nsauditor-ai-agent-skill 0.1.60 → 0.1.62

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (3) hide show
  1. package/CHANGELOG.md +4 -0
  2. package/SKILL.md +10 -14
  3. package/package.json +1 -1
package/CHANGELOG.md CHANGED
@@ -4,6 +4,10 @@ Release notes for **`nsauditor-ai-agent-skill`** — installable knowledge packa
4
4
 
5
5
  ---
6
6
 
7
+ ## 0.1.62 (2026-05-30) — Paired-release pin for EE 0.16.3 + CE 0.1.94 — MCP `scan_cloud` now runs its cloud plugins concurrently with a per-plugin timeout (`CLOUD_SCAN_CONCURRENCY` / `CLOUD_PLUGIN_TIMEOUT_MS`), so a full AWS/GCP/Azure account audit finishes within Claude Desktop's ~60s tool-call limit. Internal CE engine change; no tool surface or behavior change for the agent. Plugin count UNCHANGED (28); all six matrices UNCHANGED. SKILL.md/references unchanged.
8
+
9
+ ## 0.1.61 (2026-05-30) — **HOTFIX: SKILL.md `description` trimmed to fit the 1024-char skill-upload limit.** The frontmatter `description` had grown to 1241 chars, so Claude Desktop rejected the skill upload (`field 'description' in SKILL.md must be at most 1024 characters`). Rewrote it to 967 chars while keeping the high-value trigger keywords and adding the new cloud-audit triggers (`scan_cloud`, "audit my AWS/GCP/Azure account", "cloud compliance"). No body/content change vs 0.1.60 (still teaches `scan_cloud`); pairs the same EE 0.16.2 + CE 0.1.93.
10
+
7
11
  ## 0.1.60 (2026-05-30) — Paired-release for EE 0.16.2 + CE 0.1.93 — **SKILL.md updated**: teaches the NEW MCP `scan_cloud` tool (audit AWS/GCP/Azure accounts directly, no network host) — added to the Pro/Enterprise Tools table (Enterprise tier) + the "which tool to use" decision tree, plus a result-interpretation rule ("a cloud was effectively audited only if it's in `auditedProviders`; `audited:false` / `notes` / `pluginsRan:0` means NOT audited — never report a clean pass"). Feature lives in CE 0.1.93; plugin count UNCHANGED (28); all six matrices UNCHANGED.
8
12
 
9
13
  ## 0.1.59 (2026-05-30) — Paired-release pin for EE 0.16.1 + CE 0.1.92 — MCP `NSA_ENV_FILE`: the MCP server now loads a per-environment dotenv file named by `NSA_ENV_FILE` at startup (the MCP analog of the 0.16.0 CLI `--env`), so an operator points the server at a specific account/cloud by changing one path in the Claude Desktop / Claude Code config. Loaded after auth + license (scan-target vars only); fail-fast + authoritative-file ambient-cred clearing close a false-clean caught by the `audit-cloud-plugin-false-negatives` review. Feature lives in CE; plugin count UNCHANGED (28); all six matrices UNCHANGED. SKILL.md/references unchanged.
package/SKILL.md CHANGED
@@ -1,20 +1,16 @@
1
1
  ---
2
2
  name: nsauditor-ai
3
3
  description: >
4
- Use this skill whenever the user wants to perform network security scanning, auditing,
5
- vulnerability assessment, or host reconnaissance using NSAuditor AI. Triggers include:
6
- any mention of 'scan', 'audit', 'vulnerability', 'CVE', 'network security', 'port scan',
7
- 'service detection', 'OS fingerprinting', 'security assessment', 'penetration test',
8
- 'probe', 'MITRE ATT&CK', 'CPE', 'NVD', 'TLS audit', 'cipher check', 'banner grab',
9
- 'SNMP', 'NetBIOS', 'SMB', 'DNS security', 'DKIM', 'SPF', 'DMARC', 'DNSSEC',
10
- 'certificate audit', 'SARIF', 'CTEM', 'continuous monitoring', 'host discovery',
11
- 'mDNS', 'UPnP', 'SSDP', 'ARP scan', 'subnet scan', or references to NSAuditor,
12
- nsauditor-ai, or the nsauditor MCP server. Also triggers when the user asks to check
13
- if a host is up, enumerate services, detect TLS versions, find open ports, look up
14
- CVEs for a software version, audit DNS records, check certificate expiry, or perform
15
- continuous security monitoring. Use this skill even if the user doesn't explicitly say
16
- "NSAuditor" — if they want network security scanning and the nsauditor-ai MCP tools
17
- are available, this is the skill to use. Do NOT use for general coding tasks, web
4
+ Use this skill whenever the user wants network security scanning, auditing, vulnerability
5
+ assessment, host reconnaissance, or cloud-account security/compliance auditing with NSAuditor
6
+ AI (via the nsauditor-ai MCP server: scan_host, scan_cloud, probe_service, get_vulnerabilities,
7
+ list_plugins). Triggers include 'scan', 'audit', 'vulnerability', 'CVE', 'network security',
8
+ 'port scan', 'service detection', 'OS fingerprinting', 'penetration test', 'TLS/cipher audit',
9
+ 'certificate check', 'DNS security', 'SPF/DKIM/DMARC/DNSSEC', 'SNMP/SMB/NetBIOS', 'CTEM',
10
+ 'continuous monitoring', or 'audit my AWS/GCP/Azure account' / 'cloud compliance'. Also use it
11
+ when the user asks to check if a host is up, enumerate services, find open ports, look up CVEs
12
+ for a version, audit DNS records, or audit a cloud account even if they don't say NSAuditor,
13
+ as long as the nsauditor-ai MCP tools are available. Do NOT use for general coding, web
18
14
  development, or non-security topics.
19
15
  ---
20
16
 
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "nsauditor-ai-agent-skill",
3
- "version": "0.1.60",
3
+ "version": "0.1.62",
4
4
  "description": "AI Agent Skill for NSAuditor AI — gives any AI coding agent built-in knowledge of NSAuditor's MCP tools, schemas, plugins, and security audit workflows.",
5
5
  "keywords": [
6
6
  "nsauditor",