Fold k4 — 2026-05-04 to 2026-05-07 — n16
Scope
Level-4 fold of 16 log entries spanning 2026-05-04 to 2026-05-07. Dominant themes: standards-anchoring discipline (primary-source verification + falsifiable absence claims); CMM consolidation toward a single canonical home; lint-driven backfill and tooling tightening.
Child Entries
| Date | Op | Title | Page | Summary (extractive) |
|---|---|---|---|---|
| 2026-05-07 | fix | sync-subindexes truncation bug (mid-URL period) | Operations Log | Replaced naive sentence-splitter regex with state-machine first_sentence() + safe_truncate() helpers; 7 sub-indexes regenerated; broken-mid-URL descriptions resolved. |
| 2026-05-07 | lint | full health-check + 28-item cleanup pass | Lint Report 2026-05-07 | 28 items across 6 categories; 15 new entity stubs (Tier 1 = 9 orgs, Tier 2 = 5 single-refs, Tier 3 = 1 product) closed 18/18 high-priority dead links; 2 source-provenance violations cleared via no_public_url: extension. |
| 2026-05-07 | ingest | three .raw/talks/ sources registered in manifest; Beyond the Chatbot stub created | Beyond the Chatbot | Manifest delta found 3 unregistered talks; 2 had complete prior coverage (only manifest registration needed); Salesforce Beyond the Chatbot lacked a dedicated page — created stub + 2 speaker entities. |
| 2026-05-06 | voice-elevation | canonical CMM + canonical RA rewritten against wiki/meta/conventions.md §Writing Style | Agentic AI Security CMM | Targeted voice-elevation pass: RA = 42 lines / 12 edits; CMM = 18 lines / 6 edits; one stale claim caught (8 domains → 9 domains); tables, callouts, load-bearing claims left as-is. |
| 2026-05-06 | convention | wiki voice codified — standards-document register as default, plus per-domain CMM descriptors | Wiki Conventions | Standards-document register codified as default body-prose voice in wiki/meta/conventions.md §Writing Style; 4-row Avoid-vs-Prefer table; one-line CLAUDE.md pointer for auto-load discoverability; D1–D9 CMM descriptors named as exemplars. |
| 2026-05-06 | demote-and-fold | agentic-cmm-vs-standards-validation reduced to historical snapshot; positive claims folded into canonical CMM; limitations split into living doc | Validation Page | Validation page reduced to historical snapshot with sharpened [!stale] fold-map callout; §4 positive claims folded into a new CMM appendix; §5 still-current overclaims split into living CMM Known Limitations doc. |
| 2026-05-06 | tooling | wikilink linter tightened; vault-wide alias-form sweep | Operations Log | scripts/lint-wikilinks.py tightened — hot.md removed from skip list; inline-backtick masking dropped; auto-fix added 39 aliases across 6 files; manual pass stripped 23 backtick-wrappers. |
| 2026-05-06 | follow-ups | three CMM follow-ups from §3/§4 verification applied to agentic-ai-security-cmm-2026; ATLAS v5.6.0 correction | Agentic AI Security CMM | D4 / D6 Maps to: lines rewritten with real ATLAS IDs (replacing bogus T1612 / T1565 ATT&CK IDs); D3 L4 CSA ATF restated to four-stage Intern→Junior→Senior→Principal; D6 L3 CFI explicitly scoped against AIUC-1 B008.6; bonus ATLAS version corrected v5.6.1 → v5.6.0 in 4 places. |
| 2026-05-06 | verification | §3/§4 of agentic-cmm-vs-standards-validation checked against primary sources; multiple refutations and bonus §2 errors caught | Validation Page | 6 parallel verification agents fetched primaries (NIST / ISO / CoSAI / MITRE ATLAS / CycloneDX + EU AI Act / SAIF + AIUC-1 + CSA ATF); 2 material refutations (G2 drift, §4 #2 CFI) reframed; G4 attribution corrected; bonus §2 inline corrections for ATLAS / CSA ATF / EU AI Act. |
| 2026-05-06 | cleanup | superseded enterprise-ai-security-cmm deleted; Ten Security Dimensions folded into canonical CMM as appendix | Agentic AI Security CMM | Superseded enterprise-ai-security-cmm page deleted; Ten Security Dimensions threat-surface table folded into canonical CMM as new appendix; 7 in-body links rewritten to drop the comparison framing. |
