-
🌊 DeepSeek V4 Pro + Flash — 1.6T-parameter models, 1M context, Thinking/Non-Thinking modes. DEEPSEEK_API_KEY to enable.
-
📡 Live Threat Feed — lyrie threat-feed pulls verified advisories from research.lyrie.ai in real time. CVE-aware, CVSS-filtered, Shield-attributed.
-
🔍 SARIF Viewer — framework-free DOM renderer for SARIF 2.1.0 results. Severity badges, file:line refs, groupByRule. Included in @lyrie/ui.
-
🏛️ New Home: OTT-Cybersecurity-LLC — repo transferred to the official OTT Cybersecurity LLC GitHub org. Old URL auto-redirects.
-
🔗 LinkedIn Channel — official Lyrie.ai LinkedIn presence live at linkedin.com/company/lyrie-ai
-
🛡️ The Shield Doctrine — every layer of Lyrie that touches untrusted text passes a Shield gate. (docs/shield-doctrine.md)
-
🔍 Lyrie Attack-Surface Mapper (/understand) — maps entry points, trust boundaries, tainted data flows, and ranked risk hotspots before any scanner runs.
-
🧪 Lyrie Stages A–F Validator — every finding earns its severity through six validation gates. Auto-PoCs for confirmed vulns. Auto-remediation summaries. Kills false positives at the source.
-
🌐 Lyrie Multi-Language Vulnerability Scanners — 8 purpose-built scanners (JS / TS / Python / Go / PHP / Ruby / C / C++) with 53 Lyrie-original detection rules covering OWASP Top 10 + CWE classics.
-
📡 Lyrie Threat-Intel feed — every PR finding auto-attributed against research.lyrie.ai, CISA-KEV-aligned, with Lyrie Verdict surfaced inline. Bumps severity to critical when KEV-listed.
-
🔍 Lyrie HTTP Proxy — capture, classify, replay, and fuzz HTTP exchanges. 9 security-signal detectors (missing security headers, weak cookie flags, open CORS, secrets in responses, GraphQL introspection, auth tokens in URLs, verbose 5xx errors, and more). 7 structured mutators for replay-based testing.
-
🆓 Lyrie OSS-Scan service — free public scan at research.lyrie.ai/scan. Submit any GitHub / GitLab / Bitbucket / Codeberg repo URL, get a Lyrie report (Mapper + Scanners + Stages A–F + auto-PoC) in seconds.
-
🚀 Lyrie Pentest GitHub Action — Shield-scans every PR, posts a single-comment-per-PR Markdown summary, uploads SARIF to Code Scanning, blocks merges on fail-on threshold.
-
🧠 FTS5 cross-session memory — bm25-ranked recall + LLM-summarized session digests, every snippet Shield-gated.
-
✏️ Diff-view edits with approval gates — apply_diff produces unified diffs, never overwrites whole files; Shield scans every patch before it touches disk.
-
🔌 MCP adapter (@lyrie/mcp) — Lyrie speaks fluent Model Context Protocol both as client and server.
-
🚪 DM pairing — unknown senders can't reach the agent without operator approval. Three modes: open / pairing / closed.
-
🩺 lyrie doctor — read-only environment, channel, and security self-diagnostic with --json for CI.
-
🧬 LyrieEvolve — the agent scores every task, auto-generates reusable skills from wins, retrieves top-3 past successes as context before each new task, and runs nightly GRPO fine-tuning on your own GPU. Domain-specific rewards for cyber, SEO, trading, and code. (docs/evolve.md)
-
☁️ Pluggable execution backends — run Lyrie scans locally, in a Daytona devbox, or as a Modal serverless function. Same Shield Doctrine, same SARIF, different host.
-
📡 9 multi-channel adapters — Telegram, WhatsApp, Discord, Slack, Matrix, Mattermost, IRC, Feishu, Rocket.Chat, WebChat — one inbox, all secured.
-
🔴 LyrieAAV — Autonomous Adversarial Validation: 50+ attack vectors across all OWASP LLM Top 10 categories, automated verdict scoring, SARIF output, Python + TypeScript SDKs. Beats Audn.AI at its own game. (docs/aav.md)
