Releases: Tencent/AI-Infra-Guard
Release list
AI-Infra-Guard v4.1.15
[v4.1.15] - 2026-06-25
Added
- API: Allow omitting model token in mcp_scan and ai_infra_scan, fall back to system default model (f97d707)
- Data: Add 6 llama.cpp CVE rules to the llama-cpp pack (8e0d417)
- MCP: Add 3 MCP threat detection rules: tool poisoning, credential exfiltration, command injection (de57b10)
Changed
- Docs: Add user feedback survey section to all README files (bf5ed72)
- Docs: Fix vuln total count 1300+ -> 1600+ in ai-infra-scan docs (98d4cd9)
- Docs: Update llama-cpp vuln count 3->9 and severity Low->Medium-High (e7b97bd)
- Docs: Add 9 new single-turn attack operators to AIG-PromptSecurity README (9d6a589)
- Docs: Update openclaw vuln count 628 -> 655 in ai-infra-scan docs (aba3988)
- Docs: Fix zh v4.1.14 wording: single-turn jailbreak operators -> attack methods (e3cf9a6)
- Docs: Remove v4.1.11 What's New entry from all 9 README languages (ec3557d)
- Docs: Add v4.1.14 What's New and restore v4.1.11 entry across all 9 README languages (2c662d0)
Contributors
Special thanks to @zhuque, @aigsec, @aigdocs[bot], @boyhack, @DevamShah, @aig-doc-bot, @nicky, @adam Lin
AI-Infra-Guard v4.1.14
[v4.1.14] - 2026-06-18
Added
- Skills: Add aig-agent-redteam skill for comprehensive Agent security assessment (5eb87a6)
- Prompt Security: Add 9 single-turn jailbreak attack methods: PrefillAttack, ICA, PastTense, Overload, Jailbroken, FlipAttack, DeepInception, CodeChameleon, JAM (d48e508)
- Eval: Add jailbreak evaluation datasets: AdvBench, CNSafe, SafeBench (e0ce12e)
Changed
- Dispatch: Implement round-robin agent selection for load balancing (Closes #407) (cb0fa37)
- Docs: Add AdvBench, CNSafe, SafeBench to dataset credits in prompt-eval docs (52b9737)
- Docs: Update DeepTeam repo URL to confident-ai/deepteam (8743b1f)
- Docs: Add Nanyang Technological University logo to README (b800978)
- Docs: Update What's New to v4.1.13 across all README languages (bb73db9)
Contributors
Special thanks to @boyhack, @Elwood-Zonghao-Ying, @aigsec, @aigdocs[bot], @aig-doc-bot
AI-Infra-Guard v4.1.13
[v4.1.13] - 2026-06-11
Added
Fixed
Changed
- Docs: Add China Merchants Bank logo to user appreciation section in all READMEs (c95f052)
- Docs: Update What's New to v4.1.12 across all README languages (0a8da63)
- Docs: Restore v4.1.11 entry in What's New across all 9 README languages (b341578)
Contributors
Special thanks to @boyhack, @zhuque, @aigsec, @aigdocs[bot]
AI-Infra-Guard v4.1.12
[v4.1.12] - 2026-06-08
Added
- Fingerprints: Add 39 new AI web fingerprints and enhance 18 existing ones (7c438fa)
Fixed
- Fingerprints: Fix YAML matcher syntax for CI validation (49e2552)
Changed
- Docs: Update component count to 100+ and CVE count to 1600+ across all languages (58d97ff)
- Docs: Add v4.1.11 to What's New across all 9 README languages (39a0cec)
Contributors
Special thanks to @zhuque, @boyhack, @aig-doc-bot
AI-Infra-Guard v4.1.10
[v4.1.10] - 2026-05-28
Added
- Data: Add CVE rules and fingerprints for new targets (junoclaw, lollms, sglang) (6054e45)
- Scan: Support WebSocket agent providers (2c845e8)
Fixed
- Scan: Resolve uv run failures in Docker and improve dify version detection (23f098a)
- Chromium: Add defer Close() to prevent zombie processes (b617bf7)
- Data: Correct sglang fingerprint YAML structure (version as top-level key) (653cc9a)
Changed
- Docs: Add v4.1.9 to What's New across all 9 README languages (187442d)
Contributors
Special thanks to @feiyang666, @boyhack, @zhuque, @jucie-pie, @rocie799, @AIG-Bot, @aig-doc-bot
AI-Infra-Guard v4.1.9
[v4.1.9] - 2026-05-21
Added
- Prompt Security: Add 20+ single-turn attack operators (invisible-text, case-formatting, script-system, unicode-style, classical-cipher, classic-encoding, SystemOverride, SuperUser, LinguisticConfusion, Roleplay, PromptProbing, PromptInjection, PROMISQROUTE, PermissionEscalation, Multilingual, MathProblem, InputBypass, ICRTJailbreak, GrayBox, GoalRedirection, EquaCode, ContextPoisoning) (fbac88b..14a3d01)
- Prompt Security: Add 6 multi-turn attack operators (TreeJailbreaking, SequentialJailbreak, LinearJailbreaking, CrescendoJailbreaking, BestofN, BadLikertJudge) (f4e7cd8..6116a8a)
- Prompt Security: Register and document newly added attack operators (03d67de, ce3869c)
- Scan: Add indirect prompt injection defense to scanning agent prompts (bce80c9)
Changed
- Docs: Reorder academic citation papers by publication date descending (0ae8625)
