Improve NIST CSF profile evidence confidence by DENGXUELIN · Pull Request #2001 · UnitOneAI/SecuritySkills

DENGXUELIN · 2026-06-08T17:15:29Z

Summary

Adds a profile evidence confidence gate before finalizing NIST CSF current and target profiles.
Requires evidence source, owner/date/scope, evidence type, current-vs-target separation, freshness, coverage, risk context, confidence, assumptions, and validation-needed fields.
Adds vulnerable/benign fixtures for target-state intent being treated as current evidence versus risk-scoped confidence with corroborating artifacts.

git diff --check origin/main...HEAD
Markdown fence-balance check over changed .md files
Added-line ASCII check
Content marker check for CSF-CONF-01, CSF-CONF-08, Profile Evidence Confidence, fixture names, Current Evidence Confidence, and Validation Needed
Added-line secret-pattern scan
git merge-tree --write-tree origin/main HEAD -> 9cb05ca9283799d0e26884a0fe5b1ee731a49a3e

Closes #1800

Requested tier: Improver Moderate (USD 100)

Improve NIST CSF profile evidence confidence

9ef9a90