgeTargetVerification`); new MEDIUM verdict `*-alerting-destination-targetless` for sink-less rules (zero Targets — substrate-without-sink at the rule level). **R-MEDIUM-2 multi-failedAccount surface** — Inspector2 helper return-shape `{accountStatus, accessDenied, failedAccounts: array}` (renamed plural; capped at AWS-documented 100); caller emits one LOW per failed account with per-region emission cap 10 + rollup LOW per region. **R-LOW-2 trigger uniformity** — GuardDuty alerting-destination trigger gates on `detector.Status === ENABLED` (matches Inspector2 enabled-only semantic). **5 v4 R1 reviewer folds** (0 R-CRITICAL — clean review pass): R-HIGH-1 cap-skew classifier branch (LOW UNVERIFIABLE not MEDIUM TARGETLESS when cap-exceeded rules could be the actual sink per `[[conservative_classifier_principle]]`) + R-HIGH consolidated `_listEventBridgeRuleTargets` pagination + JSDoc clarity + R-MEDIUM-1 multi-failedAccount per-region emission cap (10 + rollup LOW) + R-MEDIUM-4 boundary tests + R-HIGH-2 dead-target documented-limitation note (per-target liveness probes deferred to 0.6.5 companion-LOW; ~6 new IAM grants). **R2 reviewer-deferred** (queued for 0.6.5): R-LOW-3 sessionToken cross-plugin sweep (18 plugins) + companion-LOW for dead-target ARNs + `targetCount: null` sentinel observability + R-NIT named-constants for InvalidAccessException / ResourceNotFoundException. 1 new soc2.json mapping rule (CC7.1 MEDIUM TARGETLESS). v4 tests: +29 (3 R-LOW-2 + 6 R-MEDIUM-2 + 14 R-HIGH-2 base + 6 R1-fold regression pins). **v3 EE 0.6.3 alerting-destination dim (item c)** — closes the substrate-without-sink false-PASS class. Verifies at least one of EventBridge rule (source=`aws.guardduty`/`aws.inspector2`; `_eventBridgeSourceMatches` recognizes string + `{prefix}` + `{wildcard}` content-filter forms case-insensitively, regex-meta escape in wildcard glob defends against operator IaC) AND/OR SecurityHub product subscription (`_shArnMatchesProduct` boundary-anchored helper; constants `/aws/guardduty` + `/aws/inspector2` strict — does NOT match deprecated Inspector Classic). Verdict tiers per service per region: PASS `*-alerting-destination-present` (EB rule present) / MEDIUM `*-alerting-destination-sh-only` (R-HIGH-1 fold — SH aggregates but doesn't guarantee proactive paging; auditor walkthrough to confirm `aws.securityhub` EventBridge downstream rule) / HIGH `*-alerting-destination-missing` (no path; substrate-without-sink class) / LOW `*-alerting-destination-unverifiable` (AccessDenied / SDK unavailable; conservative classifier). New SDK deps `@aws-sdk/client-eventbridge` + `@aws-sdk/client-securityhub` (optionalDependencies). Operator opt: `skipAlertingDestination: true`. Soft-degrade on auto-load failure → fall back to LOW UNVERIFIABLE. **v3 R-MEDIUM-2 fold** — `_getInspector2AccountStatus` returns `{accountStatus, accessDenied, failedAccount}` distinguishing true AccessDenied from empty-body / SDK-unavailable (was `null | <obj>` pre-fold; caller emitted false `_CAT_INS_ACCESSDENIED` LOW on empty body). **v3 item (d) fold** — surfaces AWS-published `failedAccounts[].errorCode + errorMessage` via new `_CAT_INS_FAILED_ACCOUNT` LOW. **v3 R1 reviewer folds applied** (4 total; 1 R-CRITICAL + 2 R-HIGH + 1 R-LOW): R-CRITICAL-1 SH product ARN substring collision closure (`/aws/inspector` would have matched BOTH Inspector Classic deprecated-2024 AND Inspector2 — false-PASS for stale Classic subscriptions emitting zero findings; boundary-anchored helper + strict `/aws/inspector2` constant) + R-HIGH-1 SH-only PASS narrative split (PASS requires EB rule; SH-only → MEDIUM) + R-HIGH-3 EventBridge content-filter grammar (prefix + wildcard matchers) + R-LOW-1 source case normalization. **R2 reviewer-deferred** (queued for 0.6.4): R-HIGH-2 EB target verification (events:ListTargetsByRule + IAM grant) + R-LOW-2 asymmetric trigger uniformity + R-MEDIUM-2 multi-failedAccount surface + R-LOW-3 sessionToken support cross-plugin sweep. 