Changelog
User-facing changes to the repo, the site, and the advisory corpus. Per-sweep details live in
.claude/skills/vibe-security-update/runs.log.md.
The format is loosely based on Keep a Changelog. Newest entries first.
[Unreleased]
Added
- LLM-friendly outputs (Mintlify / Anthropic pattern):
- Per-page
.mdmirrors alongside every.htmlpage — replace.htmlwith.mdin any URL to get the raw markdown source without re-parsing HTML. - Per-section
llms.txtatadvisories/llms.txt,playbooks/llms.txt,prevention/llms.txt,sources/llms.txt,tools/llms.txt. - Compact
llms-ctx.txt— alerts + per-advisory TL;DRs + "am I affected?" only (compact per-advisory digest, ~70KB at ~50 advisories) for mid-context-window ingestion. feed.xml— Atom feed of advisories for RSS readers.advisory-schema.json— JSON Schema (draft 2020-12) for advisory frontmatter.- Versioned API at
api/v1/advisories.jsonandapi/v1/index.json. - JSON-LD ItemList schema on the advisories index page.
- Sitemap hints —
changefreq+priorityper URL. - Page actions — "View raw markdown" + "Edit on GitHub" on every page.
<link rel="alternate" type="text/markdown">on every page so tools can discover the markdown variant.- CITATION.cff — academic citation metadata.
- SECURITY.md (renamed from lowercase
security.mdfor the standard GitHub convention). - CHANGELOG.md — this file.
- Comprehensive pytest test suite under
tests/— frontmatter schema, link integrity, no-secrets, determinism, accessibility, llms.txt format, advisory ID uniqueness, etc. Wired into the deploy workflow. - Prevention guides:
prevention/supply-chain-attack-surface.md— a map of every pathway by which external code/data reaches you (package managers, lockfiles, CI/GitHub Actions, browser CDN, MCP & agent tooling, editor/browser extensions, scraped data, datasets, global installs, hosted builds), each with the one defense that matters and links to the deep guide.prevention/ci-cd-hardening.md— GitHub Actions / CI supply-chain hardening: SHA-pin actions, least-privilegepermissions:, the third-party-action-with-write-token anti-pattern, dangerous triggers, script injection, and OIDC publishing.
Changed
- Site title displayed as "Vibe Coding · Security Issue Tracking" (was "vibe-coding-security"). Repo URL slug unchanged.
- Footer now exposes the full set of LLM/feed format links.
robots.txtexplicit comment: AI/LLM training allowed.
Security
- Hardened the deploy workflow (
.github/workflows/deploy-site.yml): pinned all GitHub Actions to full commit SHAs (were floating@vNtags) and scopedpermissions:to least privilege per job —buildkeeps onlycontents: read, the elevatedpages: write+id-token: writenow live solely on thedeployjob. The project now practices the CI hardening documented in prevention/ci-cd-hardening.md.
2026-05-17
Added
- 3 new advisories from the 2026-05-17 sweep:
- Windsurf zero-click MCP RCE (CVE-2026-30615)
- "Comment and Control" PR prompt injection (CVSS 9.4) — Claude Code Security Review, Gemini CLI Action, Copilot Agent
- Systemic MCP stdio RCE class — OX Security, ~200k servers exposed
- Authoritative-source citations added to every prevention doc and playbook (OWASP, Anthropic, npm Docs, AWS Customer Playbook Framework, GitHub Docs, MCP spec, OpenSSF, CISA, Karpathy).
Changed
node-ipcadvisory: corrected to 822K weekly downloads (was 10M+); added specific bad versions (9.1.6, 9.2.3, 12.0.1), DNS C2 IOCs, shasum, forensic markers.TanStack Mini Shai-Huludadvisory: broadened to full 172-package / 403-version wave including Mistral, UiPath, OpenSearch namespaces; attributed to TeamPCP; noted first valid SLSA-provenance abuse.Claude Code InversePromptadvisory: added 4 more CVEs (CVE-2025-52882, CVE-2025-59536, CVE-2026-21852, CVE-2026-33068) + TrustFall reference.
2026-05-16
Added
- Initial repo: 13 advisories backfilled, 6 playbooks, 5 prevention docs, sources + tools indexes.
vibe-security-updateskill at.claude/skills/vibe-security-update/with tiered sweep procedure (deep 24h / medium 3d / shallow 7d) and self-learning source-priority list.- Static site generator (
site/build.py), template, CSS, validator. - GitHub Actions deploy workflow.
- Initial 78-source priority list seeded from first-run findings.