jimmyracheta/AI-Runtime-Guard

Script Sentinel

• Added write-time content tagging and execute-time enforcement continuity for script-mediated command evasion paths.
• Introduced configurable modes (match_original, block, requires_confirmation) and scan modes (exec_context, exec_context_plus_mentions).
• Added GUI controls, reporting views, and event logging for Script Sentinel outcomes.

Full GUI Overhaul

• Redesigned policy, approvals, reports, and settings surfaces for clearer workflows and stronger visual hierarchy.
• Reworked advanced policy sections, collapsible controls, segmented selectors, and table layouts for usability.
• Added richer state handling and clearer operator feedback across policy apply/revert/reset flows.

Agent Management v2

• Added profile-driven Settings -> Agents workflow for Claude Code, Claude Desktop, Codex, and Cursor.
• Implemented scope-aware MCP configuration generation and apply/remove logic per supported client.
• Added posture detection and per-agent status modeling with dynamic checks and refresh.

One-Click MCP Configuration

• Added single-action MCP apply/remove from GUI with safety checks, path/scope awareness, and integrity validation.
• Improved config generation to minimal required env (AIRG_AGENT_ID, AIRG_WORKSPACE) and reconciled stale references.
• Added clearer lifecycle guidance around reapply/restart and config drift detection.

Security Posture Enforcement Controls

• Added one-click posture enforcement flows with grouped controls (Standard/Strict/Maximum/Optional by agent capability).
• Implemented hardening orchestration for supported clients (hooks/rules guidance, native tool restrictions, sandbox settings).
• Added posture scan and verification feedback to surface real applied state versus desired config.

Runtime and Policy Engine Simplification

• Removed simulation tier and budget enforcement logic from runtime, policy config, and GUI.
• Standardized active command tiers to blocked, requires_confirmation, and allowed.
• Refactored command execution flow and added dedicated edit_file tool for safer in-place updates.

Observability and Reporting

• Unified hook/runtime event streams in activity.log format and preserved ingest compatibility for reports.
• Expanded approvals history and script-sentinel reporting surfaces with better operator context.
• Kept reports ingestion/pruning model aligned with current policy and UI controls.

Packaging and Install Maturity

• Stabilized v2 packaging/versioning, publish workflow, and release docs.
• Improved install guidance for isolated environments (pipx or venv) and documented common friction points.
• Fixed service interpreter resolution so setup-generated services keep the correct venv Python path.