> ## Documentation Index
> Fetch the complete documentation index at: https://docs.cotool.ai/llms.txt
> Use this file to discover all available pages before exploring further.

# Cotool Release Notes

> Product updates and release history

<Update label="Jun 26, 2026" description="v0.57.0">
  ## v0.57.0

  ✨ New

  * Added first-class [Alerts](https://docs.cotool.ai/alerts/overview) for security triage, including an alert inbox, detail pages, activity timelines, comments, assignments, dispositions, bulk actions, and response-agent triage
  * Added a HackerOne connector with webhook-triggered alert intake for vulnerability response workflows
  * Added Claude Opus 4.8 and GPT-5.5 models, and made GPT-5.5 the default chat model

  💎 Improvements

  * Improved [Response Agents as Code](https://docs.cotool.ai/agents/response-agents-as-code) with API-based schema validation, canonical YAML imports, refreshed documentation, and support for multiple GitHub sync repositories per organization
  * Added detection notification severity filters so teams can choose which detection hits should notify downstream destinations
  * Improved onboarding by sending user invite emails
  * Added a MITRE coverage view for environment-level threat model analysis
  * Added Tines record retrieval tools and expanded VirusTotal relationship pagination for deeper investigations

  🐞 Fixes

  * Fixed Slack pagination, attachment forwarding, trigger-scope replies, and expected file-upload failure handling
  * Fixed tool raw-output lookups to return the correct 404 or 401 response instead of a server error
  * Fixed bulk agent model updates, Opus 4.8 thinking settings, and stale skill extraction results
  * Fixed URLScan results that do not include screenshots
</Update>

<Update label="Jun 19, 2026" description="v0.56.0">
  ## v0.56.0

  ✨ New

  * Added a Bugcrowd integration with webhook triggers for vulnerability intake and response automation
  * Added a ChartHop integration for people and organization context in investigations
  * Response Agents as Code with GitHub GitOps sync, sample YAML agents, and managed-agent protections. Read more about it [here](https://cotool.ai/docs/response-agents-as-code).

  💎 Improvements

  * Enhanced agent improvement generation to allow for tool suggestions and richer review flows
  * Added sub-agent timeline drilldown in the agent execution panel
  * Improved navigation with semantic browser tab titles, a collapsible sidebar, and unified loading indicators
  * Made response output destinations more flexible by allowing delivery without a structured schema
  * Added configurable timeouts for unanswered Slack confirmations

  🐞 Fixes

  * Fixed deleted URLScan result handling
  * Fixed checkpointed cron execution resume
</Update>

<Update label="Jun 15, 2026" description="v0.55.0">
  ## v0.55.0

  ✨ New

  * Added a Darktrace integration for network detection and response investigations
  * Added a KnowBe4 integration with PhishER GraphQL support for phishing triage
  * Added Adaptive Shield (Falcon Shield) SaaS security support to the CrowdStrike tool
  * Added custom Slack app integration setup
  * Added agent versioning so you can track and revert agent changes over time
  * Added inline chart rendering in the chat timeline with polished light and dark theming
  * Added the ability to reply to and follow up with built-in response agents

  💎 Improvements

  * Reduced chat and agent time-to-first-token for noticeably faster responses
  * Replaced the three-dots typing indicator with a smoother dither loader
  * Added a friendlier experience for declined tools that distinguishes a rejection from an approval timeout
  * Added dark-mode contrast handling so dark tool logos stay legible
  * Refined the GitHub environment map UI on the integration details page
  * Chunked large Slack file uploads for more reliable delivery
  * Enriched detection agent run event responses with more detail

  🐞 Fixes

  * Hardened SAML organization ID handling and blocked mismatched agent chat URLs
  * Fixed sub-agent chat ownership and restored visibility of historical agent runs
  * Fixed multiple sub-agents incorrectly showing as typing after completing
  * Fixed Slack DM file uploads, missing Slack credential handling, and trigger routing for event team mismatches
  * Fixed detection output citation rendering
  * Fixed stale threat-hunt state when navigating to the intel detail page
  * Fixed persistent workspace upload finalization and attach-file path resolution across all sandbox mounts
  * Fixed RunReveal environment map checkpointing
  * Fixed conversation continuations
</Update>

