nsauditor-ai-agent-skill 0.1.50 → 0.1.52

package/CHANGELOG.md

@@ -4,6 +4,14 @@ Release notes for **`nsauditor-ai-agent-skill`** — installable knowledge packa
 
 ---
 
+## 0.1.52 (STAGED on `main` 2026-05-28) — Paired-release pin for EE 0.15.4 + CE 0.1.85 — plugin 1020 non-current-version ACL sampling + public WRITE-vs-READ differentiation
+
+Paired-release pin for the EE 0.15.4 patch cycle: closes the two residuals the 0.15.3 spec §8 carried as deferred. **(R-MEDIUM-2)** NEW step 2c-v samples public ACLs on **non-current** object versions — on versioning-Enabled/Suspended buckets plugin 1020 calls `ListObjectVersions` (first-page, bounded by `AWS_S3_AUDIT_OBJECT_SAMPLE_CAP`), filters to `IsLatest !== true`, skips `DeleteMarkers`, reads each via `GetObjectAcl({Key, VersionId})`; closes the Class-B miss where a private current object retains a public-ACL overwritten version still served at `?versionId=`. Public `AllUsers`/`AuthenticatedUsers` grant → CRITICAL via the existing `"publicly accessible"` anchor; skipped on `BucketOwnerEnforced`. **(R-LOW-1)** NEW `extractPublicWriteGroups` helper flags public WRITE/WRITE_ACP/FULL_CONTROL grants (anyone-can-overwrite) distinctly from READ-only as an enrichment line on the already-CRITICAL finding. New evidence-gaps (`ListObjectVersions AccessDenied` naming `s3:ListBucketVersions`; per-version aggregate-failure threshold; version-list truncation; a folded `GetBucketVersioning AccessDenied` gap) reuse the existing `"S3 object-ACL evidence-gap"` anchor — never a silent PASS. **Plugin count UNCHANGED at 28 (cloud-substrate 27); all six coverage matrices UNCHANGED; ZERO framework-JSON edits.** No new dependencies; EE regression 6628/6628 GREEN (+27 tests vs the 6601 baseline). No standalone agent-skill code changes — `SKILL.md` + `references/plugins.md` use generic framing (no plugin row change). _(Staged on `main`; awaiting live AWS smoke + trio publish.)_
+
+## 0.1.51 (2026-05-28) — Paired-release pin for EE 0.15.3 + CE 0.1.84 — plugin 1020 object-level ACL enumeration + BucketOwnerEnforced short-circuit
+
+Paired-release pin for the EE 0.15.3 patch cycle: closes the 4th and final S3 public-exposure vector (object-level ACLs) documented as a residual in the 0.15.2 closure. Plugin 1020 gains NEW step 2c sampled `GetObjectAcl` enumeration over first-page objects (`AWS_S3_AUDIT_OBJECT_SAMPLE_CAP` default 10, clamped `[1, 1000]`; `AWS_S3_AUDIT_OBJECT_RATE_MS` default 50ms throttle BEFORE each call) + NEW step 2a `GetBucketOwnershipControls` upstream short-circuit that skips both 2b (bucket-ACL) and 2c (object-ACL) on `BucketOwnerEnforced` buckets — the default on every bucket created after April 2023; saves 11+ API calls per BOE bucket on modern estates AND closes a false-positive class. **INTENTIONAL MATRIX DELTA from 0.15.2**: BOE buckets with legacy stored public bucket-ACL grants previously emitted CRITICAL via 2b; they now emit informational only (downgraded to the BOE informational) because S3 structurally ignores ACL grants under BOE — the prior CRITICAL was a false-positive class. BOE short-circuit is unconditional (no env-var override). NEW shared `extractPublicGroups` helper used by BOTH step 2b (refactored byte-identical) AND step 2c. 4 LOW evidence-gap emissions via NEW `"S3 object-ACL evidence-gap"` substring anchor on SOC 2 CC7.1 + HIPAA §164.312(b). **Plugin count UNCHANGED at 28 (cloud-substrate 27); all six coverage matrices UNCHANGED**. No new dependencies; EE regression 6601/6601 GREEN (+33 tests vs the 6568 baseline). Live AWS smoke against acct 522412052794 — all 4 spot-checks PASS (BOE detection; E1 CRITICAL en-dash byte preservation; cap clamping; objectRateMs throttling). No standalone agent-skill code changes.
+
 ## 0.1.50 (2026-05-27) — Paired-release pin for EE 0.15.2 + CE 0.1.83 — audit-accuracy calibration + CloudTrail hardening + Azure 1221/1222 folds
 
 Paired-release pin for the EE 0.15.2 patch cycle: four real-production-account-driven folds. **Fold 1** — plugin 1020 (S3) effective-public-exposure calibration: missing/partial Public Access Block downgraded CRITICAL→MEDIUM (a guardrail gap, not a current exposure) + NEW `GetBucketAcl` check completing the ACL × bucket-policy × PAB join (a public `AllUsers`/`AuthenticatedUsers` ACL grant → CRITICAL unless neutralized by PAB `IgnorePublicAcls`) — fixes false-CRITICALs AND closes a public-via-ACL false-negative. **Fold 2** — plugin 1040 (CloudTrail) KMS-CMK calibration: trail-level "KmsKeyId not set" downgraded MEDIUM→LOW when the destination bucket has default SSE-KMS. **Fold 3** — plugin 1040 (CloudTrail) multi-region timeout hardening: an `AbortController` tied to the soft-budget deadline lets a hung disabled-region abort so the plugin finalizes PARTIAL evidence. **Fold 4** — plugin 1221 (Azure NSG) +10 restricted UDP ports (RADIUS 1812/1813/1645/1646, L2TP 1701, SIP 5060, mDNS 5353, RIP 520, XDMCP 177, chargen 19) + plugin 1222 (Azure Key Vault) F-2 custom-role resolution (via `roleDefinitions.getById` + KV-privilege inspection) + F-7.2 HSM dim (software-vs-HSM `key.kty` LOW hardening rec). **Plugin count UNCHANGED at 28 (cloud-substrate 26); all six coverage matrices UNCHANGED.** No new dependencies; EE regression 6568/6568 GREEN (+42 tests vs the 6526 baseline). No standalone agent-skill code changes.

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "nsauditor-ai-agent-skill",
-  "version": "0.1.50",
+  "version": "0.1.52",
   "description": "AI Agent Skill for NSAuditor AI — gives any AI coding agent built-in knowledge of NSAuditor's MCP tools, schemas, plugins, and security audit workflows.",
   "keywords": [
     "nsauditor",