v1.10.0 — HTTP Input LLM invocation with ToolClad

HTTP Input LLM invocation with ToolClad ORGA loop

When the target agent is not Running on the runtime communication bus, the webhook handler now falls through to an on-demand LLM invocation path that runs an ORGA-style tool-calling loop against ToolClad manifests. This enables webhook endpoints to execute agents that live as DSL definitions without requiring them to be long-running listeners.

Added

• HTTP Input LLM invocation with ToolClad: Falls back to LLM + ToolClad when the target agent is not Running. Tools execute on a blocking thread pool with a 120-second per-tool timeout. Duplicate (tool, input) pairs within a single iteration are deduplicated. Provider auto-detected from OPENROUTER_API_KEY, OPENAI_API_KEY, or ANTHROPIC_API_KEY.
• Normalized LLM tool-calling client: LlmClient::chat_with_tools returns a unified content-block shape across Anthropic (native tool_use) and OpenAI/OpenRouter (function calling normalized to the same format).
• Webhook response metadata: LLM-invoked responses include response, tool_runs, model, provider, latency_ms, and status: completed.

Fixed

• Agent state check before communication bus dispatch: invoke_agent now verifies the target agent is in the Running state via scheduler.get_agent_status() before sending a message. Previously send_message returned Ok for unregistered agents and delivery failed silently, producing a false "execution_started" response.
• UTF-8 safe string truncation: Tool output previews and caller-supplied system_prompt values are truncated on UTF-8 character boundaries to prevent panics on multi-byte output.
• system_prompt length cap: Caller-supplied system_prompt is now capped at 4096 bytes and logged; remains a prompt-injection surface when exposed to untrusted callers.

Docs

Updated docs/http-input.md with a new "LLM Invocation with ToolClad Tools" section, updated response shapes, real audit log examples, and translations for de, es, ja, pt, zh-cn.

Tests

• 4 new tests for LlmClient tool/message normalization
• 8 new tests for UTF-8 safe truncation covering ASCII, emoji, CJK, boundary conditions

Full Changelog: v1.9.1...v1.10.0

Pre-Built Binaries

Note: Pre-built binaries are tested but considered less reliable than installing via cargo install symbi or Docker (ghcr.io/thirdkeyai/symbi). If you encounter issues, please try those methods first.

Quick Install

macOS / Linux:

curl -fsSL https://github.com/ghraw/thirdkeyai/symbiont/main/scripts/install.sh | bash

Homebrew (macOS):

brew tap thirdkeyai/tap
brew install symbi

Manual download:
Download the appropriate binary for your platform from the assets below. Verify checksums with checksums.txt.

Verification

Each binary is signed with Sigstore cosign. Verify with:

cosign verify-blob --certificate symbi-*.pem --signature symbi-*.sig symbi-*.tar.gz \
  --certificate-identity-regexp="https://github.com/ThirdKeyAI/Symbiont" \
  --certificate-oidc-issuer="https://token.actions.githubusercontent.com"

SHA256 checksums are in checksums.txt (also signed).

v1.9.1

What's Changed

Optional LanceDB build feature

LanceDB, arrow-array, and arrow-schema are now optional dependencies gated behind the vector-lancedb feature flag. LanceDB remains in the default feature set so existing builds are unaffected.

Build without vector backends for lighter binaries:

cargo build --no-default-features

Build with only Qdrant:

cargo build --no-default-features --features vector-qdrant

When no vector backend is enabled, the runtime gracefully falls back to NoOpVectorDatabase.

Documentation overhaul

• README restructured around "policy-governed agent runtime" positioning
• Core capabilities table trimmed from 17 to 8 rows
• DSL example simplified to show allow/deny/audit pattern
• Performance claims linked to benchmark harness instead of inline numbers
• Community vs Enterprise editions clearly delineated
• All 5 translations (zh-cn, es, pt, ja, de) updated to match
• Docs index rewritten to match README messaging
• SECURITY.md support matrix updated to 1.9.x/1.8.x

Fixes

• Rust version requirement: 1.88+ → 1.82+ across all docs (matches workspace MSRV)
• Dockerfile port comment: 8080 is Runtime API/MCP, not gRPC
• Removed dead enterprise/README.md link from public READMEs
• Removed speculative Risk Assessment Algorithm from security and architecture docs

Pre-Built Binaries

Note: Pre-built binaries are tested but considered less reliable than installing via cargo install symbi or Docker (ghcr.io/thirdkeyai/symbi). If you encounter issues, please try those methods first.

