nsauditor-ai-agent-skill 0.2.7 → 0.2.8

package/CHANGELOG.md

@@ -4,6 +4,10 @@ Release notes for **`nsauditor-ai-agent-skill`** — installable knowledge packa
 
 ---
 
+## 0.2.8 (2026-06-09) — Paired release for EE 0.19.3 + CE 0.2.8 — MCP affordance + class-O truncation sweep
+
+Version sync for a cycle that **changes documented MCP behavior** (input schemas unchanged; the skill's existing `scan_cloud` guidance remains correct): CE 0.2.8's `scan_cloud` tool description now enumerates the per-service coverage (AWS S3/IAM/KMS/CloudTrail/CodePipeline-CodeBuild SoD/Lambda/API GW/DynamoDB/RDS/SQS-SNS/Secrets/Backup/VPC endpoints/SG perimeter/ElastiCache/SES/GuardDuty · Azure KV/Storage/NSG/RBAC · GCP firewall/storage/impersonation) + the 6 frameworks, so agents route service-named audit asks to the scanner; the `[⚠ EVIDENCE GAP]` summary lines lead with the GAP clause and carry the first actionable clause as an `· actionable:` companion (internal routing tags stripped). EE 0.19.3: Lambda inline-credential env-var names + the `AWS_LAMBDA_`/`AWS_XRAY_` exclusion-prefix evasion bypass (1080); truncation/AccessDenied evidence-gaps across 8 AWS auditors now fail-close their sources' native controls in all six frameworks (class-O sweep incl. the 1110 P-16 grant-bypass); a new Azure NSG Dim 2a flags restricted-port exposure to the tenant-rentable `AzureCloud`/`AzureCloud.<region>` service tags (1221); public-subnet Redis replication groups no longer silently downgrade (1180). Plugin count UNCHANGED at 28; all six coverage matrices UNCHANGED at the count level.
+
 ## 0.2.7 (2026-06-08) — Paired-release pin for EE 0.19.2 + CE 0.2.7 — Confirmed false-negative tail
 
 Paired no-op bump (knowledge-package version sync). EE 0.19.2 closes six more gauntlet-confirmed Tier-B false-negatives across the Pro/Enterprise cloud auditors (1222 Azure KV legacy access-policy per-verb breadth + 2 anchor-drifts + drift-detector closure · 1021 GCP broad-but-not-full public firewall ranges · 1070 AWS KMS PendingDeletion key-policy audit · 1100 CodePipeline sticky approval-latch · 1024 GCP Storage bucket-enumeration truncation evidence-gap · 1040 CloudTrail data-events read-coverage caveat), each TDD'd + independently adversarially reviewed. Plugin count UNCHANGED at 28; all six coverage matrices UNCHANGED. No change to the MCP tool/plugin schemas this skill documents.

package/SKILL.md

@@ -16,7 +16,7 @@ description: >
 
 # NSAuditor AI — Agent Skill
 
-> **Version:** 0.2.7 (post-EE 0.19.2 — Confirmed false-negative tail: 6 more cloud-auditor silent misses closed [1222 Azure KV per-verb breadth + anchor-drifts · 1021 GCP broad-public firewall · 1070 AWS KMS PendingDeletion · 1100 CodePipeline approval-latch · 1024 GCP Storage truncation gap · 1040 CloudTrail data-events read-coverage]) · **Source:** [github.com/nsasoft/nsauditor-ai](https://github.com/nsasoft/nsauditor-ai) · **npm:** `nsauditor-ai` · **License:** MIT (CE)
+> **Version:** 0.2.8 (post-EE 0.19.3 — MCP affordance + class-O truncation sweep: the `scan_cloud` tool description now enumerates per-service coverage so agents route service-named audit asks to it; evidence-gap list lines lead with the GAP clause + carry an `· actionable:` companion; truncation/AccessDenied evidence-gaps across 8 AWS auditors fail-close their native controls; new Azure NSG AzureCloud service-tag exposure dimension [1221]; Lambda inline-credential env-var names + exclusion-prefix bypass [1080]) · **Source:** [github.com/nsasoft/nsauditor-ai](https://github.com/nsasoft/nsauditor-ai) · **npm:** `nsauditor-ai` · **License:** MIT (CE)
 
 NSAuditor AI is a modular, AI-assisted network security audit platform with 27+ scanner
 plugins, CVE matching, MITRE ATT&CK mapping, and Zero Data Exfiltration by design. This

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "nsauditor-ai-agent-skill",
-  "version": "0.2.7",
+  "version": "0.2.8",
   "description": "AI Agent Skill for NSAuditor AI — gives any AI coding agent built-in knowledge of NSAuditor's MCP tools, schemas, plugins, and security audit workflows.",
   "keywords": [
     "nsauditor",