microsoft · WilliamBerryiii · Apr 6, 2026 · Apr 3, 2026 · Apr 3, 2026 · Apr 3, 2026
@@ -413,6 +413,8 @@ Optional fields available by file type:
 * `agent:` - Agent delegation for prompt files and handoffs. Use the human-readable name from the agent's `name:` frontmatter (for example, `Prompt Builder`).
 * `argument-hint:` - Hint text for prompt picker display.
 * `model:` - Model specification. Accepts any valid model identifier string (for example, `gpt-4o`, `claude-sonnet-4`). When omitted, the default model is used.
+* `license:` - SPDX license identifier for skill content (for example, `MIT`, `CC-BY-SA-4.0`). Defaults to the repository license when omitted. Use for skills that incorporate third-party content under a specific license.
+* `metadata:` - Object containing provenance and versioning metadata for skills. Recognized fields include `authors`, `spec_version`, `framework_revision`, `last_updated`, `skill_based_on`, and `content_based_on`.
 
 ### Frontmatter Examples
 

@@ -54,7 +54,7 @@ After the standard scoping questionnaire, assess for AI/ML components:
 ### Phase 3: Standards Mapping
 
 * Entry: Phase 2 complete (all bucket analyses documented)
-* Activities: map components to OWASP Top 10, NIST 800-53, and CIS Controls; delegate WAF/CAF lookups to the Researcher Subagent
+* Activities: map components to OWASP Top 10 and NIST 800-53; delegate CIS Controls, WAF/CAF, and other lookups to the Researcher Subagent
 * Exit: all components mapped to applicable standards
 * Artifacts: standards mapping tables in the security plan
 * Transition: advance to Phase 4

@@ -5,7 +5,7 @@ applyTo: '**/.copilot-tracking/sssc-plans/**'
 
 # SSSC Phase 3: Standards Mapping
 
-Map the assessed supply chain posture against OpenSSF standards. Use the Phase 2 assessment results as input.
+Map the assessed supply chain posture against OpenSSF® standards. Use the Phase 2 assessment results as input.
 
 ## OpenSSF Scorecard: 20 Checks
 
@@ -178,3 +178,29 @@ Update `state.json`:
 * Set `phases.3-standards.status` to `✅`
 * Add `standards-mapping.md` to `phases.3-standards.artifacts`
 * Advance `currentPhase` to `4`
+
+## Third-Party Attribution
+
+OpenSSF® Scorecard check data derived from the OpenSSF Scorecard project, licensed under
+Apache 2.0. Source: <https://github.com/ossf/scorecard>
+
+SLSA Build Track level data derived from the SLSA specification, licensed under Community
+Specification License 1.0. Source: <https://slsa.dev/spec/>
+
+OpenSSF Best Practices Badge criteria derived from the CII Best Practices Badge project,
+licensed under MIT (criteria) and CC BY 3.0+ (documentation).
+Source: <https://www.bestpractices.dev/>
+
+Sigstore maturity data derived from the Sigstore project, licensed under Apache 2.0.
+Source: <https://www.sigstore.dev/>
+
+SPDX content derived from the SPDX specification, licensed under Community Specification
+License 1.0. Source: <https://spdx.dev/>
+
+CycloneDX content derived from the CycloneDX specification, licensed under Apache 2.0.
+Source: <https://cyclonedx.org/>
+
+NTIA Minimum Elements content is derived from a U.S. government publication. Not subject
+to copyright (17 U.S.C. § 105).
+
+OpenSSF® is a registered trademark of the Linux Foundation.
@@ -1,5 +1,5 @@
 ---
-description: "Embedded OWASP, NIST, and CIS security standards with researcher subagent delegation for WAF/CAF runtime lookups - Brought to you by microsoft/hve-core"
+description: "Embedded OWASP and NIST security standards with researcher subagent delegation for CIS, WAF, CAF, and other runtime lookups - Brought to you by microsoft/hve-core"
 applyTo: '**/.copilot-tracking/security-plans/**'
 ---
 
@@ -9,7 +9,7 @@ Frequently-used security standards are embedded directly in this file for immedi
 
 At least one standard from each embedded framework should map to every component in the security plan. The cross-reference table provides starting-point mappings by bucket; refine these during Phase 3 analysis.
 
