Releases: CherryPod/sentinel
Releases · CherryPod/sentinel
Release list
v0.3.0 — Defence-in-depth AI assistant
What is Sentinel?
A defence-in-depth AI assistant built on the CaMeL architecture. A frontier model (Claude) plans tasks, an air-gapped local LLM (Qwen 3 14B) executes them, and a Python/FastAPI security gateway enforces 10 layers of scanning between every step.
The worker LLM is assumed compromised at all times — it only receives text and returns text, and every output is scanned before the system acts on it.
Highlights
- 10-layer security pipeline — policy engine, spotlighting, Prompt Guard 2, Semgrep (101 rules), command pattern scanner, conversation analyzer, vulnerability echo detection, ASCII prompt gate, and CaMeL provenance tracking
- Air-gapped worker — Qwen 3 14B runs with zero network access. Cannot phone home, exfiltrate data, or fetch remote payloads
- 4,197+ tests (4,147 Python + 50 Rust) — zero red team breaches across 6 adversarial scenarios (B1-B5)
- PostgreSQL 17 with row-level security and pgvector embeddings (SQLite fully removed)
- Contact registry — opaque user IDs for the planner, real identifiers only at system edges
- Sandboxed execution — disposable Podman containers, network-isolated, capability-dropped
- Multi-channel — WebSocket, SSE, Signal, Telegram, Email, Calendar, MCP
- Episodic learning — embedding-based long-term memory with hybrid retrieval
- Code fixer v2.5 — deterministic output repair for 13 languages
- Dynamic replanning — discovery and failure-based, with independent budgets
- Routine scheduling — cron, event, and interval triggers
Getting Started
See the README for setup instructions. Requires Python 3.12, Podman, and a GPU for the local LLM.
Status
Alpha — solo project, actively developed. Architecture is stable, features are being validated through comprehensive benchmark and red team testing. Feedback welcome.