Releases: byte271/Sentinel
Releases · byte271/Sentinel
v0.3.0
v0.2.0
feat: SENTINEL v0.2.0 — The Agent-Safety Release
13 new features transforming SENTINEL from a controlled-execution kernel into a
complete agent safety toolkit:
1. Agent Firewall (firewall/): deterministic, framework-agnostic tool-call
scanning with 32 built-in detection patterns (injection, exfiltration,
privilege escalation, credential access, destructive, persistence). Ships
with strict/balanced/permissive policy presets and runtime-loadable custom
rules. Pure regex, sub-millisecond. CLI: sentinel-fw.
2. Deterministic Replay Engine (replay/): hash-chained execution log with
record-and-replay, non-determinism detection, time-travel seek/step/rewind,
stateAt reconstruction, and JSON export.
3. Kill Switch + Forensics (exec/killswitch.ts): transactional kill with
graceful (safe-checkpoint window) and hard modes, compensation-based
rollback in reverse order, full forensic snapshot, and recover() post-mortem
plan.
4. Context Guardian (info/context.ts): real-time context-window health with
token budget/utilization, normalized Shannon entropy, pollution scoring,
untrusted source boundaries, lost-in-the-middle detection, and trust-aware
compaction.
5. Memory Integrity Layer (memory/): signed, append-only, hash-chained memory
ledger with cryptographic provenance, tamper detection, temporal-decay trust
scoring, and HMAC-SHA256 signing.
6. Multi-Agent Trust Graph (bridge/trust-graph.ts): delegation depth limits,
permission narrowing (subset-only, escalation rejected), per-hop trust decay,
HMAC-SHA256 inter-agent message signing with timestamp-bound nonce replay
protection, and anomaly detection. Exports Mermaid/Graphviz DOT.
7. OpenClaw Security Bridge (bridge/openclaw.ts): wraps MEMORY.md-style
plaintext files with the Memory Integrity Layer for sealing, out-of-band
tamper detection, and authenticated write-through.
8. OWASP ASI 10/10 Dashboard (compliance/owasp.ts): real-time coverage scoring
of all 10 OWASP ASI Top-10 risks from enabled capabilities. CLI:
sentinel-compliance.
9. Observable Agent Protocol (observe/): OpenTelemetry-style span/trace emitter
with agent semantic conventions and OTLP-compatible JSON export.
10. Prevented Futures TUI (tui/): branching timeline rendering of blocked vs.
allowed actions with risk scores, triggering rules, justifications, and
safety bar. CLI: sentinel-tui.
11. A2A Identity Verifier v2: cryptographic per-message identity verification
(HMAC-SHA256 + replay-bound nonces) with JIT, per-task permission narrowing
via the Trust Graph.
12. Temporal Branching v2: 6-dimensional auto-normalizing scoring (confidence,
safety, minimality, completeness, speed, reversibility).
13. New CLIs: sentinel-fw, sentinel-compliance, sentinel-tui.
Bug fixes:
- B1: version consistency across package.json, spec, and CLI
- B2: expanded package.json keywords for discoverability
- B4: HTTP API authentication enforced with constant-time comparison
- B5: session tokens now HMAC-signed with timingSafeEqual verification
Zero heavy dependencies. 215 tests passing across 28 test files.