Issues found in review:
1. tools/validate-skill.py: parse_frontmatter operated on the stripped line, so
an indented nested `name:` (under framework-mapping lists, e.g.
`name: 'Create Fake Materials: Fake Website'`) clobbered the skill's
top-level `name`. That produced 94 spurious "invalid kebab-case name"
failures out of 762. Now indented (non-list) key lines are ignored, so only
top-level keys define frontmatter fields. Result: 762/762 pass.
2. Two divergent validators: the CI workflow had its own weaker inline parser
(no subdomain/tag/description checks) requiring a different field set than
tools/validate-skill.py. CI now delegates to tools/validate-skill.py --all
(single source of truth); REQUIRED_FIELDS aligned to include
version/author/license. The duplicate-name and stats steps are unchanged.
3. README: added an explicit authorized-&-lawful-use disclaimer next to the
existing "not affiliated with Anthropic" note, since the library ships
offensive/dual-use techniques.
No skill content changed.
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
- plugin.json was stuck at version 1.0.0 and count 753 — this is the file the
installer reads, so installs showed 1.0 everywhere. Bumped to 1.2.0 / 762.
- Update skill count to 762 across README (badge + 6 mentions), marketplace.json,
and plugin.json (754/753 -> 762 after merging PRs #70/#71/#81)
- update-index.yml: now auto-syncs the skill count into README.md,
marketplace.json, and plugin.json on every skills/ change (no more manual drift)
- sync-marketplace-version.yml: release now bumps plugin.json too (not just
marketplace.json) and pushes to main, so plugin version tracks the release tag
- Add validated mitre_attack frontmatter to all 754 skills (286 distinct
techniques), verified against MITRE ATT&CK v19.1 via the official
mitreattack-python library: 0 revoked, deprecated, or invalid IDs
- Curate precise per-skill technique IDs for forensics, malware-analysis,
threat-intel, and red-team skills (e.g. DCSync -> T1003.006,
Kerberoasting -> T1558.003, Pass-the-Ticket -> T1550.003)
- Reconcile v19.1 tactic restructuring: Defense Evasion split into
Stealth (TA0005) and Defense Impairment (TA0112); revoked T1562.*
family and T1070.001/.002 remapped to active equivalents (T1685.*)
- Normalize word-split tags across 35 skills (remove filename-derived
stopword tags, add semantic cybersecurity tags)
- Add api-reference.md for 3 skills that were missing it
- Update README ATT&CK section with accurate v19.1 tactic distribution
Mahipal
mukul975
Homan Ansari
mukul975