What happens when you point your own security auditing tools at your own security auditing tools? For Nsasoft, the answer is NSAuditor AI EE 0.9.1 — a patch release driven entirely by a dedicated adversarial-audit-skill cycle that found 10 ship-blockers in production code and saw every single one closed in under 24 hours.

The Adversarial-Audit Cycle

Three purpose-built Claude Code skills were authored specifically to probe EE 0.9.0 from the outside: one analyzing CPE drift in the NVD feed processor, one solving IAM effective permission paths, and one validating JWT air-gap behavior. These skills drove 12 independent subagent runs and produced a reproducer-grade punch list of 10 findings across 4 source files. None were regressions from 0.9.0 — all were pre-existing gaps in the codebase.

The Air-Gap Blind Spot

The headline finding: a 20-line stub in the offline CVE feed processor that threw Not implemented on every invocation. Any enterprise deployment running in air-gapped mode — a core selling point of the product — received zero CVE findings. That result is indistinguishable from a fully patched environment, a dangerous false clean.

EE 0.9.1 replaces the stub with a complete NVD JSON 2.0 offline feed importer. Air-gapped deployments now receive real CVE findings. The env var NSAUDITOR_OFFLINE_ONLY=1 skips the network NVD client entirely and routes through the local feed.

Four Pacu Paths and a KMS False-Positive

Plugin 1030, which audits IAM privilege escalation risk, was missing nine action strings covering four canonical Pacu attack paths — including iam:CreateRole for manufacturing self-trusting admin roles, permissions-boundary tampering actions, KMS-layer privesc via grant and key-policy manipulation, and sts:GetFederationToken federation bypass. These are standard entries in every red-team playbook and now produce findings when present.

Plugin 1110’s KMS effective-decrypt auditor was generating false HIGH findings for identities where no key in the account actually trusted the principal. EE 0.9.1 adds a KMS-layer cross-reference: findings downgrade to INFO when no key trust exists, and a new MEDIUM finding class catches the Pacu P-16 stealth grant path that the HIGH downgrade would otherwise miss.

License Verifier Hardening

Three practical abuse vectors against the CE license verifier are closed: a per-host licenseId replay defense stops seat-cloning, an ES256-signed revocation blocklist enables instant license revocation, and a monotonic-clock anchor defeats clock-rollback attacks against JWT expiry. Each hardening layer has a documented escape-hatch environment variable.

What Stays the Same

The coverage matrices are unchanged — SOC 2 at 10/4/33 and HIPAA §164.312 at 7/3/45. Plugin count stays at 24. This release is depth-uplift, not breadth-creep: the same controls covered more rigorously, with the gaps that a motivated attacker would exploit now closed before a customer encounters them.

EE 0.9.1 is the twenty-seventh consecutive trio-publish in the EE + CE + agent-skill release cadence:

npm install -g nsauditor-ai@0.1.70 @nsasoft/nsauditor-ai-ee@0.9.1

Details at nsauditor.com/ai/enterprise/.

]]>