5 new soc2.json titlePattern entries (4 CC7.1 + 1 CC7.2 PASS) all anchored to actual emission strings per `[[soc2_titlepattern_anchor_drift]]`. v3 tests: +61 (+8 suites) — 5 R-MEDIUM-2 + 5 item-(d) + 30 item-(c) base + 21 R1-fold regression pins. **v2 EE 0.6.2 dims preserved** (4 dims; v2 (a) multi-region enumeration via ec2:DescribeRegions + (b) FindingPublishingFrequency check + (e) Inspector2 baseline expansion +lambdaCode +codeRepository per Inspector2 GA 2024+; operator opts `regions[]` / `skipMultiRegion` / `regionListCap` / `gdFrequencyPassFrequency`; closes FedRAMP / StateRAMP / IL5+ false-PASS class for GovCloud + ISO regions via 4-part region regex fold). **v1 EE 0.6.1 base** — 4 active dims (dim 5 org-scope deferred to 0.6.4): Dim 1 GuardDuty Detector enablement per region (CC7.1 — HIGH `gd-not-enabled`) + Dim 2 GuardDuty protection-feature coverage (CC7.1 institutional baseline) + Dim 3 Inspector2 enablement (CC7.1 + CC7.2 — DISABLED/SUSPENDED = HIGH) + Dim 4 Inspector2 scan-target coverage (CC7.1 zero / CC7.2 partial). Plugin 1200 audits AWS GuardDuty + AWS Inspector2 enablement state across **all opted-in regions** — **foundation-layer institutional evidence for CC7.1 detection procedures + CC7.2 monitoring** (an audit pack without managed-threat-detection evidence has no AWS-native anomaly-detection or CVE-detection stream). **v2 EE 0.6.2 GROWN scope** (closes 3 of 4 R2-deferred items from EE-RT.20 v1): **(a) Multi-region enumeration** — `ec2:DescribeRegions` enumerates opted-in regions (AllRegions=false defensively); per-region GuardDuty + Inspector2 dispatch; per-region findings carry region tag. Operator opts: `regions: string[]` (filter to subset, validated + deduped + capped 64 default), `skipMultiRegion: true` (cost-sensitive opt-out), `regionListCap` (1..256 clamp). Soft-degrade: EC2 SDK load failure / DescribeRegions AccessDenied → fall back to `config.region` + distinct `_CAT_REGION_ENUM_ACCESSDENIED` LOW finding. Back-compat: legacy single-region opts (`_guardDutyClient` / `_inspector2Client` singular) still respected. **(b) GuardDuty FindingPublishingFrequency check** — CC7.1 detection-latency. `_classifyGuardDutyFrequency` 4 outcomes: PASS `gd-frequency-optimal` / LOW `gd-frequency-suboptimal` / LOW `gd-frequency-unverifiable` (null detector or unknown enum). Operator-tunable: `gdFrequencyPassFrequency` (FIFTEEN_MINUTES / ONE_HOUR / SIX_HOURS; default FIFTEEN_MINUTES). **Ordering-based comparison** via `_GD_FREQUENCY_RANK` map (R-HIGH-2 fold) — stricter actual = PASS even when operator tuned baseline upward. **(e) Inspector2 baseline expansion** — `lambdaCode` (Lambda code scanning) + `codeRepository` (Inspector2 GitHub/GitLab scanning, GA 2024+) added to `_INS_INSTITUTIONAL_BASELINE_RESOURCES` (was {ec2, ecr, lambda}; now {ec2, ecr, lambda, lambdaCode, codeRepository}). **v1 dims preserved (4 active dims; dim 5 org-scope deferred to 0.6.3):** Dim 1 GuardDuty Detector enablement per region (CC7.1 — HIGH `gd-not-enabled`) + Dim 2 GuardDuty protection-feature coverage (CC7.1 — institutional baseline S3_DATA_EVENTS / EKS_AUDIT_LOGS / EBS_MALWARE_PROTECTION / RDS_LOGIN_EVENTS / LAMBDA_NETWORK_LOGS / RUNTIME_MONITORING) + Dim 