# 2025-11-03 – Vuln Explorer access controls refresh

- Expanded `docs/11_AUTHORITY.md` with attachment signing tokens, ledger verification workflow, and a Vuln Explorer security checklist.
- Added scope guidance for attachment tokens in `docs/security/authority-scopes.md` and updated the Vuln Explorer architecture dossier.
- Refreshed `etc/authority.yaml.sample` comments to highlight ABAC attributes and attachment token verification requirements.