Releases: YashvantHange/AgentArmor
Release list
AgentArmor v1.4.3
AgentArmor v1.4.0 β Multi-agentic only
AgentArmor is now a multi-agent AI red-teaming platform. The offline analysis mode has
been removed: every scan runs capability-aware attack-graph planning, an LLM judge, and
confidence scoring. This release also fixes real correctness bugs in the multi-agentic engine.
Changed
- Offline analysis mode removed β the GUI offlineβcloud picker is gone; the CLI and API
run multi-agent (cloud) analysis on every scan. - Analysis API key now required β scans without a provider key are rejected with a clear
error. SetAGENTARMOR_ANALYSIS_API_KEY, or configure it in Settings /AgentArmor.toml. - The local L1βL4/meta detection engine still runs as the under-the-hood scorer; local
model-file scanning (--model) is unaffected.
Fixed (multi-agentic engine)
- Module targets now receive the real attack β red-team attacks against agent/MCP/RAG
targets send the generated attack (harness prompt, RAG query, MCP tool-parameter injection)
instead of running a static probe and relabelling the display text. - Budget metering β the LLM judge and web attack planner now record token/cost usage
against the budget governor instead of bypassing it.
Added (multi-agentic engine)
- Per-path campaign coverage β a finding now retires only its attack path and the campaign
continues across the remaining paths, instead of stopping at the first finding.
Windows (recommended)
Download AgentArmor_1.4.0_x64-setup.exe or AgentArmor_1.4.0_x64_en-US.msi from the assets below.
- Run the installer
- Open AgentArmor β no Python install required
- Add your analysis provider API key in Settings
- Choose a scan profile β run scan β review grouped findings β download reports
AgentArmor v1.4.2
AgentArmor v1.4.0 β Multi-agentic only
AgentArmor is now a multi-agent AI red-teaming platform. The offline analysis mode has
been removed: every scan runs capability-aware attack-graph planning, an LLM judge, and
confidence scoring. This release also fixes real correctness bugs in the multi-agentic engine.
Changed
- Offline analysis mode removed β the GUI offlineβcloud picker is gone; the CLI and API
run multi-agent (cloud) analysis on every scan. - Analysis API key now required β scans without a provider key are rejected with a clear
error. SetAGENTARMOR_ANALYSIS_API_KEY, or configure it in Settings /AgentArmor.toml. - The local L1βL4/meta detection engine still runs as the under-the-hood scorer; local
model-file scanning (--model) is unaffected.
Fixed (multi-agentic engine)
- Module targets now receive the real attack β red-team attacks against agent/MCP/RAG
targets send the generated attack (harness prompt, RAG query, MCP tool-parameter injection)
instead of running a static probe and relabelling the display text. - Budget metering β the LLM judge and web attack planner now record token/cost usage
against the budget governor instead of bypassing it.
Added (multi-agentic engine)
- Per-path campaign coverage β a finding now retires only its attack path and the campaign
continues across the remaining paths, instead of stopping at the first finding.
Windows (recommended)
Download AgentArmor_1.4.0_x64-setup.exe or AgentArmor_1.4.0_x64_en-US.msi from the assets below.
- Run the installer
- Open AgentArmor β no Python install required
- Add your analysis provider API key in Settings
- Choose a scan profile β run scan β review grouped findings β download reports
AgentArmor v1.4.1
AgentArmor v1.4.1 β Multi-agentic only
AgentArmor is now a multi-agent AI red-teaming platform. The offline analysis mode has
been removed: every scan runs capability-aware attack-graph planning, an LLM judge, and
confidence scoring. This release also fixes real correctness bugs in the multi-agentic engine.
Changed
- Offline analysis mode removed β the GUI offlineβcloud picker is gone; the CLI and API
run multi-agent (cloud) analysis on every scan. - Analysis API key now required β scans without a provider key are rejected with a clear
error. SetAGENTARMOR_ANALYSIS_API_KEY, or configure it in Settings /AgentArmor.toml. - The local L1βL4/meta detection engine still runs as the under-the-hood scorer; local
model-file scanning (--model) is unaffected.
Fixed (multi-agentic engine)
- Module targets now receive the real attack β red-team attacks against agent/MCP/RAG
targets send the generated attack (harness prompt, RAG query, MCP tool-parameter injection)
instead of running a static probe and relabelling the display text. - Budget metering β the LLM judge and web attack planner now record token/cost usage
against the budget governor instead of bypassing it.
Added (multi-agentic engine)
- Per-path campaign coverage β a finding now retires only its attack path and the campaign
continues across the remaining paths, instead of stopping at the first finding.
Windows (recommended)
Download AgentArmor_1.4.1_x64-setup.exe or AgentArmor_1.4.0_x64_en-US.msi from the assets below.