Quick Install

macOS / Linux:

curl -fsSL https://github.com/ghraw/thirdkeyai/symbiont/main/scripts/install.sh | bash

Homebrew (macOS):

brew tap thirdkeyai/tap
brew install symbi

Manual download:
Download the appropriate binary for your platform from the assets below. Verify checksums with checksums.txt.

Verification

Each binary is signed with Sigstore cosign. Verify with:

cosign verify-blob --certificate symbi-*.pem --signature symbi-*.sig symbi-*.tar.gz \
  --certificate-identity-regexp="https://github.com/ThirdKeyAI/Symbiont" \
  --certificate-oidc-issuer="https://token.actions.githubusercontent.com"

SHA256 checksums are in checksums.txt (also signed).

v1.9.0

What's New in v1.9.0

ToolClad Integration

• Declarative .clad.toml tool contracts with manifest loading, argument validation, and command execution
• HTTP backend and MCP proxy backend with secrets injection
• SessionExecutor and BrowserExecutor for ToolClad v0.4.0+ spec
• Built-in tool manifests for whois, nmap, dig, and curl

symbi tools CLI

• Scope enforcement, Cedar policy generation, and hot-reload file watcher

Production Hardening

• Bounded channels, health probes, secrets TTL
• Cedar policy reload, audit export, and rate limiting
• W3C traceparent propagation for distributed tracing

Security Fixes

• Critical DoS vector mitigation
• JWT validation hardening
• Environment variable leakage prevention
• Sandbox guard improvements

Other

• A2UI v0.2.0 update
• BrowserDef v0.5.1 with connect, extract_mode, default engine
• Concurrency, resource exhaustion, and memory efficiency fixes

Crate Versions

Crate	Version
symbi	1.9.0
symbi-dsl	1.9.0
symbi-runtime	1.9.0
symbi-channel-adapter	0.1.2
repl-core	1.9.0
repl-proto	1.9.0
repl-cli	1.9.0
repl-lsp	1.9.0

Full Changelog: https://github.com/ThirdKeyAI/Symbiont/blob/main/CHANGELOG.md

Pre-Built Binaries

Note: Pre-built binaries are tested but considered less reliable than installing via cargo install symbi or Docker (ghcr.io/thirdkeyai/symbi). If you encounter issues, please try those methods first.

Quick Install

macOS / Linux:

curl -fsSL https://github.com/ghraw/thirdkeyai/symbiont/main/scripts/install.sh | bash

Homebrew (macOS):

brew tap thirdkeyai/tap
brew install symbi

Manual download:
Download the appropriate binary for your platform from the assets below. Verify checksums with checksums.txt.

Verification

Each binary is signed with Sigstore cosign. Verify with:

cosign verify-blob --certificate symbi-*.pem --signature symbi-*.sig symbi-*.tar.gz \
  --certificate-identity-regexp="https://github.com/ThirdKeyAI/Symbiont" \
  --certificate-oidc-issuer="https://token.actions.githubusercontent.com"

SHA256 checksums are in checksums.txt (also signed).

v1.8.1

What's New in v1.8.1

symbi run — Single Agent Execution

Run any agent directly from the CLI without starting the full runtime:

symbi run recon --input '{"target": "10.0.1.5"}'
symbi run assistant -i 'Summarize this document' --max-iterations 5

Resolves agent names from agents/ directory, sets up cloud inference from env vars, runs the ORGA loop, and exits.

Usability Fixes

• Auth clarity at startup: Shows which token applies to which port (Runtime API :8080 (auth: SYMBIONT_API_TOKEN), HTTP Input :8081 (auth: --http.token))
• SYMBIONT_MASTER_KEY warning: Startup warns if missing instead of silently failing
• DSL # comments: Hash-style comments now supported alongside //
• Agent names in API: GET /api/v1/agents returns {id, name, state} instead of bare UUIDs
• Multi-agent auto-routing: All loaded agents get /webhook/<name> routes
• Top-level cedar feature flag: cargo build --features cedar works directly
• protoc documented: Added to prerequisites in getting-started docs
• rust-version = "1.82": MSRV now explicit in Cargo.toml

Bug Fixes

• Fix default Anthropic model name (claude-sonnet-4-20250514)
• Fix cargo fmt formatting

Full Changelog: v1.8.0...v1.8.1

Pre-Built Binaries

Note: Pre-built binaries are tested but considered less reliable than installing via cargo install symbi or Docker (ghcr.io/thirdkeyai/symbi). If you encounter issues, please try those methods first.

