nsauditor-ai-agent-skill 0.1.47 → 0.1.49

package/CHANGELOG.md

@@ -4,7 +4,15 @@ Release notes for **`nsauditor-ai-agent-skill`** — installable knowledge packa
 
 ---
 
-## 0.1.47 (STAGED — paired trio publish pending) — Paired-release pin for EE 0.14.1 + CE 0.1.80 — plugin 1221 UDP restricted-port lane
+## 0.1.49 (PUBLISHED 2026-05-27) — Paired-release pin for EE 0.15.1 + CE 0.1.82 — plugin 1222 hotfix (Dim-3 SDK-shape + Dim-4 inherited-admin re-tune)
+
+Paired-release pin for the EE 0.15.1 hotfix cycle: two defects in plugin 1222 (`azure-keyvault-deep-auditor`) surfaced by the 0.15.0 published-build live smoke. **H-1** — the Dim-3 diagnostic-logging probe `for await`-ed `@azure/arm-monitor`'s `diagnosticSettings.list()`, which returns a `Promise<{value:[]}>` collection object (NOT a paged async-iterator), so the dim always threw and degraded to a non-functional evidence-gap; fixed to `await` + read `.value` (confirmed against live Azure; the unit-test mock corrected to the real `Promise<{value}>` shape — the mock-vs-real-SDK mismatch that masked the bug). **H-2** — the Dim-4 privileged-access dim flagged inherited subscription/management-group-scope Owner/Contributor as HIGH on every RBAC vault (a ubiquitous Azure control-plane reality); re-tuned so inherited Owner/User-Access-Administrator → MEDIUM, inherited Contributor → LOW, with HIGH reserved for VAULT-scoped control-plane god roles + Key Vault Administrator at any scope. **Plugin count UNCHANGED at 28 (cloud-substrate 26); all six coverage matrices UNCHANGED.** EE regression 6526/6526 GREEN. `references/plugins.md` 1222 row Dim-3/Dim-4 wording refined. No standalone agent-skill code changes.
+
+## 0.1.48 (PUBLISHED 2026-05-27) — Paired-release pin for EE 0.15.0 + CE 0.1.81 — NEW plugin 1222 (Azure Key Vault Deep Auditor)
+
+Paired-release pin for the EE 0.15.0 cycle (Move C-2.3): NEW **plugin 1222 `azure-keyvault-deep-auditor`** — the third dedicated Azure auditor (after 1220 storage + 1221 NSG), the KV analog of how 1221 deepens 1022's flat NSG dim — takes the EE plugin count **27 → 28** (cloud-substrate 25 → 26; ID range now 1020-1222). It enumerates each vault's keys, role assignments, and diagnostic settings across 4 dims: (1) key auto-rotation policy + (2) key expiry (epoch-s/ms/Date/string coerced) + (3) diagnostic logging → Log Analytics (`@azure/arm-monitor`) + (4) privileged-access depth (RBAC `roleAssignments` admin/data-plane/scope-aware + legacy `accessPolicies` export/wide-crypto breadth). Deliberately orthogonal to plugin 1022's vault-property dims (purge/soft-delete/network-ACL/RBAC-mode) — no double-emission. Secret/cert expiry is a deliberate data-plane scope boundary. Findings route across all six frameworks (SOC 2 CC6.3/C1.1/CC6.1/CC7.2 / HIPAA §164.312(a)(2)(iv)/(b)/(a)(1) / NIST CSF PR.DS-01/DE.CM-09/PR.AA-05 / PCI DSS 3.5.1/10.2.1/7.2.1 / ISO 27001 A.8.24/A.8.15/A.5.15+A.8.2 / CIS v8 3.11/8.2/5.4) — all six coverage matrices UNCHANGED. SKILL.md + README + `references/plugins.md` updated to the full 28-plugin catalog (1020-1222; 26 cloud-substrate auditors). No standalone agent-skill code changes.
+
+## 0.1.47 (PUBLISHED 2026-05-27) — Paired-release pin for EE 0.14.1 + CE 0.1.80 — plugin 1221 UDP restricted-port lane
 