- Run the installer
- Open AgentArmor β no Python install required
- Add your analysis provider API key in Settings
- Choose a scan profile β run scan β review grouped findings β download reports
AgentArmor v1.4.0
AgentArmor v1.4.0 β Multi-agentic only
AgentArmor is now a multi-agent AI red-teaming platform. The offline analysis mode has
been removed: every scan runs capability-aware attack-graph planning, an LLM judge, and
confidence scoring. This release also fixes real correctness bugs in the multi-agentic engine.
Changed
- Offline analysis mode removed β the GUI offlineβcloud picker is gone; the CLI and API
run multi-agent (cloud) analysis on every scan. - Analysis API key now required β scans without a provider key are rejected with a clear
error. SetAGENTARMOR_ANALYSIS_API_KEY, or configure it in Settings /AgentArmor.toml. - The local L1βL4/meta detection engine still runs as the under-the-hood scorer; local
model-file scanning (--model) is unaffected.
Fixed (multi-agentic engine)
- Module targets now receive the real attack β red-team attacks against agent/MCP/RAG
targets send the generated attack (harness prompt, RAG query, MCP tool-parameter injection)
instead of running a static probe and relabelling the display text. - Budget metering β the LLM judge and web attack planner now record token/cost usage
against the budget governor instead of bypassing it.
Added (multi-agentic engine)
- Per-path campaign coverage β a finding now retires only its attack path and the campaign
continues across the remaining paths, instead of stopping at the first finding.
Windows (recommended)
Download AgentArmor_1.4.0_x64-setup.exe or AgentArmor_1.4.0_x64_en-US.msi from the assets below.
- Run the installer
- Open AgentArmor β no Python install required
- Add your analysis provider API key in Settings
- Choose a scan profile β run scan β review grouped findings β download reports
AgentArmor v1.3.1
AgentArmor v1.3.1 β Detection stack overhaul
Release focused on detection accuracy, reproducibility, and enterprise-ready policy hooks.
Added
- Echo-aware scoring β L1/L2 echo stripping; tiered compliance assertions (Sprint 1)
- ONNX/FAISS hardening β tokenizer bundles, index versioning, honest fallback (Sprint 2)
- Regression harness β 70 fixtures,
agentarmor eval detection, baseline JSON (Sprint 2) - Unified judge β
JudgeServicewith legacy config migration (Sprint 3) - Rule catalog β single YAML source for L1/L2/L4 (Sprint 3)
- Per-probe thresholds + meta calibration scaffold (Sprint 4)
- Detector plugins β SDK, marketplace
--trust, LLM-rubric assertions (Sprint 5) - Webscan partial-stream gate β completeness-aware WARN/FAIL (Sprint 5)
- Policy engine, evidence spans, version stamps, active-learning queue (P5)
Fixed
- Meta scorer hard-signal floor for clear L1/L4 hits
- Webscan partial streams no longer blanket-WARN when hard outcomes are present
Windows (recommended)
Download AgentArmor_1.3.1_x64-setup.exe or AgentArmor_1.3.1_x64_en-US.msi from the assets below.
- Run the installer
- Open AgentArmor β no Python install required
- Choose a scan profile β run scan β review grouped findings β download reports
AgentArmor v1.3.0
AgentArmor v1.3.0 β Scan quality overhaul
Major release: OWASP Planner v2, finding clustering, calibrated progress/ETA, scan profiles, and production hardening.
Added
- OWASP Planner v2 β ~50 probes at standard depth, Quick/Standard/Deep budgets, capability-aware selection
- Finding clustering β root-cause cards, semantic merge, replay bundles, grouped findings API
- Scan progress β weighted work units, ETA confidence bands, planner-aware layer tracking
- Risk-based planning β probe reorder after early failures; adaptive depth escalation
- Scan profiles β 8 presets including
production_readinessandowasp_audit(GUI picker) - API β plan preview, metrics, regression compare, attack narrative graph
- Parallel L1/L2 batches with per-probe fault isolation
Fixed
- Failed scans set
FAILEDstatus (no stuckRUNNING) - Budget preflight rejects over-limit scans before start
- Grouped findings endpoint and web planner crashes
Windows (recommended)
Download AgentArmor_1.3.0_x64-setup.exe or AgentArmor_1.3.0_x64_en-US.msi from the assets below.
- Run the installer
- Open AgentArmor β no Python install required
- Choose a scan profile β run scan β review grouped findings β download reports
AgentArmor v1.2.4
AgentArmor v1.2.4 β Readable findings, scan progress, and report download
Latest release. Makes scan results easier to understand, adds live progress with ETA, and one-click report downloads from the GUI.
Added β GUI UX
- Findings: executive summary, excerpt-first cards sorted by severity, attack chains collapsed by default
- Scan progress: live stopwatch, progress bar, ETA, human probe labels; technical SSE log collapsed
- Reports: download PDF, HTML, SARIF, JSON, or ZIP from Findings, Progress, and Reports pages
- Report download API with path traversal guard (
GET /v1/scans/{id}/reports/download)
Fixed
composite_vuln_score()crash when all assertions pass (agent scans)- Empty
Authorization: Bearerheader from config breaking connectivity checks
Windows (recommended)
Download AgentArmor_1.2.4_x64-setup.exe or AgentArmor_1.2.4_x64_en-US.msi from the assets below.
