diff --git a/.github/instructions/hve-core/prompt-builder.instructions.md b/.github/instructions/hve-core/prompt-builder.instructions.md index f2c4afff6..f4e6d21bc 100644 --- a/.github/instructions/hve-core/prompt-builder.instructions.md +++ b/.github/instructions/hve-core/prompt-builder.instructions.md @@ -413,6 +413,8 @@ Optional fields available by file type: * `agent:` - Agent delegation for prompt files and handoffs. Use the human-readable name from the agent's `name:` frontmatter (for example, `Prompt Builder`). * `argument-hint:` - Hint text for prompt picker display. * `model:` - Model specification. Accepts any valid model identifier string (for example, `gpt-4o`, `claude-sonnet-4`). When omitted, the default model is used. +* `license:` - SPDX license identifier for skill content (for example, `MIT`, `CC-BY-SA-4.0`). Defaults to the repository license when omitted. Use for skills that incorporate third-party content under a specific license. +* `metadata:` - Object containing provenance and versioning metadata for skills. Recognized fields include `authors`, `spec_version`, `framework_revision`, `last_updated`, `skill_based_on`, and `content_based_on`. ### Frontmatter Examples diff --git a/.github/instructions/security/identity.instructions.md b/.github/instructions/security/identity.instructions.md index 02de6b273..b0cf4a536 100644 --- a/.github/instructions/security/identity.instructions.md +++ b/.github/instructions/security/identity.instructions.md @@ -54,7 +54,7 @@ After the standard scoping questionnaire, assess for AI/ML components: ### Phase 3: Standards Mapping * Entry: Phase 2 complete (all bucket analyses documented) -* Activities: map components to OWASP Top 10, NIST 800-53, and CIS Controls; delegate WAF/CAF lookups to the Researcher Subagent +* Activities: map components to OWASP Top 10 and NIST 800-53; delegate CIS Controls, WAF/CAF, and other lookups to the Researcher Subagent * Exit: all components mapped to applicable standards * Artifacts: standards mapping tables in the security plan * Transition: advance to Phase 4 diff --git a/.github/instructions/security/sssc-standards.instructions.md b/.github/instructions/security/sssc-standards.instructions.md index 793e08d67..e84f67708 100644 --- a/.github/instructions/security/sssc-standards.instructions.md +++ b/.github/instructions/security/sssc-standards.instructions.md @@ -5,7 +5,7 @@ applyTo: '**/.copilot-tracking/sssc-plans/**' # SSSC Phase 3: Standards Mapping -Map the assessed supply chain posture against OpenSSF standards. Use the Phase 2 assessment results as input. +Map the assessed supply chain posture against OpenSSF® standards. Use the Phase 2 assessment results as input. ## OpenSSF Scorecard: 20 Checks @@ -178,3 +178,29 @@ Update `state.json`: * Set `phases.3-standards.status` to `✅` * Add `standards-mapping.md` to `phases.3-standards.artifacts` * Advance `currentPhase` to `4` + +## Third-Party Attribution + +OpenSSF® Scorecard check data derived from the OpenSSF Scorecard project, licensed under +Apache 2.0. Source: + +SLSA Build Track level data derived from the SLSA specification, licensed under Community +Specification License 1.0. Source: + +OpenSSF Best Practices Badge criteria derived from the CII Best Practices Badge project, +licensed under MIT (criteria) and CC BY 3.0+ (documentation). +Source: + +Sigstore maturity data derived from the Sigstore project, licensed under Apache 2.0. +Source: + +SPDX content derived from the SPDX specification, licensed under Community Specification +License 1.0. Source: + +CycloneDX content derived from the CycloneDX specification, licensed under Apache 2.0. +Source: + +NTIA Minimum Elements content is derived from a U.S. government publication. Not subject +to copyright (17 U.S.C. § 105). + +OpenSSF® is a registered trademark of the Linux Foundation. diff --git a/.github/instructions/security/standards-mapping.instructions.md b/.github/instructions/security/standards-mapping.instructions.md index 3272c0818..d2b701684 100644 --- a/.github/instructions/security/standards-mapping.instructions.md +++ b/.github/instructions/security/standards-mapping.instructions.md @@ -1,5 +1,5 @@ --- -description: "Embedded OWASP, NIST, and CIS security standards with researcher subagent delegation for WAF/CAF runtime lookups - Brought to you by microsoft/hve-core" +description: "Embedded OWASP and NIST security standards with researcher subagent delegation for CIS, WAF, CAF, and other runtime lookups - Brought to you by microsoft/hve-core" applyTo: '**/.copilot-tracking/security-plans/**' --- @@ -9,7 +9,7 @@ Frequently-used security standards are embedded directly in this file for immedi At least one standard from each embedded framework should map to every component in the security plan. The cross-reference table provides starting-point mappings by bucket; refine these during Phase 3 analysis. -## Embedded OWASP Top 10 +## Embedded OWASP® Top 10 The OWASP Top 10 (2025) covers the most critical web application security risks. At least one OWASP item must map to every web/UI/reporting and identity/auth component. @@ -119,23 +119,6 @@ These families address organizational and personnel-level controls: | PM | Program Management: Enterprise-wide security program, risk management strategy, and architecture integration. | | PS | Personnel Security: Personnel screening, access agreements, and role-change or termination procedures. | -## Embedded CIS Controls - -The CIS Critical Security Controls provide prioritized, actionable guidance. The top 10 controls most commonly applicable to software architectures follow. - -| Control | Description | -|---------|-----------------------------------------------------------------------------------------------------------------------------| -| CIS 1 | Inventory and Control of Enterprise Assets: Maintain an accurate inventory of all hardware assets connected to the network. | -| CIS 2 | Inventory and Control of Software Assets: Track and manage all software running in the environment. | -| CIS 3 | Data Protection: Identify, classify, and protect sensitive data at rest and in transit. | -| CIS 4 | Secure Configuration of Enterprise Assets and Software: Establish and maintain hardened configurations for all assets. | -| CIS 5 | Account Management: Manage lifecycle of system and application accounts including creation, use, and deactivation. | -| CIS 6 | Access Control Management: Create, assign, manage, and revoke access credentials and privileges. | -| CIS 7 | Continuous Vulnerability Management: Continuously identify and remediate vulnerabilities across the environment. | -| CIS 8 | Audit Log Management: Collect, review, and retain audit logs for detection and forensic purposes. | -| CIS 9 | Email and Web Browser Protections: Improve protections against email and web-based threats. | -| CIS 10 | Malware Defenses: Prevent or control installation and execution of malicious software. | - ## Researcher Subagent Delegation Microsoft Well-Architected Framework (WAF) and Cloud Adoption Framework (CAF) lookups are delegated to the Researcher Subagent at runtime. These frameworks evolve frequently and contain extensive cloud-specific guidance best retrieved on demand. @@ -152,8 +135,9 @@ The following standards are also delegated for runtime lookup due to version sen | SOC 2 | Audit-framework specific, organization-dependent scope | | HIPAA | Regulated domain, requires current interpretation | | FedRAMP | Government-specific, dynamic control baselines | +| CIS Critical Security Controls | License terms prohibit redistribution; use runtime lookup | -Do NOT delegate OWASP, NIST 800-53, CIS, OWASP LLM Top 10, or NIST AI RMF lookups. Those standards are embedded above. +Do NOT delegate OWASP, NIST 800-53, OWASP LLM Top 