<Update label="Jun 8, 2026" description="v0.54.0">
  ## v0.54.0

  ✨ New

  * Added a Persistent Agent Filesystem so agents can save and reuse files across runs
  * Added a Spacelift integration for infrastructure-as-code investigations
  * Added Jira Service Management alert creation as an agent output destination
  * Added a Linear team issue listing tool for richer ticket investigations
  * Added job dependencies so scheduled and chained jobs run in the correct order
  * Added configurable SCIM provisioning, plus public SAML and SCIM identity provider documentation
  * Added support for sandbox file attachments in Slack messages

  💎 Improvements

  * Redesigned the home page feed into clearer sections
  * Added a better error handling on the frontend
  * Enhanced the executive dashboard with URL-encoded time windows, a one-year preset, and a refined date picker
  * Consolidated threat intel exposure and relevancy into a single exposure badge, with cited evidence on the detail page
  * Improved prompt suggestions with deterministic diff patches, an upgraded model, and timeout retries
  * Improved sandbox reliability with runtime file rehydration, emoji support in generated PDFs, and fewer storage writes for sub-agents
  * Optimized agent run feed query performance

  🐞 Fixes

  * Fixed recurring job failure handling, scheduler serialization conflicts, and preserved agent error status on execution failure
  * Fixed sandbox recovery after mid-flight container termination and Anthropic assistant prefill failures
  * Fixed detection workflows including draft chat conflicts, validation error preservation, default output delivery, and SentinelOne custom rule filters
  * Fixed threat intel IOC status normalization, duplicate source error handling, and hunt intel filtering
  * Fixed built-in agent filtering, the agent runs table loading spinner, and the Cotool Eval popover overflow
</Update>

<Update label="May 29, 2026" description="v0.53.0">
  ## v0.53.0

  ✨ New

  * Added organization notification settings for detection and response output delivery
  * Added ExtraHop RevealX, Semgrep, ClickHouse, and Obsidian Security integrations
  * Added GitHub commit history and blame tools for richer repository investigations
  * Added IOC list views and MISP Hunt intel sources for easier threat intelligence review

  💎 Improvements

  * Improved threat intelligence management by combining sources, cleaning up MISP sync, and retrying failed API sync results
  * Enhanced detection workflows with evidence on detail pages, agent type filtering, cleaner hit displays, and unified run pagination
  * Improved sub-agent UX with progress previews, drawer breadcrumbs, and clearer nested agent timelines
  * Enhanced audit logs with richer filters, user and tool filtering, native tool hiding, and infinite scroll
  * Improved Slack agent workflows with run-button configuration and support for user replies
  * Improved performance and reliability for chat history rendering, large tool outputs, worker scaling, and queued jobs

  🐞 Fixes

  * Fixed SAML definitions and tool-auth redirects that could land on removed routes
  * Fixed cached token usage counts, chat title fetching, and audit log load-more loops
  * Fixed paused job re-enqueueing, stale timed-wait resumes, blocked cron rescheduling, and chat deletion cleanup
  * Fixed Freshworks endpoint handling, Sumo Logic monitor listing, and Google Maps tool rendering
  * Fixed streaming permissions and ambiguous Linear workspace bindings
</Update>

<Update label="May 15, 2026" description="v0.52.0">
  ## v0.52.0

  ✨ New

  * Linear ticket output destinations for detection agents, so generated detections can be delivered directly into Linear
  * Linear agent trigger endpoint for starting Linear-linked agent workflows programmatically
  * Detection hit evidence capture with cited tool calls, richer query result displays, and clearer evidence review
  * Bulk skill imports from folders to make large skill library setup faster

  💎 Improvements

  * Improved Wiz investigations by consolidating agent tools and streamlining principal activity handling
  * Enhanced Datadog detection authoring with better rule generation, validation, and helper coverage
  * Improved Sumo Logic compiler feedback with stronger parsing advisories and empty-result validation
  * Refined structured output rendering with schema previews and a cleaner detection output viewer
  * Improved custom RSS feed setup with URL validation before feeds are saved
  * Enhanced threat intelligence ingestion with cross-source deduplication, huntability filtering, and Socket Blog support

  🐞 Fixes

  * Fixed stale assistant-final chat jobs that could leave conversations in an inconsistent state
  * Fixed Slack upload and channel handling edge cases in agent workflows
</Update>

