From 7c001da251784a2b0d67e2a55caec2b5858bd4fb Mon Sep 17 00:00:00 2001 From: Florian BRUNIAUX Date: Sun, 22 Feb 2026 16:21:53 +0100 Subject: [PATCH] docs: update README + CHANGELOG for threat-db v2.2.0 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit README: CVE count 19→24, malicious skills 341→655 (consistent across all occurrences + badge) CHANGELOG: security patch entry for threat-db v2.2.0 (CVE-2026-0755, mcp-run-python SSRF, 5 new scanners, T010) Co-Authored-By: Claude Sonnet 4.6 --- CHANGELOG.md | 13 +++++++++++++ README.md | 22 +++++++++++----------- 2 files changed, 24 insertions(+), 11 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 406a2f4..23c2063 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -6,6 +6,19 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/). ## [Unreleased] +## [3.28.1] - 2026-02-22 (security patch) + +### Security + +- **Threat Database v2.1.0 → v2.2.0** — 2 new CVEs, 5 new scanning tools, 1 new attack technique + - **CVE-2026-0755** (Critical, CVSS 9.8) — gemini-mcp-tool RCE via command injection; LLM-generated args passed to shell without validation; no auth, network-reachable; **no fix as of 2026-02-22** + - **SNYK-PYTHON-MCPRUNPYTHON-15250607** (High) — mcp-run-python SSRF via overly permissive Deno sandbox allowing localhost access + - **T010 Attack Technique** — Agent-to-Agent Communication Injection: attacker injects malicious instructions into Slack/GitHub/ticketing channels monitored autonomously by AI agents + - **5 new scanning tools catalogued**: Proximity (open-source), Enkrypt AI MCP Scanner, Cisco MCP Scanner (behavioral analysis), NeuralTrust MCP Scanner, MCPScan.ai + - **Defensive resource**: Anthropic Claude Code Security (AI-powered codebase scanner, launched 2026-02-21) + - **4 new sources**: Lakera "Agent Skill Ecosystem" audit (4310 OpenClaw skills), Penligent AI CVE-2026-0755, Snyk mcp-run-python SSRF, THN Anthropic CC Security +- **guide/security-hardening.md** — CVE table updated with CVE-2026-0755 and mcp-run-python SSRF entries + critical warning note (no patch available) + ## [3.28.1] - 2026-02-22 ### Added diff --git a/README.md b/README.md index f0bd0bb..7af3efb 100644 --- a/README.md +++ b/README.md @@ -9,7 +9,7 @@ Last Update Quiz Templates - Threat Database + Threat Database

@@ -32,7 +32,7 @@ - ✅ **Build mental models** — How Claude Code works internally (architecture, context flow, tool orchestration) - ✅ **Visualize concepts** — 40 Mermaid diagrams covering model selection, master loop, memory hierarchy, multi-agent patterns, security threats - ✅ **Master methodologies** — TDD, SDD, BDD with AI collaboration (not just templates) -- ✅ **Security mindset** — Threat modeling for AI systems (only guide with 18 CVEs + 341 malicious skills database) +- ✅ **Security mindset** — Threat modeling for AI systems (only guide with 24 CVEs + 655 malicious skills database) - ✅ **Test your knowledge** — 271-question quiz to validate understanding (no other resource offers this) **Outcome**: Go from copy-pasting configs to designing your own agentic workflows with confidence. @@ -48,7 +48,7 @@ Both guides serve different needs. Choose based on your priority. | **Understand why** patterns work | Deep explanations + architecture | Config-focused | | **Quick setup** for projects | Available but not the priority | Battle-tested production configs | | **Learn trade-offs** (agents vs skills) | Decision frameworks + comparisons | Lists patterns, no trade-off analysis | -| **Security hardening** | Only threat database (18 CVEs) | Basic patterns only | +| **Security hardening** | Only threat database (24 CVEs) | Basic patterns only | | **Test understanding** | 271-question quiz | Not available | | **Methodologies** (TDD/SDD/BDD) | Full workflow guides | Not covered | | **Copy-paste ready** templates | 175 templates | 