From e981fb7a8035ffcf451b6a2cd2510b1292db4e3d Mon Sep 17 00:00:00 2001 From: chaksaray Date: Fri, 17 Jul 2026 14:47:23 +0700 Subject: [PATCH] fix(ave): remove bawbel-scanner pip install boilerplate from AVE-2026-00024 description and remediation both carried a literal `pip install "bawbel-scanner[magika]"` command naming one company's package as the example implementation. Same class of finding as the corpus-wide bawbel-scanner boilerplate fix (AVE_V1.1.0_MIGRATION_BRIEF.md Section 4.5), missed on this record because it names a *specific install command* rather than the "using bawbel-scanner" phrasing that sweep's grep pattern targeted. Replaced with vendor-neutral phrasing describing the capability required (a Magika-integrated or equivalent ML-based file type classifier), not a specific package. Full corpus re-swept for `bawbel scan\b|bawbel-scanner|bawbel-gate|bawbel pin`; this was the only remaining match outside the legitimate researcher/ researcher_url attribution fields. --- records/AVE-2026-00024.json | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/records/AVE-2026-00024.json b/records/AVE-2026-00024.json index ff6b0c4..f50a0fb 100644 --- a/records/AVE-2026-00024.json +++ b/records/AVE-2026-00024.json @@ -4,7 +4,7 @@ "component_type": "mcp_server", "title": "Supply Chain - Content Type Mismatch (Magika)", "attack_class": "Supply Chain - Content Type Mismatch", - "description": "This record covers supply chain attacks where an executable payload is disguised as a skill file (`.md`, `.yaml`, `.json`, `.txt`). Unlike all other AVE records which are detected by text pattern matching, this record is detected exclusively by the **Magika engine (Stage 0)** - Google's ML-based file type classifier - because the file contains no readable text instructions to match against. Detection requires a Magika-integrated scanning tool (bawbel-scanner is one implementation: `pip install \"bawbel-scanner[magika]\"`).", + "description": "This record covers supply chain attacks where an executable payload is disguised as a skill file (`.md`, `.yaml`, `.json`, `.txt`). Unlike all other AVE records which are detected by text pattern matching, this record is detected exclusively by the **Magika engine (Stage 0)** - Google's ML-based file type classifier - because the file contains no readable text instructions to match against. Detection requires a scanning tool integrated with Magika or an equivalent ML-based file type classifier.", "affected_platforms": [ "any-mcp-client", "claude-desktop" @@ -81,13 +81,13 @@ "spec_version": "0.8", "notes": "AARF scores based on typical deployment of mcp components in agentic workflows." }, - "remediation": "- Install a Magika-integrated scanning tool (bawbel-scanner is one implementation: `pip install \"bawbel-scanner[magika]\"`).\n- Verify content type of all skill files before loading\n- Reject any file where content type does not match declared extension\n- Use a file type allowlist for skill loading - only accept known-safe types", + "remediation": "- Install a scanning tool integrated with Magika or an equivalent ML-based file type classifier.\n- Verify content type of all skill files before loading\n- Reject any file where content type does not match declared extension\n- Use a file type allowlist for skill loading - only accept known-safe types", "status": "active", "kill_switch_active": false, "researcher": "Bawbel Security Research Team", "researcher_url": "https://bawbel.io", "published": "2026-04-19T09:00:00Z", - "last_updated": "2026-05-12T00:00:00Z", + "last_updated": "2026-07-17T00:00:00Z", "references": [ { "tag": "CWE-434",