CalvinBackup/shannon
1
0
Fork 0
mirror of https://github.com/KeygraphHQ/shannon.git synced 2026-04-01 18:30:35 +02:00
Code Issues Packages Projects Releases Wiki Activity
206 Commits 8 Branches 1 Tag
17df89a48f342d371cfae9c231a097ddee601201
Commit Graph

206 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Arjun Malleswaran
17df89a48f Merge pull request #224 from ajmallesh/security/tighten-docker-env-isolation 
Hardening local defaults
 2026-03-07 11:56:35 -08:00
ajmallesh
58afb767c6 docs: simplify prompt injection disclaimer in README 2026-03-07 11:48:59 -08:00
ajmallesh
023cc953db security: tighten Docker isolation and subprocess env 
- Pin @playwright/mcp to 0.0.68 instead of @latest to prevent supply chain risk
- Restrict MCP subprocess env to allowlist (PATH, HOME, NODE_PATH, DISPLAY, XDG_*) instead of spreading process.env
- Add path traversal guard to @include() directive in prompt templates
- Bind all Docker ports to 127.0.0.1 to prevent network exposure
- Remove ipc: host — shm_size: 2gb already covers Chromium shared memory needs
- Add prompt injection disclaimer for untrusted repositories to README
 2026-03-06 17:20:39 -08:00
nelliekeygraph
01165382ed Merge pull request #220 from KeygraphHQ/Readme-Update 
Readme update
 2026-03-06 13:42:49 -08:00
george-keygraph
4c6750541b Update README.md 2026-03-06 11:38:53 -08:00
george-keygraph
2feff83b6e Add files via upload 2026-03-06 11:38:18 -08:00
george-keygraph
96b2728318 Delete assets/keygraph_button.png 2026-03-06 11:38:06 -08:00
george-keygraph
595b2ada78 Update README.md 2026-03-06 11:36:43 -08:00
george-keygraph
c68ee44103 Add files via upload 2026-03-06 11:35:16 -08:00
Arjun Malleswaran
fdd7d0af64 Merge pull request #216 from KeygraphHQ/Updated-README.md 
Updated readme.md
 2026-03-05 16:48:32 -08:00
george-keygraph
03377de469 Update README.md 2026-03-05 16:47:03 -08:00
george-keygraph
477ccd71aa Update README.md 2026-03-05 16:45:08 -08:00
george-keygraph
43aa6386a2 Add files via upload 2026-03-05 16:44:01 -08:00
Arjun Malleswaran
6ad2c9d5c1 Merge pull request #206 from KeygraphHQ/keygraphVarun-patch-1 
update image
 2026-03-04 18:40:22 -08:00
keygraphVarun
53bb10c450 Update README.md 2026-03-04 18:39:05 -08:00
keygraphVarun
ce98c749f5 update image 2026-03-04 18:38:11 -08:00
keygraphVarun
ba8f737d02 Delete assets/github-banner.png 2026-03-04 18:37:54 -08:00
keygraphVarun
a01b130281 update image 2026-03-04 18:36:34 -08:00
Arjun Malleswaran
ff7874815a Merge pull request #205 from KeygraphHQ/keygraphVarun-patch-4 
Update README.md
 2026-03-04 18:30:39 -08:00
keygraphVarun
c5f13235da Update SHANNON-PRO.md 2026-03-04 18:28:41 -08:00
keygraphVarun
528dced335 updated image 2026-03-04 18:20:35 -08:00
keygraphVarun
cdf0f13cc6 Add files via upload 2026-03-04 18:19:27 -08:00
keygraphVarun
e69ce6f51e Update README.md 2026-03-04 18:17:46 -08:00
Arjun Malleswaran
ab2c400daf Merge pull request #202 from KeygraphHQ/keygraphVarun-patch-1 
Update README.md
 2026-03-04 13:59:42 -08:00
keygraphVarun
9b0e64944b Update README.md 
cleanup
 2026-03-04 13:57:28 -08:00
Arjun Malleswaran
f3f4e44ccd Merge pull request #198 from KeygraphHQ/keygraphVarun-patch-1 
Update SHANNON-PRO.md
 2026-03-04 13:46:34 -08:00
Arjun Malleswaran
6b68bb40f8 Merge pull request #200 from KeygraphHQ/keygraphVarun-patch-2 
Update README.md
 2026-03-04 13:46:10 -08:00
keygraphVarun
d3de8e13fb Update SHANNON-PRO.md 2026-03-04 13:44:08 -08:00
keygraphVarun
57d1141f4a Update README.md 2026-03-04 13:38:43 -08:00
keygraphVarun
1aafc0c3d0 Update README.md 
update readme
 2026-03-04 13:08:18 -08:00
keygraphVarun
a8afe98518 Update SHANNON-PRO.md 
fix
 2026-03-04 11:35:49 -08:00
keygraphVarun
395b2bd187 Update SHANNON-PRO.md 
Shannon Pro
 2026-03-04 11:32:00 -08:00
ezl-keygraph
e29d5b88a0 Merge pull request #177 from KeygraphHQ/feat/model-tiers 
feat: add three-tier model system with Bedrock and Vertex AI support
 2026-03-03 22:40:29 +05:30
ezl-keygraph
6a76df2f4c feat: add Google Vertex AI support with service account auth 2026-03-03 02:42:46 +05:30
ezl-keygraph
3ec491b30b chore: update pipeline testing vulnerability prompts 2026-03-03 02:05:09 +05:30
ezl-keygraph
b62abfea4c feat: add three-tier model system with Bedrock support 
Introduce small/medium/large model tiers so agents use the appropriate
model for their task complexity. Pre-recon uses Opus (large) for deep
source code analysis, most agents use Sonnet (medium), and report uses
Haiku (small) for summarization.

