Releases: TaklaXBR/zai-shell
Releases · TaklaXBR/zai-shell
v9.0.3 – Security Fix
This release fixes a critical security vulnerability that could allow
unauthenticated remote code execution when using P2P terminal sharing
in --no-ai mode.
All users are strongly advised to upgrade immediately.
See the GitHub Security Advisory for full details.
v9.0.2 - PostHog/ChromaDB Fix
🐛 Bug Fix
- Fixed PostHog/ChromaDB version conflict causing telemetry errors (Thanks @neodev27!)
📦 Important
After updating, run:
pip install --upgrade chromadb posthogContributors
neodev27
Assets 2
ZAI Shell v9.0.1 - Sentinel 1.5: Behavioral Risk Intelligence
What's New
Sentinel 1.5 - Complete Rewrite
Sentinel is no longer a simple risk scorer. It is now a behavioral intelligence system that understands context, learns from mistakes, and knows when you are panicking.
Key Features:
- 4-Dimension Risk Breakdown: Every action is analyzed across Structural, Behavioral, Contextual, and Intent dimensions
- Panic Mode Detection: Detects user frustration through language patterns ("please work", "trying again") and adjusts risk thresholds accordingly
- Lesson Memory: Maintains
.sentinel_lessons.jsonto remember past failures that caused actual damage - prevents repeating the same mistakes - Context-Aware Warnings: Risk is evaluated based on accumulated state, not isolated events
- Silence Threshold: Low-risk actions are deliberately not warned about - because a warning is valuable when it is rare
Philosophy Update:
"Sentinel speaks to survive, not to control."
Sentinel never says "Risk Score: 75". It says: "Risk is HIGH because you have failed 3 times consecutively, and the system is already showing degradation signs."
Documentation
- README completely rewritten to reflect Sentinel 1.5 capabilities
- Added real terminal output examples showing risk escalation
- Updated comparison table with new unique features
Upgrade Notes
- Sentinel 1.5 is backward compatible
- New file
.sentinel_lessons.jsonwill be created automatically - Use
sentinel resetto clear behavioral history if needed
v9.0 - The Sentinel Update
Sentinel Mode Added: A new safety layer that analyzes user intent to prevent dangerous actions autonomously.
Smart Path Logic Removed: Removed manual path correction to allow the AI full control over filesystem paths without interference.
v8.1.2 - Keyboard Import Fix
🔧 Bug Fixes
- Fixed keyboard import error when package is not installed
- Added keyboard availability check for GUI automation
- Program no longer crashes if keyboard module is missing
Thanks to @babayagaga2 for the contribution! 🙏
Contributors
babayagaga2
Assets 2
v8.1.1 - AI-Controlled Encoding & Dynamic Shell Selection
🔧 Encoding Fix
- Removed hardcoded encoding defaults
- AI now selects the appropriate encoding for each task
- System encoding used as fallback when AI doesn't specify
- Fixed shell selection in hybrid plan execution
v8.1 - Smarter Encryption, Zero AI Option
New Features
🔑 Enhanced Encryption System
share encrypt- View current encryption status and full keyshare encrypt random- Generate random key (displays full key for sharing)share encrypt key <key>- Use a specific Fernet keyshare encrypt on/off- Toggle encryption- Encryption state now persists between sessions
🚫 No-AI Mode for P2P
share start --no-ai- Start terminal sharing without AI processing- Helper sends actual commands (e.g.,
dir, not "list files") - Same workflow: send → approve → execute (just without AI)
🐚 Shell Suffix (No-AI Mode)
- Add shell name at end of command:
share send sudo apt update wsl - Supports all 13 shells: cmd, powershell, ps, pwsh, wsl, git-bash, cygwin, bash, sh, zsh, fish, ksh, tcsh, dash
Bug Fixes
- Fixed
share endcommand not properly ending sessions - Fixed bare
except:clauses (improved error handling) - Fixed potential None access for encryption status
- Fixed PIL import verification for ImageDraw/ImageFont
- Fixed DDGS import fallback handling
- Removed automatic pip install for posthog (now requires manual install)
Documentation
- Added Turkish documentation (README_TR.md, PRIVACY_TR.md)
- Added TR language badge to README
- Updated P2P command reference with new features
v8.0: Multi-Client P2P Terminal Sharing with End-to-End Encryption
Major Features
Multi-Client P2P Terminal Sharing
ZAI Shell v8.0 includes a peer-to-peer terminal sharing system that enables collaboration between multiple users. The architecture supports one host and multiple helper clients, communicating over TCP sockets with optional end-to-end encryption.
Key Capabilities:
- Multi-client support: One host can handle multiple concurrent helper connections
- Real-time communication: Message broadcasting, command sharing, and file transfers
- User management: Automatic name conflict resolution and user tracking
- Session handling: Connection monitoring with reconnection support
End-to-End Encryption (E2E)
Optional encryption support for P2P communication.
