Releases: Ed1s0nZ/CyberStrikeAI
Release list
v1.6.48
人机协同(HITL)模式新增「审计 Agent」审批选项,可在工具调用执行前由 AI 自动裁决放行或拒绝,也支持人工审批与审查编辑模式。
Human-in-the-loop (HITL) now supports an Audit Agent reviewer that can automatically approve or reject tool calls before execution, alongside manual human approval and review-edit modes.
v1.6.47
修复同一对���中重复发送相同用户提示词时,因历史去重逻辑误判而不再追加本轮 user 消息、导致请求以 assistant 结尾并触发 Claude 4.6+ 返回 400(assistant-prefill final message is not supported)的问题;现仅在尾部已是相同 user 内容时才跳过追加,重复提示词可正常续聊。
Fix repeated identical user prompts in the same conversation failing with Claude 4.6+ 400 (assistant-prefill final message is not supported) because dedup logic skipped appending the new user turn when matching text appeared earlier; append is now skipped only when the tail message is already that user content, so identical prompts can continue normally.
v1.6.46
为解决多项目共用系统 /tmp 导致下载的 JS/HTML 等文件互窜的问题,新增按会话隔离的工作目录:默认落在 tmp/workspace/,已绑项目时用 projects/<项目ID>/,未绑项目时用 conversations/<对话ID>/。每次 Agent 启动时自动创建目录,并将路径注入四种主模式(eino_single、deep、plan_execute、supervisor)的系统提示,引导下载与 read_file/glob/grep 都在该目录下进行;可通过 agent.workspace_root_dir 自定义根路径。删未绑项目的会话会清理对应工作区,删项目会清理整个项目工作区。
To fix cross-project file contamination from agents downloading and reading assets under the shared system /tmp, CyberStrikeAI now provisions an isolated session workspace under tmp/workspace/—projects// when a conversation is project-bound, otherwise conversations//. The directory is created on each agent run and injected into the system prompt for all four main modes (eino_single, deep, plan_execute, supervisor), directing downloads and local analysis (read_file/glob/grep) away from /tmp. The root path is configurable via agent.workspace_root_dir; unbound conversations clean up on delete, and project workspaces are removed when the project is deleted.
v1.6.45
批量任务队列支持可配置并发执行(默认串行,最高 8 路 worker),创建/编辑队列时可设置 concurrency;采用原子领取与执行器去重,提升多子任务场景下的吞吐与稳定性。同步修复任务管理中的若干边界问题(执行中删除保护、取消卡住清理、单条重跑状态收口等)。
Batch task queues now support configurable concurrent execution (default serial, up to 8 workers). Set concurrency when creating or editing a queue; tasks are claimed atomically with executor deduplication for safer parallel runs. Also fixes several task-management edge cases, including delete guards while executing, stuck-cancel cleanup, and single-task rerun state handling.
v1.6.44
针对多轮迭代会话切换卡顿,本次优化采用三层渐进加载:切换会话时不再预拉取最后一条消息的渗透详情,仅使用轻量 API(include_process_details=0);用户点击「展开详情」后才按需请求该条消息的 process-details;时间线内每个工具调用默认只显示标题行,点击后再渲染参数与执行结果,大批量条目通过 requestAnimationFrame 分批绘制。运行中任务仍走 task-events 补流,行为不受影响。
To fix lag when switching between long-running chat sessions, we implemented three layers of progressive loading: session switches no longer prefetch the last message’s penetration details and rely on the lightweight API (include_process_details=0); full process details load only when the user clicks “Expand details”; within the timeline, each tool call renders as a header-only row until clicked, with large timelines painted in batches via requestAnimationFrame. In-flight tasks are unchanged and still resume through the task-events replay stream.
v1.6.43
v1.6.42
CyberStrikeAI 项目管理新增「攻击路径」功能:在原有「事实黑板」表格之外,提供基于 Cytoscape + ELK 的交互式有向图,将同一套 project_facts 与关系边可视化为「目标 → 发现 → 利用」的攻击链条。Agent 通过 upsert_project_fact 写入事实时同步维护 links,人类可在图中连边、改置信度、沉淀对话攻击链;系统还会在黑板索引中注入攻击路径速览,让跨会话协作从「罗列发现」升级为「看清怎么打」。
CyberStrikeAI Project Management adds an Attack Path view: alongside the existing fact table, an interactive directed graph (Cytoscape + ELK) turns the same project_facts and relationship edges into a clear chain from targets through findings to exploits. Agents maintain structure via links in upsert_project_fact; operators can connect edges, adjust confidence, and persist conversation attack chains. With an attack-path summary injected into the project blackboard index, cross-session work shifts from listing discoveries to seeing how they connect into an actionable, verifiable path.
v1.6.41
v1.6.40
本次主要完善了 C2 会话管理的体验与可靠性:会话/任务列表支持 SSE 实时刷新;会话详情、任务历史与信息页做了紧凑美化;修复 Sleep/抖动被心跳覆盖无法生效的问题,并改为单次自定义配置弹窗;系统配置中新增从 API 自动获取模型列表;另修复页头批量删除按钮对齐、标签切换黑框闪烁等问题。
This update improves C2 session management UX and reliability: session/task lists refresh in real time via SSE; the detail view, task history, and info panel were redesigned to be more compact; Sleep/jitter settings no longer get overwritten by heartbeats and use a single custom modal; settings now support fetching the model list from the configured API; plus minor fixes for header button alignment and tab-switch focus flash.
v1.6.39
本次更新统一了大工具输出处理:删除 large_result_threshold、result_storage_dir 和 query_execution_result;超过 reduction_max_length_for_trunc(50KB)的结果由 Eino reduction 生成 并落盘。��盘路径在 tmp/reduction/ 下按项目区分:已绑定项目为 projects/{项目ID}/,未绑定则为 conversations/{会话ID}/。
This update unifies large tool-output handling by removing large_result_threshold, result_storage_dir, and query_execution_result. Outputs above reduction_max_length_for_trunc (50KB) are truncated via Eino reduction into and saved under tmp/reduction/, scoped by project (projects/{projectID}/ when a project is bound, otherwise conversations/{conversationID}/).