nsauditor-ai-agent-skill 0.2.18 → 0.2.19
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +6 -0
- package/SKILL.md +1 -1
- package/package.json +1 -1
package/CHANGELOG.md
CHANGED
|
@@ -4,6 +4,12 @@ Release notes for **`nsauditor-ai-agent-skill`** — installable knowledge packa
|
|
|
4
4
|
|
|
5
5
|
---
|
|
6
6
|
|
|
7
|
+
## 0.2.19 (2026-06-29) — Paired content bump for EE 0.31.7 (RDS audit-log no-false-clean (generation + retention) + opt-in positive-substrate RoC surfacing)
|
|
8
|
+
|
|
9
|
+
Paired content bump for the EE 0.31.7 cycle (SKILL.md version line + this changelog). EE 0.31.7 makes a database producing no audit logs — CloudWatch exports off, or PostgreSQL pgAudit disabled/misconfigured — fail closed against every framework's audit-log-**generation** control (SOC 2 CC7.2 · HIPAA §164.312(b) · PCI 10.2.1 · CIS 8.2 + 8.5 · NIST PR.PS-04 · ISO A.8.15, + NIST DE.CM-09 for pgAudit), adds a conservative PCI DSS 10.5.1 ≥12-month retention substrate, and surfaces opt-in positive-substrate evidence per-control in the RoC. **No new framework, no new plugins (still 28), all seven coverage matrices UNCHANGED.** Paired **EE 0.31.7** + CE 0.2.21.
|
|
10
|
+
|
|
11
|
+
---
|
|
12
|
+
|
|
7
13
|
## 0.2.18 (2026-06-27) — Paired content bump for EE 0.31.6 (RDS enumeration-truncation no-false-clean class CLOSED + audit-log retention routing-depth sweep; CIS matrix 17/22/114 → 17/23/113)
|
|
8
14
|
|
|
9
15
|
Paired content bump for the EE 0.31.6 cycle (SKILL.md version line + the `compliance_check` CIS count). EE 0.31.6 makes every RDS enumerator fail closed on page-cap truncation, registers the RDS auditor in the compliance-engine drift detector, and maps RDS audit-log retention to PCI DSS 10.5.1 / NIST CSF PR.PS-04 / ISO A.8.15 / CIS Safeguard 8.10 — flipping **CIS Controls v8 Safeguard 8.10 OOS → partial** (CIS matrix **17/22/114 → 17/23/113**; IG1 cyber-insurance baseline UNCHANGED at 23/56, IG2-cum 38, IG3-cum 40). The other six matrices are UNCHANGED; plugin count UNCHANGED at 28. Paired **EE 0.31.6** + CE 0.2.20.
|
package/SKILL.md
CHANGED
|
@@ -16,7 +16,7 @@ description: >
|
|
|
16
16
|
|
|
17
17
|
# NSAuditor AI — Agent Skill
|
|
18
18
|
|
|
19
|
-
> **Version:** 0.2.
|
|
19
|
+
> **Version:** 0.2.19 (post-EE-0.31.7 — the **RDS audit-log no-false-clean (generation + retention) + opt-in positive-substrate RoC surfacing** cycle: **no new framework, no new plugins (still 28), all seven coverage matrices UNCHANGED.** A false-clean-hardening + compliance-mapping-depth release. A database producing no audit logs — CloudWatch exports off, or PostgreSQL pgAudit disabled/misconfigured — now fails closed against every framework’s audit-log-generation control (SOC 2 CC7.2 · HIPAA §164.312(b) · PCI 10.2.1 · CIS 8.2 + 8.5 · NIST PR.PS-04 · ISO A.8.15, + NIST DE.CM-09 for pgAudit), not the retention controls; adds a conservative PCI 10.5.1 ≥12-month retention substrate; and surfaces opt-in positive-substrate evidence per-control in the RoC. The seven frameworks: SOC 2 · HIPAA · NIST CSF 2.0 · PCI DSS v4.0.1 · ISO/IEC 27001:2022 · CIS Controls v8 · **GDPR Article 32** — the last is **Art. 32 infrastructure substrate ONLY, NOT GDPR compliance** [Art. 32 is the only one of GDPR's 99 articles an infrastructure scanner can evidence; the rest is operator-side, out of scope by design], carrying four-factor proportionality + personal-data-scope attestation + the Art. 83(4) LOWER fine tier [€10M/2%, not the €20M/4% headline tier]. Paired CE 0.2.21 + EE 0.31.7) · **Source:** [github.com/nsasoft/nsauditor-ai](https://github.com/nsasoft/nsauditor-ai) · **npm:** `nsauditor-ai` · **License:** MIT (CE)
|
|
20
20
|
|
|
21
21
|
NSAuditor AI is a modular, AI-assisted network security audit platform with 27+ scanner
|
|
22
22
|
plugins, CVE matching, MITRE ATT&CK mapping, and Zero Data Exfiltration by design. This
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "nsauditor-ai-agent-skill",
|
|
3
|
-
"version": "0.2.
|
|
3
|
+
"version": "0.2.19",
|
|
4
4
|
"description": "AI Agent Skill for NSAuditor AI — gives any AI coding agent built-in knowledge of NSAuditor's MCP tools, schemas, plugins, and security audit workflows.",
|
|
5
5
|
"keywords": [
|
|
6
6
|
"nsauditor",
|