Fix plugin version (1.0.0->1.2.0), sync skill count to 762, automate both

- plugin.json was stuck at version 1.0.0 and count 753 — this is the file the
  installer reads, so installs showed 1.0 everywhere. Bumped to 1.2.0 / 762.
- Update skill count to 762 across README (badge + 6 mentions), marketplace.json,
  and plugin.json (754/753 -> 762 after merging PRs #70/#71/#81)
- update-index.yml: now auto-syncs the skill count into README.md,
  marketplace.json, and plugin.json on every skills/ change (no more manual drift)
- sync-marketplace-version.yml: release now bumps plugin.json too (not just
  marketplace.json) and pushes to main, so plugin version tracks the release tag

.claude-plugin/marketplace.json

@@ -5,14 +5,14 @@
     "email": "mukuljangra5@gmail.com"
   },
   "metadata": {
-    "description": "754 cybersecurity skills for AI agents mapped to 5 frameworks: MITRE ATT&CK, NIST CSF 2.0, MITRE ATLAS, D3FEND, and NIST AI RMF.",
+    "description": "762 cybersecurity skills for AI agents mapped to 6 frameworks: MITRE ATT&CK, NIST CSF 2.0, MITRE ATLAS, D3FEND, NIST AI RMF, and the MITRE Fight Fraud Framework (F3).",
     "version": "1.2.0"
   },
   "plugins": [
     {
       "name": "cybersecurity-skills",
       "source": "./",
-      "description": "754 cybersecurity skills covering web security, pentesting, DFIR, threat intelligence, cloud security, malware analysis, and more. Mapped to 5 frameworks.",
+      "description": "762 cybersecurity skills covering web security, pentesting, DFIR, threat intelligence, cloud security, malware analysis, and more. Mapped to 6 frameworks.",
       "version": "1.2.0",
       "author": {
         "name": "mukul975"

.claude-plugin/plugin.json

@@ -1,5 +1,5 @@
 {
   "name": "cybersecurity-skills",
-  "description": "753 cybersecurity skills covering web security, pentesting, DFIR, threat intelligence, cloud security, malware analysis, and more.",
-  "version": "1.0.0"
+  "description": "762 cybersecurity skills covering web security, pentesting, DFIR, threat intelligence, cloud security, malware analysis, and more.",
+  "version": "1.2.0"
 }

.github/workflows/sync-marketplace-version.yml

@@ -14,6 +14,8 @@ jobs:
       - uses: actions/checkout@v4
         with:
           token: ${{ secrets.GITHUB_TOKEN }}
+          ref: main
+          fetch-depth: 0
 
       - name: Extract version from tag
         id: version
@@ -22,18 +24,20 @@ jobs:
           echo "version=$VERSION" >> $GITHUB_OUTPUT
           echo "tag=$GITHUB_REF_NAME" >> $GITHUB_OUTPUT
 
-      - name: Update marketplace.json version
+      - name: Update marketplace.json and plugin.json version
         env:
           VERSION: ${{ steps.version.outputs.version }}
         run: |
           jq --arg v "$VERSION" '.metadata.version = $v | .plugins[].version = $v' .claude-plugin/marketplace.json > tmp.json
           mv tmp.json .claude-plugin/marketplace.json
-          echo "Updated marketplace.json to version $VERSION"
+          jq --arg v "$VERSION" '.version = $v' .claude-plugin/plugin.json > tmp.json
+          mv tmp.json .claude-plugin/plugin.json
+          echo "Updated marketplace.json and plugin.json to version $VERSION"
 
       - name: Commit and push
         run: |
           git config user.name "mukul975"
           git config user.email "mukuljangra5@gmail.com"
-          git add .claude-plugin/marketplace.json
-          git diff --staged --quiet || git commit -m "chore: bump marketplace version to ${{ steps.version.outputs.tag }}"
-          git push
+          git add .claude-plugin/marketplace.json .claude-plugin/plugin.json
+          git diff --staged --quiet || git commit -m "chore: bump plugin version to ${{ steps.version.outputs.tag }}"
+          git push origin HEAD:main

.github/workflows/update-index.yml

@@ -61,10 +61,52 @@ jobs:
           print(f"Updated index.json: {len(skills)} skills")
           EOF
 
