Threat Feed | Raucle

Pin this key

The feed is signed by Raucle's issuer key. Pin it once; reject anything that doesn't verify against it.

Issuer: raucle.com
Key ID: 8fa2ffa741ba6e3a
Algorithm: Ed25519
Feed URL: https://raucle.com/feed/core.json
Public key: https://raucle.com/feed/issuer.pub.pem

-----BEGIN PUBLIC KEY-----
MCowBQYDK2VwAyEAf1LIjB7FToVhx3v6FEb1HagEF1zys6VBNsmMic7GI5Y=
-----END PUBLIC KEY-----

Subscribe (CLI)

curl -O https://raucle.com/feed/issuer.pub.pem
raucle-detect feed pull \
    https://raucle.com/feed/core.json \
    --pubkey issuer.pub.pem \
    --store ~/.raucle/feeds

That's it. The local FeedStore verifies the Merkle root, the manifest signature, and every individual IOC signature on merge. If any check fails, the feed is rejected and no rules are updated.

Subscribe (Python)

from raucle_detect import Scanner
from raucle_detect.feed import FeedStore, fetch_feed

pubkey = open("issuer.pub.pem").read()
feed = fetch_feed("https://raucle.com/feed/core.json")
store = FeedStore.open("~/.raucle/feeds")
store.merge(feed, pubkey_pem=pubkey)

scanner = Scanner(feed_store=store)
result = scanner.scan(untrusted_input)

What's in v1

The genesis feed bundles 12 hardened indicators across the most common 2026 evasion classes:

Direct instruction-override patterns (the "ignore all previous" family)
System-prompt extraction probes
Persona-swap jailbreaks (DAN-style, developer-mode, restriction-strip)
Invisible-Unicode signatures (zero-width, BOM, word-joiner)
Bidi-override Trojan-Source characters
Base64-indirection-to-execution patterns
ChatML and Llama-2 template-injection tokens
Explicit data-exfiltration directives
Tool-abuse via curl + secret variables
Remote-fetch-then-execute indirection

Trust model

No global root. You pin this key for this feed. You can subscribe to multiple feeds (OWASP, your SOC, a vendor) — each gets its own pinned key. A compromised feed cannot rewrite history because every IOC is content-addressed and individually signed. A hostile issuer cannot revoke another issuer's IOCs.

Verification

Every consumer should re-verify before trusting. From the CLI:

raucle-detect feed verify core.json --pubkey issuer.pub.pem

This recomputes the Merkle root over the sorted IOC content hashes, re-checks the manifest signature, and re-checks every individual IOC signature. Anything off the canonical bytes will fail.

Cadence and revocation

The feed is re-signed and re-published when new IOCs land. Revocations are first-class: a future feed entry with revokes=[<content_hash>] takes the prior IOC out of the live set on the next pull. Only the original issuer can revoke its own IOCs.

Contributing IOCs

Open a PR against raucle-detect with a draft IOC and a reproducible attack sample, or open an issue with the ioc label. We re-sign on merge.

Run your own feed

Anyone can. raucle-detect feed keygen <your-issuer> produces a keypair; feed sign drafts.json --key ... produces a signed manifest you can host anywhere static — S3, GitHub Pages, a CDN. Consumers pin your pubkey; you publish; everything composes.