Quick Install

macOS / Linux:

curl -fsSL https://github.com/ghraw/thirdkeyai/symbiont/main/scripts/install.sh | bash

Homebrew (macOS):

brew tap thirdkeyai/tap
brew install symbi

Manual download:
Download the appropriate binary for your platform from the assets below. Verify checksums with checksums.txt.

Verification

Each binary is signed with Sigstore cosign. Verify with:

cosign verify-blob --certificate symbi-*.pem --signature symbi-*.sig symbi-*.tar.gz \
  --certificate-identity-regexp="https://github.com/ThirdKeyAI/Symbiont" \
  --certificate-oidc-issuer="https://token.actions.githubusercontent.com"

SHA256 checksums are in checksums.txt (also signed).

v1.8.0

What's New in v1.8.0

symbi init — Project Initialization

Interactive project scaffolding with profile-based templates. Choose from minimal, assistant, dev-agent, or multi-agent profiles with configurable SchemaPin verification and sandbox tiers. Includes a built-in agent catalog for importing pre-built governed agents.

symbi init                          # interactive wizard
symbi init --profile dev-agent --no-interact  # CI/scripted
symbi init --catalog list           # browse agent catalog

Inter-Agent Communication Governance

All inter-agent builtins (ask, delegate, send_to, parallel, race) are now routed through the CommunicationBus with policy evaluation via the new CommunicationPolicyGate. Cedar-style rules control which agents can communicate, with priority-based evaluation and hard deny on policy violations. Messages are cryptographically signed (Ed25519), encrypted (AES-256-GCM), and audited.

Other Changes

• CI: Replace deprecated arduino/setup-protoc with native package managers for Node.js 24 compatibility
• Documentation updates and translations (zh-cn, es, pt, ja, de)

Full Changelog: v1.7.1...v1.8.0

Pre-Built Binaries

Note: Pre-built binaries are tested but considered less reliable than installing via cargo install symbi or Docker (ghcr.io/thirdkeyai/symbi). If you encounter issues, please try those methods first.

Quick Install

macOS / Linux:

curl -fsSL https://github.com/ghraw/thirdkeyai/symbiont/main/scripts/install.sh | bash

Homebrew (macOS):

brew tap thirdkeyai/tap
brew install symbi

Manual download:
Download the appropriate binary for your platform from the assets below. Verify checksums with checksums.txt.

Verification

Each binary is signed with Sigstore cosign. Verify with:

cosign verify-blob --certificate symbi-*.pem --signature symbi-*.sig symbi-*.tar.gz \
  --certificate-identity-regexp="https://github.com/ThirdKeyAI/Symbiont" \
  --certificate-oidc-issuer="https://token.actions.githubusercontent.com"

SHA256 checksums are in checksums.txt (also signed).

v1.7.1

What's Changed

Added

• AI Assistant Plugin docs: Document symbi-claude-code and symbi-gemini-cli governance plugins in README, getting-started, and index docs
• SchemaPin discovery JSON: Support SchemaPin discovery JSON format in fetch_public_key
• Cosign binary signing: Release workflow now signs binaries with cosign

Changed

• Drop Intel macOS builds: Remove x86_64-apple-darwin target from release workflow; install script provides source/Homebrew guidance
• Cross-build optimization: Use thin LTO and 4 codegen units for cross builds to avoid OOM during linking
• README images: Use absolute GitHub URLs for logo images

Fixed

• Release workflow: Multiple fixes for cross-compilation (protoc in cross container, vcpkg OpenSSL on Windows, NASM for Windows builds)
• Publish workflow: Improved reliability for crates.io publishing

Crate Versions

Crate	Version
symbi	1.7.1
symbi-dsl	1.7.1
symbi-runtime	1.7.1
symbi-channel-adapter	0.1.2
repl-core	1.7.1
repl-proto	1.7.1
repl-cli	1.7.1
repl-lsp	1.7.1

Full Changelog: v1.7.0...v1.7.1

Pre-Built Binaries

Note: Pre-built binaries are tested but considered less reliable than installing via cargo install symbi or Docker (ghcr.io/thirdkeyai/symbi). If you encounter issues, please try those methods first.

Quick Install

macOS / Linux:

curl -fsSL https://github.com/ghraw/thirdkeyai/symbiont/main/scripts/install.sh | bash

Homebrew (macOS):

brew tap thirdkeyai/tap
brew install symbi

Manual download:
Download the appropriate binary for your platform from the assets below. Verify checksums with checksums.txt.

Verification

Each binary is signed with Sigstore cosign. Verify with:

cosign verify-blob --certificate symbi-*.pem --signature symbi-*.sig symbi-*.tar.gz \
  --certificate-identity-regexp="https://github.com/ThirdKeyAI/Symbiont" \
  --certificate-oidc-issuer="https://token.actions.githubusercontent.com"

SHA256 checksums are in checksums.txt (also signed).