-      - name: Commit updated index
+      - name: Sync skill count into README and marketplace
+        run: |
+          python3 << 'EOF'
+          import os, re, json
+
+          # Authoritative count: directories under skills/ that contain a SKILL.md
+          # and are not .bak backups (matches index.json generation above).
+          count = 0
+          for name in os.listdir("skills"):
+              if name.endswith(".bak"):
+                  continue
+              if os.path.isfile(os.path.join("skills", name, "SKILL.md")):
+                  count += 1
+          print(f"Authoritative skill count: {count}")
+
+          # README.md — replace the skills badge and every "<NNN> ... skills" phrase.
+          with open("README.md", encoding="utf-8") as f:
+              readme = f.read()
+          readme = re.sub(r"(badge/skills-)\d+", rf"\g<1>{count}", readme)
+          # "754 production-grade", "754 structured", "754 skills", "all 754 skills",
+          # "Scans 754 skill", "contains **754 skills**", BibTeX "{754 structured"
+          readme = re.sub(r"\b\d+(?=\s+production-grade cybersecurity skills)", str(count), readme)
+          readme = re.sub(r"\b\d+(?=\s+structured cybersecurity skills)", str(count), readme)
+          readme = re.sub(r"(all\s+)\d+(?=\s+skills)", rf"\g<1>{count}", readme)
+          readme = re.sub(r"(Scans\s+)\d+(?=\s+skill\b)", rf"\g<1>{count}", readme)
+          readme = re.sub(r"(contains\s+\*\*)\d+(?=\s+skills\*\*)", rf"\g<1>{count}", readme)
+          readme = re.sub(r"(\{)\d+(?=\s+structured cybersecurity skills)", rf"\g<1>{count}", readme)
+          with open("README.md", "w", encoding="utf-8") as f:
+              f.write(readme)
+
+          # marketplace.json + plugin.json — patch "<NNN> cybersecurity skills" in descriptions.
+          for path in (".claude-plugin/marketplace.json", ".claude-plugin/plugin.json"):
+              with open(path, encoding="utf-8") as f:
+                  data = f.read()
+              data = re.sub(r"\b\d+(?=\s+cybersecurity skills)", str(count), data)
+              json.loads(data)  # fail loudly if the regex broke JSON
+              with open(path, "w", encoding="utf-8") as f:
+                  f.write(data)
+
+          print("Synced skill count into README.md, marketplace.json, plugin.json")
+          EOF
+
+      - name: Commit updated index and skill count
         run: |
           git config user.name "mukul975"
           git config user.email "mukuljangra5@gmail.com"
-          git add index.json
-          git diff --staged --quiet || git commit -m "chore: auto-update index.json"
+          git add index.json README.md .claude-plugin/marketplace.json .claude-plugin/plugin.json
+          git diff --staged --quiet || git commit -m "chore: auto-update index.json and skill count"
           git push

README.md

@@ -10,7 +10,7 @@
 
 [![GARS-2026 Survey](https://img.shields.io/badge/GARS--2026-Take%20the%20Survey-E8B84B?style=for-the-badge&logo=googleforms&logoColor=black)](https://mahipal.engineer/survey?utm_source=github_badge&utm_medium=readme&utm_campaign=gars2026)
 [![License](https://img.shields.io/badge/License-Apache_2.0-blue.svg?style=flat-square)](LICENSE)
-[![Skills](https://img.shields.io/badge/skills-754-brightgreen?style=flat-square)](#whats-inside--26-security-domains)
+[![Skills](https://img.shields.io/badge/skills-762-brightgreen?style=flat-square)](#whats-inside--26-security-domains)
 [![Frameworks](https://img.shields.io/badge/frameworks-6-orange?style=flat-square)](#six-frameworks-one-skill-library)
 [![MITRE F3](https://img.shields.io/badge/MITRE-F3_v1.1-blue?style=flat-square)](https://ctid.mitre.org/fraud/)
 [![Domains](https://img.shields.io/badge/domains-26-9cf?style=flat-square)](#whats-inside--26-security-domains)
@@ -24,7 +24,7 @@
 [![Hermes Agent](https://img.shields.io/badge/Hermes_Agent-compatible-blueviolet?style=flat)](https://github.com/NousResearch/hermes-agent)
 
