Exposure engine
Curated catalog. Semver matching. Retro-match.
The agent is thin on purpose. Every piece of intelligence lives in the exposure engine, where new campaigns light up existing fleet state without a rescan.
Ingestion
Where the catalog comes from.
OSV.dev
CVEs, semver ranges, and unfixed advisories
GitHub Advisory Database
GraphQL API, per-ecosystem
CISA KEV
Known Exploited Vulnerabilities catalog
OpenSSF malicious-packages
Community malicious-package repo
Sekeye curated catalog
Malicious extensions, MCPs, agent skills, and model backdoors. Reviewed PRs, Ed25519-signed bundles
Principles
Four things the engine does differently.
Semver-aware
Per-ecosystem version semantics, not exact-match. A CVE that says < 1.4.7 is matched properly against 1.3.9, 1.2.5, and 0.9.1.
Retro-match
When the catalog updates, matching re-runs across your current inventory. No rescan. The campaign 'lights up' existing fleet state.
Signed catalog
Match severity carries through from the source. KEV, CVSS, or the catalog verdict on curated intel. No proprietary risk score layered on top; the catalog is the ground truth and it ships Ed25519-signed.
Fresh
Freshness target: new public campaign → catalog entry + template in under four hours (SLO to be firmed up post-MVP with pilot data).