-## Embedded OWASP Top 10
+## Embedded OWASP® Top 10
 
 The OWASP Top 10 (2025) covers the most critical web application security risks. At least one OWASP item must map to every web/UI/reporting and identity/auth component.
 
@@ -119,23 +119,6 @@ These families address organizational and personnel-level controls:
 | PM     | Program Management: Enterprise-wide security program, risk management strategy, and architecture integration. |
 | PS     | Personnel Security: Personnel screening, access agreements, and role-change or termination procedures.        |
 
-## Embedded CIS Controls
-
-The CIS Critical Security Controls provide prioritized, actionable guidance. The top 10 controls most commonly applicable to software architectures follow.
-
-| Control | Description                                                                                                                 |
-|---------|-----------------------------------------------------------------------------------------------------------------------------|
-| CIS 1   | Inventory and Control of Enterprise Assets: Maintain an accurate inventory of all hardware assets connected to the network. |
-| CIS 2   | Inventory and Control of Software Assets: Track and manage all software running in the environment.                         |
-| CIS 3   | Data Protection: Identify, classify, and protect sensitive data at rest and in transit.                                     |
-| CIS 4   | Secure Configuration of Enterprise Assets and Software: Establish and maintain hardened configurations for all assets.      |
-| CIS 5   | Account Management: Manage lifecycle of system and application accounts including creation, use, and deactivation.          |
-| CIS 6   | Access Control Management: Create, assign, manage, and revoke access credentials and privileges.                            |
-| CIS 7   | Continuous Vulnerability Management: Continuously identify and remediate vulnerabilities across the environment.            |
-| CIS 8   | Audit Log Management: Collect, review, and retain audit logs for detection and forensic purposes.                           |
-| CIS 9   | Email and Web Browser Protections: Improve protections against email and web-based threats.                                 |
-| CIS 10  | Malware Defenses: Prevent or control installation and execution of malicious software.                                      |
-
 ## Researcher Subagent Delegation
 
 Microsoft Well-Architected Framework (WAF) and Cloud Adoption Framework (CAF) lookups are delegated to the Researcher Subagent at runtime. These frameworks evolve frequently and contain extensive cloud-specific guidance best retrieved on demand.
@@ -152,8 +135,9 @@ The following standards are also delegated for runtime lookup due to version sen
 | SOC 2                                             | Audit-framework specific, organization-dependent scope     |
 | HIPAA                                             | Regulated domain, requires current interpretation          |
 | FedRAMP                                           | Government-specific, dynamic control baselines             |
+| CIS Critical Security Controls                    | License terms prohibit redistribution; use runtime lookup  |
 
-Do NOT delegate OWASP, NIST 800-53, CIS, OWASP LLM Top 10, or NIST AI RMF lookups. Those standards are embedded above.
+Do NOT delegate OWASP, NIST 800-53, OWASP LLM Top 10, or NIST AI RMF lookups. Those standards are embedded above.
 
 ### When to Delegate
 
@@ -205,16 +189,16 @@ Collect findings from the output path and incorporate them into the component's
 
 This table maps operational buckets to their baseline standard references. Use these as starting points and refine during Phase 3 analysis.
 