Symbiont v1.7.0

Symbiont v1.7.0

Standalone Agent SDK

• symbi_runtime::prelude — one-import module for standalone agents
• ReasoningLoopRunner::builder() — typestate builder
• ToolFilterPolicyGate — tool-name whitelisting
• cloud-llm and standalone-agent feature flags

External Agent Integration

• External execution mode, heartbeat/event endpoints, unreachable detection

Pre-Built Binary Releases

• Cross-platform: linux x86_64/aarch64, macOS x86_64/aarch64, Windows x86_64
• brew tap thirdkeyai/tap && brew install symbi
• curl -fsSL https://github.com/ghraw/thirdkeyai/symbiont/main/scripts/install.sh | bash

Pre-built binaries are tested but considered less reliable than cargo install symbi or Docker.

Other

• Advanced reasoning primitives (orga-adaptive), coordinator chat, production safety fixes, Apache 2.0 relicense

Crate	Version
symbi	1.7.0
symbi-dsl	1.7.0
symbi-runtime	1.7.0
symbi-channel-adapter	0.1.2
repl-core	1.7.0
repl-proto	1.7.0
repl-cli	1.7.0
repl-lsp	1.7.0

Full Changelog: v1.6.1...v1.7.0

Pre-Built Binaries

Note: Pre-built binaries are tested but considered less reliable than installing via cargo install symbi or Docker (ghcr.io/thirdkeyai/symbi). If you encounter issues, please try those methods first.

Quick Install

macOS / Linux:

curl -fsSL https://github.com/ghraw/thirdkeyai/symbiont/main/scripts/install.sh | bash

Homebrew (macOS):

brew tap thirdkeyai/tap
brew install symbi

Manual download:
Download the appropriate binary for your platform from the assets below. Verify checksums with checksums.txt.

Verification

Each binary is signed with Sigstore cosign. Verify with:

cosign verify-blob --certificate symbi-*.pem --signature symbi-*.sig symbi-*.tar.gz \
  --certificate-identity-regexp="https://github.com/ThirdKeyAI/Symbiont" \
  --certificate-oidc-issuer="https://token.actions.githubusercontent.com"

SHA256 checksums are in checksums.txt (also signed).

v1.6.1

Pin qdrant-client to >=1.14.0, <1.16.0 to fix cargo install symbi breakage caused by breaking API changes in qdrant-client 1.16+.

v1.6.0

Release v1.6.0: reasoning loop, knowledge bridge, scanner expansion

Highlights

• Agentic Reasoning Loop (ORGA cycle): Typestate-enforced Observe-Reason-Gate-Act loop with compile-time phase safety
• Knowledge-Reasoning Bridge: Opt-in bridge between agent memory and reasoning loop
• Cedar Policy Evaluation: Formal authorization via Cedar policy engine
• Circuit Breakers: Per-tool timeouts and configurable failure thresholds
• Journal System: Durable execution journal for loop replay and debugging
• ClawHavoc Scanner: 30 new detection rules across 7 attack categories
• AGENTS.md Support: Full bidirectional agent manifest generation/parsing

See CHANGELOG.md for full details.

Symbiont v1.5.0

Symbiont v1.5.0

Highlights

LanceDB Embedded Vector Backend

Zero-config vector search using LanceDB — no Docker, no external services required. Qdrant is preserved as an optional backend behind the vector-qdrant feature flag.

Context Compaction Pipeline

Automatic context management with pluggable token counting (tiktoken + heuristic fallback), LLM-driven summarization (Tier 1), and last-resort truncation (Tier 4). Enterprise tiers gated behind feature flags.

Composio MCP Integration

Feature-gated SSE-based connection to Composio MCP server for external tool access.

Security Hardening

5 new structure-aware fuzz targets, trusted proxy configuration, fail-closed rate limiting, TOCTOU audit fix, and improved Vault secret detection.

Routing Engine Cleanup

Lock-free atomic routing statistics, SlmExecutor trait extraction, LLMClientPool registry pattern, and removal of 500+ lines of dead code including legacy SchemaPin CLI wrapper.

Crate Versions

Crate	Version
symbi	1.5.0
symbi-dsl	1.5.0
symbi-runtime	1.5.0
symbi-channel-adapter	0.1.1
repl-core	1.5.0
repl-proto	1.5.0
repl-cli	1.5.0
repl-lsp	1.5.0

Full Changelog

v1.4.0...v1.5.0