Security Features:
- AES-256 encryption using Fernet
- Password-based key derivation: PBKDF2 with 100,000 iterations and SHA-256
- Encrypted file transfers: File contents are encrypted during transmission
- Encrypted messaging: Chat messages and shared commands are encrypted
Natural Language P2P Control
Gemini integration allows basic natural language commands for P2P operations, reducing the need to remember specific command syntax.
Examples:
- "Show me the logs" → Displays terminal logs
- "Send report.pdf to Alice" → Sends a file to a specific user
- "Tell everyone the server is ready" → Broadcasts a message
- "Run dir command on Bob's machine" → Sends a command request
- "Accept the incoming file" → Accepts a pending file transfer
File Transfer System
Chunked file transfer with integrity verification.
Features:
- Large file support: Up to 100MB per file (64KB chunks)
- MD5 checksum verification for integrity validation
- Progress tracking during transfer
- Targeted delivery to specific users or all participants
- Automatic filename conflict handling
Security Framework Improvements
Additional validation and filtering mechanisms to reduce unsafe operations.
Security Enhancements:
- Expanded blocked command list (PowerShell, Windows, Unix variants)
- Regex-based detection of potentially dangerous command patterns
- Unicode normalization to prevent hidden character abuse
- Path traversal protection (
.., UNC paths, system directories) - Reserved filename blocking (CON, NUL, COM1, etc.)
- Username sanitization for P2P sessions
Complete Feature List
P2P Session Management
share start [port] # Start hosting session (default: 5757)
share connect IP:PORT # Connect to a session
share encrypt [password] # Enable encryption before connecting
share name <newname> # Set or change display name
share end # End sessionCommunication & Collaboration
share message <text> # Broadcast message
share chat # Show chat history
share send <command> # Send command request (helper → host)
share approve / reject # Host approves or rejects commandsFile Operations
share file <path> [user] # Send file to a user or all
share accept [path] # Accept incoming file
share deny # Reject incoming fileInformation & Status
share status # Show connection status
share list / users # List connected users
share logs # Show activity logsGlobal Access via ngrok
For connections outside the local network:
- Host runs:
ngrok tcp 5757 - Host shares the ngrok address
- Helpers connect using
share connect <ngrok-address>
Security Architecture
Encryption Implementation
- Algorithm: AES-256 (Fernet)
- Key derivation: PBKDF2-HMAC-SHA256 (100,000 iterations)
- Salt:
zaishell_p2p_salt_v8 - Encoding: Base64
Validation Pipeline
- Unicode normalization
- Regex-based command inspection
- Path validation
- Username sanitization
- File checksum verification
Restricted Operations
- Destructive system commands
- Privilege escalation attempts
- Remote code execution patterns
- Path traversal exploits
- Reserved device names
Use Cases
Remote Collaboration
- Shared terminal sessions
- Command approval workflow
- Secure file sharing
Educational Use
- Instructor-led terminal demonstrations
- Controlled command execution
- Safer learning environment
DevOps & System Administration
- Troubleshooting sessions
- Log inspection
- File exchange between team members
Technical Support
- Remote terminal assistance
- Command guidance without screen sharing
- Secure data transfer
Technical Details
Architecture
- Protocol: TCP sockets with JSON messages
- Threading: Daemon threads for async I/O
- Client management: Thread-safe structures
- Message framing: Newline-delimited JSON
Performance
- File transfer: Network-limited (64KB chunks)
- Concurrent clients: Tested with multiple connections
- Latency: Low latency on local networks
- Memory usage: ~10MB base + ~2MB per client
Dependencies
cryptography(optional)- Standard library modules
colorama
Installation & Setup
Requirements
pip install cryptographyQuick Start – Host
python zaishell.py
> share encrypt mypassword
> share start
# Share 192.168.1.22:5757 with helpersQuick Start – Helper
python zaishell.py
> share encrypt mypassword
> share connect 192.168.1.22:5757v7.0.3 - P2P Chat, Multi-User Support & Telemetry Fix
What's New in v7.0.3
🎉 New Features:
- P2P Chat System: Added peer-to-peer chat functionality
- Multi-User Support: Multiple users can now connect simultaneously
- Username Selection: Users can now choose their own usernames
🐛 Bug Fixes:
- Fixed telemetry being enabled by default despite initial settings (now correctly starts as disabled)
v7.0.2 Anonymous Telemetry Added
📝 Release Description
Added
- Privacy-first anonymous telemetry using PostHog
- Anonymous UUID-based session tracking
- Feature usage and error analytics (no personal data)
Privacy
- No commands, file contents, paths, IPs, or personal data are collected
- Telemetry can be disabled at any time with:
telemetry off
Notes
- This release contains no functional or behavior changes
- Telemetry is used only to improve the project
- Full details are available in PRIVACY.md