10, or NIST AI RMF lookups. Those standards are embedded above. ### When to Delegate @@ -205,16 +189,16 @@ Collect findings from the output path and incorporate them into the component's This table maps operational buckets to their baseline standard references. Use these as starting points and refine during Phase 3 analysis. -| Bucket | OWASP | NIST 800-53 | CIS | -|---------------------|------------------------------|----------------|------------| -| infra | A05, A06 | CM, PE, SC, SI | 1, 2, 4, 7 | -| devops/platform-ops | A05, A06, A08 | CA, CM, SA, SI | 2, 4, 7 | -| build | A06, A08 | SA, SI | 2, 4, 7 | -| messaging | A01, A03, A08 | AC, SC, SI | 3, 4, 8 | -| data | A01, A02, A03 | AC, AU, SC, SI | 3, 5, 6, 8 | -| web/UI/reporting | A01, A02, A03, A05, A07, A10 | AC, IA, SC, SI | 4, 5, 6, 9 | -| identity/auth | A01, A02, A07 | AC, IA, PS | 5, 6 | -| ai-ml | A04, A06, A08 | SA, SI, RA | 2, 7 | +| Bucket | OWASP | NIST 800-53 | CIS (delegated) | +|---------------------|------------------------------|----------------|-----------------| +| infra | A05, A06 | CM, PE, SC, SI | via delegation | +| devops/platform-ops | A05, A06, A08 | CA, CM, SA, SI | via delegation | +| build | A06, A08 | SA, SI | via delegation | +| messaging | A01, A03, A08 | AC, SC, SI | via delegation | +| data | A01, A02, A03 | AC, AU, SC, SI | via delegation | +| web/UI/reporting | A01, A02, A03, A05, A07, A10 | AC, IA, SC, SI | via delegation | +| identity/auth | A01, A02, A07 | AC, IA, PS | via delegation | +| ai-ml | A04, A06, A08 | SA, SI, RA | via delegation | > [!NOTE] > The ai-ml row applies only when `raiEnabled` is true. When applicable, also map components against OWASP LLM Top 10 and NIST AI RMF subcategories from the sections above. @@ -229,7 +213,7 @@ For each component, produce a standards mapping block following this structure: **Applicable Standards:** - OWASP: {items with justification} - NIST: {families with justification} -- CIS: {controls with justification} +- CIS: {delegated — include Researcher Subagent findings or N/A} **WAF/CAF Findings:** {researcher subagent results or N/A} @@ -237,3 +221,16 @@ For each component, produce a standards mapping block following this structure: ``` Include justification for each mapped standard, explaining why the control is relevant to the specific component. Flag gaps where a standard should apply based on the cross-reference table but no corresponding control exists in the current architecture. + +## Third-Party Attribution + +OWASP® Top 10 (2025) and OWASP® Top 10 for LLM Applications (2025) content is derived +from works by the OWASP Foundation, licensed under CC BY-SA 4.0 +(). +Sources: , +Modifications: Descriptions condensed to single-sentence summaries. +OWASP® is a registered trademark of the OWASP Foundation. Use does not imply endorsement. + +NIST SP 800-53 and NIST AI RMF 1.0 content is derived from publications by the National +Institute of Standards and Technology, U.S. Department of Commerce. Not subject to copyright +(17 U.S.C. § 105). diff --git a/.github/skills/experimental/powerpoint/SKILL.md b/.github/skills/experimental/powerpoint/SKILL.md index 898437dfe..ed4487bdb 100644 --- a/.github/skills/experimental/powerpoint/SKILL.md +++ b/.github/skills/experimental/powerpoint/SKILL.md @@ -1,6 +1,12 @@ --- name: powerpoint description: 'PowerPoint slide deck generation and management using python-pptx with YAML-driven content and styling - Brought to you by microsoft/hve-core' +license: MIT +compatibility: 'Requires uv, Python 3.11+, PowerShell 7+, and LibreOffice' +metadata: + authors: "microsoft/hve-core" + spec_version: "1.0" + last_updated: "2026-03-18" --- # PowerPoint Skill diff --git a/.github/skills/experimental/video-to-gif/SKILL.md b/.github/skills/experimental/video-to-gif/SKILL.md index 9a5074b1d..f33253213 100644 --- a/.github/skills/experimental/video-to-gif/SKILL.md +++ b/.github/skills/experimental/video-to-gif/SKILL.md @@ -1,6 +1,12 @@ --- name: video-to-gif description: 'Video-to-GIF conversion skill with FFmpeg two-pass optimization - Brought to you by microsoft/hve-core' +license: MIT +compatibility: 'Requires FFmpeg on PATH' +metadata: + authors: "microsoft/hve-core" + spec_version: "1.0" + last_updated: "2026-03-18" --- # Video-to-GIF Conversion Skill diff --git a/.github/skills/experimental/vscode-playwright/SKILL.md b/.github/skills/experimental/vscode-playwright/SKILL.md index 059b6b6c2..c8ee888b4 100644 --- a/.github/skills/experimental/vscode-playwright/SKILL.md +++ b/.github/skills/experimental/vscode-playwright/SKILL.md @@ -1,6 +1,12 @@ --- name: vscode-playwright description: 'VS Code screenshot capture using Playwright MCP with serve-web for slide decks and documentation - Brought to you by microsoft/hve-core' +license: MIT +compatibility: 'Requires VS Code CLI (code or code-insiders), Playwright MCP tools, and curl' +metadata: + authors: "microsoft/hve-core" + spec_version: "1.0" + last_updated: "2026-03-18" --- # VS Code Playwright Screenshot Skill diff --git a/.github/skills/gitlab/gitlab/SKILL.md b/.github/skills/gitlab/gitlab/SKILL.md index c28f8c8ef..4f72eefae 100644 --- a/.github/skills/gitlab/gitlab/SKILL.md +++ b/.github/skills/gitlab/gitlab/SKILL.md @@ -1,7 +1,12 @@ --- name: gitlab description: 'Manage GitLab merge requests and pipelines with a Python CLI - Brought to you by microsoft/hve-core' +license: MIT compatibility: 'Requires Python 3.11+. GitLab credentials via GITLAB_URL and GITLAB_TOKEN environment variables.' +metadata: + authors: "microsoft/hve-core" + spec_version: "1.0" + last_updated: "2026-03-24" --- # GitLab Skill diff --git a/.github/skills/installer/hve-core-installer/SKILL.md b/.github/skills/installer/hve-core-installer/SKILL.md index 7b85f7f5c..893c74500 100644 --- a/.github/skills/installer/hve-core-installer/SKILL.md +++ b/.github/skills/installer/hve-core-installer/SKILL.md @@ -1,6 +1,12 @@ --- name: hve-core-installer description: 'Decision-driven installer for HVE-Core with 6 clone-based installation methods, extension quick-install, environment detection, and agent customization workflows - Brought to you by microsoft/hve-core' +compatibility: 'Requires VS Code or VS Code Insiders. Clone-based methods require git on PATH and network access.' +license: MIT +metadata: + authors: "microsoft/hve-core" + spec_version: "1.0" + last_updated: "2026-04-01" --- # HVE-Core Installer Skill diff --git a/.github/skills/jira/jira/SKILL.md b/.github/skills/jira/jira/SKILL.md index 09754f5cc..91d21e835 100644 --- a/.github/skills/jira/jira/SKILL.md +++ b/.github/skills/jira/jira/SKILL.md @@ -1,7 +1,12 @@ --- name: jira description: 'Jira issue workflows for search, issue updates, transitions, comments, and field discovery via the Jira REST API. Use when you need to search with JQL, inspect an issue, create or update work items, move an issue between statuses, post comments, or discover required fields for issue creation. - Brought to you by microsoft/hve-core' +license: MIT compatibility: 'Requires Python 3.11+ and Jira credentials in environment variables' +metadata: + authors: "microsoft/hve-core" + spec_version: "1.0" + last_updated: "2026-03-24" --- # Jira Skill diff --git a/.github/skills/security/owasp-agentic/SKILL.md b/.github/skills/security/owasp-agentic/SKILL.md index 4a21ed259..fdf37af88 100644 --- a/.github/skills/security/owasp-agentic/SKILL.md +++ b/.github/skills/security/owasp-agentic/SKILL.md @@ -1,7 +1,7 @@ --- name: owasp-agentic description: OWASP Agentic Security Top 10 vulnerability knowledge base for identifying, assessing, and remediating security risks in AI agent systems - Brought to you by microsoft/hve-core. -license: MIT +license: CC-BY-SA-4.0 user-invocable: false metadata: authors: "OWASP Agentic Security Initiative" @@ -12,7 +12,7 @@ metadata: content_based_on: "https://genai.owasp.org/resource/owasp-top-10-for-agentic-applications-for-2026/" --- -# OWASP Agentic Top 10 — Skill Entry +# OWASP® Agentic Top 10 — Skill Entry This `SKILL.md` is the **entrypoint** for the OWASP Agentic Top 10 skill. @@ -41,6 +41,17 @@ security risks in AI agent systems. * `00-vulnerability-index.md` — master index of all vulnerability identifiers, categories, and cross-references. * `01` through `10` — one document per vulnerability aligned with OWASP Agentic Security numbering. +## Third-Party Attribution + +Copyright © OWASP Foundation. +OWASP® Top 10 for Agentic Applications (2026) content is derived from works by the +OWASP Foundation, licensed under CC BY-SA 4.0 +(). +Source: +Modifications: Vulnerability descriptions restructured into agent-consumable reference +documents with added detection and remediation guidance. +OWASP® is a registered trademark of the OWASP Foundation. Use does not imply endorsement. + --- *🤖 Crafted with precision by ✨Copilot following brilliant human instruction, then carefully refined by our team of discerning human reviewers.