-| Bucket              | OWASP                        | NIST 800-53    | CIS        |
-|---------------------|------------------------------|----------------|------------|
-| infra               | A05, A06                     | CM, PE, SC, SI | 1, 2, 4, 7 |
-| devops/platform-ops | A05, A06, A08                | CA, CM, SA, SI | 2, 4, 7    |
-| build               | A06, A08                     | SA, SI         | 2, 4, 7    |
-| messaging           | A01, A03, A08                | AC, SC, SI     | 3, 4, 8    |
-| data                | A01, A02, A03                | AC, AU, SC, SI | 3, 5, 6, 8 |
-| web/UI/reporting    | A01, A02, A03, A05, A07, A10 | AC, IA, SC, SI | 4, 5, 6, 9 |
-| identity/auth       | A01, A02, A07                | AC, IA, PS     | 5, 6       |
-| ai-ml               | A04, A06, A08                | SA, SI, RA     | 2, 7       |
+| Bucket              | OWASP                        | NIST 800-53    | CIS (delegated) |
+|---------------------|------------------------------|----------------|-----------------|
+| infra               | A05, A06                     | CM, PE, SC, SI | via delegation  |
+| devops/platform-ops | A05, A06, A08                | CA, CM, SA, SI | via delegation  |
+| build               | A06, A08                     | SA, SI         | via delegation  |
+| messaging           | A01, A03, A08                | AC, SC, SI     | via delegation  |
+| data                | A01, A02, A03                | AC, AU, SC, SI | via delegation  |
+| web/UI/reporting    | A01, A02, A03, A05, A07, A10 | AC, IA, SC, SI | via delegation  |
+| identity/auth       | A01, A02, A07                | AC, IA, PS     | via delegation  |
+| ai-ml               | A04, A06, A08                | SA, SI, RA     | via delegation  |
 
 > [!NOTE]
 > The ai-ml row applies only when `raiEnabled` is true. When applicable, also map components against OWASP LLM Top 10 and NIST AI RMF subcategories from the sections above.
@@ -229,11 +213,24 @@ For each component, produce a standards mapping block following this structure:
 **Applicable Standards:**
 - OWASP: {items with justification}
 - NIST: {families with justification}
-- CIS: {controls with justification}
+- CIS: {delegated — include Researcher Subagent findings or N/A}
 
