v1.61.0 — Agent Stamina Profiler, Competency Map, Collaboration Analyzer & 39 Performance Optimizations

Highlights

Agent Stamina Profiler — Autonomous intra-session degradation detection that identifies when agents lose coherence, slow down, or produce lower quality output over the course of long sessions.

Agent Competency Map — Autonomous skill profiling that builds a capability matrix across agents, enabling intelligent task routing based on demonstrated strengths.

Agent Collaboration Analyzer — Multi-agent teamwork analysis measuring communication efficiency, contribution balance, and coordination patterns across collaborative sessions.

Schema Migration System — Lightweight, versioned database migrations with auto-detection of pending upgrades and rollback support.

New Features (22)

• Agent Memory Leak Detector — autonomous context accumulation analysis with O(1) linear regression
• Agent Failure Forecaster — predictive failure detection engine
• Agent Collaboration Analyzer — multi-agent teamwork analysis
• Agent Stamina Profiler — intra-session degradation detection
• Agent Competency Map — autonomous skill profiling with routing
• Schema Migration System — lightweight versioned migrations
• Session Autopsy — autonomous multi-engine root-cause investigation
• Auto-Triage Engine — unified session diagnostics with prioritized findings
• Agent Mood Ring — fleet metrics mood visualization dashboard
• Agent Experiment Lab — A/B testing with statistical significance
• What-If Scenario Planner dashboard
• Agent Communication Graph — inter-agent message flow visualization
• Smart Triage Queue — autonomous incident prioritization with escalation
• Agent Canary Deployer dashboard
• Compliance Auditor — policy-based audit with 12 configurable policies
• Agent Regression Tracker dashboard
• Cost Anomaly Detector — proactive cost monitoring
• Smart Alert Correlator — groups related alerts to reduce noise
• Codecov integration for coverage tracking
• Agent Behavior Profiler with drift detection
• Session Timeline — interactive Gantt chart with concurrency analysis
• Alert Rules Builder dashboard

Performance (39 optimizations)

• O(1) closed-form linear regression in memory leak detector
• O(log n) window filtering via bisect timestamp index in quota
• Single-pass metric extraction across capacity planner, drift, narrative, latency, and anomaly modules
• Pre-computed LCS keys + fast-path identical sequences in session_diff
• Cache model aggregates and eliminate redundant sorts in forecast
• Amortized entropy syscall with pre-allocated random ID pool
• Eliminated spread-copy in parseEventRow and reduced export allocations
• Fixed LRU cache pollution in session search
• Mann-Whitney U via sort-based rank-sum (O(n log n))
• Single-pass GroupStats initialization (7 passes to 1)
• MTBF computed in SQL with wrapped transactions
• Flamegraph event-to-span placement O(EDlogS) + cached sentence tokenization
• Static assets served before API middleware stack + covering index for analytics

Security (13 fixes)

• Redact sensitive kwargs in decorator tracking (CWE-532)
• ReDoS timeout guards for user-controlled regex
• HTML-escape user-controlled data in dashboard template (CWE-79)
• Sanitize agent_name inputs, cap window_hours in SLA
• Add usedforsecurity=False to md5 calls
• Restrict file permissions on config containing API key
• Harden correlation-scheduler against DoS and resource exhaustion
• Fix SQLite variable overflow and validate agent names in profiler
• Cap unbounded query parameters for SQLite safety
• Validate input types in PUT handlers
• URL-encode CLI query parameters to prevent CWE-74 injection
• Harden severity classification and annotation input validation
• Input validation on anomaly endpoints

Bug Fixes (16)

• Report truncated fields in ingest response
• Update MODEL_PRICING with current models and add runtime override API
• Fix ReferenceError in forecast trend detection
• Cap event buffer and alert history to prevent memory leak
• Correct daily session count aggregation in forecast
• Align SQL column names with actual sessions/events schema
• Patch 3 npm audit vulnerabilities (path-to-regexp ReDoS, brace-expansion, picomatch)
• Validate session status against allowed values
• Fix undefined name bug in cli_bottleneck

