What's Changed

Optional LanceDB build feature

LanceDB, arrow-array, and arrow-schema are now optional dependencies gated behind the vector-lancedb feature flag. LanceDB remains in the default feature set so existing builds are unaffected.

Build without vector backends for lighter binaries:

cargo build --no-default-features

Build with only Qdrant:

cargo build --no-default-features --features vector-qdrant

When no vector backend is enabled, the runtime gracefully falls back to NoOpVectorDatabase.

Documentation overhaul

• README restructured around "policy-governed agent runtime" positioning
• Core capabilities table trimmed from 17 to 8 rows
• DSL example simplified to show allow/deny/audit pattern
• Performance claims linked to benchmark harness instead of inline numbers
• Community vs Enterprise editions clearly delineated
• All 5 translations (zh-cn, es, pt, ja, de) updated to match
• Docs index rewritten to match README messaging
• SECURITY.md support matrix updated to 1.9.x/1.8.x

Fixes

• Rust version requirement: 1.88+ → 1.82+ across all docs (matches workspace MSRV)
• Dockerfile port comment: 8080 is Runtime API/MCP, not gRPC
• Removed dead enterprise/README.md link from public READMEs
• Removed speculative Risk Assessment Algorithm from security and architecture docs

Pre-Built Binaries

Note: Pre-built binaries are tested but considered less reliable than installing via cargo install symbi or Docker (ghcr.io/thirdkeyai/symbi). If you encounter issues, please try those methods first.

Quick Install

macOS / Linux:

curl -fsSL https://raw.githubusercontent.com/thirdkeyai/symbiont/main/scripts/install.sh | bash

Homebrew (macOS):

brew tap thirdkeyai/tap
brew install symbi

Manual download:
Download the appropriate binary for your platform from the assets below. Verify checksums with checksums.txt.

Verification

Each binary is signed with Sigstore cosign. Verify with:

cosign verify-blob --certificate symbi-*.pem --signature symbi-*.sig symbi-*.tar.gz \
  --certificate-identity-regexp="https://github.com/ThirdKeyAI/Symbiont" \
  --certificate-oidc-issuer="https://token.actions.githubusercontent.com"

SHA256 checksums are in checksums.txt (also signed).

What's New in v1.9.0

ToolClad Integration

• Declarative .clad.toml tool contracts with manifest loading, argument validation, and command execution
• HTTP backend and MCP proxy backend with secrets injection
• SessionExecutor and BrowserExecutor for ToolClad v0.4.0+ spec
• Built-in tool manifests for whois, nmap, dig, and curl

symbi tools CLI

• Scope enforcement, Cedar policy generation, and hot-reload file watcher

Production Hardening

• Bounded channels, health probes, secrets TTL
• Cedar policy reload, audit export, and rate limiting
• W3C traceparent propagation for distributed tracing

Security Fixes

• Critical DoS vector mitigation
• JWT validation hardening
• Environment variable leakage prevention
• Sandbox guard improvements

Other

• A2UI v0.2.0 update
• BrowserDef v0.5.1 with connect, extract_mode, default engine
• Concurrency, resource exhaustion, and memory efficiency fixes

Crate Versions

Full Changelog: https://github.com/ThirdKeyAI/Symbiont/blob/main/CHANGELOG.md

Pre-Built Binaries

Note: Pre-built binaries are tested but considered less reliable than installing via cargo install symbi or Docker (ghcr.io/thirdkeyai/symbi). If you encounter issues, please try those methods first.

Quick Install

macOS / Linux:

curl -fsSL https://raw.githubusercontent.com/thirdkeyai/symbiont/main/scripts/install.sh | bash

Homebrew (macOS):

brew tap thirdkeyai/tap
brew install symbi

Manual download:
Download the appropriate binary for your platform from the assets below. Verify checksums with checksums.txt.