3 Inspector2 enablement (CC7.1 + CC7.2 — DISABLED/SUSPENDED = HIGH) + Dim 4 Inspector2 scan-target coverage (CC7.1 zero / CC7.2 partial). **4 same-session R1 v2 reviewer folds** (network-security + Explore in parallel; 0 R-CRITICAL clean review pass): **R-HIGH-1 region regex GovCloud + ISO support** — pre-fold `^[a-z]{2,}-[a-z]+-[0-9]+$` silently dropped 4-part region IDs (`us-gov-east-1` / `us-iso-east-1` / `us-isob-east-1` / `us-isof-south-1`); operator passing `regions: ["us-gov-east-1"]` got silent skip + false-PASS — institutional-critical for FedRAMP / StateRAMP / IL5+ scope. Post-fold `^[a-z]{2,}(-[a-z]+){1,2}-[0-9]+$` admits 3- AND 4-part IDs. + **R-HIGH-2 frequency ordering not equality** (described above). + **R-MEDIUM-1 `_REGION_LIST_CAP` defensibility** — pre-fold hardcoded 32 silently truncated 4-part regions (AWS has ~40+ regions in 2026); post-fold default raised to 64 + operator-tunable + explicit truncation warning. + **R-LOW-1 EC2 client instrumentation** — operator-supplied `_ec2Client` now receives Thread-H AccessDenied counter + throttle-retry contract uniformly. **R2 reviewer-deferred** (queued in EE-RT.20.2 / 0.6.3): alerting-destination check (item c — needs `@aws-sdk/client-eventbridge` + `@aws-sdk/client-securityhub` integrations) + BatchGetAccountStatus contract verification (item d) + R-MEDIUM-2 `_getInspector2AccountStatus` return-shape refactor + optional dim 5 org-scope. **6 R1 v1 folds (EE 0.6.1) preserved as regression pins**: R1-CRITICAL-1 soc2.json titlePattern misalignment closure (4 patterns) + R1-CRITICAL-1 AccessDenied distinct findings + R1-CRITICAL-2 legacy DataSources case normalization + R1-HIGH-2 SUSPENDED/DISABLED Detector Status guard + R1-HIGH-3/4 dead-code drift closures. **No new SDK deps** — `@aws-sdk/client-guardduty` + `@aws-sdk/client-inspector2` + `@aws-sdk/client-ec2` already in optionalDependencies. 7 new soc2.json titlePattern entries from v1 still anchored. v2 tests: +27 (21 base + 6 R1-fold regression pins). Synthetic-mock validation only — no multi-region GuardDuty/Inspector2 paired fixtures yet in operator's internal test infrastructure. | CC7.1 / CC7.2 |
 | 1190 | AWS SES Email Integrity Auditor (NEW EE 0.4.7; EXTENDED EE 0.5.0 v2; CONSOLIDATED EE 0.5.2 v2.1; **EXTENDED EE 0.5.3 v3** — Part A DKIM public-key fingerprint capture/pin + Part B in-band DMARC alignment classifier; 5 same-session reviewer folds incl. 1 R-CRITICAL false-CLEAN closure on truncated DKIM keys via new `_stripControlCharsNoTruncate` helper; v2.1 closed — 7 deferred reviewer-fold items closed + new MEDIUM `ses-dkim-dns-partial-with-transients` category + module-load-time disjointness IIFE + silent-loss-class closure on SES classic API quota exhaustion via `cause: "classic-sdk-quota-exhausted"`) | Enterprise | **v2 EE 0.5.0 GROWN dims:** **dim 1 DKIM** — original substrate **PLUS v2 DKIM CNAME DNS resolution promotion**: each `<token>._domainkey.<domain>` CNAME resolved via node:dns/promises + matched against `<token>.dkim.amazonses.com` (case-insensitive per RFC 1035 §2.3.3); four outcomes PASS `ses-dkim-dns-verified` / MEDIUM `ses-dkim-dns-partial` / **HIGH `ses-dkim-dns-missing` (false-CLEAN closure: SES Status=SUCCESS but DNS removed)** / LOW + evidenceGap `ses-dkim-dns-unverifiable`. **dim 2 MailFrom** — original substrate **PLUS v2 DMARC TXT record parser + MailFrom promotion**: RFC 7489 §6.4 tag-list parser + `_dmarc.