<Update label="May 10, 2026" description="v0.51.0">
  ## v0.51.0

  ✨ New

  * FireHydrant incident response integration for bringing incident context into agent workflows
  * Glean search and document access as a new knowledge source for agents
  * Detection hit denoising with subagents to help reduce noisy findings
  * Bulk deletion for response agents to make cleanup faster

  💎 Improvements

  * Sumo Logic query validation now uses a formal parser, improving detection query feedback and reliability
  * Sumo Logic environment mapping now supports editable descriptions, runtime variable updates, and larger mappings
  * Detection agent workflows now support step reordering and a cleaner detection hits interface
  * Structured output generation is more consistent, including retries after interrupted generation
  * Agent run acceptance criteria now evaluate errored executions so failures still get useful feedback
  * Executive dashboard chart legends and MITRE previews have clearer layouts
  * Restored complete agent YAML exports for easier backup and migration

  🐞 Fixes

  * Fixed Glean visibility in the integrations list
  * Fixed Sumo Logic environment mapping edge cases and mapping limits
  * Fixed detection hit handling and display issues
  * Fixed chat resume, sandbox race, and job enqueue edge cases that could interrupt agent runs
</Update>

<Update label="May 5, 2026" description="v0.50.0">
  ## v0.50.0

  ✨ New

  * Private skills for keeping organization-specific workflows scoped to the right users and agents
  * Exa web search as a selectable agent tool for fresh web context

  💎 Improvements

  * Detection hit workflows that let detection agents inspect hits and call tools from hit context
  * Enhanced diff rendering and change review for agent instructions and detection suggestions
  * Added agent run rate limiting and clearer API-triggered run reporting
  * Improved skills pages with better private skill visibility and invocation counts
  * Improved tool auth redirects, Panther setup guidance, and remote MCP failure handling

  🐞 Fixes

  * Agent instruction feedback can now use full conversation history
  * Fixed LLM-based agent timeouts and duplicate job handoff execution errors
  * Fixed detection hit row display when no category is set
  * Fixed executive dashboard copy
  * Various additional bug fixes
</Update>

<Update label="Apr 28, 2026" description="v0.49.0">
  ## v0.49.0

  ✨ New

  * Executive Dashboard in the app, with one-click export to PDF or Markdown
  * Pin chats to keep important conversations at the top of your sidebar

  💎 Improvements

  * Detection generation jobs can now leverage any tools, CLIs, and MCPs
  * TheHive case attachment uploads so agents can attach files directly to cases
  * Vectra close detection workflow for closing detections from agent runs
  * Datadog detection authoring now respects the groupSignalsBy ⊆ groupByFields constraint, reducing invalid rule attempts

  🐞 Fixes

  * Prevent overlapping Slack thread executions so concurrent triggers no longer interfere with each other
  * Fixed quote finding in threat model
  * Gracefully handle invalid agent output settings instead of erroring
  * Fixed detection wait resume payload lookup so paused detection agents reliably resume
</Update>

<Update label="Apr 24, 2026" description="v0.48.0">
  ## v0.48.0

  ✨ New

  * Auto Detect: Cotool will automatically generate detection agents grounded in your threat model
  * Microsoft Teams as an output destination for agents and detections alongside Slack
  * threatER IOC lookup integration for threat intelligence enrichment
  * Jira file attachment action so agents can attach files directly to issues
  * PDF generation in chat and agent runs
  * AWS assumed-role authentication for CLI-backed cloud investigations

  💎 Improvements

  * CLI data sources are now available in threat model generation, built-in agents, and new detection agents
  * Custom instructions can be provided per detection agent run for more targeted generation
  * Improved investigation plan editing with clearer affordances
  * Skills now surface missing-tool warnings inline when assigning to agents
  * Agent YAML import and export now supports skills
  * Structured outputs are gated to the first chat turn to avoid interfering with follow-up messages
  * Enhanced error handling and reliability for Push Security, VirusTotal, SentinelOne custom rules, and Wiz principal investigations
  * Removed the legacy memory framework to simplify agent and tool configuration