* diff --git a/.github/skills/security/owasp-agentic/references/00-vulnerability-index.md b/.github/skills/security/owasp-agentic/references/00-vulnerability-index.md index 2e0661a13..6a5227b89 100644 --- a/.github/skills/security/owasp-agentic/references/00-vulnerability-index.md +++ b/.github/skills/security/owasp-agentic/references/00-vulnerability-index.md @@ -85,4 +85,9 @@ Each vulnerability document follows a consistent structure: --- +Content derived from works by the OWASP Foundation, licensed under CC BY-SA 4.0 +(). +Modifications: Restructured into agent-consumable reference format with added +detection and remediation guidance. + *🤖 Crafted with precision by ✨Copilot following brilliant human instruction, then carefully refined by our team of discerning human reviewers.* diff --git a/.github/skills/security/owasp-agentic/references/01-agent-goal-hijack.md b/.github/skills/security/owasp-agentic/references/01-agent-goal-hijack.md index 839c66c7b..e094198d4 100644 --- a/.github/skills/security/owasp-agentic/references/01-agent-goal-hijack.md +++ b/.github/skills/security/owasp-agentic/references/01-agent-goal-hijack.md @@ -120,4 +120,9 @@ convinces the user to make an ill-advised business decision. --- +Content derived from works by the OWASP Foundation, licensed under CC BY-SA 4.0 +(). +Modifications: Restructured into agent-consumable reference format with added +detection and remediation guidance. + *🤖 Crafted with precision by ✨Copilot following brilliant human instruction, then carefully refined by our team of discerning human reviewers.* diff --git a/.github/skills/security/owasp-agentic/references/02-tool-misuse-and-exploitation.md b/.github/skills/security/owasp-agentic/references/02-tool-misuse-and-exploitation.md index cbfb303e4..f47dc6efa 100644 --- a/.github/skills/security/owasp-agentic/references/02-tool-misuse-and-exploitation.md +++ b/.github/skills/security/owasp-agentic/references/02-tool-misuse-and-exploitation.md @@ -121,4 +121,9 @@ monitoring sees no malware and the misuse goes undetected. --- +Content derived from works by the OWASP Foundation, licensed under CC BY-SA 4.0 +(). +Modifications: Restructured into agent-consumable reference format with added +detection and remediation guidance. + *🤖 Crafted with precision by ✨Copilot following brilliant human instruction, then carefully refined by our team of discerning human reviewers.* diff --git a/.github/skills/security/owasp-agentic/references/03-identity-and-privilege-abuse.md b/.github/skills/security/owasp-agentic/references/03-identity-and-privilege-abuse.md index 3444185c1..a003e3278 100644 --- a/.github/skills/security/owasp-agentic/references/03-identity-and-privilege-abuse.md +++ b/.github/skills/security/owasp-agentic/references/03-identity-and-privilege-abuse.md @@ -126,4 +126,9 @@ The attacker-controlled agent then issues system-level commands under assumed in --- +Content derived from works by the OWASP Foundation, licensed under CC BY-SA 4.0 +(). +Modifications: Restructured into agent-consumable reference format with added +detection and remediation guidance. + *🤖 Crafted with precision by ✨Copilot following brilliant human instruction, then carefully refined by our team of discerning human reviewers.* diff --git a/.github/skills/security/owasp-agentic/references/04-agentic-supply-chain-vulnerabilities.md b/.github/skills/security/owasp-agentic/references/04-agentic-supply-chain-vulnerabilities.md index af83b3b4a..67db1b3f9 100644 --- a/.github/skills/security/owasp-agentic/references/04-agentic-supply-chain-vulnerabilities.md +++ b/.github/skills/security/owasp-agentic/references/04-agentic-supply-chain-vulnerabilities.md @@ -114,4 +114,9 @@ attacker-controlled agent which then exfiltrates or corrupts responses. --- +Content derived from works by the OWASP Foundation, licensed under CC BY-SA 4.0 +(). +Modifications: Restructured into agent-consumable reference format with added +detection and remediation guidance. + *🤖 Crafted with precision by ✨Copilot following brilliant human instruction, then carefully refined by our team of discerning human reviewers.* diff --git a/.github/skills/security/owasp-agentic/references/05-unexpected-code-execution.md b/.github/skills/security/owasp-agentic/references/05-unexpected-code-execution.md index bbcfd42d1..d655373ce 100644 --- a/.github/skills/security/owasp-agentic/references/05-unexpected-code-execution.md +++ b/.github/skills/security/owasp-agentic/references/05-unexpected-code-execution.md @@ -120,4 +120,9 @@ during fix-build tasks. --- +Content derived from works by the OWASP Foundation, licensed under CC BY-SA 4.0 +(). +Modifications: Restructured into agent-consumable reference format with added +detection and remediation guidance. + *🤖 Crafted with precision by ✨Copilot following brilliant human instruction, then carefully refined by our team of discerning human reviewers.* diff --git a/.github/skills/security/owasp-agentic/references/06-memory-and-context-poisoning.md b/.github/skills/security/owasp-agentic/references/06-memory-and-context-poisoning.md index 6eb445c04..b53197327 100644 --- a/.github/skills/security/owasp-agentic/references/06-memory-and-context-poisoning.md +++ b/.github/skills/security/owasp-agentic/references/06-memory-and-context-poisoning.md @@ -118,4 +118,9 @@ tenant's sensitive chunk into retrieval by high cosine similarity. --- +Content derived from works by the OWASP Foundation, licensed under CC BY-SA 4.0 +(). +Modifications: Restructured into agent-consumable reference format with added +detection and remediation guidance. + *🤖 Crafted with precision by ✨Copilot following brilliant human instruction, then carefully refined by our team of discerning human reviewers.* diff --git a/.github/skills/security/owasp-agentic/references/07-insecure-inter-agent-communication.md b/.github/skills/security/owasp-agentic/references/07-insecure-inter-agent-communication.md index abd0c0277..00ecacb16 100644 --- a/.github/skills/security/owasp-agentic/references/07-insecure-inter-agent-communication.md +++ b/.github/skills/security/owasp-agentic/references/07-insecure-inter-agent-communication.md @@ -123,4 +123,9 @@ but seemingly legitimate actions. --- +Content derived from works by the OWASP Foundation, licensed under CC BY-SA 4.0 +(). +Modifications: Restructured into agent-consumable reference format with added +detection and remediation guidance. + *🤖 Crafted with precision by ✨Copilot following brilliant human instruction, then carefully refined by our team of discerning human reviewers.