 Paired-release pin for the EE 0.14.1 cycle: plugin 1221 (the Azure NSG perimeter auditor) gains a **UDP restricted-port lane** (Dim 2u/3u) — tiering UDP management/amplification services (SNMP 161 / CLDAP 389 / NTP 123 / rpcbind 111 / IPMI 623 / IKE 500 / Memcached 11211, etc.) in parallel with the existing TCP lane, attachment-aware (attached → CRITICAL effective; orphaned → MEDIUM latent) with per-transport priority/deny-override resolution — closing the R-MEDIUM-2 false negative where a public UDP service was silently treated as benign non-restricted "web tier" INFO. Dim-4 made protocol-aware. The six framework titlePatterns for 1221 were generalized `permits TCP inbound …` → `permits (?:TCP|UDP) inbound …` so UDP findings route to the same CC6.6/perimeter controls. **Plugin count UNCHANGED at 27 (cloud-substrate 25); all six coverage matrices UNCHANGED.** `references/plugins.md` 1221 row updated to the UDP lane. No standalone agent-skill code changes.
 

package/README.md

@@ -109,7 +109,7 @@ This package provides **knowledge about** NSAuditor AI. To actually **run** scan
 |---------|-------|-----------|
 | **Community** | Free / MIT | 27 plugins (service probes + host/network discovery + intelligence/meta), basic AI, SARIF, CTEM, scan history |
 | **Pro** | $49/mo | + CVE matching, verification probes, risk scoring, 3 Pro plugins (040 TLS / 050 TRIBE / 060 DNS) |
-| **Enterprise** | $2k+/yr | + 25 cloud-substrate auditor plugins (1020-1221 range; AWS / GCP / Azure SOC 2 evidence-pack), Zero Trust, RFC 3161 timestamps, chain-of-custody attestations, air-gapped deployment |
+| **Enterprise** | $2k+/yr | + 26 cloud-substrate auditor plugins (1020-1222 range; AWS / GCP / Azure SOC 2 evidence-pack), Zero Trust, RFC 3161 timestamps, chain-of-custody attestations, air-gapped deployment |
 
 → [Pricing](https://www.nsauditor.com/ai/pricing/)
 

package/SKILL.md

@@ -488,7 +488,7 @@ Add to your MCP configuration with the same command/args pattern.
 |---------|-------|-------------|
 | **Community** | Free / MIT | 27 plugins (service probes + host/network discovery + intelligence/meta), basic AI, CTEM, SARIF, scan history |
 | **Pro** | $49/mo | + CVE matching, verification probes, risk scoring, Pro plugins (040 TLS / 050 TRIBE / 060 DNS) |
-| **Enterprise** | $2k+/yr | + 25 cloud-substrate auditor plugins (1020-1221 range) covering AWS / GCP / Azure against SOC 2 (10 covered + 4 partial controls); Zero Trust; SOC 2 evidence-pack generation; RFC 3161 timestamps; chain-of-custody attestations; air-gapped deployment |
+| **Enterprise** | $2k+/yr | + 26 cloud-substrate auditor plugins (1020-1222 range) covering AWS / GCP / Azure against SOC 2 (10 covered + 4 partial controls); Zero Trust; SOC 2 evidence-pack generation; RFC 3161 timestamps; chain-of-custody attestations; air-gapped deployment |
 
 → [Pricing](https://www.nsauditor.com/ai/pricing/)
 

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "nsauditor-ai-agent-skill",
-  "version": "0.1.47",
+  "version": "0.1.49",
   "description": "AI Agent Skill for NSAuditor AI — gives any AI coding agent built-in knowledge of NSAuditor's MCP tools, schemas, plugins, and security audit workflows.",
   "keywords": [
     "nsauditor",

