CHANGELOG

What's New

Every update to Scandar and Scandar Overwatch.

v1.4.02026-03-24

Full SDK & Overwatch Customizability

ADDEDRule suppression (suppressRules / suppress_rules) — eliminate known false positives per deployment without disabling entire detection modules; escape hatch for agents with legitimate shell/network access

ADDEDThreat score weight overrides (threatScoreWeights / threat_score_weights) — tune the composite 0-100 score to your fleet's risk profile; fintech orgs can weight encoding_evasion at 50 while lowering multi_turn

ADDEDPolicy management REST API — GET/PUT/DELETE individual policies by ID, including last-20-violations history per policy, RBAC-gated (editor role required for writes)

ADDEDKill chain rule API — full CRUD for custom KillChainRule objects; GET merges custom DB rules with built-in defaults, custom rules override built-ins by ID

ADDEDSelf-hosted deployment — production-ready Docker Compose with full Supabase stack (Postgres, GoTrue, PostgREST, Realtime, Storage, Kong) + multi-stage Dockerfile; runs as non-root uid 1001

ADDEDCustom compliance framework builder — define your own controls (metric, operator, threshold, weight), evaluated live against fleet data with weighted scoring and partial credit (75 within 10%, 50 within 20%)

ADDEDEmail alerting via Resend — branded dark-theme HTML emails with severity color coding, tool access list, and CTA; joins Slack/PagerDuty/webhook in the alert dispatch loop

IMPROVEDGuardPlugin interface fully documented with TypeScript + Python examples covering all four lifecycle hooks: beforeInspect, afterInspect, onToolCall, onSessionEnd

v1.3.02026-03-24

Auto-Quarantine & Policy Actions

ADDEDAuto-quarantine engine — agents emitting AGENT_IDENTITY_SPOOFING or AGENT_COMPROMISE_PROPAGATION findings are quarantined immediately with zero operator action required

ADDEDPolicy action: quarantine — operators can define threshold-based policies (e.g. threat_score ≥ 80) that automatically quarantine agents at session end

ADDED"Critical Threat Auto-Quarantine" built-in policy template — one click to activate threat score ≥ 80 auto-quarantine across your fleet

ADDEDQuarantine action badge (⊘ AUTO-QUARANTINE) on the Policies page — visually distinct from alert and block_deployment actions

SECURITYShared quarantineAgentInternal helper — atomic status flip with neq guard prevents double-quarantine race conditions under concurrent critical findings

SECURITYFull audit trail on auto-quarantine: quarantine record, history event, SOC 2 audit log entry, and alert dispatch — all written before returning to the SDK

IMPROVEDPolicy violation records now include the triggered action, enabling forensic reconstruction of what automation ran and why

v1.2.02026-03-23

Guardian Scanning & Inter-Agent Trust

ADDEDInter-agent message scanning — HMAC-SHA256 identity verification detects spoofed agent identities at runtime (TypeScript + Python)

ADDEDCompromise propagation — agents emitting critical/high findings automatically taint all downstream agents in the session

ADDEDTrust levels (trusted / semi_trusted / untrusted) with configurable block thresholds per tier

ADDEDLangGraph auto-interceptor (Python) — wraps every StateGraph node automatically, zero per-node instrumentation

ADDEDMultimodal injection scanning — JPEG EXIF/IPTC, PNG tEXt/zTXt/iTXt chunks, SVG content, PDF text layers, embedded base64 (TypeScript + Python)

ADDEDGuardian model scan — claude-haiku-4-5 vision model inspects images for visible text, QR codes, and instruction-like patterns that binary extraction cannot catch

ADDEDOverwatch Graph: TRUST MESH mode, trust level rings, HMAC glyphs (◈ verified / ⊘ compromised), stale agent detection (7d+)

ADDEDOverwatch Graph: agent search bar with auto-pan, edge hover tooltips showing call count and HMAC status

ADDEDOverwatch Graph: Audit Log direct link and one-click forensic snapshot capture from agent detail panel

IMPROVEDEXIF parsing replaced ASCII-run extraction with full TIFF IFD traversal — proper tag-type decoding, XP* UTF-16 tags, XMP namespace extraction

IMPROVEDBase64 scanning now context-aware — restricted to JPEG pre-SOS region and PNG first 64KB, eliminating pixel-data false positives

SECURITYHMAC comparisons use timing-safe equality (timingSafeEqual / hmac.compare_digest) to prevent timing oracle attacks

v1.1.02026-03-21

Scandar Overwatch Launch

ADDEDScandar Overwatch — enterprise fleet security with real-time agent graph, blast radius analysis, and kill chain detection

ADDED4-framework compliance engine: EU AI Act, SOC 2 Type II, ISO 42001, NIST AI RMF with evidence chains

ADDEDPre-execution enforcement gate — SDK checks with Overwatch before tool execution

ADDED20 configurable kill chain rules with glob pattern matching

ADDEDOWASP LLM Top 10 mapping (10/10 coverage, 28 categories)

ADDEDMITRE ATLAS mapping (22 techniques across 7 tactics)

ADDEDPolicy simulation — preview which agents a policy would affect before saving

ADDEDGraph time-travel — view fleet state at any historical date

ADDEDInteractive sandbox — explore Overwatch with demo data, no SDK required

ADDEDCompliance report export (HTML, JSON) for auditors

ADDEDTeam management with RBAC (admin/editor/viewer roles)

ADDEDAudit log with filterable actions and CSV export

ADDEDCompliance score snapshots with trend tracking

SECURITYServer-side RBAC enforcement on all mutating API routes

SECURITYPostgres-backed rate limiting and idempotency (serverless-safe)

v1.0.12026-03-21

SDK 0.1.1 — Overwatch Rename

FIXEDRenamed all 'Agent Security Graph' references to 'Scandar Overwatch' in SDK source and README

FIXEDCrewAI integration now aggregates real findings instead of hardcoding safe scores

FIXEDAutoGen integration sends session_end with findings_summary

FIXEDVercel AI SDK doStream properly inspects input messages

IMPROVEDPublished scandar-guard@0.1.1 to npm and PyPI

v1.0.02026-03-20

Scandar Launch

ADDED5 scan types: Skills, MCP Servers, Configs, System Prompts, Agent Configs

ADDED140+ detection rules mapped to OWASP LLM Top 10

ADDEDscandar-guard runtime SDK for Python and TypeScript

ADDEDscandar-scan CLI with SARIF output and watch mode

ADDEDAI Fix — Claude-powered auto-remediation (Pro)

ADDEDAgent Security Reports with cross-cutting analysis

ADDEDMarketplace with verified skill directory

ADDEDEU AI Act compliance landing page with countdown