The "Obsidian" Security & Performance Update #9
Harshit-J004
announced in
Announcements
Replies: 0 comments
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Uh oh!
There was an error while loading. Please reload this page.
-
This release marks the conclusion of our most rigorous security audit to date. We've synchronized the core security pipeline with our terminal dashboard and framework adapters to provide a 100% verified, deadlock-proof execution environment.
Here is what's new in v5.1.1:
Deep-Memory Injection Defense (Obsidian Grade)
We've neutralized a critical evasion vector in the prompt injection scanner.
• Binary-Path Scanning: The recursive DFS memory parser now natively decodes
bytesandbytearrayobjects in both the core engine and the MCP Interceptor.• 100% Detection Parity: Ensures that binary-encoded jailbreaks can no longer bypass obsidian-layer filters.
Dashboard & Telemetry Evolution
The Obsidian HUD has been upgraded for mission-critical reliability:
• High-Performance Telemetry: Replaced stub logging with a non-blocking File-Watcher pipeline. Interceptor events now stream in real-time without impacting agent latency.
• Dynamic Versioning: The dashboard now dynamically scales and versions itself directly from the core package metadata.
• Visual Asset Sync: Fully synchronized high-resolution Obsidian assets and optimized README documentation for PyPI/GitHub.
Framework Async Deadlock Resolution
During rigorous stress-testing of LangChain and CrewAI, we uncovered and patched two severe logic bugs in our orchestration proxies:
• Async Priority Fix: Corrected a bug where synchronous shadowing was causing asynchronous
.coroutineand._arunpaths to be skipped.• Extraction Parity: Both LangChain and CrewAI adapters are now mechanically verified to prioritize non-blocking async execution paths natively.
Security & Mathematical Bounding
• Public Webhook Privacy: Switched on
strip_traceback=Truesupport to prevent Python source code leakage in public-facing webhooks (Slack, Discord, Datadog). UI Patch: Slack and Discord alerts now natively render thetraceback(or secure "STRIPPED" notice).• Report Overflow Fix: Resolved a mathematical bug where coverage metrics could structurally exceed 100% during aggressive fuzzing runs.
ToolGuard v5.1.1 is recommended for all users running high-concurrency orchestrators and the MCP ecosystem.
Update now: $ pip install -U py-toolguard
This discussion was created from the release The "Obsidian" Security & Performance Update.
Beta Was this translation helpful? Give feedback.
All reactions