AVE v1.0.0 — first stable schema release #23
chaksaray
announced in
Announcements
Replies: 0 comments
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Uh oh!
There was an error while loading. Please reload this page.
-
AVE v1.0.0 — Release notes
Date: 2026-06-18 Tag:
v1.0.0Schema:ave-record-1.0.0.schema.jsonRegistry: https://ave.bawbel.io Repo: https://github.com/bawbel/aveThe first stable release of the AVE standard
AVE (Agentic Vulnerability Enumeration) is an open behavioral vulnerability standard for agentic AI components — skill files, MCP servers, plugins, and agent tools. v1.0.0 is the first production-ready release: canonical schema, 48 published records, a public registry, crosswalks to the tools the field already uses, and a complete governance structure for the open-source community.
Records
48 records published. The full record set covers attack classes from prompt injection and credential exfiltration through rug-pull, cross-app escalation, MCP tool hook hijacking, and unsafe agent delegation chains.
GitHub templates updated:
ave_submissionissue template — issue-first workflow, variant vs new class checkave_false_positive,ave_schema_change,ave_bug_reportissue templatesFixture and test infrastructure
tests/fixtures/andrules/are the intended locations for detection rules and positive/negative test fixtures per record. The test runner design is documented in the codebase (tests/test_fixtures.pypattern using pytest parametrize over fixture pairs). Fixtures for the 48 records will be added in v1.1 alongside the schema migration.What does not change between releases
ave_idvalues are permanent$idURL for schema v1.0.0 is permanent:https://ave.bawbel.io/schema/ave-record-1.0.0.schema.jsonspec_version: "0.8"in the AIVSS object (a constant, not versioned by AVE)This discussion was created from the release AVE v1.0.0 — first stable schema release.
Beta Was this translation helpful? Give feedback.
All reactions