Skip to content

Releases: CherryPod/sentinel

v0.3.0 — Defence-in-depth AI assistant

Choose a tag to compare

@CherryPod CherryPod released this 17 Mar 17:34

What is Sentinel?

A defence-in-depth AI assistant built on the CaMeL architecture. A frontier model (Claude) plans tasks, an air-gapped local LLM (Qwen 3 14B) executes them, and a Python/FastAPI security gateway enforces 10 layers of scanning between every step.

The worker LLM is assumed compromised at all times — it only receives text and returns text, and every output is scanned before the system acts on it.

Highlights

  • 10-layer security pipeline — policy engine, spotlighting, Prompt Guard 2, Semgrep (101 rules), command pattern scanner, conversation analyzer, vulnerability echo detection, ASCII prompt gate, and CaMeL provenance tracking
  • Air-gapped worker — Qwen 3 14B runs with zero network access. Cannot phone home, exfiltrate data, or fetch remote payloads
  • 4,197+ tests (4,147 Python + 50 Rust) — zero red team breaches across 6 adversarial scenarios (B1-B5)
  • PostgreSQL 17 with row-level security and pgvector embeddings (SQLite fully removed)
  • Contact registry — opaque user IDs for the planner, real identifiers only at system edges
  • Sandboxed execution — disposable Podman containers, network-isolated, capability-dropped
  • Multi-channel — WebSocket, SSE, Signal, Telegram, Email, Calendar, MCP
  • Episodic learning — embedding-based long-term memory with hybrid retrieval
  • Code fixer v2.5 — deterministic output repair for 13 languages
  • Dynamic replanning — discovery and failure-based, with independent budgets
  • Routine scheduling — cron, event, and interval triggers

Getting Started

See the README for setup instructions. Requires Python 3.12, Podman, and a GPU for the local LLM.

Status

Alpha — solo project, actively developed. Architecture is stable, features are being validated through comprehensive benchmark and red team testing. Feedback welcome.