Verification

Each binary is signed with Sigstore cosign. Verify with:

cosign verify-blob --certificate symbi-*.pem --signature symbi-*.sig symbi-*.tar.gz \
  --certificate-identity-regexp="https://github.com/ThirdKeyAI/Symbiont" \
  --certificate-oidc-issuer="https://token.actions.githubusercontent.com"

SHA256 checksums are in checksums.txt (also signed).

What's New in v1.8.1

symbi run — Single Agent Execution

Run any agent directly from the CLI without starting the full runtime:

symbi run recon --input '{"target": "10.0.1.5"}'
symbi run assistant -i 'Summarize this document' --max-iterations 5

Resolves agent names from agents/ directory, sets up cloud inference from env vars, runs the ORGA loop, and exits.

Usability Fixes

• Auth clarity at startup: Shows which token applies to which port (Runtime API :8080 (auth: SYMBIONT_API_TOKEN), HTTP Input :8081 (auth: --http.token))
• SYMBIONT_MASTER_KEY warning: Startup warns if missing instead of silently failing
• DSL # comments: Hash-style comments now supported alongside //
• Agent names in API: GET /api/v1/agents returns {id, name, state} instead of bare UUIDs
• Multi-agent auto-routing: All loaded agents get /webhook/<name> routes
• Top-level cedar feature flag: cargo build --features cedar works directly
• protoc documented: Added to prerequisites in getting-started docs
• rust-version = "1.82": MSRV now explicit in Cargo.toml

Bug Fixes

• Fix default Anthropic model name (claude-sonnet-4-20250514)
• Fix cargo fmt formatting

Full Changelog: v1.8.0...v1.8.1

Pre-Built Binaries

Note: Pre-built binaries are tested but considered less reliable than installing via cargo install symbi or Docker (ghcr.io/thirdkeyai/symbi). If you encounter issues, please try those methods first.

Quick Install

macOS / Linux:

curl -fsSL https://raw.githubusercontent.com/thirdkeyai/symbiont/main/scripts/install.sh | bash

Homebrew (macOS):

brew tap thirdkeyai/tap
brew install symbi

Manual download:
Download the appropriate binary for your platform from the assets below. Verify checksums with checksums.txt.

Verification

Each binary is signed with Sigstore cosign. Verify with:

cosign verify-blob --certificate symbi-*.pem --signature symbi-*.sig symbi-*.tar.gz \
  --certificate-identity-regexp="https://github.com/ThirdKeyAI/Symbiont" \
  --certificate-oidc-issuer="https://token.actions.githubusercontent.com"

SHA256 checksums are in checksums.txt (also signed).

What's New in v1.8.0

symbi init — Project Initialization

Interactive project scaffolding with profile-based templates. Choose from minimal, assistant, dev-agent, or multi-agent profiles with configurable SchemaPin verification and sandbox tiers. Includes a built-in agent catalog for importing pre-built governed agents.

symbi init                          # interactive wizard
symbi init --profile dev-agent --no-interact  # CI/scripted
symbi init --catalog list           # browse agent catalog

Inter-Agent Communication Governance

All inter-agent builtins (ask, delegate, send_to, parallel, race) are now routed through the CommunicationBus with policy evaluation via the new CommunicationPolicyGate. Cedar-style rules control which agents can communicate, with priority-based evaluation and hard deny on policy violations. Messages are cryptographically signed (Ed25519), encrypted (AES-256-GCM), and audited.

Other Changes

• CI: Replace deprecated arduino/setup-protoc with native package managers for Node.js 24 compatibility
• Documentation updates and translations (zh-cn, es, pt, ja, de)

Full Changelog: v1.7.1...v1.8.0

Pre-Built Binaries

Note: Pre-built binaries are tested but considered less reliable than installing via cargo install symbi or Docker (ghcr.io/thirdkeyai/symbi). If you encounter issues, please try those methods first.

Quick Install

macOS / Linux:

curl -fsSL https://raw.githubusercontent.com/thirdkeyai/symbiont/main/scripts/install.sh | bash

Homebrew (macOS):

brew tap thirdkeyai/tap
brew install symbi

Manual download:
Download the appropriate binary for your platform from the assets below. Verify checksums with checksums.txt.

