// Stitches confirmed single-asset findings into multi-hop attack paths across the organization. Builds a graph where nodes are assets and edges are confirmed exploit hops citing the findings that enable them.
| name | attack-path-stitcher |
| description | Stitches confirmed single-asset findings into multi-hop attack paths across the organization. Builds a graph where nodes are assets and edges are confirmed exploit hops citing the findings that enable them. |
The Validation Run task (#3) produces confirmed findings per asset. Real attacker risk lives in chains: a finding on asset A leaks credentials that enable a finding on asset B that pivots into asset C. This skill builds that graph.
Mounted onto cloud-agent task #6.
Cron daily (default 03:00 UTC). May also re-run after a Validation Run task batch completes.
validated/*.json — every confirmed finding across all engagements.artifacts/org-surface.json — the org-wide surface graph (assets, services, network zones, trust relationships).findings/finding-NNN/evidence/raw-source.txt — for credential / token extraction during stitching.org-surface.json, attributed with: tier, services, network_zone, trust_relationships.reference/edge-detectors.md for the seven detectors:
source-code-scanning SBOM)crown_jewel node, BFS backwards through edges to find every external-facing node that can reach it. Mark these as "entry points".artifacts/attack-paths.json plus a human DOT file artifacts/attack-paths.dot (renderable with Graphviz).Implementation runs through tools/chain-merger.py which handles the graph construction. The skill provides the rules the tool consults; the tool does the iteration.
{OUTPUT_DIR}/
artifacts/
attack-paths.json # nodes, edges, entry_points, crown_jewel_paths
attack-paths.dot # Graphviz source
attack-paths.md # ranked list of distinct paths (human read)
attack-paths.json schema:
{
"generated_at": "2026-05-13T03:00:00Z",
"nodes": [
{"id": "asset42", "tier": "revenue", "services": ["http/443"], "zone": "dmz",
"external": true, "findings": ["finding-012", "finding-018"], "max_cvss": 9.8}
],
"edges": [
{"src": "asset42", "dst": "asset77", "detector": "credential-reuse",
"via_findings": ["finding-012", "finding-019"],
"evidence": "credential (userpass) present in evidence of asset42 and asset77",
"feasibility": 1.0}
],
"entry_points": ["asset42", "asset05"],
"confirmed_paths": [
{"jewel": "asset99", "paths": [
{"hops": ["asset42", "asset77", "asset99"],
"edges": [{"src":"asset42","dst":"asset77","detector":"credential-reuse","feasibility":1.0,"via_findings":["finding-012"]},
{"src":"asset77","dst":"asset99","detector":"ssrf-reach","feasibility":1.0,"via_findings":["finding-024"]}],
"feasibility": 1.0, "max_cvss": 9.8, "path_class": "confirmed"}
]}
],
"inferred_paths": [
{"jewel": "asset99", "paths": [
{"hops": ["asset05", "asset99"], "edges": [...],
"feasibility": 0.5, "max_cvss": 7.5, "path_class": "inferred"}
]}
],
"truncation": {
"edge_cap_hit": false, "depth_truncated_count": 0,
"topn_dropped_count": 0, "max_depth": 8, "edge_cap": 50000
}
}
Crucial for RFP §3.3 compliance: confirmed_paths contains ONLY paths where every edge has feasibility 1.0 AND every edge cites at least one validated finding. These are the "confirmed attack paths" the RFP requires. inferred_paths carries topology / supply-chain hops with no PoC evidence — surfaced for analyst review but excluded from remediation SLA buckets by risk-prioritiser.
(src, dst, detector). Multiple findings that enable the same hop merge into one edge with via_findings listing all of them.feasibility × max_cvss / hop_count. Full graph is in attack-paths.json for downstream prioritisation.findings/. It only reads.--max-depth (default 8 hops). Emit truncation.edge_cap_hit, truncation.depth_truncated_count, and truncation.topn_dropped_count in the JSON so downstream consumers can detect silent path loss.confirmed_paths only if every edge has feasibility 1.0 AND every edge has a non-empty via_findings. Trust-zone-only, shared-secret-only, and supply-chain-only chains land in inferred_paths. This split is the contract that lets the RFP-§3.3 claim "confirmed attack paths" stand.tools/chain-merger.py drops validated/{id}.json rows missing finding_id or asset, or whose verdict != "VALID", with stderr WARNs. Upstream validator must comply with the schema in projects/rfp-3.2/task-03-validation-run.md.reference/edge-detectors.md — the 7 detector rules with concrete signal patterns.projects/rfp-3.3/task-06-attack-path-stitcher.md — cloud-agent runtime contract.API security testing - GraphQL, REST API, WebSocket, and Web-LLM attack techniques.
Authentication security testing - auth bypass, JWT attacks, OAuth flaws, password attacks, 2FA bypass, CAPTCHA bypass, and bot detection evasion.
Cloud and container security testing - AWS, Azure, GCP, Docker, and Kubernetes misconfigurations and exploitation.
Pentest coordination — orchestrates executor and validator agents with context-controlled spawning. Entry point for all engagements.
Cryptanalysis techniques — lattice attacks, padding oracles, weak-RNG exploitation, signature forgery, secret-sharing recovery.
Retrieve CVE risk scores from NVD. Auto-invoked whenever a CVE ID is mentioned to display CVSS score, severity, CWE, and description.