Skip to content

v0.6.1 — secret-scanner hardening + cross-platform validation

Choose a tag to compare

@limeflash limeflash released this 10 Jul 14:02

v0.6.1 — secret-scanner hardening + full cross-platform validation

Follow-up to v0.6.0 after validating end-to-end on Windows, WSL2, and macOS (real agy 1.0.3) and running an adversarial security pass on the Mac. Structural defenses held; three real secret-scanner coverage gaps are now closed.

Secret scanner

  • github_pat_ fine-grained PATs are now caught on the Bash path too (Node↔Bash parity restored).
  • The full content of changed files (shipped to Gemini as review context) is now scanned — previously only the diff's added lines were, so a secret on an unchanged line could leak. It now aborts (exit 65) before any agy/network call.
  • Modern keys sk-ant-… (Anthropic) and sk-proj-… (OpenAI project) are now detected (the old sk-<alnum> pattern missed the dashes).

Defense in depth

  • --dangerously-skip-permissions is gated on the write-capable command (rescue) explicitly.
  • .agy-plugin/ is auto-added to the workspace's local .git/info/exclude (keeps your git status clean; never touches your tracked .gitignore).

Validation

  • macOS 26.5 on real agy 1.0.3: /agy:ask, /agy:review, /agy:adversarial-review all pass from symlinked /var/folders/… paths. 218 unit tests + CI (shellcheck, bats, vitest on Node 18/20/22).

Full notes: CHANGELOG · SECURITY.md