Verification

Each binary is signed with Sigstore cosign. Verify with:

cosign verify-blob --certificate symbi-*.pem --signature symbi-*.sig symbi-*.tar.gz \
  --certificate-identity-regexp="https://github.com/ThirdKeyAI/Symbiont" \
  --certificate-oidc-issuer="https://token.actions.githubusercontent.com"

SHA256 checksums are in checksums.txt (also signed).

What's Changed

Added

• AI Assistant Plugin docs: Document symbi-claude-code and symbi-gemini-cli governance plugins in README, getting-started, and index docs
• SchemaPin discovery JSON: Support SchemaPin discovery JSON format in fetch_public_key
• Cosign binary signing: Release workflow now signs binaries with cosign

Changed

• Drop Intel macOS builds: Remove x86_64-apple-darwin target from release workflow; install script provides source/Homebrew guidance
• Cross-build optimization: Use thin LTO and 4 codegen units for cross builds to avoid OOM during linking
• README images: Use absolute GitHub URLs for logo images

Fixed

• Release workflow: Multiple fixes for cross-compilation (protoc in cross container, vcpkg OpenSSL on Windows, NASM for Windows builds)
• Publish workflow: Improved reliability for crates.io publishing

Crate Versions

Full Changelog: v1.7.0...v1.7.1

Pre-Built Binaries

Note: Pre-built binaries are tested but considered less reliable than installing via cargo install symbi or Docker (ghcr.io/thirdkeyai/symbi). If you encounter issues, please try those methods first.

Quick Install

macOS / Linux:

curl -fsSL https://raw.githubusercontent.com/thirdkeyai/symbiont/main/scripts/install.sh | bash

Homebrew (macOS):

brew tap thirdkeyai/tap
brew install symbi

Manual download:
Download the appropriate binary for your platform from the assets below. Verify checksums with checksums.txt.

Verification

Each binary is signed with Sigstore cosign. Verify with:

cosign verify-blob --certificate symbi-*.pem --signature symbi-*.sig symbi-*.tar.gz \
  --certificate-identity-regexp="https://github.com/ThirdKeyAI/Symbiont" \
  --certificate-oidc-issuer="https://token.actions.githubusercontent.com"

SHA256 checksums are in checksums.txt (also signed).

Symbiont v1.7.0

Standalone Agent SDK

• symbi_runtime::prelude — one-import module for standalone agents
• ReasoningLoopRunner::builder() — typestate builder
• ToolFilterPolicyGate — tool-name whitelisting
• cloud-llm and standalone-agent feature flags

External Agent Integration

• External execution mode, heartbeat/event endpoints, unreachable detection

Pre-Built Binary Releases

• Cross-platform: linux x86_64/aarch64, macOS x86_64/aarch64, Windows x86_64
• brew tap thirdkeyai/tap && brew install symbi
• curl -fsSL https://raw.githubusercontent.com/thirdkeyai/symbiont/main/scripts/install.sh | bash

Pre-built binaries are tested but considered less reliable than cargo install symbi or Docker.

Other

• Advanced reasoning primitives (orga-adaptive), coordinator chat, production safety fixes, Apache 2.0 relicense

Full Changelog: v1.6.1...v1.7.0

Pre-Built Binaries

Note: Pre-built binaries are tested but considered less reliable than installing via cargo install symbi or Docker (ghcr.io/thirdkeyai/symbi). If you encounter issues, please try those methods first.

Quick Install

macOS / Linux:

curl -fsSL https://raw.githubusercontent.com/thirdkeyai/symbiont/main/scripts/install.sh | bash

Homebrew (macOS):

brew tap thirdkeyai/tap
brew install symbi

Manual download:
Download the appropriate binary for your platform from the assets below. Verify checksums with checksums.txt.