* diff --git a/.github/skills/security/owasp-agentic/references/08-cascading-failures.md b/.github/skills/security/owasp-agentic/references/08-cascading-failures.md index 573f8ea79..c48a6e12f 100644 --- a/.github/skills/security/owasp-agentic/references/08-cascading-failures.md +++ b/.github/skills/security/owasp-agentic/references/08-cascading-failures.md @@ -128,4 +128,9 @@ disconnects. --- +Content derived from works by the OWASP Foundation, licensed under CC BY-SA 4.0 +(). +Modifications: Restructured into agent-consumable reference format with added +detection and remediation guidance. + *🤖 Crafted with precision by ✨Copilot following brilliant human instruction, then carefully refined by our team of discerning human reviewers.* diff --git a/.github/skills/security/owasp-agentic/references/09-human-agent-trust-exploitation.md b/.github/skills/security/owasp-agentic/references/09-human-agent-trust-exploitation.md index 713bb24a3..8bdfe2f95 100644 --- a/.github/skills/security/owasp-agentic/references/09-human-agent-trust-exploitation.md +++ b/.github/skills/security/owasp-agentic/references/09-human-agent-trust-exploitation.md @@ -128,4 +128,9 @@ The clinician relies on the agent's plausible explanation and accepts the change --- +Content derived from works by the OWASP Foundation, licensed under CC BY-SA 4.0 +(). +Modifications: Restructured into agent-consumable reference format with added +detection and remediation guidance. + *🤖 Crafted with precision by ✨Copilot following brilliant human instruction, then carefully refined by our team of discerning human reviewers.* diff --git a/.github/skills/security/owasp-agentic/references/10-rogue-agents.md b/.github/skills/security/owasp-agentic/references/10-rogue-agents.md index ae939e0f4..17725295c 100644 --- a/.github/skills/security/owasp-agentic/references/10-rogue-agents.md +++ b/.github/skills/security/owasp-agentic/references/10-rogue-agents.md @@ -109,4 +109,9 @@ effective way to achieve their goal, autonomously destroying all disaster recove --- +Content derived from works by the OWASP Foundation, licensed under CC BY-SA 4.0 +(). +Modifications: Restructured into agent-consumable reference format with added +detection and remediation guidance. + *🤖 Crafted with precision by ✨Copilot following brilliant human instruction, then carefully refined by our team of discerning human reviewers.* diff --git a/.github/skills/security/owasp-llm/SKILL.md b/.github/skills/security/owasp-llm/SKILL.md index 5eec327c9..e7b68e6cf 100644 --- a/.github/skills/security/owasp-llm/SKILL.md +++ b/.github/skills/security/owasp-llm/SKILL.md @@ -1,7 +1,7 @@ --- name: owasp-llm description: OWASP Top 10 for LLM Applications (2025) vulnerability knowledge base for identifying, assessing, and remediating security risks in large language model systems - Brought to you by microsoft/hve-core. -license: MIT +license: CC-BY-SA-4.0 user-invocable: false metadata: authors: "OWASP LLM Applications Security Initiative" @@ -12,7 +12,7 @@ metadata: content_based_on: "https://genai.owasp.org/resource/owasp-top-10-for-llm-applications-2025/" --- -# OWASP LLM Top 10 — Skill Entry +# OWASP® LLM Top 10 — Skill Entry This `SKILL.md` is the **entrypoint** for the OWASP LLM Top 10 skill. @@ -41,6 +41,17 @@ security risks in large language model systems. * `00-vulnerability-index.md` — master index of all vulnerability identifiers, categories, and cross-references. * `01` through `10` — one document per vulnerability aligned with OWASP LLM Applications numbering. +## Third-Party Attribution + +Copyright © OWASP Foundation. +OWASP® Top 10 for LLM Applications (2025) content is derived from works by the +OWASP Foundation, licensed under CC BY-SA 4.0 +(). +Source: +Modifications: Vulnerability descriptions restructured into agent-consumable reference +documents with added detection and remediation guidance. +OWASP® is a registered trademark of the OWASP Foundation. Use does not imply endorsement. + --- *🤖 Crafted with precision by ✨Copilot following brilliant human instruction, then carefully refined by our team of discerning human reviewers.* diff --git a/.github/skills/security/owasp-llm/references/00-vulnerability-index.md b/.github/skills/security/owasp-llm/references/00-vulnerability-index.md index 9bccecfeb..599984ce1 100644 --- a/.github/skills/security/owasp-llm/references/00-vulnerability-index.md +++ b/.github/skills/security/owasp-llm/references/00-vulnerability-index.md @@ -82,4 +82,9 @@ Each vulnerability document follows a consistent structure: --- +Content derived from works by the OWASP Foundation, licensed under CC BY-SA 4.0 +(). +Modifications: Restructured into agent-consumable reference format with added +detection and remediation guidance. + *🤖 Crafted with precision by ✨Copilot following brilliant human instruction, then carefully refined by our team of discerning human reviewers.* diff --git a/.github/skills/security/owasp-llm/references/01-prompt-injection.md b/.github/skills/security/owasp-llm/references/01-prompt-injection.md index 501719bed..645927873 100644 --- a/.github/skills/security/owasp-llm/references/01-prompt-injection.md +++ b/.github/skills/security/owasp-llm/references/01-prompt-injection.md @@ -161,4 +161,9 @@ whatever way the attacker desires. --- +Content derived from works by the OWASP Foundation, licensed under CC BY-SA 4.0 +(). +Modifications: Restructured into agent-consumable reference format with added +detection and remediation guidance. + *🤖 Crafted with precision by ✨Copilot following brilliant human instruction, then carefully refined by our team of discerning human reviewers.* diff --git a/.github/skills/security/owasp-llm/references/02-sensitive-information-disclosure.md b/.github/skills/security/owasp-llm/references/02-sensitive-information-disclosure.md index 2a549ddb1..d925fbc3c 100644 --- a/.github/skills/security/owasp-llm/references/02-sensitive-information-disclosure.md +++ b/.github/skills/security/owasp-llm/references/02-sensitive-information-disclosure.md @@ -125,4 +125,9 @@ or target high-value clients. --- +Content derived from works by the OWASP Foundation, licensed under CC BY-SA 4.0 +(). +Modifications: Restructured into agent-consumable reference format with added +detection and remediation guidance. + *🤖 Crafted with precision by ✨Copilot following brilliant human instruction, then carefully refined by our team of discerning human reviewers.* diff --git a/.github/skills/security/owasp-llm/references/03-supply-chain.md b/.github/skills/security/owasp-llm/references/03-supply-chain.md index 37bb04bb3..b0dba8d74 100644 --- a/.github/skills/security/owasp-llm/references/03-supply-chain.md +++ b/.github/skills/security/owasp-llm/references/03-supply-chain.md @@ -137,4 +137,9 @@ memorization of sensitive data. --- +Content derived from works by the OWASP Foundation, licensed under CC BY-SA 4.0 +(). +Modifications: Restructured into agent-consumable reference format with added +detection and remediation guidance. + *🤖 Crafted with precision by ✨Copilot following brilliant human instruction, then carefully refined by our team of discerning human reviewers.* diff --git a/.github/skills/security/owasp-llm/references/04-data-and-model-poisoning.md b/.github/skills/security/owasp-llm/references/04-data-and-model-poisoning.md index ff0ba5fa5..39ee2a3cd 100644 --- a/.github/skills/security/owasp-llm/references/04-data-and-model-poisoning.md +++ b/.github/skills/security/owasp-llm/references/04-data-and-model-poisoning.md @@ -145,4 +145,9 @@ retrieved and used to generate a harmful or misleading response. --- +Content derived from works by the OWASP Foundation, licensed under CC BY-SA 4.0 +(). +Modifications: Restructured into agent-consumable reference format with added +detection and remediation guidance. + *🤖 Crafted with precision by ✨Copilot following brilliant human instruction, then carefully refined by our team of discerning human reviewers.