[v3.5-rc1] - 2025-12-04
Added
- 🔍 MCP-Scan Framework: AI-powered security scanning framework for Model Context Protocol with autonomous agent-based code audit and vulnerability review (@zhuque)
- 🎯 Advanced Attack Methods: Added 12+ new encoding/obfuscation attack methods (A1Z26, AffineCipher, AsciiSmuggling, Aurebesh, Caesar, Leetspeak, MirrorText, Ogham, Vaporwave, Zalgo, Stego, StrataSword suite) (@truman)
- 📸 Screenshot Capabilities: Chromium-based headless screenshot functionality for web scanning (@zhuque)
- 🔐 Model API Security: Token masking, API key preservation, and public model access controls (@n-WN)
- 📊 Hash-Based Fingerprinting: Hash matcher and version range support for component identification (@kexna, @cursor Agent)
- 🌐 Documentation: Comprehensive English docs, FAQ, MCP-Scan guides, and research paper references (@zonashi, @zhuque)
- 🐳 Docker Optimization: Reduced agent image size from ~2.9GB to ~2.3GB, improved deployment scripts (@n-WN, @zhuque)
Changed
- ♻️ Backend Refactoring: Optimized AI infrastructure scan architecture, reduced agent task code by ~65% (@zhuque)
- 🔄 MCP Plugin: Streamlined plugin architecture, removed redundant templates (@zhuque)
- 🚀 Model Compatibility: Enhanced parameter compatibility and retry logic across providers (@truman)
- 🎨 Code Quality: Translated comments to English, improved formatting and documentation (@zhuque)
Fixed
- 🐛 Fixed AI Infra Guard path resolution and Chromium sandbox issues (@zhuque)
- 🔧 Fixed Docker deployment errors (issue #105) and build optimizations (@n-WN, @zhuque)
- ⚙️ Fixed fingerprint parser syntax and version detection logic (@cursor Agent, @kexna)
- 📊 Updated UI badges, screenshots, and license file naming (@zonashi, @Zonazzzz)
Contributors
Special thanks to @zhuque, @truman, @n-WN, @kexna, @zonashi, @cursor Agent, @copilot-swe-agent[bot], @boy-hack, @Zonazzzz, @robertzyang, @coursen