Releases · triepod-ai/inspector-assessment

Fixed

Stateful/Destructive Tool Overlap: Tools matching both stateful patterns (e.g., "get") and destructive patterns (e.g., "delete") now correctly receive strict exact comparison instead of lenient schema comparison
- Prevents malicious tools like get_and_delete from bypassing detection
- isStatefulTool() now checks isDestructiveTool() first
Array Schema Sampling: extractFieldNames() now samples up to 3 array elements instead of just the first
- Detects heterogeneous schemas where malicious fields hide in non-first elements
- Prevents attackers from hiding malicious fields in array positions 2+
Empty Baseline Edge Case: Schema comparison now flags empty baseline ({}) followed by populated response as suspicious
- Prevents bypass where tool returns {} initially then switches to malicious content

Explicit Failure Injection Test: New deterministic test in performance.test.ts that explicitly verifies failure handling
- Replaces reliance on random 5% failure rate
- Ensures failure detection is properly tested
Stateful Tool Logging: Added logging when tools are classified as stateful for better debuggability
- Outputs [TemporalAssessor] {toolName} classified as stateful - using schema comparison
Pattern Matching Documentation: Added comprehensive JSDoc for STATEFUL_TOOL_PATTERNS explaining substring matching behavior and trade-offs

Workspace Version Sync: All workspace packages now properly synced to 1.17.1 (were out of sync after v1.17.0 bump)

Full Changelog: triepod-ai/inspector@v1.17.0...v1.17.1

npm: npx @bryan-thompson/[email protected]