| 2026-05-05 | anchor | NIST SP 800-162 added as living-standard anchor for the four-role vocabulary; XACML page sharpened | NIST SP 800-162 | NIST SP 800-162 added as the wiki’s preferred living-standard citation for PEP/PDP/PIP/PAP; XACML page extended to distinguish dormant policy-language layer from alive role-architecture layer; first framework page to demonstrate the new primary_documents: schema. |
| 2026-05-05 | terminology | XACML page created + ‘policy-points → roles’ normalization sweep | XACML | Created xacml framework page (OASIS 3.0, 2013); ‘policy-points → roles’ normalization sweep across 5 pages; collective noun pinned to “roles” (matches XACML’s own terminology). |
| 2026-05-04 | save | Maturity Model Spread — axis-mismatch scoping analysis filed | Maturity Model Spread — Axis Mismatch | Comparison-folder scoping analysis filed: the four artifacts (PwC, Microsoft RAI, Anthropic RSP/ASL, OWASP) measure fundamentally different things; candidate stays parked; scoping recorded so future revival starts from the right framing. |
| 2026-05-04 | methodology | Standards Validation — primary-source sourcing + falsifiable absence claims + 11-standard audit backlog | Standards Validation Methodology | 4-step validation protocol codified (source the standard properly; clause-level coverage matrix; falsifiable absence claims; adversarial second pass); 11-standard audit backlog with P1/P2/P3 priority; ~47 hours total + ~10 for adversarial pass. |
| 2026-05-04 | ingest | Unit 42 — AI Agents Are Here. So Are the Threats. (May 2025) | Unit 42 paper | First systematic empirical study of framework-agnostic agentic-AI vulnerabilities; 9 attack scenarios mapped to OWASP Agentic AI Top 10; 5 mitigation strategies; CrewAI + AutoGen product stubs created; open-source reference impl stock_advisory_assistant. |
| 2026-05-04 | lint | Auto-fix pass — both recommendations applied | Lint Report 2026-05-04 | Auto-fix pass over 19 source-provenance violations + ~22 dead-link targets; 6 entity stubs created (Microsoft, AWS, NVIDIA, CrowdStrike, Datadog, Zenity); 17 existing stubs gained homepage: field; provenance violations 19 → 2. |
Key Outcomes
- Standards-validation methodology codified as a 4-step protocol (source the standard properly; build clause-level coverage matrix; falsifiable absence claims; adversarial second pass) with an 11-standard audit backlog at ~47 hours total + ~10 for adversarial pass (from 2026-05-04 methodology entry).
- Validation page demoted to historical snapshot —
agentic-cmm-vs-standards-validationreduced; §4 positive claims folded into a new “What this CMM contributes beyond reviewed standards” appendix on the canonical CMM; §5 still-current overclaims split into a new living CMM Known Limitations doc (from 2026-05-06 demote-and-fold entry). - §3/§4 verified against primary sources — 6 parallel verification agents produced 2 material refutations (G2 drift, §4 #2 CFI scoping), corrected G4 attribution, and surfaced bonus §2 errors in the ATLAS / CSA ATF / EU AI Act rows (from 2026-05-06 verification entry).
- CMM ATLAS-ID errors fixed — bogus
T1612/T1565(which are MITRE ATT&CK, not ATLAS) replaced with real ATLAS techniquesAML.T0051/T0054for D4 andAML.T0020/T0070/T0080for D6; ATLAS version corrected v5.6.1 → v5.6.0 in 4 places (from 2026-05-06 follow-ups entry). - Standards-document voice codified as default — noun-phrase openers + em-dash enumeration of constituent controls recorded in
wiki/meta/conventions.md§Writing Style; one-lineCLAUDE.mdpointer for auto-load discoverability; D1–D9 CMM descriptors named as exemplars (from 2026-05-06 convention entry). - 15 entity stubs created in the 2026-05-07 lint cleanup — Tier 1 (9 organisations: Airbnb, Block, Elastic, GreyNoise, Intel, Netflix, Perplexity, Snowflake, Sysdig); Tier 2 (5 single-refs: Alpitronic, SANS Institute, HiddenLayer, Protect AI, Team8); Tier 3 (1 product: Cursor) — closing 18/18 high-priority dead-link instances (from 2026-05-07 lint entry).
- 6 hyperscaler / vendor stubs created in the 2026-05-04 lint auto-fix pass (Microsoft, AWS, NVIDIA, CrowdStrike, Datadog, Zenity); 17 existing stubs gained
homepage:field; source-provenance violations dropped 19 → 2 (from 2026-05-04 lint entry).