 
-**754 production-grade cybersecurity skills · 26 security domains · 5 framework mappings · 26+ AI platforms**
+**762 production-grade cybersecurity skills · 26 security domains · 6 framework mappings · 26+ AI platforms**
 
 [Get Started](#quick-start) · [What's Inside](#whats-inside--26-security-domains) · [Frameworks](#five-frameworks-one-skill-library) · [Platforms](#compatible-platforms) · [Contributing](#contributing)
 
@@ -38,7 +38,7 @@
 
 A junior analyst knows which Volatility3 plugin to run on a suspicious memory dump, which Sigma rules catch Kerberoasting, and how to scope a cloud breach across three providers. **Your AI agent doesn't — unless you give it these skills.**
 
-This repo contains **754 structured cybersecurity skills** spanning **26 security domains**, each following the [agentskills.io](https://agentskills.io) open standard.  Every skill is mapped to **six industry frameworks** — MITRE ATT&CK, NIST CSF 2.0, MITRE ATLAS, MITRE D3FEND, NIST AI RMF, and the MITRE Fight Fraud Framework (F3) — making this the only open-source skills library with unified cross-framework coverage.  Clone it, point your agent at it, and your next security investigation gets expert-level guidance in seconds.
+This repo contains **762 structured cybersecurity skills** spanning **26 security domains**, each following the [agentskills.io](https://agentskills.io) open standard.  Every skill is mapped to **six industry frameworks** — MITRE ATT&CK, NIST CSF 2.0, MITRE ATLAS, MITRE D3FEND, NIST AI RMF, and the MITRE Fight Fraud Framework (F3) — making this the only open-source skills library with unified cross-framework coverage.  Clone it, point your agent at it, and your next security investigation gets expert-level guidance in seconds.
 
 ## Six frameworks, one skill library
 
@@ -176,14 +176,14 @@ Existing security tool repos give you wordlists, payloads, or exploit code. None
 
 ## How AI agents use these skills
 
-Each skill costs **~30 tokens to scan** (frontmatter only)  and **500–2,000 tokens to fully load** (complete workflow). This progressive disclosure architecture lets agents search all 754 skills in a single pass without blowing context windows. 
+Each skill costs **~30 tokens to scan** (frontmatter only)  and **500–2,000 tokens to fully load** (complete workflow). This progressive disclosure architecture lets agents search all 762 skills in a single pass without blowing context windows. 
 
 ```
 User prompt: "Analyze this memory dump for signs of credential theft"
 
 Agent's internal process:
 
-  1. Scans 754 skill frontmatters (~30 tokens each)
+  1. Scans 762 skill frontmatters (~30 tokens each)
      → identifies 12 relevant skills by matching tags, description, domain
 
   2. Loads top 3 matches:
@@ -371,7 +371,7 @@ All platforms that support the [agentskills.io](https://agentskills.io) standard
 |---|---|---|
 | [v1.0.0](https://github.com/mukul975/Anthropic-Cybersecurity-Skills/releases/tag/v1.0.0) | March 11, 2026 | 734 skills · 26 domains · MITRE ATT&CK + NIST CSF 2.0 mapping · ATT&CK Navigator layer |
 
-Skills have continued to grow on `main` since v1.0.0 — the library now contains **754 skills** with **5-framework mapping**  (MITRE ATLAS, D3FEND, and NIST AI RMF added post-release).  Check [Releases](https://github.com/mukul975/Anthropic-Cybersecurity-Skills/releases) for the latest tagged version.
+Skills have continued to grow on `main` since v1.0.0 — the library now contains **762 skills** with **6-framework mapping**  (MITRE ATLAS, D3FEND, NIST AI RMF, and the MITRE Fight Fraud Framework added post-release).  Check [Releases](https://github.com/mukul975/Anthropic-Cybersecurity-Skills/releases) for the latest tagged version.
 
 ## Contributing
 
@@ -404,7 +404,7 @@ If you use this project in research or publications:
   year         = {2026},
   url          = {https://github.com/mukul975/Anthropic-Cybersecurity-Skills},
   license      = {Apache-2.0},
-  note         = {754 structured cybersecurity skills for AI agents,
+  note         = {762 structured cybersecurity skills for AI agents,
                   mapped to MITRE ATT\&CK, NIST CSF 2.0, MITRE ATLAS,
                   MITRE D3FEND, and NIST AI RMF}
 }