Welcome home · 2026-07-14 evening

Your Board

Everything that moved while you were out, laid out to action. The heavy lifting is done and staged, most of this is now review-and-submit. Work top to bottom.

6 advisories ready to file 1 application to send 3 quick wins

1 · File the pile

Buddy prepped every report. You paste + submit (the one button I never press). Re-run the 1-minute Gate-0 grep on each target's open PRs right before filing, a finding can decay to a dup between staging and filing.
1

Forgejo

codeberg.org/forgejo
7 findings

File first, fastest decay. 7 Gitea-to-Forgejo port-lag gaps (branch-protection bypass is the strongest). They die the moment Forgejo ports the public Gitea v1.27.0 batch, so move on these first.

Channel: email security@forgejo.org Credit: Kingsley Olukanni (real name) Body: cycle298 batch-scorecard + per-finding
2

continue

github.com/continuedev/continue
High / Critical

The headliner, and freshness-critical. Two findings, file together. New this session: repo-open RCE, a malicious repo ships a .continue/mcpServers/*.json that auto-spawns its command with no consent gate = arbitrary code execution just by opening the repo. Plus the earlier zero-prompt credential read-leak. This class is being CVE'd across AI tools right now, file soon.

Channel: GitHub advisory + maintainer ping Credit: babakizo420 Body: cycle309 + cycle303-B Do the quick live-PoC (poc-recipe.md) first
3

Amazon Q

github.com/aws/language-servers
High

Biggest name, CVE-worthy (Amazon accepts this class + assigns CVEs). Three sibling bugs, one advisory: dangling-symlink write + grep credential read-leak + unguarded edit tool. 3-in-1 report is written and ready to paste (I sent it to you).

Channel: GitHub advisory on the repo Credit: babakizo420 Body: 3-in-1 report (attached in chat)
4

cline

github.com/cline/cline
High

Symlink-blind workspace boundary, auto-approve is on by default, so a planted symlink writes/reads outside the workspace with no prompt. Confirmed + PoC.

Channel: GitHub advisory Credit: babakizo420 Body: cycle302
Also ready (older MCP track, both re-verified GO): two more advisories are staged and confirmed still-unpatched. IBM ContextForge (SSE health-check SSRF + credential forwarding, Medium, credit Kingsley, IBM advisory/PSIRT) and Docker MCP Gateway (credential headers leak to redirect host, Med/High, credit babakizo420, GitHub advisory). Full paste bodies in the filing brief on the box.

2 · Send the Amii application

The Anthropic-to-Amii play. Free Claude credits + coaching + investor exposure, in Alberta.
🍁

Apply to Amii (Level Up tier)

Draft is written and ready (I sent it to you), honest and receipt-backed, positioned on the AI trust-and-safety angle where your CVEs make you a strong fit. Review it, tweak anything that does not sound like you, then fill the Expression of Interest at amii.ca/startups-investors. Unlocks the ≥$5,000 USD Claude credits flowing through the Anthropic partnership.

3 · One decision I need from you

The only thing blocking a build I already designed.
🖨️

TheTalkingArts "Weekly Lift": green light + 3 inputs

The weekly value system is built and live as a page. To switch on the automation I need from the TTA side: (1) their IG/TikTok handles, (2) a few more job photos, (3) rough per-product prices. Say go and I wire it + send you Week 1 as a sample before anything posts. See the system.

4 · Quick wins

Small, high-leverage, mostly minutes.
✉️

Fix securva.net email (DKIM)

Our outbound mail silently fails (DMARC quarantine, DKIM not enabled). ~5 min in Google Admin: turn on DKIM ("Start authentication"), then re-test on mail-tester. This unblocks disclosure + client email, and it doubles as sales proof. Do this before any email-channel filing (Forgejo), or send that one from personal Gmail.

🧱

Add OpenBao to the Securva disclosures wall

babakizo.com is already updated to "3 public advisories." The securva.net/research/disclosures wall should get OpenBao too so the "verify them" link holds all three. I can do this on your word.

📨

Watch for the OpenSearch SRT reply

The MCP SSRF/credential-leak disclosure is with their security team. When their initial-findings reply lands, loop me in and I'll help coordinate + lock the CVE credit.

FYI · What Buddy is doing now

No action needed, just so you know.
🤖

Vein saturated → productizing

Buddy hit ~6 straight walks and correctly called the AI-agent security vein saturated for now. It maximized the hunt and, absent your direction, its default next move is to productize this whole cluster into a Securva agent-security offering (the CVEs as proof + reusable audit checklists = a sellable method). That is aligned with the stop-building-start-closing doctrine. It resumes hunting instantly on a genuinely fresh signal. Tell me if you want it doing something else instead.

Staged by Buddy + your coordinator while you were out. Nothing filed or sent without you.