Search K
Appearance
Jan 29, 2026 - SaaS - v9.133.3.3
AI Guardrails
UI enhancements
Projects
Users can now filter projects by type: agentic, app, bot, chat.
We added a search bar to the Project > Add Scanners page, making it easy to quickly find a specific scanner or scanner package.
Scanners
Scanners with no published versions appear disabled, to better distinguish them from active scanners. Click on the scanner to View versions and select a version to publish.
We added icons to the Scanners page to better distinguish packages from individual scanners.
The Rename package option is now Edit package. Users can not only rename the package in this view, but can also add and remove scanners.
Unnecessary filter and sort controls have been removed from the CalypsoAI scanners list and the search field and Build button are aligned to make the UI more compact.
The Custom scanners list has a new filter dropdown with more options and controls.
We improved bulk selection of custom scanners and packages by making the checkboxes visible at all times.
Playground
- When testing a scanner package with a custom dataset, users can now see the aggregated F1 score for the whole package, not just the individual scanners inside the package.
AI Red Team
February attack pack: Invasive context engineering
This month's update introduces Invasive Context Engineering, a sophisticated attack vector designed to test how LLMs stay aligned to their intent during long conversations.
This attack exploits a weakness in LLM alignment—the longer the context, the weaker the influence of system instructions and directives. Injecting small, repeated instructions into a request can anchor the model’s attention on those instructions instead of its initial programming, making it vulnerable to adversarial control or alignment drift.
The February pack contains over 10,000+ new attacks, comprising 1,500 plaintext prompts across 58 intents and 7 converters. This update adds 123 invasive context engineering prompts to our arsenal.
Other Red Team enhancements
Attack vector names in the mitigation actions list now use sentence case, aligning them with the campaign panel and our styling guidelines for improved consistency and readability.
The Reports table was getting cluttered, so we removed the campaign and schedule columns and made the progress bar more compact.
Agentic fingerprints is no longer in beta and is ready for general use.
Bug fixes
Users trying to set up or connect to Anthropic models may have encountered an API error due to an API change at the provider. Resolution: Fixed.
After unpacking a remediated scanner package, the test link on the Remediation page led to an “Unexpected error” page due to the scanner package not being found. Resolution: Fixed.
The org_id taken from context in the bot service did not match the chatbot’s org_id, causing Slack bots to be broken for any organisation outside the system/admin org. Resolution: Fixed.
Project scanner counts became inconsistent between the UI, API, and scan results under rapid scanner updates, causing non-zero counts to persist after scanners were removed. Resolution: Fixed.
Multiple active entitlements could be created for a single organisation due to a race condition, resulting in a broken organisation state. Resolution: Fixed.
Attack campaign names exceeding 100 characters ran off the screen and could not be fully viewed due to missing text wrapping or horizontal scrolling. Resolution: Fixed.
Clicking any option within custom scanner filters caused the playground panel to close unexpectedly. Resolution: Fixed.
The Settings save button became stuck in a loading state when the retention confirmation dialog was dismissed by clicking the close icon or outside the popup. Resolution: Fixed.
An unclear “Unexpected error” message was shown when rescheduling a report with a past start time, instead of indicating that the start time must be in the future. Resolution: Fixed.
The data retention input allowed excessively large values to be entered, leading to invalid numbers (e.g., scientific notation) and backend errors due to integer limits. Resolution: Fixed.
Regex test highlighting did not apply on the first valid match, only appearing after additional input was entered and then persisting when the extra text was removed. Resolution: Fixed.
In the Playground, a “Text Copied” message appeared prematurely when hovering over a prompt, before the user clicked the copy icon. Resolution: Fixed.
The Chat page unexpectedly formatted pasted text containing bullet points as code snippets, despite no markdown syntax being present. Resolution: Fixed.
A 500 error occurred when attempting to enable a scanner that had been previously unpackaged from a scanner package, preventing the scanner from being enabled individually. Resolution: Fixed.
The Edit Package panel incorrectly displayed a “Search” icon in the package name input field, causing confusion since the field is used to edit the package name, not perform a search. Resolution: Fixed.
Blocked response warning messages in Chat did not include the associated promptId, making it harder to identify the affected prompt. Resolution: Fixed.
Tables in chat responses were not rendered correctly, displaying excessive blank lines instead of properly formatted tables. Resolution: Fixed.
Redaction was not applied to response content when using OpenAI compatibility, causing sensitive data to remain not redacted in the returned payload despite being redacted in logs. Resolution: Fixed.
A “global” project briefly appeared on the Projects page after clearing filters. Resolution: Fixed.
Downloading dataset results failed with an unexpected “file not found” error, preventing users from accessing completed dataset outputs. Resolution: Fixed.
On the Audit Logs page, the event name was incorrectly displayed beneath the user instead of in its designated field. Resolution: Fixed.
The Chat side panel did not use available vertical space after the footer was removed, resulting in a smaller-than-necessary chat area. Resolution: Fixed.
Selecting a user in the filters panel caused the Datasets panel to close unexpectedly. Resolution: Fixed.
Error messages in the Connections form could be cut off when too long, preventing users from viewing the full message. Resolution: Fixed.
Scanner names were unnecessarily truncated despite sufficient space to display the full name. Resolution: Fixed.
The Reset action in Projects > Scanners > Edit Scanner Response behaved unexpectedly by closing the text box instead of restoring the original text, and the reset change was not immediately reflected due to a caching issue until the panel was reopened. Resolution: Fixed.
Known Issues
When filtering custom scanners by type, scanners in packages are not included in the results.
In the Attack campaigns table, reports that are scheduled for the future are incorrectly showing a Last run time.
In the Playground, datasets with the wrong case in the column head (
Labelinstead oflabel) are allowed to run, but the job will fail.