  🐞 Fixes

  * Added a dedicated retrying status for background jobs to prevent premature failure marking
  * Fixed chart SVG escaping that broke rendered chart images
  * Fixed unstable chat asset selection and assistant message markdown rendering
  * Fixed agent run rename ownership so only the owning user can rename
  * Fixed legacy agents breaking when assigned skills with mismatched tool requirements
  * Fixed full-screen modal backdrops, dark mode checkbox styling in tool and CLI selectors, and new-button overflow on agent pages
</Update>

<Update label="Apr 15, 2026" description="v0.47.0">
  ## v0.47.0

  ✨ New

  * Threat Model Beta: Cotool builds a dynamic threat model on your behalf and makes it available as a skill to your agents.
  * Dynamically provisioned sub-agents are now available in chat and agents by default. These increase performance (latency and improve context use)
  * Support for AWS Google Cloud CLI support in sandbox chats and agents. Integrate us directly into your cloud infra for detection and response

  💎 Improvements

  * Expanded Armis support with site listing, site-scoped asset search, and a smoother authentication flow
  * Tool selection is faster with new Select all and Clear all actions in the tool selector modal
  * Prompt version history now sorts newest versions first

  🐞 Fixes

  * Improved handling for Anthropic context reduction errors in long or tool-heavy conversations
  * Vectra investigations now fail more gracefully when data is temporarily unavailable
</Update>

<Update label="Apr 13, 2026" description="v0.46.0">
  ## v0.46.0

  ✨ New

  * Added Armis, Nightfall, Vectra, and CircleCI integrations
  * Parallel tool calling: Agent turns now execute tool calls in parallel for faster multi-tool workflows

  💎 Improvements

  * Expanded GitHub workflows with PR review and inline comment retrieval, clearer progressive disclosure, and more resilient environment summarization
  * Improved Microsoft Graph admin investigations with richer user profiling
  * Expanded Wiz investigation coverage across issues, cloud resources, network exposures, configuration findings, detections, users, and application endpoints
  * Improved chat usability with one-click copying for assistant messages and code blocks
  * Improved Okta system log search reliability and rate-limit handling

  🐞 Fixes

  * Fixed GitHub pagination limits that could previously truncate results for large repositories
  * Fixed Slack directory refresh jobs when required scopes are missing
</Update>

<Update label="Apr 7, 2026" description="v0.45.0">
  ## v0.45.0

  ✨ New

  * Improved Detection Agent experience: no base-queries, just runbooks
  * Added Twingate integration
  * Added WhiteIntel integration

  💎 Improvements

  * Reworked detection authoring and tool configuration for a smoother builder experience
  * GitHub integration now supports repository rulesets
  * SentinelOne now supports endpoint lookup and secure file fetches from agents
  * Chat and home page now remember your selected tools more reliably
  * Added invite-based account onboarding and bootstrap setup flow

  🐞 Fixes

  * Various bug fixes and perf improvements
</Update>

<Update label="Apr 2, 2026" description="v0.44.0">
  ## v0.44.0

  ✨ New

  * Slack tool actions can be configured to only operate on approved channels
  * CrowdStrike NG SIEM integration for querying next-generation SIEM data directly in Cotool
  * Socket integration now supports listing alerts

  💎 Improvements

  * IOC indicators on threat intelligence detail pages can now be exported as CSV
  * Improved file attachment handling during memory extraction for more reliable context capture
  * New and improved tool section UX

  🐞 Fixes

  * Various minor UI fixes
</Update>

<Update label="Mar 30, 2026" description="v0.43.0">
  ## v0.43.0

  ✨ New

  * Acceptance criteria for response agents: add acceptance criteria to your agents to get notifications when they go off-trajectory
  * Universal CMD+K command bar for quickly navigating agents, chats, and actions from anywhere in the app
  * Custom RSS feed management for threat intelligence — add and manage your own feeds

  💎 Improvements

  * Faster chat loading with optimistic prefetching of message history
  * Reddit r/cybersecurity added as a built-in threat intelligence source
  * Copy-to-clipboard button added to markdown code blocks in the agent details panel
  * File downloads in chat — the agent can now surface generated files directly in the conversation timeline
  * Detection authoring now shows the full agent run experience with streaming output

  🐞 Fixes

  * Fixed chat requests being rejected when some tools were temporarily unavailable
  * Fixed filtering on the agent runs list
  * Improved our slack integration
  * Fixed sandbox desktop file browser height
</Update>