package/references/plugins.md

@@ -192,6 +192,7 @@ listings, and default pages.
 | 1210 | AWS EC2 Instance Auditor (**NEW EE 0.13.1** — first new plugin since 1200; plugin count 24 → 25; the AWS producer for CIS-Hardened-Image detection + EC2 instance-level + EBS-encryption coverage) | Enterprise | Audits EC2 instances (orthogonal to plugin 1170 which audits the SG perimeter policy). **Multi-region** via ec2:DescribeRegions (single-region fallback emits an evidence-gap). Dimensions: **IMDSv1 enabled** (CC6.1 — MEDIUM when an IAM instance profile is attached / LOW without; **IMDSv2 hop-limit > 1** re-opens container credential theft) + **EBS volume unencrypted** (C1.1 + CIS 3.11 — HIGH; resolves every attached BlockDeviceMappings volume via DescribeVolumes) + **account default-EBS-encryption disabled** (C1.1 preventive — GetEbsEncryptionByDefault) + **public-IP exposure** incl. secondary-ENI/EIP + IPv6 GUA (CC6.6 substrate, INFO) + **instance-store (ephemeral) volume** evidence-gap. **DIM 4 — AMI inventory** → result.cisImageInventory (the producer feed that makes CIS-Hardened-Image detection LIVE on Safeguards 4.1/4.2/4.6; Azure 1022 + GCP 1021 feed the same contract). Conservative classifier: LOW + evidenceGap on indeterminate metadata; AccessDenied → INFO + evidenceGap (never silent-PASS); terminated/shutting-down instances skipped. Survived 3 review rounds / 5 adversarial skill lenses (network-security-audit + CIS + IAM-effective-permissions + soc2-evidence + cloud-plugin-false-negatives). `@aws-sdk/client-ec2` reused. | CC6.1 / C1.1 / CC6.6 |
 | 1220 | Azure Storage Account Data-Protection Auditor (**NEW EE 0.13.2** — Move C-2; **+2 dims EE 0.13.3** — Move C-2.1; plugin count 25 → 26; first dedicated Azure auditor beyond the multi-purpose 1022 scanner) | Enterprise | Audits the Azure Storage Account data-protection surface across **7 dims** — **orthogonal to plugin 1022** which owns the network-exposure dims (no double-emission; mirrors the AWS 1020 S3-scanner + 1120 S3-lifecycle two-plugin split). (1) **HTTPS-only transit** (`enableHttpsTrafficOnly` — HIGH on plaintext HTTP; CC6.7) + (2) **minimum TLS version** (< TLS1_2 → MEDIUM; CC6.7) + (3) **Shared Key authorization** (`allowSharedKeyAccess` — bypasses Azure AD identity; CC6.1; Azure field-default discipline: absent = ENABLED, never silent-PASS) + (4) **infrastructure (double) encryption** (`requireInfrastructureEncryption`; C1.1) + (5) **encryption key source incl. CMK reachability + rotation** (`encryption.keyVaultProperties` — keySource=Microsoft.Keyvault PASS only when the key is currently resolvable + auto-rotating; a disabled/revoked/version-pinned CMK degrades, not silent-PASS; C1.1) + (6) **blob recoverability** (soft-delete + versioning via the secondary `blobServices.getServiceProperties` path — A1.2; EE 0.13.3) + (7) **per-container anonymous public access** (account-toggle-aware via `blobContainers.list` — `publicAccess=Blob/Container` + allowBlobPublicAccess=true → HIGH effective exposure; C1.1; EE 0.13.3). Conservative classifier: indeterminate field / AccessDenied / secondary-path failure → evidence-gap (never silent-PASS); `for await` pagination. Single-subscription scope surfaced explicitly. Built + reviewed through the cloud-plugin-false-negatives lens. `@azure/arm-storage` + `@azure/identity`. | CC6.7 / CC6.1 / C1.1 / A1.2 |
 | 1221 | Azure NSG Perimeter Auditor (**NEW EE 0.14.0** — Move C-2.2; **UDP lane EE 0.14.1**; plugin count 26 → 27; the Azure analog of AWS plugin 1170) | Enterprise | A CC6.6 network-segmentation perimeter auditor for Azure Network Security Groups — **non-overlapping-by-depth with plugin 1022's flat per-rule NSG lint** (no double-emission of a verdict; mirrors the AWS 1023-observed / 1170-declared two-plugin precedent). Evaluates each NSG's inbound rules in **Azure priority order** (first match wins; DenyAllInbound default): (1) **all-protocol (`*`) public Allow** — every port reachable from the public