Hacker Bob v1.3.5

Major feature release shipping OSS repo hunting mode, the Kimi CLI adapter, CVE feed matching, and installer symlink hardening — on top of the runtime contract and release-gate overhaul.

Highlights

OSS repo hunting — /bob-oss <github-url> (Claude) / $bob-oss <github-url> (Codex) runs the full Bob pipeline against an open-source repo in a Docker sandbox. ASAN/libFuzzer/Valgrind harnesses, CodeQL/Semgrep static scanning, per-path reachability triage, and a local session dashboard.

Kimi CLI adapter — npx hacker-bob-kimi install <dir> joins hacker-bob-cc (Claude Code) and hacker-bob-codex as a first-class adapter wrapper.

CVE feed matching — bounty_public_intel now cross-references NVD/GHSA feeds against the session target, surfacing relevant CVEs as ranked hunter leads.

Installer symlink hardening — closes a TOCTOU window in scripts/install.js where a malicious symlink could redirect a Bob-owned file write.

Upgrade

npx -y hacker-bob@1.3.5 install /path/to/your/project
npx -y hacker-bob-cc@1.3.5 install /path/to/your/project
npx -y hacker-bob-codex@1.3.5 install /path/to/your/project
npx -y hacker-bob-kimi@1.3.5 install /path/to/your/project

Full changelog: CHANGELOG.md
Full release notes: docs/releases/v1.3.5.md

Hacker Bob v1.3.4 Release Notes

Highlights

v1.3.4 closes a Codex adapter parity gap. Codex now exposes the same operator egress management workflow that Claude Code already had, so Codex users can manage explicit egress profiles without switching hosts.

Codex Adapter Parity

• Added $bob-egress as a Codex direct skill and plugin command wrapper.
• Moved the egress profile command implementation into the shared MCP runtime at mcp/lib/egress-cli.js, with the Claude /bob-egress hook now delegating to the same helper.
• Kept host boundaries intact: the shared helper is host-neutral, while Claude-specific environment fallback remains in the Claude hook wrapper.
• Updated install, doctor, uninstall, prompt-contract, CLI, and install-smoke coverage so Codex keeps $bob-egress in lockstep with generated adapter surfaces.

Docs

• Updated the README, first-run guide, troubleshooting guide, and wrapper package READMEs to list /bob-egress and $bob-egress.

Verification

• npm run check:syntax
• npm run test:prompts
• npm run test:cli
• npm run test:install
• npm test
• npm run release:check
• npm run release:check:registry -- --allow-published

Hacker Bob v1.3.3 Release Notes

Highlights

v1.3.3 hardens the session contracts that keep Bob runs resumable and debuggable. The release focuses on completion logging, canonical report writes, chain-attempt replay details, and audit-summary tolerance.

Session Contract Hardening

• Web hunter prompts now require a final completion-status bounty_log_technique_attempt before bounty_finalize_hunter_run.
• Finalization retry guidance now points agents at the two durable contract failures that matter most: malformed handoffs and missing technique-attempt logs.
• Chain-builder prompts now require steps[] in every bounty_write_chain_attempt example so terminal confirmed, denied, blocked, and not_applicable outcomes preserve the replay or rejection path.
• Reporter prompts now require the consolidated canonical report at ~/bounty-agent-sessions/[domain]/report.md before bounty_report_written, even when supporting per-finding files also exist.

Runtime and Analytics

• bounty_read_http_audit now clamps oversized limit values to the configured summary cap instead of rejecting otherwise valid reads.
• Pipeline analytics now reports report_pending_canonical_path when a session has a SUBMIT grade but lacks the canonical report.md, including the expected path and a targeted next action.
• The canonical report-path action is included in release-bundle analytics so operators can distinguish "report not written yet" from "report written somewhere noncanonical."

Verification

• npm test
• npm run release:check
• npm run release:check:registry -- --allow-published

Hacker Bob v1.3.2 Release Notes

Highlights

v1.3.2 fixes recon-agent compatibility with the session read/write guards. Normal and deep recon now keep bulky collection captures in temporary scratch outside the Bob session directory while continuing to produce compact artifacts for routing, summaries, and later phases.

Recon Guard Compatibility

• Replaced session-local temp files such as subdomains.tmp with mktemp scratch outside ~/bounty-agent-sessions.
• Removed family_raw.txt, js_raw.txt, and deep recon [SESSION]/raw/* capture paths from the generated recon contracts.
• Kept compact derived artifacts in the session directory, including attack_surface.json, recon-summary.json, deep-summary.json, and bounded .txt summaries.
• Preserved the seven-step recon contract and the MCP-free recon-agent boundary.

