Skip to content

SponsioLabs/Sponsio](https:

v0.1.0 Feature

This release adds 2 notable features for engineering teams evaluating rollout.

Published 28d AI Agents & Assistants
✓ No known CVEs patched
Read the diff → Tool health → What is this tool? →

✓ No known CVEs patched in this version

Topics

agent-guardrails agent-harness agent-runtime agent-safety agent-security agent-skills
+13 more
agentic-ai ai-agents ai-security deterministic guardrails intent-verification mcp openclaw openclaw-skills policy-engine prompt-injection runtime-safety self-hosted

Affected surfaces

breaking_upgrade auth rbac

Summary

AI summary

Fixed missing implementations in the 0.1.0a3 wheel, restoring sponsio.daemon and sponsio.plugin.append_ops.

Full changelog

Open-source launch build. Closes the missing-implementation gap in 0.1.0a3
(CLI imported sponsio.daemon / sponsio.plugin.append_ops but the wheel
shipped without them) and tunes the bundled capability rules.

Added

  • sponsio.daemon — Unix-socket IPC server + client + handlers; powers
    the privileged-process side of sponsio plugin append so a system install
    can give kernel-level (separate-UID) self-modify protection.
  • sponsio plugin append — structurally-additive merge from a staging
    YAML into a host bucket library; the only blessed write path through the
    self-modify pack.

Changed

  • Capability/shell pack — drop session-wide rate_limit(exec, 50) and
    loop_detection(exec, 20). The 24-hour cross-session trace store turned
    these into rolling caps that false-positived heavy interactive work; the
    targeted arg_blacklist and confirm-gate rules already cover the real
    attacks.
  • Capability/self-modify pack — extend protection to the upstream
    sponsio package (contract bundles + engine .py) so an editable / --user
    / venv install can't be used as an "edit the bundle to silence the rule"
    bypass. Maintainer workflow: override with customized: {match: {source: "library:tier1.self-modify"}, disabled: true}.
  • Onboard wizard — drop redundant trailing "mode flip" hint (axis 3
    already asks); language-aware bare-loop guard API hint
    (guardBefore/guardAfter for TS, guard_before/guard_after for Python).

Fixed

  • sponsio --version was hardcoded to "0.2.0a0" in the Click
    version_option; now reads sponsio.__version__ so it tracks
    pyproject.toml automatically.
  • 0.1.0a3 wheel was missing sponsio/daemon/ and sponsio/plugin/append_ops.py,
    causing sponsio plugin append and sponsio daemon … to ImportError on a
    fresh pip install. 0.1.0 ships them.
View diff on GitHub

Weekly OSS security release digest.

The CVE patches and breaking changes that affected production tools this week. One email, every Sunday.

No spam, unsubscribe anytime.

Share this release

Share on X Share on Bluesky

Track SponsioLabs/Sponsio](https:

Get notified when new releases ship.

Sign up free

About SponsioLabs/Sponsio](https:

All releases →

Related context

Beta — feedback welcome: [email protected]