* diff --git a/.github/skills/security/owasp-llm/references/05-improper-output-handling.md b/.github/skills/security/owasp-llm/references/05-improper-output-handling.md index 0d9ad4c75..0cbffec96 100644 --- a/.github/skills/security/owasp-llm/references/05-improper-output-handling.md +++ b/.github/skills/security/owasp-llm/references/05-improper-output-handling.md @@ -145,4 +145,9 @@ software packages, potentially leading developers to download malware-infected r --- +Content derived from works by the OWASP Foundation, licensed under CC BY-SA 4.0 +(). +Modifications: Restructured into agent-consumable reference format with added +detection and remediation guidance. + *🤖 Crafted with precision by ✨Copilot following brilliant human instruction, then carefully refined by our team of discerning human reviewers.* diff --git a/.github/skills/security/owasp-llm/references/06-excessive-agency.md b/.github/skills/security/owasp-llm/references/06-excessive-agency.md index 73c2b390f..2bae5117f 100644 --- a/.github/skills/security/owasp-llm/references/06-excessive-agency.md +++ b/.github/skills/security/owasp-llm/references/06-excessive-agency.md @@ -117,4 +117,9 @@ manually review and approve every mail send action. --- +Content derived from works by the OWASP Foundation, licensed under CC BY-SA 4.0 +(). +Modifications: Restructured into agent-consumable reference format with added +detection and remediation guidance. + *🤖 Crafted with precision by ✨Copilot following brilliant human instruction, then carefully refined by our team of discerning human reviewers.* diff --git a/.github/skills/security/owasp-llm/references/07-system-prompt-leakage.md b/.github/skills/security/owasp-llm/references/07-system-prompt-leakage.md index 5821fe85f..a95256d71 100644 --- a/.github/skills/security/owasp-llm/references/07-system-prompt-leakage.md +++ b/.github/skills/security/owasp-llm/references/07-system-prompt-leakage.md @@ -112,4 +112,9 @@ attack to bypass these instructions, facilitating a remote code execution attack --- +Content derived from works by the OWASP Foundation, licensed under CC BY-SA 4.0 +(). +Modifications: Restructured into agent-consumable reference format with added +detection and remediation guidance. + *🤖 Crafted with precision by ✨Copilot following brilliant human instruction, then carefully refined by our team of discerning human reviewers.* diff --git a/.github/skills/security/owasp-llm/references/08-vector-and-embedding-weaknesses.md b/.github/skills/security/owasp-llm/references/08-vector-and-embedding-weaknesses.md index 981183de8..c508e1331 100644 --- a/.github/skills/security/owasp-llm/references/08-vector-and-embedding-weaknesses.md +++ b/.github/skills/security/owasp-llm/references/08-vector-and-embedding-weaknesses.md @@ -118,4 +118,9 @@ usefulness. --- +Content derived from works by the OWASP Foundation, licensed under CC BY-SA 4.0 +(). +Modifications: Restructured into agent-consumable reference format with added +detection and remediation guidance. + *🤖 Crafted with precision by ✨Copilot following brilliant human instruction, then carefully refined by our team of discerning human reviewers.* diff --git a/.github/skills/security/owasp-llm/references/09-misinformation.md b/.github/skills/security/owasp-llm/references/09-misinformation.md index 0d1df79b4..21a38458f 100644 --- a/.github/skills/security/owasp-llm/references/09-misinformation.md +++ b/.github/skills/security/owasp-llm/references/09-misinformation.md @@ -128,4 +128,9 @@ reliability of the LLM system. --- +Content derived from works by the OWASP Foundation, licensed under CC BY-SA 4.0 +(). +Modifications: Restructured into agent-consumable reference format with added +detection and remediation guidance. + *🤖 Crafted with precision by ✨Copilot following brilliant human instruction, then carefully refined by our team of discerning human reviewers.* diff --git a/.github/skills/security/owasp-llm/references/10-unbounded-consumption.md b/.github/skills/security/owasp-llm/references/10-unbounded-consumption.md index 3ab787bf1..9a6a367ad 100644 --- a/.github/skills/security/owasp-llm/references/10-unbounded-consumption.md +++ b/.github/skills/security/owasp-llm/references/10-unbounded-consumption.md @@ -141,4 +141,9 @@ users. --- +Content derived from works by the OWASP Foundation, licensed under CC BY-SA 4.0 +(). +Modifications: Restructured into agent-consumable reference format with added +detection and remediation guidance. + *🤖 Crafted with precision by ✨Copilot following brilliant human instruction, then carefully refined by our team of discerning human reviewers.* diff --git a/.github/skills/security/owasp-top-10/SKILL.md b/.github/skills/security/owasp-top-10/SKILL.md index b30176d3d..ba8d02552 100644 --- a/.github/skills/security/owasp-top-10/SKILL.md +++ b/.github/skills/security/owasp-top-10/SKILL.md @@ -1,7 +1,7 @@ --- name: owasp-top-10 description: OWASP Top 10 for Web Applications (2025) vulnerability knowledge base for identifying, assessing, and remediating security risks in web application environments - Brought to you by microsoft/hve-core. -license: MIT +license: CC-BY-SA-4.0 user-invocable: false metadata: authors: "OWASP Web Application Security Project" @@ -12,7 +12,7 @@ metadata: content_based_on: "https://owasp.org/Top10/2025/" --- -# OWASP Top 10 — Skill Entry +# OWASP® Top 10 — Skill Entry This `SKILL.md` is the **entrypoint** for the OWASP Top 10 skill. @@ -41,6 +41,16 @@ risks. * `00-vulnerability-index.md` — master index of all vulnerability identifiers, categories, and cross-references. * `01` through `10` — one document per vulnerability aligned with OWASP Web Application Security numbering. +## Third-Party Attribution + +Copyright © OWASP Foundation. +OWASP® Top 10 (2025) content is derived from works by the OWASP Foundation, licensed +under CC BY-SA 4.0 (). +Source: +Modifications: Vulnerability descriptions restructured into agent-consumable reference +documents with added detection and remediation guidance. +OWASP® is a registered trademark of the OWASP Foundation. Use does not imply endorsement. + --- *🤖 Crafted with precision by ✨Copilot following brilliant human instruction, then carefully refined by our team of discerning human reviewers.* diff --git a/.github/skills/security/owasp-top-10/references/00-vulnerability-index.md b/.github/skills/security/owasp-top-10/references/00-vulnerability-index.md index d285de9c9..250e0efdc 100644 --- a/.github/skills/security/owasp-top-10/references/00-vulnerability-index.md +++ b/.github/skills/security/owasp-top-10/references/00-vulnerability-index.md @@ -79,4 +79,9 @@ Each vulnerability document follows a consistent structure: --- +Content derived from works by the OWASP Foundation, licensed under CC BY-SA 4.0 +(). +Modifications: Restructured into agent-consumable reference format with added +detection and remediation guidance. + *🤖 Crafted with precision by ✨Copilot following brilliant human instruction, then carefully refined by our team of discerning human reviewers.* diff --git a/.github/skills/security/owasp-top-10/references/01-broken-access-control.md b/.github/skills/security/owasp-top-10/references/01-broken-access-control.md index a2c2c307d..44f433810 100644 --- a/.github/skills/security/owasp-top-10/references/01-broken-access-control.md +++ b/.github/skills/security/owasp-top-10/references/01-broken-access-control.md @@ -121,4 +121,9 @@ The server returns the admin page because it does not enforce server-side access --- +Content derived from works by the OWASP Foundation, licensed under CC BY-SA 4.0 +(). +Modifications: Restructured into agent-consumable reference format with added +detection and remediation guidance. + *🤖 Crafted with precision by ✨Copilot following brilliant human instruction, then carefully refined by our team of discerning human reviewers.