nsauditor-ai-agent-skill 0.2.12 → 0.2.13

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
package/CHANGELOG.md CHANGED
@@ -4,6 +4,10 @@ Release notes for **`nsauditor-ai-agent-skill`** — installable knowledge packa
4
4
 
5
5
  ---
6
6
 
7
+ ## 0.2.13 (2026-06-21) — Paired content bump for EE 0.30.1 (AWS RDS + API Gateway false-negative depth pass + AXIS_MAP graduation)
8
+
9
+ Paired content bump — no new framework. EE 0.30.1 closes the last two AWS sources' silent false-cleans: **RDS (1140)** snapshot-sharing exposure (a `restore=all` shared snapshot is CRITICAL even when encrypted) + a `DescribeDBInstances` evidence-gap, and **API Gateway (1050)** WAF deep-audit gap arm (6 evidence-gaps now fail-close the WAF native set == the positives) + unknown-auth + WebSocket-skip + deleted-WebACL + unencrypted-cache routing — and graduates both `KNOWN_UNCOVERED → AXIS_MAP`, so every AWS source now has a dedicated false-negative pass. Cross-framework parity folds route the API Gateway resource-policy public-grant to **PCI 7.2.1 + GDPR Art.32(1)(b)**, the deleted-WebACL to **PCI 6.4.1 / ISO A.8.21**, and the unencrypted cache to **ISO A.8.24** (GDPR scope-doctrine held — Art. 32 infrastructure substrate only; the GDPR-touching copy carries the operator legal review). The skill version blurb is refreshed; plugin count UNCHANGED at 28; all seven coverage matrices UNCHANGED. Paired with EE 0.30.1 + CE 0.2.13.
10
+
7
11
  ## 0.2.12 (2026-06-18) — Paired content bump for EE 0.30.0 (AWS + Azure false-negative depth-pass + cross-source compliance-mapping parity)
8
12
 
9
13
  Paired content bump — no new framework. EE 0.30.0 is a detection-depth + mapping-correctness release: it closes a wave of cloud-misconfiguration false-negatives across AWS (S3 access-points · resource-policy effective-exposure · EC2-SG public-CIDR/split-range · KMS effective-decrypt/cross-account · IAM ListUsers truncation) and Azure (storage/NSG/Key-Vault/cloud-scanner class-O fail-opens), and routes architecturally-identical confidentiality / least-privilege exposures consistently across all seven frameworks (e.g. a public application entry-point now appears on a NIST CSF **PR.AA-05** least-privilege report; KMS / queue read-exposure reaches GDPR **Art.32(1)(b)**). The skill's version blurb + the `compliance_check` capability row are refreshed to seven frameworks (corrected a stale "six/hexa-framework" reference); plugin count UNCHANGED at 28; all seven coverage matrices UNCHANGED. Paired with EE 0.30.0 + CE 0.2.12.
package/SKILL.md CHANGED
@@ -16,7 +16,7 @@ description: >
16
16
 
17
17
  # NSAuditor AI — Agent Skill
18
18
 
19
- > **Version:** 0.2.12 (post-EE-0.30.0 — the **AWS + Azure false-negative depth-pass + cross-source/cross-vector compliance-mapping parity** cycle: **no new framework** — the Enterprise engine closes a wave of cloud-misconfiguration false-negatives (S3 access-points · resource-policy effective-exposure · EC2-SG public-CIDR/split-range · KMS effective-decrypt/cross-account · Azure class-O fail-opens) and now routes architecturally-identical confidentiality / least-privilege exposures **consistently across all seven frameworks** [e.g. a public application entry-point now appears on a NIST CSF **PR.AA-05** least-privilege report; KMS / queue read-exposure reaches GDPR **Art.32(1)(b)**]. Plugin count UNCHANGED at 28; all seven coverage matrices UNCHANGED. The seven frameworks: SOC 2 · HIPAA · NIST CSF 2.0 · PCI DSS v4.0.1 · ISO/IEC 27001:2022 · CIS Controls v8 · **GDPR Article 32** — the last is **Art. 32 infrastructure substrate ONLY, NOT GDPR compliance** [Art. 32 is the only one of GDPR's 99 articles an infrastructure scanner can evidence; the rest is operator-side, out of scope by design], carrying four-factor proportionality + personal-data-scope attestation + the Art. 83(4) LOWER fine tier [€10M/2%, not the €20M/4% headline tier]. Paired CE 0.2.12 + EE 0.30.0) · **Source:** [github.com/nsasoft/nsauditor-ai](https://github.com/nsasoft/nsauditor-ai) · **npm:** `nsauditor-ai` · **License:** MIT (CE)
19
+ > **Version:** 0.2.13 (post-EE-0.30.1 — the **AWS RDS + API Gateway false-negative depth pass + AXIS_MAP graduation** cycle: **no new framework** — the Enterprise engine closes the last two AWS sources' silent false-cleans (RDS snapshot-sharing exposure that fires **even when encrypted** · API Gateway WAF deep-audit gap-arm + unknown-auth + deleted-WebACL routing) and graduates both to AXIS_MAP, so **every AWS source now has a dedicated false-negative pass**; cross-framework parity folds route the API Gateway resource-policy public-grant to **PCI 7.2.1 + GDPR Art.32(1)(b)** and the unencrypted cache to **ISO A.8.24**. Plugin count UNCHANGED at 28; all seven coverage matrices UNCHANGED. The seven frameworks: SOC 2 · HIPAA · NIST CSF 2.0 · PCI DSS v4.0.1 · ISO/IEC 27001:2022 · CIS Controls v8 · **GDPR Article 32** — the last is **Art. 32 infrastructure substrate ONLY, NOT GDPR compliance** [Art. 32 is the only one of GDPR's 99 articles an infrastructure scanner can evidence; the rest is operator-side, out of scope by design], carrying four-factor proportionality + personal-data-scope attestation + the Art. 83(4) LOWER fine tier [€10M/2%, not the €20M/4% headline tier]. Paired CE 0.2.13 + EE 0.30.1) · **Source:** [github.com/nsasoft/nsauditor-ai](https://github.com/nsasoft/nsauditor-ai) · **npm:** `nsauditor-ai` · **License:** MIT (CE)
20
20
 
21
21
  NSAuditor AI is a modular, AI-assisted network security audit platform with 27+ scanner
22
22
  plugins, CVE matching, MITRE ATT&CK mapping, and Zero Data Exfiltration by design. This
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "nsauditor-ai-agent-skill",
3
- "version": "0.2.12",
3
+ "version": "0.2.13",
4
4
  "description": "AI Agent Skill for NSAuditor AI — gives any AI coding agent built-in knowledge of NSAuditor's MCP tools, schemas, plugins, and security audit workflows.",
5
5
  "keywords": [
6
6
  "nsauditor",