Refactoring (25 changes)

• Extracted shared utilities (_utils.py): percentile, linear_regression, sparkline, format_duration, parse_iso, utcnow, new_id
• Consolidated duplicated round/clamp utilities into lib/stats.js
• Standardized CLI command signatures to args-only pattern
• Migrated scorecards and pricing to createLazyStatements
• Extracted statement cache to shared lib
• Deduplicated across 20+ modules

Dependencies

• Bumped: express-rate-limit 8.4.1, docker/build-push-action 7, codecov-action 6, actions/checkout 6, pydantic >=2.13.3, httpx >=0.28.1, setuptools >=82.0.1, better-sqlite3 12.9.0, pytest >=8.4.2
• Docker: Added SBOM generation, build provenance attestation, Trivy vulnerability scanning

Documentation

• Operations & Incident Response page
• CLI Reference page and guide
• Comprehensive docstrings for cost_optimizer module
• API documentation for Profiler and Command Center endpoints

---

Full Changelog: v1.60.0...v1.61.0

v1.62.0 — Autonomous Agent Safety Suite: Hallucination, Bias, Injection & Reward Hacking Detectors

What's New

🛡️ Agent Safety & Integrity Detectors

• Agent Hallucination Detector — autonomous detection of self-contradiction, unsupported claims, hedging patterns, and factual inconsistencies in agent outputs
• Agent Cognitive Bias Detector — identifies anchoring, confirmation bias, sunk cost fallacy, and other reasoning biases in agent decision-making
• Agent Prompt Injection Detector — autonomous injection and jailbreak attempt detection with multi-signal analysis
• Agent Reward Hacking Detector — detects metric gaming, sycophancy patterns, effort simulation, and shortcut exploitation

📊 Agent Behavioral Analysis

• Agent Self-Correction Tracker — monitors correction patterns, backtracking frequency, and iterative refinement quality
• Agent Tool Usage Profiler — analyzes tool call patterns, efficiency, and usage distribution
• Agent Delegation Analyzer — tracks delegation patterns, chain depth, and autonomy balance
• Agent Context Utilization Analyzer — measures how effectively agents leverage available context
• Agent Operational Tempo Analyzer — analyzes pace, rhythm, burst patterns, and workload distribution

⚡ Performance

• Pre-compiled 4 regex pattern sets in self-correction detectors
• Pre-compiled regex patterns in prompt injection and cognitive bias detectors
• Eliminated O(n²) backward scans and redundant tokenization in reward hacking detection
• Precomputed keywords, numbers, and negation matches in hallucination self-contradiction
• Single-pass rhythm analysis + O(A×T) complementarity in collaboration engine

🔒 Security

• Hardened collaboration routes — session ID validation, event caps, safe JSON parsing
• Fixed XSS in flamegraph HTML via script-breaking sequences (CWE-79)

🧪 Testing & CI

• 78 tests for triage engine + profiler helpers; fixed coverageThreshold typo
• Dashboard integration tests and root-level integration job
• Docker workflow: weekly rebuild, Trivy scanning, QEMU multi-arch, container structure tests
• Auto-labeler: 9 feature-area labels with PR path matching and issue regex

📖 Docs

• Comprehensive CONTRIBUTING.md rewrite with architecture, module catalog, CI pipeline
• API reference for Collaboration, Competency, Tempo, and Triage modules

🧹 Cleanup

• Removed 21 unused imports across 15 SDK modules

Bug Fixes

• Fixed contention detector: track actual peak concurrent count in sweep-line algorithm

---

Full Changelog: v1.61.0...v1.62.0
23 commits by 1 contributor

v1.60.0 — Agent Memory Leak Detector, Failure Forecaster & Collaboration Analyzer

✨ New Features

Agent Memory Leak Detector (SDK)