- Run the installer
- Open AgentArmor β no Python install required
- Run a scan β review findings with plain-language summaries β download reports from the header
For login-required chatbot targets, use Login required (SSO) in the website wizard.
AgentArmor v1.2.3
AgentArmor v1.2.3 β Packaging and docs
Patch release aligning Windows installer filenames with the app version and updating release documentation.
Fixed
- Tauri bundle version synced to 1.2.3 (
AgentArmor_1.2.3_x64-setup.exe/.msi) - GUI build typing fix for web-scan status polling
Includes v1.2.2
- Website URL scan SSE reliability and Playwright response capture improvements
- GUI disclaimer on website URL vs API endpoint testing limits
Windows (recommended)
Download AgentArmor_1.2.3_x64-setup.exe or AgentArmor_1.2.3_x64_en-US.msi from the assets below.
- Run the installer
- Open AgentArmor β no Python install required
- Test my chatbot β website URL or API URL β run scan β export reports
For login-required targets (ChatGPT, Claude), use Login required (SSO) in the website wizard.
AgentArmor v1.2.2
AgentArmor v1.2.2 β Website URL chatbot scanning
Latest release. Fixes long-running website URL scans disconnecting from live progress, and improves Playwright discovery and response capture for real chatbot UIs.
Fixed β Website URL chatbot scanning
- SSE scan progress: 30s heartbeats and discovery/planning events so long web scans no longer show "Connection to scan stream lost"
- Scan progress UI falls back to status polling if the live stream disconnects
- Playwright response capture uses baseline diffing and chat-root detection (Gandalf, Prompt Airlines-style UIs)
- Send-button heuristics skip upload/attach controls; async route guard fix in browser session
- SPA page wait for visible chat inputs;
webscan.timeout_sdefault raised to 60s - Low-confidence widget fallback and optional
llm_discovery_on_missconfig ScanSummarymetadata typing for web-scan status polling (GUI production build)
Added
- Framework hints for ChatGPT, Claude, and Gemini; chat keywords for challenge sites
- Gandalf-like HTML fixture and Playwright regression test
- GUI disclaimer on website URL testing limits vs API endpoint scanning
Windows (recommended)
Download AgentArmor_1.2.1_x64-setup.exe or AgentArmor_1.2.1_x64_en-US.msi from the assets below (v1.2.2 app; installer filenames use 1.2.1).
- Run the installer
- Open AgentArmor β no Python install required
- Test my chatbot β website URL or API URL β run scan β export reports
For login-required targets (ChatGPT, Claude), use Login required (SSO) in the website wizard.
AgentArmor v1.2.1
AgentArmor v1.2.1 β Multi-agent red team & web scan
This release ships the multi-agent OWASP red team roster and enterprise chatbot URL scanner improvements from the latest main branch.
Multi-agent OWASP red team
agentarmor/redteam/orchestrator with attack-graph planner, budget governor, and verdict scoring- 16 skill YAML bundles and 13 dedicated agent classes (LLM01βLLM10, Memory, A2A, MCP)
scan_mode=multi_agent_redteamon/v1/scans(requires cloud analysis API key)- Web scans:
multi_agentic+planner_enabledruns red team against discovered widgets - Findings include confidence, reproducibility, and impact scores
- GUI toggle for multi-agent red team; quality gates and regression tests in CI
Chatbot URL scanner
- Enterprise
manual_sessionauth with headed browser login and encrypted session storage POST /v1/web-scans/prepare-sessionand continue flow for SSO-style targets- LLM attack planner for multi-agentic web scans
- Multi-turn memory probe without page reload
- Daily web scan rate limiting and HTML report attack-plan summary
Packaging
- Embedded Python bundle includes red team skills and Playwright for packaged
.exebuilds - Version aligned to 1.2.1 across Python, Tauri, and npm
Windows (recommended)
Download AgentArmor_*_x64-setup.exe or .msi from the assets below.
- Run the installer (or portable
.exe) - Double-click AgentArmor β no Python install required
- Pick a scan type β configure β run β export HTML/SARIF/PDF from Reports
Portable mode: run from a folder containing a PORTABLE file; data is stored in ./data/.
macOS
A native Mac .app is not bundled (Windows desktop first). Use the CLI + web UI:
pip install agentarmor
pip install agentarmor[local] # optional: offline .gguf scanning
agentarmor models download
agentarmor serve --port 8787
cd AgentArmor/gui && npm install && npm run devSee docs/MAC.md.
Linux / PyPI
pip install agentarmor
agentarmor scan --url http://localhost:8000/v1/chat/completionsGitHub Action (CI)
- uses: YashvantHange/AgentArmor/action@v1
with:
url: https://api.example.com/v1/chat/completions