200+ templates | @@ -75,7 +75,7 @@ Both guides serve different needs. Choose based on your priority. ``` **4 unique gaps no competitor covers:** -1. **Security-First** — 18 CVEs + 341 malicious skills tracked (no competitor has this depth) +1. **Security-First** — 24 CVEs + 655 malicious skills tracked (no competitor has this depth) 2. **Methodology Workflows** — TDD/SDD/BDD comparison + step-by-step guides 3. **Comprehensive Reference** — 19K lines across 16 specialized guides (24× more reference material than everything-cc) 4. **Educational Progression** — 271-question quiz, beginner → expert path @@ -233,8 +233,8 @@ graph LR **Outcome**: Protect production systems from AI-specific attacks. **Only guide with systematic threat tracking**: -- **18 CVE-mapped vulnerabilities** — Prompt injection, data exfiltration, code injection -- **341 malicious skills catalogued** — Unicode injection, hidden instructions, auto-execute patterns +- **24 CVE-mapped vulnerabilities** — Prompt injection, data exfiltration, code injection +- **655 malicious skills catalogued** — Unicode injection, hidden instructions, auto-execute patterns - **Production hardening workflows** — MCP vetting, injection defense, audit automation [Threat Database →](./machine-readable/threat-db.yaml) | [Security Guide →](./guide/security-hardening.md) @@ -427,7 +427,7 @@ Claude Code can generate 1.75x more logic errors than human-written code ([ACM 2 ### 2. Never Approve MCPs from Unknown Sources -18 CVEs identified in Claude Code ecosystem. 341 malicious skills in supply chain. MCP servers can read/write your codebase. +24 CVEs identified in Claude Code ecosystem. 655 malicious skills in supply chain. MCP servers can read/write your codebase. **Strategy:** Systematic audit (5-min checklist). Community-vetted MCP Safe List. Vetting workflow documented in guide. @@ -462,7 +462,7 @@ TDD/SDD/BDD are not optional with Claude Code. AI accelerates bad code as much a | # | Rule | Key Metric | Action | |---|------|------------|--------| | 1 | Verify Trust | 1.75x more logic errors | Test everything, peer review | -| 2 | Vet MCPs | 18 CVEs, 341 malicious skills | 5-min audit checklist | +| 2 | Vet MCPs | 24 CVEs, 655 malicious skills | 5-min audit checklist | | 3 | Manage Context | 70% = precision loss | `/compact` at 70%, `/clear` at 90% | | 4 | Start Simple | 2-week test period | Phase 1→4 progressive adoption | | 5 | Use Methodologies | AI amplifies good AND bad | TDD/SDD/BDD by context | @@ -552,13 +552,13 @@ claude plugin install session-summary@florian-claude-tools | Tool | Purpose | Maintained By | |------|---------|---------------| | [claude-code-security-review](https://github.com/anthropics/claude-code-security-review) | GitHub Action for automated security scanning | Anthropic (official) | -| This Guide's Threat DB | Intelligence layer (18 CVEs, 341 malicious skills) | Community | +| This Guide's Threat DB | Intelligence layer (24 CVEs, 655 malicious skills) | Community | **Workflow**: Use GitHub Action for automation → Consult Threat DB for threat intelligence. ### Threat Database -**18 CVE-mapped vulnerabilities** and **341 malicious skills** tracked in [`machine-readable/threat-db.yaml`](./machine-readable/threat-db.yaml): +**24 CVE-mapped vulnerabilities** and **655 malicious skills** tracked in [`machine-readable/threat-db.yaml`](./machine-readable/threat-db.yaml): | Threat Category | Count | Examples | |----------------|-------|----------| @@ -623,7 +623,7 @@ This guide is the result of **6 months of daily practice** with Claude Code. The **What you'll find:** - Patterns verified in production (not theory) - Trade-off explanations (not just "here's how to do it") -- Security first (18 CVEs tracked) +- Security first (24 CVEs tracked) - Transparency on limitations (Claude Code isn't magic) **What you won't find:**