• Autonomous context accumulation analysis for detecting unbounded memory growth in long-running agent sessions
• Identifies patterns of context window saturation and recommends pruning strategies

Agent Failure Forecaster

• Predictive failure detection engine that analyzes agent behavioral trends to forecast failures before they occur
• Uses historical session data to build failure probability models

Agent Collaboration Analyzer

• Multi-agent teamwork analysis for understanding interaction patterns, bottlenecks, and synergies between cooperating agents

Agent Stamina Profiler (SDK)

• Intra-session degradation detection that tracks quality metrics over session lifetime
• Identifies fatigue patterns and optimal session length recommendations

Agent Competency Map

• Autonomous skill profiling with routing recommendations
• Maps agent capabilities to task types for intelligent dispatch

🔒 Security

• Redacted sensitive kwargs in decorator tracking to prevent credential leakage (CWE-532)

⚡ Performance

• O(log n) window filtering via bisect timestamp index in quota system (replacing linear scan)

📖 Documentation

• Added Operations & Incident Response page to docs site

🔧 Infrastructure

• Lightweight schema migration system for database evolution
• Removed 6 unused imports across 5 backend route files

Full Changelog: v1.59.0...v1.60.0

v1.59.0 — Session Autopsy, Auto-Triage & Dependency Updates

What's New

🔬 Session Autopsy (SDK)

• Autonomous multi-engine root-cause investigation for failed or degraded sessions
• Correlates timeline events, resource metrics, and error patterns to produce actionable diagnosis

🏥 Auto-Triage Engine

• Unified session diagnostics with prioritized findings and remediations
• Classifies issues by severity, suggests concrete fixes, and integrates with the guardrails pipeline

📖 Documentation

• Comprehensive README overhaul — added 11 new SDK modules, triage/capacity/guardrails/optimizer sections, expanded CLI and API reference

🧹 Cleanup

• Removed 11 unused imports across 10 SDK modules

📦 Dependency Updates

• Bump \�xpress-rate-limit\ 8.3.2 → 8.4.1 (backend)
• Bump \docker/build-push-action\ v6 → v7
• Bump \docker/metadata-action\ v5 → v6
• Bump \�quasecurity/trivy-action\ 0.28.0 → 0.36.0
• Bump \googleapis/release-please-action\ v4 → v5
• Bump \github/codeql-action\ v3 → v4

Full Changelog: v1.58.0...v1.59.0

v1.58.0 — Fleet Summary Performance

What's Changed

Performance

• Single-pass \step_counts()\ in ProfilingSession — \leet_summary\ now computes step counts in one O(S·K) traversal instead of 4 separate iterations, reducing overhead for large fleets

Full Changelog: v1.57.0...v1.58.0

v1.57.0 — Security Hardening & Metric Deduplication

What's Changed

Security

• CLI injection prevention — URL-encode all user-supplied query parameters passed to CLI subcommands, preventing CWE-74 (OS command injection via crafted metric names or filter values)

Refactoring

• Shared session metric extraction — extracted common duration/token/error/tool-call aggregation from \�nomaly.py\ and \drift.py\ into a single-pass _metrics.extract_session_metrics()\ helper, eliminating duplicated event iteration logic across both modules

Full Changelog: v1.56.0...v1.57.0

v1.56.0 — Capacity Planner, Chaos Testing, SLO Dashboard & Performance

🚀 What's New

Dashboard Suite Expansion

• 📊 Smart Capacity Planner — interactive workload prediction with saturation forecasting, trend visualization, and what-if simulator
• 🔥 Chaos Testing Simulator — resilience testing with latency spikes, error bursts, network partitions, cascade failures, and fleet health monitoring
• 🎯 SLO Dashboard — error budget tracking with burn rate alerts, autonomous deploy/freeze recommendations, and compliance history
• 😴 Agent Fatigue Monitor — performance degradation detection with real-time fleet heatmap, fatigue timeline, and recovery recommendations
• 🔥 Incident Timeline — unified event correlation with auto-clustering, pattern detection, and impact scoring
• 📊 Agent Quota Manager — per-agent usage quotas with autonomous throttle enforcement, forecasting, and budget optimization
• ⚡ Anomaly Detection — statistical outlier detection with interactive visualizations
• 🗓️ Health Heatmap — GitHub-style calendar view of agent health over time

