nsauditor-ai-agent-skill 0.1.53 → 0.1.55
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +8 -0
- package/package.json +1 -1
package/CHANGELOG.md
CHANGED
|
@@ -4,6 +4,14 @@ Release notes for **`nsauditor-ai-agent-skill`** — installable knowledge packa
|
|
|
4
4
|
|
|
5
5
|
---
|
|
6
6
|
|
|
7
|
+
## 0.1.55 (2026-05-29) — Paired-release pin for EE 0.15.7 + CE 0.1.88 — GCP SDK refresh
|
|
8
|
+
|
|
9
|
+
Paired no-op bump (no standalone agent-skill content change; SKILL.md + `references/plugins.md` UNCHANGED). EE 0.15.7 re-applies the GCP SDK major bump (`@google-cloud/compute` ^6 / `@google-cloud/iam` ^2 / `googleapis` ^173) on the pure-ADC credential path — validated live against a test-infra GCP project (first live GCP audit: 3 CRITICAL firewall findings on compute@6) — documents the compute-client SA-impersonation gap (unsupported on compute@6; gated to plan-later), and folds the plugin-1021 project-resolution fix. No plugin count / matrix / behavior change (plugin count 28; all six matrices UNCHANGED).
|
|
10
|
+
|
|
11
|
+
## 0.1.54 (2026-05-28) — Paired-release pin for EE 0.15.6 + CE 0.1.87 — compliance-mapping correctness
|
|
12
|
+
|
|
13
|
+
Paired no-op bump (no standalone agent-skill content change; SKILL.md + `references/plugins.md` UNCHANGED). EE 0.15.6 closes two cross-framework defects in the S3 public-exposure compliance routing: a publicly-accessible bucket (public policy / bucket ACL / object ACL / non-current version) now correctly maps to NIST CSF PR.AA-05 + PR.DS-01 and PCI DSS 7.2.1 — it previously showed CLEAN on those two frameworks — and the missing-Public-Access-Block MEDIUM (a defense-in-depth guardrail gap, not a confirmed exposure) no longer false-FAILs the confidentiality-exposure controls (the `"publicly accessible"` anchor was tightened to confirmed-public-only across all six frameworks). No plugin count / matrix / behavior change (plugin count 28; all six matrices UNCHANGED).
|
|
14
|
+
|
|
7
15
|
## 0.1.53 (2026-05-28) — Paired-release pin for EE 0.15.5 + CE 0.1.86 — dependency-hygiene / institutional-trust patch
|
|
8
16
|
|
|
9
17
|
Paired no-op bump (no standalone agent-skill content change; SKILL.md + `references/plugins.md` UNCHANGED). EE 0.15.5 + CE 0.1.86 remove npm deprecation warnings + advisories institutional clients see on install: dropped unused `puppeteer`/`better-sqlite3`/`pg` (EE); replaced the abandoned `simple-wappalyzer`/`wappalyzer-core` with an in-house zero-dep tech fingerprinter (CE); bumped `@anthropic-ai/sdk` past its advisory range + `uuid`→`crypto.randomUUID()` (CE); NEW `SECURITY.md` in both. No plugin count / matrix / behavior change.
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "nsauditor-ai-agent-skill",
|
|
3
|
-
"version": "0.1.
|
|
3
|
+
"version": "0.1.55",
|
|
4
4
|
"description": "AI Agent Skill for NSAuditor AI — gives any AI coding agent built-in knowledge of NSAuditor's MCP tools, schemas, plugins, and security audit workflows.",
|
|
5
5
|
"keywords": [
|
|
6
6
|
"nsauditor",
|