<identityDomain>` TXT lookup; five outcomes PASS `ses-dmarc-policy-reject` / MEDIUM `ses-dmarc-policy-quarantine` / HIGH `ses-dmarc-policy-none` / HIGH `ses-dmarc-missing` / LOW + evidenceGap `ses-dmarc-unverifiable`. **R-CRITICAL-1 fold (false-CLEAN closure)**: `pct=0` on `p=reject`/`p=quarantine` functionally equivalent to `p=none`; now routes to HIGH `ses-dmarc-policy-none`. **R-HIGH-1 fold (subdomain-takeover false-NEGATIVE closure)**: `sp` subdomain-policy override now evaluated — `p=reject; sp=none` downgrades to HIGH with `dmarcSpWeakens` (subdomain phishing wide open while apex protected). **dim 4 sending-auth policies** — original IAM-policy classifier **PLUS v2 SES classic GetIdentityPolicies parity**: `_loadSesClassicSdk` restored; cross-API discrepancy emits HIGH `ses-classic-policy-discrepancy` (classic-only — canonical false-NEGATIVE class) / MEDIUM (`_canonicalSort` JSON deep-equal ignores whitespace + key-order drift) / INFO (v2-only benign). Conservative on classic SDK unavailable / AccessDenied → LOW + evidenceGap. **v1 dims preserved unchanged:** TLS enforcement (dim 3) + dedicated IP pool (dim 5) + suppression list (dim 6 ZDE — count + reason only). **v2 promoter pattern**: sync v1 classifiers unchanged; async promoters walk collected findings post-classification. **R-HIGH-2 fold**: brittle `inTestMode = !!opts._client` coupling replaced with explicit `_skipV2Promotion` master switch + 3 orthogonal kill-switches. **First plugin in EE to depend on node:dns/promises** for live DNS cross-reference. **8 same-session v2 reviewer folds** (1 CRITICAL + 3 HIGH + 2 MEDIUM + 2 LOW); 6 queued in Pick-up Block. **Real-DNS smoke validation END-TO-END** against production resolvers (`_dmarc.nsasoft.us` parsed correctly: `p=reject, sp=reject, pct=100`; forward-compat `fo=1` tag preserved). Empty-account SESv2 enumeration baseline succeeded end-to-end against <operator-test-account>. **v1 base (preserved):** First plugin in 1190-1199 ID range. Closes the next-highest-priority gap from `tasks/things-to-check.md` AWS SOC 2 audit-canonical compliance checklist after Redis closed in 0.4.6. **6 audit dimensions:** **DKIM enablement + signing status** (CC6.1 / Privacy — HIGH on `SigningEnabled=false`; transient PENDING/TEMPORARY_FAILURE/NOT_STARTED INFO + walkthroughRequired; FAILED MEDIUM on DNS drift; unknown enum LOW + evidenceGap per conservative-classifier-principle) + **custom MailFrom domain alignment** (Privacy substrate — INFO + walkthroughRequired on default amazonses.com / PASS on custom + Status=SUCCESS) + **configuration set TLS enforcement** (C1.1 — REQUIRE PASS / OPTIONAL HIGH SMTP-downgrade-attack window / non-string-but-truthy distinct LOW with `tlsPolicyType` evidence per R-MEDIUM-7 fold) + **identity sending authorization policy permissive principals** (CC6.6 — multi-class wildcard detector covering bare `"*"` / `{AWS:"*"}` / `{Service:"*"}` / `{Federated:"*"}` / `{CanonicalUser:"*"}` / array-form `[*]` per R-HIGH-4 fold + distinct HIGH `ses-sending-auth-notprincipal-allow` per R-CRITICAL-1 fold catching NotPrincipal+Allow wildcard-EQUIVALENT class + LOW + evidenceGap `ses-sending-auth-malformed-statement` per R-HIGH-2 fold) + **dedicated IP pool sending posture** (CC7.1 substrate, account-level — INFO + walkthroughRequired on configured pools / INFO on shared-pool default) + **suppression list state** (CC7.1 deliverability substrate — **ZDE invariant: NEVER reads suppressed-destination email addresses**; count + reason only; verified at run() envelope boundary via sentinel-string assertion per R-LOW-8 fold). Dual API surface discipline: v1 uses SESv2 only (canonical modern API); `@aws-sdk/client-ses` declared in optionalDependencies for v2+ cross-API parity. **11 same-session