- Docs: Normalize quotes in DE/RU paper citations to standard format (b9b4d2b)
- Docs: Simplify overly formal acknowledgement wording across all languages (5926ade)
- Docs: Add Changan Auto and HUST logos to user appreciation section (968710f)
- Docs: Sync HUST and Nankai University logo heights (45px) across all READMEs (7ef9cd4, c59eb29)
- Docs: Add 1 new related paper to README (b93e1e0)
Contributors
Special thanks to @y3oZ, @truman, @zhuque, @boyhack, @aigsec, @aig-doc-bot, @jucie-pie
AI-Infra-Guard v4.1.8
[v4.1.8] - 2026-05-14
Fixed
- Tools: Make tool name lookup case-insensitive (2e76c7d)
- Vuln Rules: Remove 143 duplicate GHSA files that have corresponding CVE references (bf06029)
- Vuln Rules: Remove invalid fingerprints (chatgpt-mcp-server/pptagent), fix GHSA-9p3r YAML format (8a19ff8)
- Vuln Rules: Restore GHSA files added upstream after base commit (6cdecfd)
Changed
- Docs: Add invitation code application link to all README files (08c356a)
- Docs: Add 1 new related paper to README + fix ZH PDF links (2cbc750)
- Docs: Add team introduction, core members, and papers section across all READMEs (3ef3cb8)
- Docs: Update component count 58→64 and vuln stats 1200+→1300+ across all 9 README languages (0a3b50b)
Contributors
Special thanks to @feiyang666, @zhuque, @boyhack, @aigsec, @aig-doc-bot, @jucie-pie, @AIG-Bot
AI-Infra-Guard v4.1.7
[v4.1.7] - 2026-04-30
Changed
- Docs: Update README What's New section with v4.1.6 highlights, update component count (57→58) and vulnerability stats across all 9 README languages (75946d1)
- Users: Update user list (7c2a7f1)
Contributors
Special thanks to @jucie-pie, @aigsec, @aig-doc-bot
AI-Infra-Guard v4.1.6
[v4.1.6] - 2026-04-23
Added
- Docker: Add git to runtime dependencies in Dockerfile (69f7430)
- Vuln Rules: Add AIG vulnerability rules [2026-04-23] (#350)
- Vuln Rules: Detect exposed AI agent config files (claude_desktop_config.json, mcp.json, etc.) (#340)
- Vuln Rules: Add Trae IDE and CodeBuddy MCP config paths, extend .env key patterns
- Data Sync: Replace zip download with git clone, remove github_token dependency (#327)
- Manual Updates: Support manual updates to the latest jailbreak datasets, fingerprints, and vulnerability databases
- Update API: Merge update-status into update-data endpoint
Fixed
- Vuln Rules: Revert .env matcher to API key pattern matching
- Vuln Rules: Remove mcpServers field dependency, match on file format only
- Vuln Rules: Replace substring match with regex to reduce false positives
- Update API: Return status=1 when last sync failed
- Update API: Unify response format to {status, message, data}
- Update API: Remove request params, always sync main branch
- Data Sync: Harden update_api against CodeQL path-injection and command-injection alerts
- Vuln Rules: Update GHSA-8fmp-37rc-p5g7.yaml and OpenClaw versioning rule
Contributors
Special thanks to @feiyang666, @zhuque, @boyhack, @aigsec, @aig-doc-bot
AI-Infra-Guard v4.1.4
[v4.1.4] - 2026-04-17
Security
- TLS: Support HTTPS connections with self-signed/private CA certificates for model endpoints; add InsecureSkipVerify option (#306, closes #302)
Added
- MCP Scan: Add multi-turn red team attack module with TAP and Crescendo strategies (#299)
- System API: Add data auto-sync API (
POST /api/v1/system/update-data,GET /api/v1/system/update-status) for syncingdata/directory (#301) - Agent Scan API: Support inline
agent_configin agent scan API, make verify optional on save (#322) - CLI: Support
--agent-config-filefor inline YAML agent scan config (aig-scanner v1.0.3) - Security Policy: Add SECURITY.md with trust model and vulnerability disclosure policy
Fixed
- Vulnerability Rules: Fill empty rule fields and add new CVE rules
- API: Fix mcp_scan content field and add agent_scan API documentation
- Docs: Fix HTML block bold rendering in multilingual READMEs
- Architecture: Fix runtime path resolution for local deployments
Changed
- Codebase: Convert all Chinese comments and messages to English in api.go and knowledge2_api.go
- Docs: Expand Related Papers to 17 entries with 5 new 2026 papers; sync across all multilingual READMEs
- Docs: Add architecture evolution document covering v0.1/v2.6/v3.6.0 (#294)
- Vulnerability Stats: Update component vulnerability counts, add crewai/kubeai/lobehub entries (#291)
Contributors
Special thanks to @boyhack, @zhuque, @ac0d3r, @feiyang666, @rocie799, @aig-doc-bot