Stable IDs, AIVSS scores, and behavioral fingerprints for every way an agentic component — skill file, MCP server, or agent plugin — can be weaponized. Scored consistently. Mapped to OWASP MCP Top 10, MITRE ATLAS, and the frameworks security teams already report against.
AVE is an open standard. Any scanner can implement it — the records define behavioral classes, not product-specific instances. Reference implementation: Bawbel scanner. Build your own →
Search, filter, and inspect every AVE record — severity, attack class, AIVSS, IOCs, framework mappings, and provenance.
Open the registry → InteroperateHow other scanners and the frameworks you already trust map to AVE ids, so findings become comparable across tools.
View crosswalks → ImplementThe structure of the standard: record anatomy, the validation triangle, and the declares-vs-assigns contract any implementer must honor.
Read the guide → CalculateHow every record gets its severity number — the AIVSS formula, the 10 AARF factors, and worked examples from real records.
See the formula → ReferenceEvery field, its type, whether it is required, and what it means — plus the evidence declarations and an example record.
Open the schema →Found a behavioral vulnerability class the registry does not cover? AVE grows through peer review. Propose a record with a behavioral fingerprint, a detection rule, and positive plus negative fixtures.