reviewer folds** — ties single-cycle reviewer-fold record. **CRITICAL-1 closure**: NotPrincipal+Allow false-CLEAN class (matches plugins 1070 + 1150 discipline). **HIGH-4 closure**: `_isWildcardPrincipal` walks every Principal class value (pre-fold only `principal.AWS` inspected, leaking `{Service:"*"}` + `{Federated:"*"}` as silent CLEAN). **No real-AWS smoke against violation-tier fixtures** — operator's internal test infrastructure has NO SES paired fixtures yet (full-stack fixtures deferred to v2 alongside DKIM CNAME DNS resolution + DMARC TXT record parsing); empty-account smoke baseline against <operator-test-account> DID succeed end-to-end. | CC6.1 / CC6.6 / C1.1 / CC7.1 (substrate) / Privacy (substrate) |
 | 1210 | AWS EC2 Instance Auditor (**NEW EE 0.13.1** — first new plugin since 1200; plugin count 24 → 25; the AWS producer for CIS-Hardened-Image detection + EC2 instance-level + EBS-encryption coverage) | Enterprise | Audits EC2 instances (orthogonal to plugin 1170 which audits the SG perimeter policy). **Multi-region** via ec2:DescribeRegions (single-region fallback emits an evidence-gap). Dimensions: **IMDSv1 enabled** (CC6.1 — MEDIUM when an IAM instance profile is attached / LOW without; **IMDSv2 hop-limit > 1** re-opens container credential theft) + **EBS volume unencrypted** (C1.1 + CIS 3.11 — HIGH; resolves every attached BlockDeviceMappings volume via DescribeVolumes) + **account default-EBS-encryption disabled** (C1.1 preventive — GetEbsEncryptionByDefault) + **public-IP exposure** incl. secondary-ENI/EIP + IPv6 GUA (CC6.6 substrate, INFO) + **instance-store (ephemeral) volume** evidence-gap. **DIM 4 — AMI inventory** → result.cisImageInventory (the producer feed that makes CIS-Hardened-Image detection LIVE on Safeguards 4.1/4.2/4.6; Azure 1022 + GCP 1021 feed the same contract). Conservative classifier: LOW + evidenceGap on indeterminate metadata; AccessDenied → INFO + evidenceGap (never silent-PASS); terminated/shutting-down instances skipped. Survived 3 review rounds / 5 adversarial skill lenses (network-security-audit + CIS + IAM-effective-permissions + soc2-evidence + cloud-plugin-false-negatives). `@aws-sdk/client-ec2` reused. | CC6.1 / C1.1 / CC6.6 |
-| 1220 | Azure Storage Account Data-Protection Auditor (**NEW EE 0.13.2** — Move C-2; plugin count 25 → 26; first dedicated Azure auditor beyond the multi-purpose 1022 scanner) | Enterprise | Audits Azure Storage Account encryption / transit / authorization hardening — **orthogonal to plugin 1022** which owns the network-exposure dims (no double-emission; mirrors the AWS 1020 S3-scanner + 1120 S3-lifecycle two-plugin split). Dimensions: **HTTPS-only transit** (`enableHttpsTrafficOnly` — HIGH on plaintext HTTP; CC6.7) + **minimum TLS version** (< TLS1_2 → MEDIUM; CC6.7) + **Shared Key authorization** (`allowSharedKeyAccess` — bypasses Azure AD identity; CC6.1; Azure field-default discipline: absent = ENABLED, never silent-PASS) + **infrastructure (double) encryption** (`requireInfrastructureEncryption`; C1.1) + **encryption key source incl. CMK reachability + rotation** (`encryption.keyVaultProperties` — keySource=Microsoft.Keyvault PASS only when the key is currently resolvable + auto-rotating; a disabled/revoked/version-pinned CMK degrades, not silent-PASS; C1.1). Conservative classifier: indeterminate field → evidence-gap; AccessDenied → evidence-gap (never silent-PASS); `for await` pagination. Single-subscription scope surfaced explicitly. Built + reviewed through the cloud-plugin-false-negatives lens (SHIP-WITH-FOLDS; R-HIGH-1 CMK key-access fold applied). `@azure/arm-storage` + `@azure/identity`. | CC6.7 / CC6.1 / C1.1 |
