Thanks to visit codestin.com
Credit goes to ave.bawbel.io

AVE Agentic Vulnerability Enumeration
Open standard · Apache 2.0

The behavioral classification standard for agentic AI

Stable IDs, AIVSS scores, and behavioral fingerprints for every way an agentic component — skill file, MCP server, or agent plugin — can be weaponized. Scored consistently. Mapped to OWASP MCP Top 10, MITRE ATLAS, and the frameworks security teams already report against.

AVE is an open standard. Any scanner can implement it — the records define behavioral classes, not product-specific instances. Reference implementation: Bawbel scanner. Build your own →

12
Records
v1.0
Schema
4
Frameworks mapped
0.8
AIVSS spec

Contribute a new agentic flaw standard

Found a behavioral vulnerability class the registry does not cover? AVE grows through peer review. Propose a record with a behavioral fingerprint, a detection rule, and positive plus negative fixtures.

Read the guide →