sentinelayer-cli@0.8 Ships — 13 Personas, Silent-Failure Detection, Senti

The biggest release since open-sourcing the CLI. Deep mode now dispatches all 13 domain personas. Silent-failure detection stops broken scans from looking clean. Senti launches as a shared room for multi-agent work.

Today we shipped sentinelayer-cli@0.8.0 with SLSA provenance and Sigstore transparency log receipts. This is the biggest release since we open-sourced the CLI — three new capabilities, one long-standing quality gap fixed, and a fundamental shift in how we think about AI code review.

The one thing we fixed: faceless personas

Here is the thing that bothered me most. For six months, our deep scan dispatched 13 domain personas — Nina Patel (Security), Maya Volkov (Backend), Sofia Alvarez (Observability), Priya Singh (Testing), Arjun Mehta (Performance), Leila Farouk (Compliance), and seven more. The terminal would show their faces, their domains, their reasoning.

Except it did not. The `deep` mode shipped 6 personas. Three of them (`architecture`, `performance`, `compliance`) had no visual identity in the registry, so when they reported findings, the terminal showed a faceless name. The output looked like this:

``` [nina-patel] [Security] Found 2 P2 findings... [maya-volkov] [Backend] Found 1 P1 finding... [arjun-mehta] [unknown] Found 3 findings... ← no avatar, no domain label [leila-farouk] [unknown] Found 1 finding... ← no avatar, no domain label ```

That is bad for two reasons. One: users do not trust personas they cannot see. Two: users assumed deep mode meant the full roster when it actually meant 6 of 13.

In 0.8, deep mode dispatches all 13. Every persona has a face, a domain, and a FAANG-grade checklist pulled from our internal SWE excellence framework. Security has 10 checklist items. Backend has 8. Observability has 8. A persona cannot return zero findings without explicitly enumerating which checklist items it evaluated. "Zero findings" is a valid conclusion only after proof of coverage.

Scan output now looks like this:

``` sl /omargate deep --path . --scan-mode full-depth

[nina-patel] Security 1.2s 0.08 tokens 0.03 USD 2 findings [maya-volkov] Backend 1.4s 0.09 tokens 0.04 USD 1 finding [arjun-mehta] Performance 1.6s 0.11 tokens 0.05 USD 3 findings [leila-farouk] Compliance 1.3s 0.08 tokens 0.03 USD 0 findings (10/10 items) ... 9 more ... ```

The silent-failure detector

While we were in there, we found a worse problem.

A broken auth token. A degraded LLM proxy. A model outage. Any of these failures, and our orchestrator would happily return: "deep scan complete, 13 personas dispatched, zero findings, total cost: 0.00 USD". Which is exactly the worst possible failure mode for a security tool. You cannot tell a clean scan from a broken scan.

0.8 ships a silent-failure detector. If more than half the personas error out, or if the total LLM cost comes back as zero while personas were supposedly dispatched, the CLI raises:

``` [warn] silent-failure detected: 0/13 personas produced findings, total cost $0.00 [warn] this is most likely an auth, proxy, or provider outage, NOT a clean scan [warn] re-run with --stream to see per-persona dispatch traces ```

If you care about security tooling, you need to care about this class of failure. A detector that quietly says nothing is not a detector. We are now loud about it.

The new thing: Senti

The biggest addition in 0.8 is Senti, our multi-agent session coordinator. We shipped the full design doc and the full implementation in one release.

Senti is a lightweight session moderator that sits alongside Omar Gate. It runs as an ephemeral coordination channel where multiple AI agents — and you — can see what is happening in real time, pass work between each other, ask for help when they are stuck, and get stopped when they go off the rails.

The short version:

  • **Session start/join/leave** — any agent opens a channel, others join by id
  • **Shared blackboard** — every finding, decision, and file lock visible to every participant
  • **Task assignment with leases** — claim work, heartbeat, release; crashed leases expire
  • **File conflict prevention** — an agent locks a file before editing; others cannot touch it
  • **Stuck detection** — 90s of no progress triggers a Senti ping
  • **Kill switches** — `sl session kill --agent <name>` targets one agent without collateral damage
  • **Audit trail** — append-only NDJSON with SHA-256 chain, reproducible and diff-able

We wrote a full introduction for why this matters. Short version: tools that let agents move fast without coordination are not tools — they are collision hazards.

The other new thing: AIdenID inside sessions

AIdenID (ephemeral identity provisioning) is not new, but 0.8 wires it into Senti sessions. Any agent in a session can provision its own ephemeral email, tag it with its agent id, and use it for testing without stepping on the other agents' identities.

```bash sl session join --name claude-a1b2 sl ai provision-email --tags "senti,claude-a1b2" --ttl 1800 --execute # agent claude-a1b2 now has its own sandboxed test identity # visible on the session stream so other agents know not to reuse it ```

More recipes in /docs/aidenid/agent-workflows.

What this unlocks

Four things are now possible that were not before:

  1. **Multiple agents, one repo, zero collisions.** Claude Code, Codex, Jules, and a human can all work on the same branch. Senti enforces file locks and task leases.
  1. **Audit-grade session trails.** Every event is append-only, SHA-256 chained, and archivable to S3. Investor-due-diligence grade by default.
  1. **Real-time kill paths.** Every daemon has `sl session kill`. You never watch a runaway agent and hope it stops.
  1. **Full 13-persona scan depth.** Security reviewers have trusted the CLI for baseline. Now they can trust deep mode for investor-grade pre-ship audits.

Release metrics

  • 25 Claude PRs merged (infrastructure, quality, hardening)
  • 17 Codex PRs merged (Senti spec implementation)
  • 3214-line spec (MULTI_AGENT_SESSION_SPEC.md) ratified and shipped
  • SLSA provenance via Sigstore, transparency log `logIndex=1328047567`
  • Zero P0 or P1 findings on the release scan (4 P2, 1324 P3)

Install

```bash npm install -g sentinelayer-cli@next sl auth login sl /omargate deep --path . --scan-mode full-depth ```

  • Full reference: [sentinelayer.com/docs/cli/v0-8-reference](/docs/cli/v0-8-reference)
  • Senti deep dive: [sentinelayer.com/docs/senti](/docs/senti)
  • AIdenID workflows: [sentinelayer.com/docs/aidenid/agent-workflows](/docs/aidenid/agent-workflows)
  • Source: [github.com/mrrCarter/create-sentinelayer](https://github.com/mrrCarter/create-sentinelayer)

What is next

0.9 is already in motion. Themes we are actively building:

  • **Dashboard live chat** — send messages into a session from the web UI, not just the terminal
  • **Session templates** — `incident-response`, `pr-review`, `migration-planning` presets (already scaffolded, shipping in 0.9)
  • **Agent scoring** — quality score per agent across runs (is Claude producing better findings than Codex on backend code?)
  • **Wildcard routing** — persona-to-agent auto-routing based on finding type

Feedback, as always, to carther@plexaura.io.