Verification

Each binary is signed with Sigstore cosign. Verify with:

cosign verify-blob --certificate symbi-*.pem --signature symbi-*.sig symbi-*.tar.gz \
  --certificate-identity-regexp="https://github.com/ThirdKeyAI/Symbiont" \
  --certificate-oidc-issuer="https://token.actions.githubusercontent.com"

SHA256 checksums are in checksums.txt (also signed).

Pin qdrant-client to >=1.14.0, <1.16.0 to fix cargo install symbi breakage caused by breaking API changes in qdrant-client 1.16+.

Release v1.6.0: reasoning loop, knowledge bridge, scanner expansion

Highlights

• Agentic Reasoning Loop (ORGA cycle): Typestate-enforced Observe-Reason-Gate-Act loop with compile-time phase safety
• Knowledge-Reasoning Bridge: Opt-in bridge between agent memory and reasoning loop
• Cedar Policy Evaluation: Formal authorization via Cedar policy engine
• Circuit Breakers: Per-tool timeouts and configurable failure thresholds
• Journal System: Durable execution journal for loop replay and debugging
• ClawHavoc Scanner: 30 new detection rules across 7 attack categories
• AGENTS.md Support: Full bidirectional agent manifest generation/parsing

See CHANGELOG.md for full details.

Symbiont v1.5.0

Highlights

LanceDB Embedded Vector Backend

Zero-config vector search using LanceDB — no Docker, no external services required. Qdrant is preserved as an optional backend behind the vector-qdrant feature flag.

Context Compaction Pipeline

Automatic context management with pluggable token counting (tiktoken + heuristic fallback), LLM-driven summarization (Tier 1), and last-resort truncation (Tier 4). Enterprise tiers gated behind feature flags.

Composio MCP Integration

Feature-gated SSE-based connection to Composio MCP server for external tool access.

Security Hardening

5 new structure-aware fuzz targets, trusted proxy configuration, fail-closed rate limiting, TOCTOU audit fix, and improved Vault secret detection.

Routing Engine Cleanup

Lock-free atomic routing statistics, SlmExecutor trait extraction, LLMClientPool registry pattern, and removal of 500+ lines of dead code including legacy SchemaPin CLI wrapper.

Crate Versions

Full Changelog

v1.4.0...v1.5.0

What's New in v1.4.0

Persistent Memory (MarkdownMemoryStore)

• Markdown-backed agent memory with Facts, Procedures, and Learned Patterns sections
• Daily log append with timestamped entries and retention-based compaction
• DSL memory block for declarative configuration (store, path, retention)
• REPL :memory command for inspection and management

Webhook Verification (SignatureVerifier)

• HmacVerifier with HMAC-SHA256 and constant-time comparison
• JwtVerifier with HS256 JWT token verification
• Built-in presets for GitHub, Stripe, Slack, and Custom providers
• DSL webhook block with provider presets, secrets, path, and event filtering
• Pre-handler signature verification in HttpInputServer

HTTP Input Security Hardening

• Loopback-only default binding (127.0.0.1 instead of 0.0.0.0)
• Explicit CORS origin allow-lists (replaces boolean toggle)
• JWT EdDSA (Ed25519) validation in auth middleware
• /health endpoint exempt from authentication for load balancers
• PathPrefix route matching in HTTP input routing

Skill Scanning (ClawHavoc)

• 10 built-in security rules: pipe-to-shell, wget-pipe-to-shell, env-file-reference, soul-md-modification, memory-md-modification, eval-with-fetch, fetch-with-eval, base64-decode-exec, rm-rf-pattern, chmod-777
• Custom rule support alongside defaults

Metrics & Telemetry

• FileMetricsExporter with atomic JSON writes
• OtlpExporter for OpenTelemetry endpoints
• CompositeExporter for multi-backend fan-out
• Background MetricsCollector thread

DSL Parser Fixes

• Bare identifiers in value rule (store markdown, provider github)
• Short-form duration literals (90d, 6m, 1y)

Crate Versions

Packages

• crates.io: symbi, symbi-dsl, symbi-runtime, repl-core
• npm: symbiont-sdk-js v0.6.0
• PyPI: symbiont-sdk v0.6.0