Cross-entry Themes
- Standards-anchoring discipline. A single coherent move — codify the methodology, execute it, fix what it surfaces — runs across the range. The methodology page (2026-05-04 methodology entry) demands primary-source sourcing and falsifiable absence claims; the verification entry (2026-05-06 verification entry) executes that methodology on §3/§4 with 6 parallel agents and produces 2 refutations; the follow-ups entry (2026-05-06 follow-ups entry) applies those refutations to the canonical CMM (ATLAS-ID fixes, CSA ATF restatement, AIUC-1 B008.6 scoping). The XACML / NIST SP 800-162 entries (2026-05-05 terminology + 2026-05-05 anchor entries) extend the same instinct to role-vocabulary anchoring (XACML for lineage; NIST SP 800-162 §2.2 for the living citation). (supported by: 2026-05-04 methodology, 2026-05-05 terminology, 2026-05-05 anchor, 2026-05-06 verification, 2026-05-06 follow-ups entries)
- CMM consolidation toward a single canonical home. Three moves collapse what was a multi-doc CMM presentation into one: the cleanup entry (2026-05-06 cleanup entry) deleted the superseded
enterprise-ai-security-cmmand folded its Ten Security Dimensions table in as appendix; the demote-and-fold entry (2026-05-06 demote-and-fold entry) reduced the validation page to historical snapshot and migrated its §4 positive claims into a new CMM appendix; the voice-elevation and follow-ups entries (2026-05-06 voice-elevation + 2026-05-06 follow-ups entries) operate exclusively on the canonical CMM as the single load-bearing document. (supported by: 2026-05-06 cleanup, 2026-05-06 demote-and-fold, 2026-05-06 voice-elevation, 2026-05-06 follow-ups entries) - Lint-driven backfill paired with tooling tightening. Both lint passes (2026-05-04 lint and 2026-05-07 lint entries) created entity stubs in bulk to close dead-link targets. The tooling entry (2026-05-06 tooling entry) tightened
lint-wikilinks.pyafter a regression wherehot.mdwas in the skip list; the fix entry (2026-05-07 fix entry) hardenedsync-subindexes.pyafter broken-mid-URL descriptions surfaced. The pattern is: lint surfaces a class of defects → fix the script that should have caught them → re-run lint → pages reflect the new discipline. (supported by: 2026-05-04 lint, 2026-05-06 tooling, 2026-05-07 fix, 2026-05-07 lint entries) - Voice codification as a project-wide rule. The voice-elevation entry (2026-05-06 voice-elevation entry) elevated the two canonical pages (RA + CMM) under an ad hoc local register; the convention entry (2026-05-06 convention entry) codified that register as the wiki-wide default in
wiki/meta/conventions.md§Writing Style withCLAUDE.mdpropagation, so future Claude sessions inherit the rule on auto-load rather than rediscover it. (supported by: 2026-05-06 voice-elevation, 2026-05-06 convention entries)
Contradictions or Corrections
- G2 drift claim refuted — the validation page’s original “no standard mandates measurement of benign drift” was wrong. NIST AI RMF MEASURE explicitly addresses drift; NIST AI 800-4 Functionality Monitoring includes “performance degradation or concept drift over time”; CSA Agentic Profile AG-MG.2 defines behavioral drift; ISO 42001 A.6.2.6 plausibly subsumes it. Reframed gap is narrower (no standard operationalizes hallucination-rate-over-time as a level-gated continuously-tracked metric). (from 2026-05-06 verification entry)
- §4 #2 CFI claim refuted — AIUC-1 B008.6 explicitly mandates “cryptographic checksums or signed artifacts to detect tampering” but scoped to model artifacts, not system prompts or identity files. Reframed novelty: the scoping (SHA-256 of system prompts and identity files) is unnamed in any reviewed standard; AIUC-1 B008.6 is the closest near-miss. (from 2026-05-06 verification entry)
- G4 attribution corrected — the “biggest blind spot” phrase was wrongly attributed to NIST AI 800-4; it is third-party commentary (Clearwater 2026). NIST AI 800-4 names “Human Factors Monitoring” as one of six post-deployment categories and notes the literature is sparse. (from 2026-05-06 verification entry)
- CMM ATLAS-ID confusion — the canonical CMM had cited
T1612/T1565as ATLAS techniques. These are MITRE ATT&CK technique IDs, not ATLAS. ATLAS uses theAML.T####namespace. Replaced with real ATLAS IDs in D4 (AML.T0051LLM Prompt Injection +AML.T0054LLM Jailbreak) and D6 (AML.T0020Poison Training Data +AML.T0070RAG Poisoning +AML.T0080AI Agent Context Poisoning). (from 2026-05-06 follow-ups entry) - MITRE ATLAS version v5.6.1 → v5.6.0 — earlier verification reported v5.6.1 as canonical; today’s confirmation flagged that v5.6.1 does not exist (latest tag is v5.6.0). Fixed in 4 places on the validation page. (from 2026-05-06 follow-ups entry)
- CMM “across 8 domains” stale claim — D9 was added 2026-04-30 but the marketing-style claim hadn’t been updated. Fixed to “9 domains” during voice-elevation pass. (from 2026-05-06 voice-elevation entry)
Child Pages
- Agentic AI Security CMM 2026
- Agentic AI Security Reference Architecture
- Agentic CMM vs Standards Validation
- CMM Known Limitations
- Standards Validation Methodology
- Wiki Conventions
- XACML
- NIST SP 800-162
- Maturity Model Spread — Axis Mismatch
- Unit 42 — AI Agents Are Here
- CrewAI
- AutoGen
- Beyond the Chatbot
- Peter Smith
- Ravi Kiran Sharma
- Salesforce
- [[unprompted-conference-march-2026|[un]prompted Conference March 2026]]
- Lint Report 2026-05-07
- Lint Report 2026-05-04
- Microsoft
- AWS
- NVIDIA
- CrowdStrike
- Datadog
- Zenity
- Airbnb
- Block
- Elastic
- GreyNoise
- Intel
- Netflix
- Perplexity
- Snowflake
- Sysdig
- Alpitronic
- SANS Institute
- HiddenLayer
- Protect AI
- Team8
- Cursor
Related
- DragonScale Memory — fold-operator spec
- Operations Log — source entries
- Wiki Index — vault catalog