Skip to content

v0.15.8

Choose a tag to compare

View all tags
@github-actions github-actions released this 09 Jun 22:23
· 140 commits to main since this release
v0.15.8
a85c233
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

What's Changed

  • fix(agent-guard): embed ATR rules so they actually load in prod by @maiconburn in #956
  • docs(agent-guard): honest capability claims + count anchors by @maiconburn in #957
  • feat(agent-guard): export ATR rules-loaded gauge to /metrics by @maiconburn in #958
  • feat(agent-guard): MCP proxy foundation — JSON-RPC envelope + framing by @maiconburn in #959
  • feat(agent-guard): MCP proxy pure message router by @maiconburn in #960
  • feat(agent-guard): MCP proxy enforcement layer (advisory default) by @maiconburn in #961
  • feat(agent-guard): MCP proxy transport + enforcement (single-task loop) by @maiconburn in #962
  • feat(ctl): innerwarden agent proxy — run the MCP inspecting proxy by @maiconburn in #963
  • docs(agent-guard): document the MCP inspecting proxy + anchor its invariants by @maiconburn in #964
  • docs: fix onboarding errors, stale counts, and license claim by @maiconburn in #965
  • ci: add README count gate (verify-readme-counts.sh) by @maiconburn in #966
  • fix(agent-guard): clean up the Agent Guard snitch alert by @maiconburn in #967
  • ci: bump codecov-action v6.0.1 -> v7.0.0 (keybase key migration) by @maiconburn in #968
  • fix(ctl): get reads the unified SQLite store, not legacy JSONL by @maiconburn in #969
  • fix(sensor): exclude zig/build-script toolchain from data_exfil_cmd (spec 071 Part B) by @maiconburn in #970
  • fix(sensor): skip tcp_stream.{http,ssh,smb} in rootkit timing detector (spec 071 Part B) by @maiconburn in #971
  • feat(agent): Warden Context Gate — surface under-rated High/Critical threats, never dismiss on a forgeable signal (spec 071 Part A) by @maiconburn in #972
  • feat(agent): retry the decider for High/Critical orphans before needs_review (spec 071 Part C) by @maiconburn in #973
  • feat(sensor): gate data_exfil build-tool skip on the non-forgeable exe path (spec 072 Part D-sensor) by @maiconburn in #974
  • feat(sensor): gate host_drift comm allowlist on the non-forgeable exe path (spec 072 Part D-sensor) by @maiconburn in #975
  • test(sensor): de-flake privesc tests — guaranteed-dead pids for /proc provenance by @maiconburn in #976
  • feat(sensor): suppress InnerWarden self-unpack in suspicious_archive (spec 072 Part D-sensor) by @maiconburn in #977
  • feat(agent): gate refuses to dismiss provenance:illegitimate incidents (spec 072 Phase 2) by @maiconburn in #978
  • chore(release): 0.15.8 — spec 071/072 FP reduction + MCP proxy by @maiconburn in #979

Full Changelog: v0.15.7...v0.15.8

Contributors

maiconburn
Assets 30
Loading