+| 1220 | Azure Storage Account Data-Protection Auditor (**NEW EE 0.13.2** — Move C-2; **+2 dims EE 0.13.3** — Move C-2.1; plugin count 25 → 26; first dedicated Azure auditor beyond the multi-purpose 1022 scanner) | Enterprise | Audits the Azure Storage Account data-protection surface across **7 dims** — **orthogonal to plugin 1022** which owns the network-exposure dims (no double-emission; mirrors the AWS 1020 S3-scanner + 1120 S3-lifecycle two-plugin split). (1) **HTTPS-only transit** (`enableHttpsTrafficOnly` — HIGH on plaintext HTTP; CC6.7) + (2) **minimum TLS version** (< TLS1_2 → MEDIUM; CC6.7) + (3) **Shared Key authorization** (`allowSharedKeyAccess` — bypasses Azure AD identity; CC6.1; Azure field-default discipline: absent = ENABLED, never silent-PASS) + (4) **infrastructure (double) encryption** (`requireInfrastructureEncryption`; C1.1) + (5) **encryption key source incl. CMK reachability + rotation** (`encryption.keyVaultProperties` — keySource=Microsoft.Keyvault PASS only when the key is currently resolvable + auto-rotating; a disabled/revoked/version-pinned CMK degrades, not silent-PASS; C1.1) + (6) **blob recoverability** (soft-delete + versioning via the secondary `blobServices.getServiceProperties` path — A1.2; EE 0.13.3) + (7) **per-container anonymous public access** (account-toggle-aware via `blobContainers.list` — `publicAccess=Blob/Container` + allowBlobPublicAccess=true → HIGH effective exposure; C1.1; EE 0.13.3). Conservative classifier: indeterminate field / AccessDenied / secondary-path failure → evidence-gap (never silent-PASS); `for await` pagination. Single-subscription scope surfaced explicitly. Built + reviewed through the cloud-plugin-false-negatives lens. `@azure/arm-storage` + `@azure/identity`. | CC6.7 / CC6.1 / C1.1 / A1.2 |
+| 1221 | Azure NSG Perimeter Auditor (**NEW EE 0.14.0** — Move C-2.2; plugin count 26 → 27; the Azure analog of AWS plugin 1170) | Enterprise | A CC6.6 network-segmentation perimeter auditor for Azure Network Security Groups — **non-overlapping-by-depth with plugin 1022's flat per-rule NSG lint** (no double-emission of a verdict; mirrors the AWS 1023-observed / 1170-declared two-plugin precedent). Evaluates each NSG's inbound rules in **Azure priority order** (first match wins; DenyAllInbound default) across **5 dims**: (1) **all-protocol (`*`) public Allow** — every port reachable from the public internet + (2) **public-source (`*`/`0.0.0.0/0`/`Internet`) to a RESTRICTED_PORT** (SSH/RDP/MSSQL/MySQL/Postgres/Redis/Memcached/MongoDB/Elasticsearch/CouchDB/SMB/WinRM/Oracle/Docker/Kubelet) + (3) **`::/0` IPv6-wildcard to a restricted port** (the dimension 1022's flat lint misses) + (4) **public→non-restricted port** INFO substrate + (5) **PASS substrate** when no public restricted exposure. **Attachment-aware severity** via the read-only `nsg.subnets[]`/`networkInterfaces[]` back-references — attached → CRITICAL (effective exposure); orphaned → MEDIUM (latent). Effective priority/deny-override resolution + port-range expansion + `0.0.0.0/1` split-range coverage + service-tag/ASG-source normalization (VirtualNetwork/AzureLoadBalancer/ASG = not public). Conservative classifier: denied/indeterminate listAll → evidence-gap; one malformed NSG degrades per-resource (never aborts the scan); `for await` pagination; single-subscription scope explicit. Built + reviewed through the cloud-plugin-false-negatives lens (SHIP-WITH-FOLDS; 2 LOW folded). `@azure/arm-network` + `@azure/identity`. | CC6.6 |
 
 ---