Performance

• Single-pass SLA metrics — O(S×E) instead of O(K×S×E) for multi-objective evaluation
• Single-pass Pearson correlation — eliminated per-pair dict rebuilds in CLI correlate
• Cached prepared statements — hoisted db.prepare() out of hot loops in correlation-scheduler
• Coherence scoring — reuse previous sentence tokens instead of re-tokenizing
• Explain accumulator — inline summary counts instead of 3 extra O(n) filter passes

Security

• SHA-256 replaces MD5 in postmortem root-cause ID generation
• AST-based calculator replaces eval() in mock_agent example
• Query parameter encoding — urllib.parse.urlencode in CLI audit/leaderboard prevents injection

Refactoring

• Deduplicated 6 independent _percentile\ implementations into shared \cli_common.percentile\
• DRY CapacityPlanner delegates public methods to internal helpers
• Extracted shared \generateId\ and resource ID validation into \lib/id-helpers\
• Modernized correlations.js and correlation-scheduler.js to ES6+
• Batch lock acquisitions in AlertRulesEngine.evaluate

Docs

• Comprehensive method docstrings for SessionReplayer
• Integration and regression issue templates

Full Changelog: v1.55.0...v1.56.0

v1.55.0 — Mood Ring Dashboard, Security Hardening & Performance

What's New

✨ Features

• Agent Mood Ring Dashboard — synthesizes fleet metrics into intuitive mood visualization with real-time emotional state indicators

🔒 Security

• HTML-escape user-controlled data in CLI dashboard (CWE-79) — prevents stored XSS via agent_name, session_id, status, and endpoint fields in generated HTML

⚡ Performance

• Single-pass _assess_impact in PostmortemGenerator — merged 5 iterations over errors (tool/model set-building + 3 sum() + 1 any()) into one loop with frozenset lookup, O(5E) → O(E)
• Pre-compute LCS keys + fast-path identical sequences in session_diff — avoids redundant key generation and short-circuits when sequences match

♻️ Refactoring

• Extract _window_totals and _pool_used_tokens in quota.py — deduplicated window-filter logic across 5 methods into shared helpers
• Deduplicate _parse_ts into shared parse_iso_or_epoch in _utils — removed repeated timestamp parsing from multiple modules

---

Full Changelog: v1.54.0...v1.55.0

v1.54.0 — Utility Consolidation & Capacity Pipeline

What's Changed

Refactoring

• Consolidated round/clamp utilities into shared \lib/stats.js, eliminating duplicated helper functions across modules (fd40c6d)
• Deduplicated ISO-8601 timestamp parsing into shared \parse_iso()\ helper, removing repeated date-parsing logic (3955ec4)
• Threaded _all_trends\ through capacity pipeline — report, bottleneck detection, and projection methods now share a single trends computation instead of recomputing independently (3c71bbd)

Full Changelog: v1.53.0...v1.54.0

v1.53.0 — Knowledge Graph, Experiment Lab & CLI Docs

What's Changed

New Features

• Agent Knowledge Graph Dashboard — Interactive knowledge mapping visualization for agent relationships and data flows
• Agent Experiment Lab — A/B testing dashboard with statistical significance analysis

Improvements

• CLI Reference Documentation — Full CLI reference page added to the docs site with sidebar navigation across all pages
• Alerts Performance — Cached evaluate-loop prepared statements for faster alert processing
• Code Deduplication — Consolidated _new_id\ into shared _utils.new_id\ across 5 modules

Full Changelog: v1.52.0...v1.53.0