 **WAF/CAF Findings:** {researcher subagent results or N/A}
 
 **Gap Analysis:** {identified gaps between current controls and standard requirements}
 ```
 
 Include justification for each mapped standard, explaining why the control is relevant to the specific component. Flag gaps where a standard should apply based on the cross-reference table but no corresponding control exists in the current architecture.
+
+## Third-Party Attribution
+
+OWASP® Top 10 (2025) and OWASP® Top 10 for LLM Applications (2025) content is derived
+from works by the OWASP Foundation, licensed under CC BY-SA 4.0
+(<https://creativecommons.org/licenses/by-sa/4.0/>).
+Sources: <https://owasp.org/www-project-top-ten/>, <https://genai.owasp.org/>
+Modifications: Descriptions condensed to single-sentence summaries.
+OWASP® is a registered trademark of the OWASP Foundation. Use does not imply endorsement.
+
+NIST SP 800-53 and NIST AI RMF 1.0 content is derived from publications by the National
+Institute of Standards and Technology, U.S. Department of Commerce. Not subject to copyright
+(17 U.S.C. § 105).
@@ -1,6 +1,12 @@
 ---
 name: powerpoint
 description: 'PowerPoint slide deck generation and management using python-pptx with YAML-driven content and styling - Brought to you by microsoft/hve-core'
+license: MIT
+compatibility: 'Requires uv, Python 3.11+, PowerShell 7+, and LibreOffice'
+metadata:
+  authors: "microsoft/hve-core"
+  spec_version: "1.0"
+  last_updated: "2026-03-18"
 ---
 
 # PowerPoint Skill

@@ -1,6 +1,12 @@
 ---
 name: video-to-gif
 description: 'Video-to-GIF conversion skill with FFmpeg two-pass optimization - Brought to you by microsoft/hve-core'
+license: MIT
+compatibility: 'Requires FFmpeg on PATH'
+metadata:
+  authors: "microsoft/hve-core"
+  spec_version: "1.0"
+  last_updated: "2026-03-18"
 ---
 
 # Video-to-GIF Conversion Skill

@@ -1,6 +1,12 @@
 ---
 name: vscode-playwright
 description: 'VS Code screenshot capture using Playwright MCP with serve-web for slide decks and documentation - Brought to you by microsoft/hve-core'
+license: MIT
+compatibility: 'Requires VS Code CLI (code or code-insiders), Playwright MCP tools, and curl'
+metadata:
+  authors: "microsoft/hve-core"
+  spec_version: "1.0"
+  last_updated: "2026-03-18"
 ---
 
 # VS Code Playwright Screenshot Skill

@@ -1,7 +1,12 @@
 ---
 name: gitlab
 description: 'Manage GitLab merge requests and pipelines with a Python CLI - Brought to you by microsoft/hve-core'
+license: MIT
 compatibility: 'Requires Python 3.11+. GitLab credentials via GITLAB_URL and GITLAB_TOKEN environment variables.'
+metadata:
+  authors: "microsoft/hve-core"
+  spec_version: "1.0"
+  last_updated: "2026-03-24"
 ---
 
 # GitLab Skill

@@ -1,6 +1,12 @@
 ---
 name: hve-core-installer
 description: 'Decision-driven installer for HVE-Core with 6 clone-based installation methods, extension quick-install, environment detection, and agent customization workflows - Brought to you by microsoft/hve-core'
+compatibility: 'Requires VS Code or VS Code Insiders. Clone-based methods require git on PATH and network access.'
+license: MIT
+metadata:
+  authors: "microsoft/hve-core"
+  spec_version: "1.0"
+  last_updated: "2026-04-01"
 ---
 
 # HVE-Core Installer Skill

@@ -1,7 +1,12 @@
 ---
 name: jira
 description: 'Jira issue workflows for search, issue updates, transitions, comments, and field discovery via the Jira REST API. Use when you need to search with JQL, inspect an issue, create or update work items, move an issue between statuses, post comments, or discover required fields for issue creation. - Brought to you by microsoft/hve-core'
+license: MIT
 compatibility: 'Requires Python 3.11+ and Jira credentials in environment variables'
+metadata:
+  authors: "microsoft/hve-core"
+  spec_version: "1.0"
+  last_updated: "2026-03-24"
 ---
 
 # Jira Skill

@@ -1,7 +1,7 @@
 ---
 name: owasp-agentic
 description: OWASP Agentic Security Top 10 vulnerability knowledge base for identifying, assessing, and remediating security risks in AI agent systems - Brought to you by microsoft/hve-core.
-license: MIT
+license: CC-BY-SA-4.0
 user-invocable: false
 metadata:
   authors: "OWASP Agentic Security Initiative"
@@ -12,7 +12,7 @@ metadata:
   content_based_on: "https://genai.owasp.org/resource/owasp-top-10-for-agentic-applications-for-2026/"
 ---
 
-# OWASP Agentic Top 10 — Skill Entry
+# OWASP® Agentic Top 10 — Skill Entry
 
 This `SKILL.md` is the **entrypoint** for the OWASP Agentic Top 10 skill.
 
@@ -41,6 +41,17 @@ security risks in AI agent systems.
   * `00-vulnerability-index.md` — master index of all vulnerability identifiers, categories, and cross-references.
   * `01` through `10` — one document per vulnerability aligned with OWASP Agentic Security numbering.
 
+## Third-Party Attribution
+
+Copyright © OWASP Foundation.
+OWASP® Top 10 for Agentic Applications (2026) content is derived from works by the
+OWASP Foundation, licensed under CC BY-SA 4.0
+(<https://creativecommons.org/licenses/by-sa/4.0/>).
+Source: <https://genai.owasp.org/resource/owasp-top-10-for-agentic-applications-for-2026/>
+Modifications: Vulnerability descriptions restructured into agent-consumable reference
