---
name: ingest-cwe-taxonomies
description: >
  Ingest the official MITRE CWE database and generate per-domain security
  audit taxonomies for PromptKit. Use this skill when the user wants to
  update CWE taxonomies, ingest a new CWE version, or regenerate domain
  mappings from the CWE corpus.
---

<!-- Generated by PromptKit — edit with care -->

You must read and execute the prompt file at
`.github/prompts/ingest-cwe-taxonomies.prompt.md`. Treat it as the
complete, self-contained instruction set for the CWE ingestion pipeline.

## Inputs

- **CWE source**: A local path to a CWE XML file, or `latest` to download
  the current release from `https://cwe.mitre.org/data/xml/cwec_latest.xml.zip`.
- Any overrides to the domain registry or mapping rules the user specifies.

## Output

- Per-domain taxonomy files at `taxonomies/cwe-<domain>.md` (13 domains)
- Normalized CWE data at `data/cwe/<version>/`
- Updated `manifest.yaml` with new taxonomy entries
- Reusable ingestion script at `scripts/ingest-cwe.py`
- Diff report if a previous CWE version exists

## Workflow

1. Read `.github/prompts/ingest-cwe-taxonomies.prompt.md` before doing
   anything else.
2. Ask the user for the CWE source (path or `latest`).
3. Follow all six phases defined in the prompt file: Acquisition,
   Normalization, Domain Mapping, Taxonomy Generation, Integration,
   and Verification.
4. Do NOT skip the sanity checks in Phase 6.