Session Guard Boundaries

• Allowed compact recon summary reads for recon-summary.json, deep-summary.json, and surface-leads.json.
• Allowed direct writes only for compact recon-owned summaries such as recon-summary.json and deep-summary.json.
• Kept surface-leads.json write-protected so normal lead handling remains MCP-owned.
• Kept raw/proof/body/dump-style session reads blocked.

Verification

• npm run test:hooks passes.
• npm run test:prompts passes.
• Rendered normal and deep recon Bash blocks pass both session guards with a concrete session path.
• npm run release:check passes.

Hacker Bob v1.3.1 Release Notes

Highlights

v1.3.1 moves normal HUNT/EXPLORE wave starts into the MCP runtime. The orchestrator now calls bounty_start_next_wave for standard wave assignment, using the returned plan and assignments instead of recomputing policy from attack_surface.json.

Wave Runtime

• Added bounty_start_next_wave({ target_domain, dry_run? }).
• Added a pure planner for wave 1 and wave 2+ candidate ordering, open requeue coverage, lead-surface follow-up, max caps, dedupe, and stable a1..aN labels.
• Preserved bounty_start_wave for explicit/manual focused hunts.
• Kept dry runs side-effect free: no file writes, no handoff tokens, and no hunter-spawn action.
• Re-read ranked surfaces after promotion before starting a real wave.

Deep Lead Ownership

• Made bounty_start_next_wave the single normal-path owner for automatic deep lead promotion.
• Left bounty_promote_surface_leads public for explicit operator use.
• Removed merge-side and prompt-side automatic promotion from the normal path.
• Updated deep HUNT -> CHAIN gating so promotable unpromoted lead debt points the orchestrator back to bounty_start_next_wave.

Prompt And Manifest Updates

• Updated normal HUNT/EXPLORE guidance to consume the runtime-start result.
• Removed instructions for the orchestrator to compute standard assignments manually.
• Updated generated Claude and Codex artifacts, tool metadata, and prompt contract tests.
• Hardened the new tool schema to reject empty target_domain values and unknown top-level fields.

README Refresh

• Reworked the README around user-facing setup, safety, installation, commands, workflow, requirements, troubleshooting, updates, and data handling.
• Removed the old "For AI Coding Agents" section and the instruction-style prose that told users' coding assistants how to interpret the repository URL.
• Tightened the tone across the README to be more professional and easier to scan before first use.

Install

npx -y hacker-bob@1.3.1 install /path/to/your/project
# or, via the adapter wrappers
npx -y hacker-bob-cc@1.3.1 install /path/to/your/project
npx -y hacker-bob-codex@1.3.1 install /path/to/your/project

After installing, fully restart your host CLI (Claude Code or Codex) in that project.

Verification

• npm run check:syntax passes.
• npm run test:mcp passes.
• npm run test:prompts passes.
• npm test passes.
• npm run release:check passes.

Hacker Bob v1.2.5 Release Notes

Highlights

v1.2.5 is a packaging-only release: the hacker-bob-cc and hacker-bob-codex adapter wrapper packages now ship a README.md, so the npmjs.com listings explain what the package is and how to install it instead of looking empty.

Adapter wrapper READMEs

• Each wrapper pack now includes a short README.md with: an explanation that the package is a thin CLI shim around the canonical hacker-bob runtime, the npx install command, the available subcommands (install, update, check-update, doctor, uninstall), and links back to hacker-bob and the source repo.
• Wrapper files allowlists now include README.md. The release-check and test/package.test.js pack-content checks were updated accordingly: wrapper packs must contain exactly the bin shim, README.md, and package.json.
• The wrapper pack size cap was raised from 3 KB to 5 KB. Both wrappers currently pack to ~1.2 KB, well inside the new cap.

Compatibility

No runtime, MCP, or session-format changes. Existing installs continue to work unchanged.

Install

npx -y hacker-bob@1.2.5 install /path/to/your/project
# or, via the adapter wrappers
npx -y hacker-bob-cc@1.2.5 install /path/to/your/project
npx -y hacker-bob-codex@1.2.5 install /path/to/your/project

After installing, fully restart your host CLI (Claude Code or Codex) in that project.

Verification

• npm run test:mcp passes.
• npm run test:prompts passes.
• npm run test:install passes.
• npm run test:package passes.
• git diff --check passes.
• npm test passes.
• npm run release:check passes.

Hacker Bob v1.2.4 Release Notes

Highlights

v1.2.4 is a small fix-up release: the rendered evidence-agent Claude agent now uses a color value Claude Code accepts, and the prompt-contract suite enforces that constraint going forward.

Evidence agent color

• Switched the evidence-agent color from teal to cyan in both the shared Claude role spec and the rendered .claude/agents/evidence-agent.md.
• Added SUPPORTED_CLAUDE_AGENT_COLORS to the Claude role renderer and a new prompt-contract test that fails if any rendered Claude agent uses a color outside that allowlist.

