Releases: KeyValueSoftwareSystems/agent-opfor
Releases · KeyValueSoftwareSystems/agent-opfor
Release list
v0.10.0
0.10.0 (2026-07-06)
⚠ BREAKING CHANGES
- sdk: switch to apikey values; update sdk e2e tests and examples (#168)
Features
- expand env references in agent target headers (#169) (605a9b5)
- stream run lifecycle events as ndjson via a run-listener (#159) (ccc99dc)
- support listing mcp suites from the sdk (#144) (6b68b42)
- support server-owned session IDs with body/header config (#167) (121edfd)
Bug Fixes
- broken gitleaks ci for fork (#158) (e0be561)
- bump zod to ^4.0.0 to satisfy claude-agent-sdk peer dependency (#148) (bcd970e)
- conditional reasoning instruction and stricter section() parsing (15b598f)
- declare mcp dep, add createRequire banner, fix atlas-data resolution for bundled runners (#134) (b8ff91f)
- harden mcp baseline scanner against false negatives and crashes (#155) (cd36f85)
- make agent judge reason before stating its verdict (3b551c6)
- make agent judge reason before stating its verdict (60dacc8)
- make hunt work from a published install (#157) (ac468ea)
- rename 'Risk Score' to 'Safety Score' in extension popup (#133) (4c955a0)
- revert gitleaks trigger from pull_request_target to pull_request (#161) (ea7315e)
- run gitleaks binary in ci to unblock fork pull requests (#162) (be307b2)
- use simple tag format for release-please (9e7a8e6)
- validate mcp tool inputs with zod and return actionable errors (#143) (ad749bc)
Refactors
v0.9.0
OPFOR v0.9.0 — Initial Public Release
Open-source adversary emulation for AI agents, LLM apps, and MCP servers.
Highlights
- Five ways to run — CLI, browser extension, MCP server, skills, and SDK
- Full OWASP coverage — LLM Top 10, Agentic AI Top 10, MCP Top 10, API Security Top 10, EU AI Act bias
- 69 evaluators with 424 attack patterns across agent and MCP surfaces
- Autonomous red-teaming —
opfor huntruns adaptive multi-agent attack campaigns - Browser extension — no-code red-teaming for non-developers, available on the Chrome Web Store
- Trace-aware testing — integrates with Langfuse and Netra for full observability
- Multi-turn attacks — probes tool calls, memory, MCP, and multi-turn reasoning
Packages
| Package | Description |
|---|---|
@agent-opfor/cli |
opfor setup / opfor run / opfor hunt |
@agent-opfor/core |
Shared engine — evaluators, judge, report renderer |
@agent-opfor/sdk |
Programmatic SDK for embedding red-teaming in code |
@agent-opfor/mcp |
Run opfor as an MCP server in Cursor or Claude Desktop |
@agent-opfor/extension |
Chrome MV3 browser extension |