Skip to content

v0.2.0

Choose a tag to compare

View all tags
@denial-web denial-web released this 07 Apr 06:29
· 6 commits to main since this release
v0.2.0
d3d514b

What's New in 0.2.0

Multilingual Detection (5 new languages)

  • Injection patterns for Chinese, Japanese, Korean, Arabic, and Hindi — 12 new patterns total
  • Generalized script-mixing detector now covers all non-Latin scripts (previously Khmer-only)
  • Total: 11 languages (EN, DE, ES, FR, HR, RU, ZH, JA, KO, AR, HI)

Indirect Injection Detection

  • HTML comment injection, markdown comment injection, confused deputy attacks, URL-embedded payloads
  • Gated behind SecurityPolicy.detect_indirect_injection flag (enabled by default)

Configurable Output Scanner

  • New OutputScannerConfig model with per-category weights (PII, credentials, base64, hex)
  • Reduced false positives: SHA-256/512 hex hashes exempted, base64 requires threat keywords, bare JWT heuristic

Fast Memory Search

  • Optional hnswlib-backed HNSW approximate nearest neighbor index — O(log n) instead of O(n)
  • Install: pip install 'agent-immune[fast-memory]'

MCP Server Fixes

  • learn_threat now correctly stores entries (was silently failing due to missing memory bank)
  • Fallback embedder status surfaced in tool responses

Other Improvements

  • Public AdversarialMemoryBank.add_threat_batch() API for bulk loading
  • TextEmbedder.using_fallback property with degradation warnings
  • Test fixtures diversified: 28 genuinely distinct attack patterns across multiple categories and languages
  • 181 tests, 0 lint errors

Full Changelog: https://github.com/denial-web/agent-immune/blob/main/CHANGELOG.md

Assets 2
Loading