chore: launch prep v0.1.5 — merge PRs #50/#51, clean README, pin deps

[devin-ai-integration]

Summary

Launch-day consolidation PR that merges two approved PRs and cleans up README/metadata for the v0.1.5 PyPI release.

Merged PRs:

• PR chore: bump version to 0.1.4 for PyPI release #50 — version bump to 0.1.4
• PR feat: Phase D broaden detection — D5-D10, T7 #51 — Phase D broaden detection (D5–D10, T7)

Cleanup on top:

• Version bump 0.1.4 → 0.1.5 (pyproject.toml, src/argus/__init__.py)
• README: 12→13 agents (MCP Scanner), 16→21 correlation patterns, fixed CLI quick-start (--mcp-url → --target), fixed Arena commands (argus arena start/status/scan/score), updated architecture diagram and project structure tree
• CLAUDE.md: updated to 13 agents, 21 patterns, 352 tests
• Pinned python-multipart>=0.0.22 for CVE-2024-53981 / CVE-2026-24486 defense-in-depth
• Updated PyPI description to "13 specialized agents"

Phase D code (from PR #51):

• identity_spoof.py — D7 social engineering BFLA payloads
• privilege_escalation.py — D6 BOLA (Broken Object Level Authorization) payloads
• model_extraction.py — D5 tool/function discovery probes
• conductor/evaluation.py — new DataCategoryMatcher with PII regex patterns (IPv6, DOB, passport, medical ID)
• conductor/session.py — T7 ConnectionPool (shared httpx.AsyncHTTPTransport keyed by host)
• correlation/engine.py — 5 new compound attack path patterns (16→21 total)

Updates since last revision:

• ConnectionPool redesigned to share transports, not clients. The original PR feat: Phase D broaden detection — D5-D10, T7 #51 code shared httpx.AsyncClient instances across sessions, which leaked cookie state between agents. The first fix (cookies=False) was also incorrect — httpx silently creates a normal cookie jar when passed False. The final fix shares httpx.AsyncHTTPTransport instances (TCP connection pool) while each ConversationSession creates its own AsyncClient on top. This correctly isolates cookie jars and per-client state while reusing TCP connections.
• _owns_client flag now tracks actual pooled transport usage. Previously set to self._pool is None, which was wrong when both a pool and an explicit transport were provided (the explicit transport would be used but the client wouldn't be closed, leaking it). Now uses a used_pooled_transport boolean that tracks which branch of the if/elif actually ran, so the flag is only False when a pooled transport is genuinely in use.
• CLAUDE.md updated — 12→13 agents, 16→21 correlation patterns, 163→352 test count.

Review & Testing Checklist for Human

• Transport lifecycle: aclose() destroys shared transports — Confirmed via httpx source that AsyncClient.aclose() unconditionally calls self._transport.aclose(). The _owns_client flag prevents this for pooled sessions, but verify the flag logic handles all combinations: (pool+no transport → pooled, pool+explicit transport → owned, no pool+transport → owned, no pool+no transport → owned).
• Leaked client when _owns_client=False — When using a pooled transport, __aexit__ sets self._client = None without calling aclose(). The AsyncClient object is abandoned for GC rather than explicitly cleaned up. The transport (the expensive resource) is managed by the pool, but the client itself may hold minor resources. Decide whether this is acceptable or if a lightweight cleanup path is needed.
• Transport lifecycle vs. session lifecycle — pool.close_all() closes all transports. If any ConversationSession is still open when the pool is closed, its client will have a dead transport. Verify the orchestrator always awaits all session __aexit__ calls before calling pool.close_all().
• PII regex patterns in evaluation.py — The IPv6 regex has 4 alternatives with lookaheads. Verify it doesn't false-positive on hex strings or UUIDs in normal agent responses. Same for passport/medical ID patterns.
• Agent/pattern count accuracy — Verify README/CLAUDE.md claims match code: 13 agents in agents/__init__.py registry, 21 patterns in correlation/engine.py _COMPOUND_PATTERNS list.

Suggested test plan: pip install -e . → argus scan --help (verify --target flag) → pytest tests/ -v → ruff check src/ tests/ → spot-check that from argus import __version__; assert __version__ == "0.1.5".

Notes

• Version jumps 0.1.3→0.1.5 because 0.1.4 (PR chore: bump version to 0.1.4 for PyPI release #50) is folded in here. If 0.1.4 was already published to PyPI, this is fine; if not, consider whether skipping a version matters for your release process.
• The BFLA/BOLA payloads are static string lists — no runtime LLM calls — so they're low-risk functionally but should be reviewed for attack pattern quality/realism.
• Stale branch devin/1776222564-phase-c-attack-power was deleted as part of Git cleanup.

Link to Devin session: https://app.devin.ai/sessions/8b0c5ca873934d77aa254157cc41924c
Requested by: @andrebyrd-odingard

---

[devin-ai-integration]

🤖 Devin AI Engineer

I'll be helping with this pull request! Here's what you should know:

✅ I will automatically:

• Address comments on this PR. Add '(aside)' to your comment to have me ignore it.
• Look at CI failures and help fix them

Note: I can only respond to comments from users who have write access to this repository.

⚙️ Control Options:

• Disable automatic comment and CI monitoring