* diff --git a/.github/skills/security/owasp-top-10/references/02-security-misconfiguration.md b/.github/skills/security/owasp-top-10/references/02-security-misconfiguration.md index 1a933460e..20e44c6b2 100644 --- a/.github/skills/security/owasp-top-10/references/02-security-misconfiguration.md +++ b/.github/skills/security/owasp-top-10/references/02-security-misconfiguration.md @@ -108,4 +108,9 @@ Sensitive data stored in cloud storage is accessible to anyone without authentic --- +Content derived from works by the OWASP Foundation, licensed under CC BY-SA 4.0 +(). +Modifications: Restructured into agent-consumable reference format with added +detection and remediation guidance. + *🤖 Crafted with precision by ✨Copilot following brilliant human instruction, then carefully refined by our team of discerning human reviewers.* diff --git a/.github/skills/security/owasp-top-10/references/03-software-supply-chain-failures.md b/.github/skills/security/owasp-top-10/references/03-software-supply-chain-failures.md index 6142ab1d3..77269619f 100644 --- a/.github/skills/security/owasp-top-10/references/03-software-supply-chain-failures.md +++ b/.github/skills/security/owasp-top-10/references/03-software-supply-chain-failures.md @@ -116,4 +116,9 @@ Attackers fingerprint the service version and exploit the flaw to gain a foothol --- +Content derived from works by the OWASP Foundation, licensed under CC BY-SA 4.0 +(). +Modifications: Restructured into agent-consumable reference format with added +detection and remediation guidance. + *🤖 Crafted with precision by ✨Copilot following brilliant human instruction, then carefully refined by our team of discerning human reviewers.* diff --git a/.github/skills/security/owasp-top-10/references/04-cryptographic-failures.md b/.github/skills/security/owasp-top-10/references/04-cryptographic-failures.md index 32e896e53..db6b968cb 100644 --- a/.github/skills/security/owasp-top-10/references/04-cryptographic-failures.md +++ b/.github/skills/security/owasp-top-10/references/04-cryptographic-failures.md @@ -105,4 +105,9 @@ hashes are cracked by GPU. --- +Content derived from works by the OWASP Foundation, licensed under CC BY-SA 4.0 +(). +Modifications: Restructured into agent-consumable reference format with added +detection and remediation guidance. + *🤖 Crafted with precision by ✨Copilot following brilliant human instruction, then carefully refined by our team of discerning human reviewers.* diff --git a/.github/skills/security/owasp-top-10/references/05-injection.md b/.github/skills/security/owasp-top-10/references/05-injection.md index 8dd76d985..8a1235a47 100644 --- a/.github/skills/security/owasp-top-10/references/05-injection.md +++ b/.github/skills/security/owasp-top-10/references/05-injection.md @@ -121,4 +121,9 @@ An attacker supplies `example.com; cat /etc/passwd` to execute arbitrary command --- +Content derived from works by the OWASP Foundation, licensed under CC BY-SA 4.0 +(). +Modifications: Restructured into agent-consumable reference format with added +detection and remediation guidance. + *🤖 Crafted with precision by ✨Copilot following brilliant human instruction, then carefully refined by our team of discerning human reviewers.* diff --git a/.github/skills/security/owasp-top-10/references/06-insecure-design.md b/.github/skills/security/owasp-top-10/references/06-insecure-design.md index 6f6a8a1be..68470517b 100644 --- a/.github/skills/security/owasp-top-10/references/06-insecure-design.md +++ b/.github/skills/security/owasp-top-10/references/06-insecure-design.md @@ -107,4 +107,9 @@ Legitimate customers cannot purchase the products at listed prices. --- +Content derived from works by the OWASP Foundation, licensed under CC BY-SA 4.0 +(). +Modifications: Restructured into agent-consumable reference format with added +detection and remediation guidance. + *🤖 Crafted with precision by ✨Copilot following brilliant human instruction, then carefully refined by our team of discerning human reviewers.* diff --git a/.github/skills/security/owasp-top-10/references/07-authentication-failures.md b/.github/skills/security/owasp-top-10/references/07-authentication-failures.md index 2ec760467..9889210fa 100644 --- a/.github/skills/security/owasp-top-10/references/07-authentication-failures.md +++ b/.github/skills/security/owasp-top-10/references/07-authentication-failures.md @@ -107,4 +107,9 @@ takes over the victim's accounts. --- +Content derived from works by the OWASP Foundation, licensed under CC BY-SA 4.0 +(). +Modifications: Restructured into agent-consumable reference format with added +detection and remediation guidance. + *🤖 Crafted with precision by ✨Copilot following brilliant human instruction, then carefully refined by our team of discerning human reviewers.* diff --git a/.github/skills/security/owasp-top-10/references/08-software-data-integrity-failures.md b/.github/skills/security/owasp-top-10/references/08-software-data-integrity-failures.md index efa294997..9c2c71db1 100644 --- a/.github/skills/security/owasp-top-10/references/08-software-data-integrity-failures.md +++ b/.github/skills/security/owasp-top-10/references/08-software-data-integrity-failures.md @@ -110,4 +110,9 @@ identify a vulnerable gadget chain, and gains remote code execution on the appli --- +Content derived from works by the OWASP Foundation, licensed under CC BY-SA 4.0 +(). +Modifications: Restructured into agent-consumable reference format with added +detection and remediation guidance. + *🤖 Crafted with precision by ✨Copilot following brilliant human instruction, then carefully refined by our team of discerning human reviewers.* diff --git a/.github/skills/security/owasp-top-10/references/09-security-logging-alerting-failures.md b/.github/skills/security/owasp-top-10/references/09-security-logging-alerting-failures.md index f8a12590f..4aaad04dc 100644 --- a/.github/skills/security/owasp-top-10/references/09-security-logging-alerting-failures.md +++ b/.github/skills/security/owasp-top-10/references/09-security-logging-alerting-failures.md @@ -109,4 +109,9 @@ not detect the attack. --- +Content derived from works by the OWASP Foundation, licensed under CC BY-SA 4.0 +(). +Modifications: Restructured into agent-consumable reference format with added +detection and remediation guidance. + *🤖 Crafted with precision by ✨Copilot following brilliant human instruction, then carefully refined by our team of discerning human reviewers.* diff --git a/.github/skills/security/owasp-top-10/references/10-mishandling-exceptional-conditions.md b/.github/skills/security/owasp-top-10/references/10-mishandling-exceptional-conditions.md index 9c831c1e9..d872ad1db 100644 --- a/.github/skills/security/owasp-top-10/references/10-mishandling-exceptional-conditions.md +++ b/.github/skills/security/owasp-top-10/references/10-mishandling-exceptional-conditions.md @@ -115,4 +115,9 @@ partial state to drain the user account or trigger duplicate credits. --- +Content derived from works by the OWASP Foundation, licensed under CC BY-SA 4.0 +(). +Modifications: Restructured into agent-consumable reference format with added +detection and remediation guidance. + *🤖 Crafted with precision by ✨Copilot following brilliant human instruction, then carefully refined by our team of discerning human reviewers.