+documents with added detection and remediation guidance.
+OWASP® is a registered trademark of the OWASP Foundation. Use does not imply endorsement.
+
 ---
 
 *🤖 Crafted with precision by ✨Copilot following brilliant human instruction, then carefully refined by our team of discerning human reviewers.*
@@ -85,4 +85,9 @@ Each vulnerability document follows a consistent structure:
 
 ---
 
+Content derived from works by the OWASP Foundation, licensed under CC BY-SA 4.0
+(<https://creativecommons.org/licenses/by-sa/4.0/>).
+Modifications: Restructured into agent-consumable reference format with added
+detection and remediation guidance.
+
 *🤖 Crafted with precision by ✨Copilot following brilliant human instruction, then carefully refined by our team of discerning human reviewers.*
@@ -120,4 +120,9 @@ convinces the user to make an ill-advised business decision.
 
 ---
 
+Content derived from works by the OWASP Foundation, licensed under CC BY-SA 4.0
+(<https://creativecommons.org/licenses/by-sa/4.0/>).
+Modifications: Restructured into agent-consumable reference format with added
+detection and remediation guidance.
+
 *🤖 Crafted with precision by ✨Copilot following brilliant human instruction, then carefully refined by our team of discerning human reviewers.*
@@ -121,4 +121,9 @@ monitoring sees no malware and the misuse goes undetected.
 
 ---
 
+Content derived from works by the OWASP Foundation, licensed under CC BY-SA 4.0
+(<https://creativecommons.org/licenses/by-sa/4.0/>).
+Modifications: Restructured into agent-consumable reference format with added
+detection and remediation guidance.
+
 *🤖 Crafted with precision by ✨Copilot following brilliant human instruction, then carefully refined by our team of discerning human reviewers.*
@@ -126,4 +126,9 @@ The attacker-controlled agent then issues system-level commands under assumed in
 
 ---
 
+Content derived from works by the OWASP Foundation, licensed under CC BY-SA 4.0
+(<https://creativecommons.org/licenses/by-sa/4.0/>).
+Modifications: Restructured into agent-consumable reference format with added
+detection and remediation guidance.
+
 *🤖 Crafted with precision by ✨Copilot following brilliant human instruction, then carefully refined by our team of discerning human reviewers.*
@@ -114,4 +114,9 @@ attacker-controlled agent which then exfiltrates or corrupts responses.
 
 ---
 
+Content derived from works by the OWASP Foundation, licensed under CC BY-SA 4.0
+(<https://creativecommons.org/licenses/by-sa/4.0/>).
+Modifications: Restructured into agent-consumable reference format with added
+detection and remediation guidance.
+
 *🤖 Crafted with precision by ✨Copilot following brilliant human instruction, then carefully refined by our team of discerning human reviewers.*
@@ -120,4 +120,9 @@ during fix-build tasks.
 
 ---
 
+Content derived from works by the OWASP Foundation, licensed under CC BY-SA 4.0
+(<https://creativecommons.org/licenses/by-sa/4.0/>).
+Modifications: Restructured into agent-consumable reference format with added
+detection and remediation guidance.
+
 *🤖 Crafted with precision by ✨Copilot following brilliant human instruction, then carefully refined by our team of discerning human reviewers.*
@@ -118,4 +118,9 @@ tenant's sensitive chunk into retrieval by high cosine similarity.
 
 ---
 
+Content derived from works by the OWASP Foundation, licensed under CC BY-SA 4.0
+(<https://creativecommons.org/licenses/by-sa/4.0/>).
+Modifications: Restructured into agent-consumable reference format with added
+detection and remediation guidance.
+
 *🤖 Crafted with precision by ✨Copilot following brilliant human instruction, then carefully refined by our team of discerning human reviewers.*
@@ -123,4 +123,9 @@ but seemingly legitimate actions.
 
 ---
 
+Content derived from works by the OWASP Foundation, licensed under CC BY-SA 4.0
+(<https://creativecommons.org/licenses/by-sa/4.0/>).
+Modifications: Restructured into agent-consumable reference format with added
+detection and remediation guidance.
+
 *🤖 Crafted with precision by ✨Copilot following brilliant human instruction, then carefully refined by our team of discerning human reviewers.*
@@ -128,4 +128,9 @@ disconnects.
 
 ---
 
+Content derived from works by the OWASP Foundation, licensed under CC BY-SA 4.0
+(<https://creativecommons.org/licenses/by-sa/4.0/>).
+Modifications: Restructured into agent-consumable reference format with added
+detection and remediation guidance.
+
 *🤖 Crafted with precision by ✨Copilot following brilliant human instruction, then carefully refined by our team of discerning human reviewers.*
@@ -128,4 +128,9 @@ The clinician relies on the agent's plausible explanation and accepts the change
 
 ---
 
+Content derived from works by the OWASP Foundation, licensed under CC BY-SA 4.0
+(<https://creativecommons.org/licenses/by-sa/4.0/>).
+Modifications: Restructured into agent-consumable reference format with added
+detection and remediation guidance.
+
 *🤖 Crafted with precision by ✨Copilot following brilliant human instruction, then carefully refined by our team of discerning human reviewers.*