Compatibility

No behavior changes for hunts, MCP runtime, sessions, or telemetry. Existing ~/bounty-agent-sessions and ~/bounty-agent-telemetry data continue to work unchanged.

Install

npx -y hacker-bob@1.2.4 install /path/to/your/project

After installing, fully restart your host CLI (Claude Code or Codex) in that project.

Verification

• npm run test:mcp passes.
• npm run test:prompts passes.
• npm run test:install passes.
• git diff --check passes.
• npm test passes.
• npm run release:check passes.

Hacker Bob v1.2.3 Release Notes

Highlights

v1.2.3 adds /bob-export and $bob-export, a deterministic post-release improvement bundle for handing recurring run issues to a fresh agent without dumping raw session context into chat.

Post-release export

• Added a shared non-LLM exporter that reads existing telemetry and session summaries, scopes data to the currently installed Bob version, and writes timestamped bundles under ~/bounty-agent-telemetry/release-bundles/v<version>/<timestamp>/.
• Bundle files: AGENT_PROMPT.md, manifest.json, summary.md, problem-clusters.json, sessions.json, tool-events.filtered.jsonl, agent-runs.filtered.jsonl, and source-paths.txt.
• Current-version bob_version filtering excludes unknown, old, or mixed-version sessions and records every exclusion in manifest.json.
• Problem clustering groups pipeline bottlenecks, failed MCP tool/error-code pairs, hunter block codes, malformed artifacts, evidence/report/coverage blockers, version exclusions, and source paths.
• Multiple runs create sibling timestamped bundles and include all current-release telemetry seen so far.

Adapter support

• Claude installs now ship /bob-export plus .claude/hooks/bob-export.js.
• Codex installs now ship $bob-export as a direct skill and plugin command wrapper.
• Installer, doctor, uninstall, dev-sync, package checks, and docs were updated for the new surfaces.

Compatibility

Existing session and telemetry roots remain unchanged: ~/bounty-agent-sessions and ~/bounty-agent-telemetry. /bob-export is read-only with respect to hunts and targets; it only writes the local release bundle.

Install

npx -y hacker-bob@1.2.3 install /path/to/your/project

After installing, fully restart your host CLI (Claude Code or Codex) in that project, then run /bob-export (Claude) or $bob-export (Codex) after one or more Bob sessions.

Verification

• npm run test:mcp passes.
• npm run test:prompts passes.
• npm run test:install passes.
• git diff --check passes.
• npm test passes.
• npm run release:check passes.

Hacker Bob v1.2.2 Release Notes

Highlights

v1.2.2 is a patch release that stamps the Bob package version into telemetry so /bob-debug can distinguish target behavior from mixed-install drift.

Telemetry and debug

• MCP tool telemetry rows now include bob_version.
• Hunter run telemetry rows now include bob_version.
• Pipeline analytics events now include bob_version.
• Telemetry summaries now expose observed_bob_versions so a debug pass can quickly spot sessions produced by more than one Bob build.
• The Bob debug skill now records the version fields in its session summary and calls out multi-version sessions before deeper diagnosis.
• The canonical npm package no longer includes ignored local install metadata such as .claude/bob/VERSION, .claude/bob/install.json, or .claude/bob/egress-profiles.json.

Compatibility

This release only adds metadata fields to telemetry/debug surfaces. Existing session files, MCP tools, prompts, and adapter install paths remain compatible.

Install

npx -y hacker-bob@1.2.2 install /path/to/your/project

After installing, fully restart your host CLI (Claude Code or Codex) in that project, then run /bob-hunt target.com (Claude) or $bob-hunt target.com (Codex).

Verification

• npm run test:mcp passes.
• npm run test:prompts passes.
• npm run release:check passes.
• npm test passes.

Hacker Bob v1.2.1 Release Notes

Highlights

v1.2.1 is a patch release that removes retired public-facing "bug bounty agent" phrasing and standardizes copy on Hacker Bob / bug bounty workflow framework naming.

Public naming cleanup

• Replaced the site title, meta description, social descriptions, hero subtitle, and footer tagline with "bug bounty workflow framework" wording.
• Updated the MCP server facade comment to use Hacker Bob naming.
• Added a prompt-contract regression so public copy does not reintroduce the retired wording.

Compatibility

This release does not rename runtime compatibility identifiers. The bountyagent MCP namespace and ~/bounty-agent-sessions state path remain unchanged so existing installs, prompts, session data, and MCP wiring continue to work.

Install

npx -y hacker-bob@1.2.1 install /path/to/your/project

After installing, fully restart your host CLI (Claude Code or Codex) in that project, then run /bob-hunt target.com (Claude) or $bob-hunt target.com (Codex).

Verification

• npm run build --prefix site passes.
• npm run test:prompts passes.
• npm run release:check passes.
• npm test passes.