internet + (2) **public-source (`*`/`0.0.0.0/0`/`Internet`) to a restricted TCP port** (SSH/RDP/MSSQL/MySQL/Postgres/Redis/Memcached/MongoDB/Elasticsearch/CouchDB/SMB/WinRM/Oracle/Docker/Kubelet) + (3) **`::/0` IPv6-wildcard to a restricted port** (the dimension 1022's flat lint misses) + **(2u/3u) public-source / `::/0` to a restricted UDP service** (DNS/TFTP/rpcbind/NTP/NetBIOS/SNMP/CLDAP/IKE/Syslog/IPMI/OpenVPN/MSSQL-Monitor/SSDP/IPsec-NAT-T/Memcached — closes the public-UDP false negative, **EE 0.14.1**) + (4) **public→non-restricted port** INFO substrate + (5) **PASS substrate** when no public restricted exposure. **Attachment-aware severity** via the read-only `nsg.subnets[]`/`networkInterfaces[]` back-references — attached → CRITICAL (effective exposure); orphaned → MEDIUM (latent). Per-transport effective priority/deny-override resolution + port-range expansion + `0.0.0.0/1` split-range coverage + service-tag/ASG-source normalization (VirtualNetwork/AzureLoadBalancer/ASG = not public). Conservative classifier: denied/indeterminate listAll → evidence-gap; one malformed NSG degrades per-resource (never aborts the scan); `for await` pagination; single-subscription scope explicit. Built + reviewed through the cloud-plugin-false-negatives lens (EE 0.14.0 SHIP-WITH-FOLDS 2 LOW; EE 0.14.1 UDP lane SHIP-WITH-FOLDS 2 MED + 1 LOW, all folded). `@azure/arm-network` + `@azure/identity`. | CC6.6 |
+| 1222 | Azure Key Vault Deep Auditor (**NEW EE 0.15.0** — Move C-2.3; plugin count 27 → 28; the third dedicated Azure auditor after 1220 storage + 1221 NSG; **hotfixed EE 0.15.1** — Dim-3 SDK-shape + Dim-4 inherited-admin severity re-tune) | Enterprise | The deep Key Vault auditor — the KV analog of how 1221 deepens 1022's flat NSG dim; **orthogonal to plugin 1022's vault-property dims** (purge/soft-delete/network-ACL/RBAC-mode) — no double-emission of a verdict. Enumerates each vault's **keys, role assignments, and diagnostic settings** across 4 dims: (1) key **auto-rotation policy** — keys with no `rotationPolicy` / no rotate-action → finding + (2) key **expiry** — keys with no `expires` (or already-expired), with epoch-s/ms/Date/string coercion (closes the ms-overflow false-clean) + (3) **diagnostic logging → Log Analytics** — vaults with no `AuditEvent`→workspace diagnostic setting; reads `@azure/arm-monitor`'s `diagnosticSettings.list()` correctly as an `await`-ed `{value:[]}` collection object (NOT a paged async-iterator — the EE 0.15.1 H-1 fix; pre-fix the dim always threw and degraded to a non-functional evidence-gap), soft-degrades to an evidence-gap if the SDK is absent + (4) **privileged-access depth** — RBAC `roleAssignments` (admin/data-plane/**scope-aware severity**: vault-scoped control-plane god roles + Key Vault Administrator at any scope → HIGH; inherited subscription/management-group-scope Owner/User-Access-Administrator → MEDIUM, inherited Contributor → LOW — the EE 0.15.1 H-2 re-tune that stops flagging the ubiquitous inherited-admin reality as HIGH on every RBAC vault) + legacy `accessPolicies` breadth (export + wide-crypto permissions). **Secret/cert expiry is a deliberate data-plane scope boundary** (explicit caveat — the control-plane mgmt API does not expose data-plane object expiry). Conservative classifier: indeterminate field / AccessDenied / arm-monitor absent → evidence-gap; one malformed vault degrades per-resource (never aborts the scan); single-subscription scope explicit. Findings route across all six frameworks (SOC 2 CC6.3/C1.1/CC6.1/CC7.2 · HIPAA §164.312(a)(2)(iv)/(b)/(a)(1) · NIST CSF PR.DS-01/DE.CM-09/PR.AA-05 · PCI DSS 3.5.1/10.2.1/7.2.1 · ISO 27001 A.8.24/A.8.15/A.5.15+A.8.2 · CIS v8 3.11/8.2/5.4) — all six coverage matrices UNCHANGED. Built + reviewed through the cloud-plugin-false-negatives lens (SHIP-WITH-FOLDS 0C/3H/2M/4L; 4 folded). `@azure/arm-keyvault` + `@azure/arm-monitor` + `@azure/arm-authorization` + `@azure/identity`. | CC6.3 / C1.1 / CC6.1 / CC7.2 |
 
 ---