Strix Agent v0.5.0

🚀 Strix v0.5.0 — Scan Modes, Agent Todo tool & Standalone Binary Installation

Changelog

Strix v0.5.0 introduces a dedicated todo tool for agent task tracking, configurable scan modes for everything from CI to deep assessments, rich syntax highlighting with markdown rendering, and a new standalone binary so you can run Strix without Python or pipx.

---

🔥 Features

✅ Agent Todo Tool for Focused, Faster Agents

Agents now have a todo system they can use to:

• Break down complex engagements into concrete steps
• Keep an explicit backlog of what to do next
• Mark tasks as done or pending as they go
• Refine and reprioritize tasks mid-scan

This gives agents a memory of their plan, reduces looping and re-discovery of the same work, and helps them converge on meaningful findings faster - especially in long-running or multi-target assessments.

🕵️ Scan Modes (--scan-mode)

New --scan-mode option lets you dial in depth and speed:

• quick
  Optimized for CI/CD. Focuses on:

  • Recent changes (git diffs / PRs)
  • High-impact vulnerabilities only
    Ideal for fast feedback in pipelines.

• standard
  Balanced, systematic methodology:

  • Covers the full attack surface
  • Good default for standard checks

• deep (now the default)
  Exhaustive testing powered by the hierarchical agent swarm:

  • More aggressive enumeration
  • Multi-step exploit chains
  • Best for thorough reviews and complex targets

🎨 Syntax Highlighting & Markdown Rendering

Agent tools are now much easier to read:

• Syntax highlighting in the TUI for tool renderers and agent output
  (Python, JavaScript, and more)
• Markdown rendering for agent messages:
  • Headings, lists, code blocks
  • Cleaner vulnerability reports and PoCs

This makes both interactive sessions and logs significantly more readable.

📦 Standalone Binary via PyInstaller

Strix now ships as a standalone binary:

• No system Python required
• No pipx needed

Install and update Strix on Linux, macOS, and Windows with:

curl -sSL https://strix.ai/install | bash

You can still install via pipx if you prefer, but the binary makes it trivial to drop Strix into constrained environments, containers, or CI runners.

---

🛠️ Fixes & Improvements

• Added unified API key support across providers
• Added support for Vertex AI models via google-cloud-aiplatform
• Added STRIX_DISABLE_IMAGES flag to better support non-vision models
• Filtered out image_url content when using non-vision models
• Added timeout to sandbox tool execution to prevent indefinite hangs
• Fixed crash when handling very long text instructions
• Improved TUI with syntax highlighting for tool renderers and markdown agent messages
• Added unit tests for the argument parser
• Updated GitHub Actions checkout action version
• Dependency bumps for fonttools, cryptography, urllib3, and more

---

Try out the latest version:

pipx install strix-agent
# or
curl -sSL https://strix.ai/install | bash

👉 Join the Discord
⭐ Star us on GitHub

New Contributors

• @Vincent550102 made their first contribution in #169
• @Jeong-Ryeol made their first contribution in #157
• @K0IN made their first contribution in #189
• @RMartires made their first contribution in #188

Full Changelog: v0.4.0...v0.5.0

Strix Agent v0.4.0

🚀 Strix v0.4.0 - Live Stats Panel, Persistent Reports & IP Scans

Changelog

Strix v0.4.0 adds file-based instructions for richer pentest configs, real-time persistence for findings, a live stats panel in both CLI and TUI, new prompt modules, better rate-limit handling, and IP address scanning support.

---

🔥 Features

📊 Live Agent Stats Panel

New interactive stats panel in both TUI and CLI shows:

• Vulnerabilities found so far
• Tokens used
• Cost estimates
• Active agents/tools

(Shoutout to @AlexanderDeBattista #134)

💾 Real-Time Results Persistence

Every finding is now written to disk as it’s discovered, so reports survive crashes, bad exits, or terminal issues. One of the most requested features. 🙌

📁 File-Based Instructions (--instruction)

Define detailed pentest instructions in a file instead of a single CLI string – perfect for longer scopes, rules of engagement, and target notes.

🚦 Fixes Excessive Rate-Limit Issues

Improved handling for lower LLM rate limits (especially Anthropic), reducing throttling errors and flaky runs. (Shoutout to @SellMeFish)

🧩 New Prompt Modules

Added prompt modules to the collection for:

• Open Redirect
• Subdomain Takeover
• Info Disclosure

(Shoutout to @Trusthoodies #132)

🌐 IP Address Scanning

You can now scan raw IP addresses directly, making it easier to test services that aren’t fronted by hostnames.

---

🛠️ Fixes & Improvements

• More robust handling of long-running scans
• Minor UX and CLI polish

---

Try out the latest version: pipx install strix-agent

👉 Join the Discord
⭐ Star us on GitHub

Strix Agent v0.3.1

🚀 Strix v0.3.1 — Headless Mode, Multi‑Target Scans & More

Changelog

Strix v0.3.1 introduces headless CLI mode for seamless automation, multi-target scanning for full-stack assessments, and improved visibility into scan results with per-severity breakdowns and agent iteration guidance. This release also includes stability improvements and raises the default iteration limit to support deeper scans and more advanced workflows.

---

🔥 Features

🧠 Headless CLI Mode (--non-interactive)

Run Strix without the REPL — perfect for automation, scripting, and CI/CD workflows.
Prints real-time findings and exits with a non-zero code if vulnerabilities are found.

⚙️ GitHub Actions / CI Integration

Strix can now be used directly in automation pipelines to block vulnerable code from merging.
Add it to your CI with a simple GitHub Actions workflow that fails the build if vulnerabilities are found.

🌐 Multi‑Target Scanning

Scan multiple targets in one run — repos, deployed URLs, APIs, etc.
Useful for:

• White-box + black-box in one scan
• Dev/staging/prod comparisons
• Full-stack and cross-component analysis

📊 Per‑Severity Vulnerability Counts

Completion panel now includes a color-coded summary of findings by severity.

⚠️ Agent Iteration Limit Warnings

Strix now sends internal warning messages to agents when they're nearing the configured iteration limit — nudging them to wrap up gracefully. This improves agent reliability, avoids abrupt stops, and helps ensure cleaner scan completion.

🔁 Increased Agent Iteration Limit

The default max_iterations is now set to 300, allowing agents to run deeper and cover more complex targets without early termination. Enables longer-running assessments and more thorough exploration of large apps or multi-component environments.

---

🛠️ Fixes & Improvements

• General stability improvements
• Minor CLI polish

---

Try out the latest version: pipx install strix-agent

👉 Join the Discord
⭐ Star us on GitHub