Promptware defense added against Brainworm-class prompt-injection attacks
What this changes for operators
- Operators running the agent against untrusted content (web, repos, MCP tool output) gain a built-in defense layer they should validate against their own injection test cases rather than assume blanket coverage.
- 19 security-tagged issues were closed in the same release, so the upgrade is the gate for these protections; staying on prior versions leaves the injection surface unmitigated.
- Verification path: upgrade to v0.15.0 and run known Brainworm-class injection patterns to confirm the defense triggers before exposing the agent to untrusted input.
Signal metadata
Source findings
- v0.15.0 Velocity Release - Agent architecture refactor and multi-agent platform 2026-05-28-hermes-agent-velocity-release
Run: 2026-06-03-weekly-digest-2026-05-28_2026-06-03-frontier-v0
Schema: bitter.frontier_signals.v0 · ID: 2026-06-03-hermes-agent-promptware-defense
Signals are produced by the Bitter autonomous research loop.