* diff --git a/.github/skills/shared/pr-reference/SKILL.md b/.github/skills/shared/pr-reference/SKILL.md index 5f5491660..3152ab419 100644 --- a/.github/skills/shared/pr-reference/SKILL.md +++ b/.github/skills/shared/pr-reference/SKILL.md @@ -1,8 +1,13 @@ --- name: pr-reference description: 'Generates PR reference XML containing commit history and unified diffs between branches with extension and path filtering. Includes utilities to list changed files by type and read diff chunks. Use when creating pull request descriptions, preparing code reviews, analyzing branch changes, discovering work items from diffs, or generating structured diff summaries. - Brought to you by microsoft/hve-core' +license: MIT user-invocable: true compatibility: 'Requires git available on PATH' +metadata: + authors: "microsoft/hve-core" + spec_version: "1.0" + last_updated: "2026-03-16" --- # PR Reference Generation Skill diff --git a/README.md b/README.md index 3dc47350c..bc0301f0a 100644 --- a/README.md +++ b/README.md @@ -102,6 +102,14 @@ Microsoft encourages customers to review its Responsible AI Standard when develo This project is licensed under the [MIT License](./LICENSE). +### Licensing + +Most content in this repository is covered by the MIT License. Certain skill content +derived from OWASP Foundation publications is licensed under +[CC BY-SA 4.0](https://creativecommons.org/licenses/by-sa/4.0/). Each affected +skill identifies its license in frontmatter and includes a Third-Party Attribution +section. See [THIRD-PARTY-NOTICES](./THIRD-PARTY-NOTICES) for full details. + See [SECURITY.md](./SECURITY.md) for the security policy and vulnerability reporting. See [GOVERNANCE.md](./GOVERNANCE.md) for the project governance model. diff --git a/THIRD-PARTY-NOTICES b/THIRD-PARTY-NOTICES new file mode 100644 index 000000000..353053219 --- /dev/null +++ b/THIRD-PARTY-NOTICES @@ -0,0 +1,84 @@ +THIRD-PARTY-NOTICES + +This file contains third-party attribution notices for content embedded in hve-core +instruction and skill files. These notices supplement inline attribution blocks within +individual files. + +--- + +OWASP Top 10 (2025), OWASP Top 10 for LLM Applications (2025), and OWASP Top 10 for Agentic Applications (2026) +Copyright: © OWASP Foundation +License: Creative Commons Attribution-ShareAlike 4.0 International (CC BY-SA 4.0) +License URI: https://creativecommons.org/licenses/by-sa/4.0/ +Source: https://owasp.org/Top10/2025/ +Source: https://genai.owasp.org/resource/owasp-top-10-for-llm-applications-2025/ +Source: https://genai.owasp.org/resource/owasp-top-10-for-agentic-applications-for-2026/ +Usage: Category names, IDs, and condensed descriptions in security instruction files. +Vulnerability reference documents in skill files restructured into agent-consumable +format with added detection and remediation guidance. +OWASP® is a registered trademark of the OWASP Foundation. + +--- + +NIST SP 800-53 Rev. 5 and NIST AI RMF 1.0 +License: Public Domain (17 U.S.C. § 105 — U.S. Government Work) +Source: https://csrc.nist.gov/publications/detail/sp/800-53/rev-5/final +Source: https://www.nist.gov/artificial-intelligence/ai-risk-management-framework +Usage: Control family names, IDs, and condensed descriptions embedded in security +instruction files. + +--- + +OpenSSF Scorecard +License: Apache License 2.0 +Source: https://github.com/ossf/scorecard +Usage: Check names, risk levels, and score ranges embedded in supply chain security +instruction files. + +--- + +SLSA (Supply-chain Levels for Software Artifacts) +License: Community Specification License 1.0 +Source: https://slsa.dev/spec/ +Usage: Build track level definitions embedded in supply chain security instruction files. + +--- + +OpenSSF Best Practices Badge (CII Best Practices) +License: MIT License (criteria), Creative Commons Attribution 3.0+ (documentation) +Source: https://www.bestpractices.dev/ +Usage: Badge tier names and requirement summaries embedded in supply chain security +instruction files. + +--- + +Sigstore +License: Apache License 2.0 +Source: https://www.sigstore.dev/ +Usage: Component maturity levels embedded in supply chain security instruction files. + +--- + +SPDX (Software Package Data Exchange) +License: Community Specification License 1.0 +Source: https://spdx.dev/ +Usage: Format comparison data embedded in supply chain security instruction files. + +--- + +CycloneDX +License: Apache License 2.0 +Source: https://cyclonedx.org/ +Usage: Format comparison data embedded in supply chain security instruction files. + +--- + +NTIA Minimum Elements for Software Bill of Materials +License: Public Domain (17 U.S.C. § 105 — U.S. Government Work) +Source: https://www.ntia.gov/page/software-bill-materials +Usage: Minimum element names referenced in supply chain security instruction files. + +--- + +OpenSSF® is a registered trademark of the Linux Foundation. +OWASP® is a registered trademark of the OWASP Foundation. diff --git a/docs/contributing/skills.md b/docs/contributing/skills.md index cb3dab98a..fec64c87f 100644 --- a/docs/contributing/skills.md +++ b/docs/contributing/skills.md @@ -145,6 +145,41 @@ description: 'Video-to-GIF conversion skill with FFmpeg two-pass optimization - | Conventions | Use `[]` for positional arguments, `key=value` for named parameters, `{option1\|option2}` for enumerations, `...` for free-form text | | Example | `"input=video.mp4 [--fps={5\|10\|15\|24}] [--width=1280]"` | +**`license`** (string, optional) + +| Property | Value | +|----------|-----------------------------------------------------------------------------------------------| +| Purpose | SPDX license identifier for the skill content | +| Default | Repository license when omitted | +| Use case | Skills that incorporate third-party content under a specific license (e.g. CC-BY-SA-4.0, MIT) | +| Example | `MIT` | + +**`compatibility`** (string, optional) + +| Property | Value | +|----------|-------------------------------------------------------------------------------------------| +| Purpose | Runtime requirements or prerequisites for the skill | +| Use case | Skills that depend on interpreters, CLI tools, credentials, or other runtime dependencies | +| Example | `"Requires Python 3.11+, uv package manager, and network access for API calls"` | + +**`metadata`** (object, optional) + +| Property | Value | +|----------|------------------------------------------------------------------------------------| +| Purpose | Provenance and versioning metadata for the skill | +| Use case | Skills that track authorship, upstream framework versions, or source documentation | + +Recognized metadata fields: + +| Field | Type | Description | +|----------------------|--------|--------------------------------------------------------------| +| `authors` | string | Author or organization responsible for the skill content | +| `spec_version` | string | Version of the skill specification format | +| `framework_revision` | string | Version of the upstream framework the skill is based on | +| `last_updated` | string | Date the skill was last updated in ISO 8601 format | +| `skill_based_on` | string | URL of the specification the skill structure is based on | +| `content_based_on` | string | URL of the upstream content the skill references derive from | + ### Invocation Control Matrix | `user-invocable` | `disable-model-invocation` | `/` Menu | Semantic Loading | Invocation Method | @@ -168,6 +203,25 @@ argument-hint: "[--base-branch=origin/main] [--exclude-markdown]" This example demonstrates a skill configured for both automatic semantic loading and manual `/pr-reference` invocation, with argument hints displayed in the prompt picker. +### Frontmatter Example with License and Metadata + +```yaml +--- +name: owasp-llm +description: 'OWASP Top 10 for LLM Applications (2025) vulnerability knowledge base - Brought to you by microsoft/hve-core' +license: CC-BY-SA-4.0 +user-invocable: false +metadata: + authors: "OWASP LLM Applications Security Initiative" + spec_version: "1.0" + framework_revision: "1.0.0" + last_updated: "2026-02-13" + content_based_on: "https://genai.owasp.org/resource/owasp-top-10-for-llm-applications-2025/" +--- +``` + +This example demonstrates a skill incorporating third-party content with provenance tracking. Skills referencing external frameworks should include `license` to identify the content license and `metadata` to track source attribution. + ## Collection Entry Requirements All skills must have matching entries in one or more `collections/*.collection.yml` manifests. Collection entries control distribution and maturity. @@ -491,6 +545,9 @@ Before submitting your skill, verify: * [ ] Optional: `user-invocable` set appropriately (default `true` works for most skills) * [ ] Optional: `disable-model-invocation` set appropriately (default `false` works for most skills) * [ ] Optional: `argument-hint` provides useful input guidance if set +* [ ] Optional: `license` set when skill content uses a specific license +* [ ] Optional: `compatibility` describes runtime requirements when applicable +* [ ] Optional: `metadata` includes provenance fields when skill references external content ### Scripts (when included) diff --git a/plugins/hve-core-all/README.md b/plugins/hve-core-all/README.md index d7157613b..44e6a8977 100644 --- a/plugins/hve-core-all/README.md +++ b/plugins/hve-core-all/README.md @@ -273,7 +273,7 @@ copilot plugin install hve-core-all@hve-core | sssc-handoff.instructions | Phase 6 backlog handoff protocol with Scorecard projections and dual-format output for SSSC Planner. | | sssc-identity.instructions | Identity and orchestration instructions for the SSSC Planner agent. Contains six-phase workflow, state.json schema, session recovery, and question cadence. | | sssc-standards.instructions | Phase 3 OpenSSF Scorecard, SLSA, Best Practices Badge, Sigstore, and SBOM standards mapping for SSSC Planner. | -| standards-mapping.instructions | Embedded OWASP, NIST, and CIS security standards with researcher subagent delegation for WAF/CAF runtime lookups - Brought to you by microsoft/hve-core | +| standards-mapping.instructions | Embedded OWASP and NIST security standards with researcher subagent delegation for CIS, WAF, CAF, and other runtime lookups - Brought to you by microsoft/hve-core | | hve-core-location.instructions | Important: hve-core is the repository containing this instruction file; Guidance: if a referenced prompt, instructions, agent, or script is missing in the current directory, fall back to this hve-core location by walking up this file's directory tree. | | story-quality.instructions | Shared story quality conventions for work item creation and evaluation across agents and workflows | diff --git a/plugins/project-planning/README.md b/plugins/project-planning/README.md index abb14010f..95a9976b8 100644 --- a/plugins/project-planning/README.md +++ b/plugins/project-planning/README.md @@ -87,7 +87,7 @@ copilot plugin install project-planning@hve-core | rai-capture-coaching.instructions | Exploration-first questioning techniques for RAI capture mode adapted from Design Thinking research methods - Brought to you by microsoft/hve-core | | identity.instructions | Security Planner identity, six-phase orchestration, state management, and session recovery protocols - Brought to you by microsoft/hve-core | | operational-buckets.instructions | Operational bucket definitions with component classification guidance and cross-cutting security concerns - Brought to you by microsoft/hve-core | -| standards-mapping.instructions | Embedded OWASP, NIST, and CIS security standards with researcher subagent delegation for WAF/CAF runtime lookups - Brought to you by microsoft/hve-core | +| standards-mapping.instructions | Embedded OWASP and NIST security standards with researcher subagent delegation for CIS, WAF, CAF, and other runtime lookups - Brought to you by microsoft/hve-core | | security-model.instructions | STRIDE-based security model analysis per operational bucket with threat table format and data flow analysis - Brought to you by microsoft/hve-core | | backlog-handoff.instructions | Dual-format backlog handoff for ADO and GitHub with content sanitization, autonomy tiers, and work item templates - Brought to you by microsoft/hve-core | | sssc-identity.instructions | Identity and orchestration instructions for the SSSC Planner agent. Contains six-phase workflow, state.json schema, session recovery, and question cadence. | diff --git a/plugins/security/README.md b/plugins/security/README.md index 8014a4141..45cbfbf22 100644 --- a/plugins/security/README.md +++ b/plugins/security/README.md @@ -84,7 +84,7 @@ copilot plugin install security@hve-core |------------------------------------|-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| | identity.instructions | Security Planner identity, six-phase orchestration, state management, and session recovery protocols - Brought to you by microsoft/hve-core | | operational-buckets.instructions | Operational bucket definitions with component classification guidance and cross-cutting security concerns - Brought to you by microsoft/hve-core | -| standards-mapping.instructions | Embedded OWASP, NIST, and CIS security standards with researcher subagent delegation for WAF/CAF runtime lookups - Brought to you by microsoft/hve-core | +| standards-mapping.instructions | Embedded OWASP and NIST security standards with researcher subagent delegation for CIS, WAF, CAF, and other runtime lookups - Brought to you by microsoft/hve-core | | security-model.instructions | STRIDE-based security model analysis per operational bucket with threat table format and data flow analysis - Brought to you by microsoft/hve-core | | backlog-handoff.instructions | Dual-format backlog handoff for ADO and GitHub with content sanitization, autonomy tiers, and work item templates - Brought to you by microsoft/hve-core | | sssc-identity.instructions | Identity and orchestration instructions for the SSSC Planner agent. Contains six-phase workflow, state.json schema, session recovery, and question cadence. | diff --git a/scripts/linting/schemas/skill-frontmatter.schema.json b/scripts/linting/schemas/skill-frontmatter.schema.json index e4af2a419..848c644e2 100644 --- a/scripts/linting/schemas/skill-frontmatter.schema.json +++ b/scripts/linting/schemas/skill-frontmatter.schema.json @@ -36,6 +36,49 @@ "type": "string", "maxLength": 256, "description": "Hint text displayed in the VS Code prompt picker showing expected inputs." + }, + "license": { + "type": "string", + "minLength": 1, + "maxLength": 128, + "description": "SPDX license identifier for the skill content (e.g. MIT, CC-BY-SA-4.0). Defaults to the repository license when omitted." + }, + "compatibility": { + "type": "string", + "maxLength": 256, + "description": "Runtime requirements or prerequisites for the skill (e.g. interpreters, CLI tools, credentials)." + }, + "metadata": { + "type": "object", + "description": "Provenance and versioning metadata for the skill.", + "properties": { + "authors": { + "type": "string", + "description": "Author or organization responsible for the skill content." + }, + "spec_version": { + "type": "string", + "description": "Version of the skill specification format." + }, + "framework_revision": { + "type": "string", + "description": "Version of the upstream framework the skill is based on." + }, + "last_updated": { + "type": "string", + "pattern": "^\\d{4}-\\d{2}-\\d{2}$", + "description": "Date the skill content was last updated in ISO 8601 format (YYYY-MM-DD)." + }, + "skill_based_on": { + "type": "string", + "description": "URL of the specification or template the skill structure is based on." + }, + "content_based_on": { + "type": "string", + "description": "URL of the upstream content the skill references are derived from." + } + }, + "additionalProperties": true } }, "additionalProperties": false