- Add src/ai/models.ts with ModelTier type and resolveModel()
- Add modelTier field to AgentDefinition
- Refactor claude-executor env var passthrough into loop
- Add Bedrock credential validation in preflight and CLI
- Pass through Bedrock and model env vars in docker-compose
 2026-03-03 01:08:26 +05:30
Arjun Malleswaran
98e3446448 Merge pull request #161 from KeygraphHQ/feat/pipeline-config 
feat: add configurable pipeline retry and concurrency settings
 2026-02-24 10:52:52 -08:00
ajmallesh
a03bc7506c chore: improve PR command summary format with rich bullet style 2026-02-24 09:31:37 -08:00
ajmallesh
d67c07dc55 feat: add configurable pipeline retry and concurrency settings (#157) 
- Add `pipeline` config section with `retry_preset` and `max_concurrent_pipelines` options
- Add `subscription` retry preset with extended 6h max interval for Anthropic rate limit windows
- Replace Promise.allSettled with concurrency-limited runner for vuln/exploit pipelines
- Wire pipeline config through client, shared types, and workflow activity proxy selection
 2026-02-24 09:31:33 -08:00
Arjun Malleswaran
91f03242a5 Merge pull request #160 from KeygraphHQ/chore/update-readme-banner 
chore: update README banner image
 2026-02-24 09:15:17 -08:00
ajmallesh
17d12be2ab chore: update README banner image 2026-02-24 09:11:50 -08:00
ezl-keygraph
6b403d59a7 Merge pull request #152 from KeygraphHQ/fix/router-env-passthrough 
fix: pass router env vars to SDK subprocess
 2026-02-21 02:24:29 +05:30
ezl-keygraph
742b74c86f fix: pass router env vars to SDK subprocess 
ANTHROPIC_BASE_URL and ANTHROPIC_AUTH_TOKEN were not forwarded to the
SDK subprocess environment, causing router mode to fail with
"Authentication failed: Invalid API key" as the subprocess hit
Anthropic directly with the placeholder key.
 2026-02-21 02:16:19 +05:30
ezl-keygraph
eaa817ea64 Merge pull request #149 from KeygraphHQ/fix/preflight-validation 
feat: add preflight validation phase with structured error reporting
 2026-02-20 21:50:31 +05:30
ajmallesh
839686c23c refactor: use SDK-exported SDKAssistantMessageError instead of local type definition 2026-02-20 07:49:53 -08:00
ezl-keygraph
e8e830c9f8 refactor: replace HTTP credential checks with Claude Agent SDK query 
Replaces validateApiKey and validateOAuthToken (direct fetch calls) with
a single SDK-based query using claude-haiku-4-5-20251001. Uses
SDKAssistantMessageError types for structured error classification and
returns human-readable error messages for each failure case.
 2026-02-20 17:06:59 +05:30
ajmallesh
7ecf5abb35 refactor: extract error formatting utilities from workflows.ts into workflow-errors.ts 2026-02-19 22:20:20 -08:00
ajmallesh
c0d46cb6b9 feat: add preflight validation phase with structured error reporting 
- Add preflight activity that validates repo path, config, and credentials before agent execution
- Add formatWorkflowError() with pipe-delimited segments for multi-line log rendering
- Add remediation hints for common failures (auth, billing, config errors)
- Add REPO_NOT_FOUND, AUTH_FAILED, BILLING_ERROR codes with error classification
- Add formatErrorBlock() in WorkflowLogger for indented error display
 2026-02-19 19:09:02 -08:00
Arjun Malleswaran
afa0e9b701 Merge pull request #141 from KeygraphHQ/refactor/architecture 
refactor: decompose activities into services layer with structured error handling
 2026-02-17 12:22:23 -08:00
ezl-keygraph
7fb0c30769 Merge pull request #142 from KeygraphHQ/docs/wsl-setup-guide 
docs: add WSL2 setup guide for Windows users
 2026-02-18 00:56:48 +05:30