Releases · public

Changelog

Every meaningful change ships here. Subscribe to the RSS feed or follow on X.

May 25, 2026
v2.6 Major

6 new agents. Bot comments. Slack. GitLab & Bitbucket.

The biggest single push since launch. Three new intelligence agents, three new infrastructure agents, a proper GitHub App bot, Slack alerts, and multi-platform repo support.

aegis · incident responder · leaked credential
→ Incident type: API Key / Secret Leaked · severity: CRITICAL ! Phase 1: Immediate 3 steps · 0 of 3 completed Phase 2: Investigation 4 steps · locked Phase 3: Prevention 3 steps · locked Step 1 Revoke the exposed key RIGHT NOW → OpenAI API Keys → GitHub PATs → AWS Credentials Progress: 0 / 10 steps · status: ACTIVE AI summary generated
May 21, 2026
v0.4.0 Major

Phantom agent + Cipher + Sentinel AI/BOLA rules + Founding Member

The biggest Sentinel update yet — BOLA/IDOR access control detection, AI-specific vulnerability rules, and slopsquatting detection. Plus two new agents: Phantom (AI attack simulator) and Cipher (cryptographic audit). First 20 users get PR Review free forever.

phantom · my-saas-app · attack simulation
→ Phantom running 4-phase simulation... Phase 1: Recon tech stack: Python/FastAPI/Supabase · 3 exposed endpoints Phase 2: Initial Access hardcoded secret found · JWT in localStorage Phase 3: Exploitation BOLA: missing ownership check on /api/repos/{id} Phase 4: Impact full database read via chained IDOR + injection Risk Score: 8.4 / 10 · CRITICAL 2 attack chains generated
May 14, 2026
v2.4 Major

Compliance Officer is generally available

Map your codebase against SOC 2, GDPR, HIPAA, and PCI-DSS — automatically. Compliance Officer reads your repos, your data flows, and your existing docs, then tells you exactly which controls you're missing and drafts the policies for the rest.

compliance · my-saas-app · SOC 2 Type I
→ Compliance Officer scanned 847 files, 6 services, 4 third-party integrations Encryption in transit covered (via Cloudflare + RDS TLS) Access logging covered (structured logs to Datadog) Encryption at rest partial (prod yes, staging no) Quarterly access review missing (no record found) Incident response runbook missing (draft generated · review →) 87% complete · 5 items left · est. 4h to close
Apr 28, 2026
v2.3

Sentinel learns supply-chain patterns

Auditor now feeds package-history context back into Sentinel. If you import a package that was published last week, has 12 downloads, and matches a name AI tools commonly hallucinate, Sentinel blocks the merge.

Apr 9, 2026
v2.2.4

Faster scans · Lovable + Bolt detection

Average scan time is down to 0.9s for a 50-file repo. Sentinel now detects when code was generated by Cursor, Claude Code, Lovable, or Bolt and weights its rules accordingly.

Mar 22, 2026
v2.2 Major

Scout · the threat model wizard

Before you write a line of code, Scout maps your attack surface. Pick a stack, describe the product, get a STRIDE-style model in 30 seconds. Sentinel then uses it to prioritize every commit.

Mar 1, 2026
v2.1.2

Penetrator gets OWASP Top 10 (2024)

The post-deploy attack agent now runs the latest OWASP Top 10 simulations against your live endpoints. Findings include curl repros so you can verify locally.

Feb 11, 2026
v2.1

Educator + per-mistake personalization

Educator now remembers what you got wrong yesterday. Explanations get shorter as your mental model fills in. Free, forever.

Jan 18, 2026
v2.0.1

Free-tier scan caps removed

Sentinel is free, forever. We removed the 100-scan/month cap on the free tier. If you're a solo founder, you should never have to think about it.

Jan 4, 2026
v2.0 Major

SecureOS, the platform

The Sentinel CLI gets a hosted home and 8 sibling agents. From a single tool you can now cover threat modeling, code scanning, supply chain, pen testing, pre-launch checks, incidents, and compliance — all without leaving GitHub.

Nov 8, 2025
v1.4

35 rules · Sentinel open source

Sentinel CLI hits 35 rules, beats Snyk on AI-introduced patterns in our internal benchmark, and gets open sourced under MIT.