Enclave VM Sandbox Escape RCE (CVE-2026-27597) - ATR-2026-00436 (8920a2fc-29a9-5eee-ae10-6551c0814015)

Detects exploitation of CVE-2026-27597 (CVSS 10.0), security-boundary escape in Agentfront Enclave (@enclave-vm/core) prior to v2.11.1. Enclave is a JavaScript sandbox marketed for safe AI-agent code execution; the upstream advisory states only that escape is possible without naming a single technique. This rule detects the canonical JavaScript-sandbox escape primitives — Function constructor through .constructor.constructor, prototype-chain pollution reaching the host realm, Error.prepareStackTrace abuse, and require/process exfiltration — when they appear inside code destined for @enclave-vm/core evaluation. CWE-94.

Cluster A	Galaxy A	Cluster B	Galaxy B	Level
Command and Scripting Interpreter - T1059 (7385dfaf-6886-4229-9ecd-6fd678040830)	Attack Pattern	Enclave VM Sandbox Escape RCE (CVE-2026-27597) - ATR-2026-00436 (8920a2fc-29a9-5eee-ae10-6551c0814015)	Agent Threat Rules	1
Escape to Host - T1611 (4a5b7ade-8bb5-4853-84ed-23f262002665)	Attack Pattern	Enclave VM Sandbox Escape RCE (CVE-2026-27597) - ATR-2026-00436 (8920a2fc-29a9-5eee-ae10-6551c0814015)	Agent Threat Rules	1
Exploit Public-Facing Application (47d73872-5336-44f7-81e3-d30bc7e039dd)	MITRE ATLAS Attack Pattern	Enclave VM Sandbox Escape RCE (CVE-2026-27597) - ATR-2026-00436 (8920a2fc-29a9-5eee-ae10-6551c0814015)	Agent Threat Rules	1
JavaScript - T1059.007 (0f4a0c76-ab2d-4cb0-85d3-3f0efb8cba0d)	Attack Pattern	Enclave VM Sandbox Escape RCE (CVE-2026-27597) - ATR-2026-00436 (8920a2fc-29a9-5eee-ae10-6551c0814015)	Agent Threat Rules	1
Command and Scripting Interpreter (716d3a6b-2f8c-4a1f-85f7-d884bb7b2800)	MITRE ATLAS Attack Pattern	Enclave VM Sandbox Escape RCE (CVE-2026-27597) - ATR-2026-00436 (8920a2fc-29a9-5eee-ae10-6551c0814015)	Agent Threat Rules	1
JavaScript - T1059.007 (0f4a0c76-ab2d-4cb0-85d3-3f0efb8cba0d)	Attack Pattern	Command and Scripting Interpreter - T1059 (7385dfaf-6886-4229-9ecd-6fd678040830)	Attack Pattern	2