strix icon indicating copy to clipboard operation
strix copied to clipboard
Published 1 week ago verified publisher icon usestrix

Major Strix Upgrade: Core Agent Framework, Structured Exports, Bot Integration, and Expanded Tooling

Open laikhtman opened this issue 4 weeks ago • 0 comments

📝 PR Description

This Pull Request delivers a comprehensive upgrade across multiple layers of the Strix platform, including the core agent framework, documentation, structured vulnerability exports, Telegram bot integration, and several new security tools.

The scope is intentionally broad, completing major portions of the roadmap and unifying recent improvements into a cohesive, documented release.

Key Improvements

1. Documentation Overhaul

  • Added extensive architecture, agent-loop, telemetry, and operator-facing documentation.
  • Updated README with .env configuration examples, clarified setup steps, and removed outdated acknowledgements.

2. Telegram Bot + Control API

  • Implemented end-to-end Telegram bot integration.
  • Added control APIs for triggering runs, browsing outputs, and interacting with agents.
  • Included example .env, systemd service file, and a bot load-testing script.

3. Structured Vulnerability Exports

  • Added JSONL vulnerability export pipeline.
  • Introduced SARIF 2.1.0 report generation with normalized metadata and improved runName serialization.
  • Updated related docs and validated tracer output behavior.

4. Core Agent Enhancements (A01–A03)

  • A01: Pluggable agent graph builder with validation and YAML support.
  • A02: Adaptive iteration policy based on target complexity and LLM latency, integrated across CLI/TUI/bot.
  • A03: Persistent, resumable agent state with automated run snapshots and supporting tests.

5. New Tooling & Coverage Enhancements (T01–T05)

  • Integrated SAST/dep scan tooling.
  • Added API probing and auth-flows playbooks.
  • Reporting enrichment including CVSS estimates, CWE/OWASP references, and fix-by snippets.

Testing

  • Added new unit tests for graph builder, state persistence, API probing, and more.
  • Note: Full pytest suite not executed locally (pytest not installed).

Docs Updated

  • README.md
  • architecture.md
  • agent-loop.md
  • telemetry-and-observability.md
  • todo_roadmap.md
  • Additional supporting files

laikhtman avatar Dec 01 '25 08:12 laikhtman