<Update label="Mar 24, 2026" description="v0.42.0">
  ## v0.42.0

  ✨ New

  * Redesigned home page
  * Desktop view and file browser for sandbox environments
  * Full-text search across agent run
  * Agent-to-agent trigger indicators and bulk-editing on the Agents page

  💎 Improvements

  * Redesigned threat intelligence detail page with improved research layout and feed filters
  * Chat lifecycle audit logs for tracking chat events
  * Improved prompt version history with date-sorted versions and scrollable containers

  🐞 Fixes

  * Fixed Linear OAuth token refresh and re-authentication flow
  * Fixed Sublime detection sidebar branding
  * Fixed Detection Suggestion custom instructions character limit bug
</Update>

<Update label="Mar 16, 2026" description="v0.41.0">
  ## v0.41.0

  ✨ New

  * Everything Computer: sandbox mode is now on by default in all agents and chats.
  * Skills: Create reusable instruction packages that can be shared across agents, with support for importing and exporting Agent Skills

  💎 Improvements

  * GPT-5.4 is now the default model for new chats
  * Suggested Detections now supports instructions, manual "Run now" controls, and clearer job status visibility
  * Improved long-chat reliability with automatic context compaction and better handling for tool-heavy conversations
  * Code blocks in chat now include a one-click copy button

  🐞 Fixes

  * Fixed Datadog querying and detection authoring issues caused by custom `@` field handling
  * Fixed TheHive alert update behavior and related integration issues
  * Misc Bug Fixes
</Update>

<Update label="Mar 10, 2026" description="v0.40.0">
  ## v0.40.0

  ✨ New

  * Wait tool: Agents can now pause and automatically resume on a schedule, enabling timed workflows and delayed actions
  * Detection suggestion review and query generation: Overhauled detection authoring with suggestion refinement and query validation
  * GPT-5.4 model support

  💎 Improvements

  * Enhanced detection editor sidebar with improved Datadog log utilities
  * Improved Code42 event retrieval
  * Eval harness now surfaces critical issue status reporting with evaluation score
  * Detection run results now link directly to the agent that generated them
  * Better sandbox file handling
  * Improved agent run reliability

  🐞 Fixes

  * Fixed issues with browserbase integration in sandbox mode
</Update>

<Update label="Feb 26, 2026" description="v0.39.0">
  ## v0.39.0

  ✨ New

  * Detection Hits Page: A centralized feed of all hits across your detection agents [View here](https://app.cotool.ai/detections)
  * Freshworks integration for managing tickets
  * Response agent output hooks: Configure where your response agent's structured output gets delivered after each run. From the response agent's settings page, add one or more output destinations — Slack channels, webhooks, or PagerDuty — and Cotool will automatically POST the run metadata and structured output to each destination every time it executes.

  💎 Improvements

  * GPT-5.3-Codex model support
  * LLM judge now flags critical issues for review
  * Ability to disable Datadog detection rules directly from the editor

  🐞 Fixes

  * Fixed Slack Markdown rendering
  * Fixed OAuth login redirect after authentication
  * Improved Notion experience when not authenticated
  * Misc bug fixes
</Update>

<Update label="Feb 18, 2026" description="v0.38.0">
  ## v0.38.0

  ✨ New

  * Improved Detection rule authoring experience
  * Sublime Security ActionMessage analysis for enriched alert context
  * Slack user group search tool for finding and messaging groups
  * Claude Sonnet 4.6 (with 1 million token context length) support

  💎 Improvements

  * Improved Slack Trigger experience
  * Added Material Security mark-in-progress support

  🐞 Fixes

  * Misc bug fixes and performance improvements
</Update>

<Update label="Feb 12, 2026" description="v0.37.0">
  ## v0.37.0

  ✨ New

  * Detection Rule Authoring: Complete experience overhaul with inline result previews and draft, proposal, and publishing workflows
  * Linear Agents: @mention or assign Cotool directly in Linear issues to trigger agents with real-time streaming responses, live progress updates, and conversation continuity in your issue threads
  * Sandbox mode for response agents with sandboxed computer-use capabilities
  * Claude Opus 4.6 model support (released Feb 5, 2026)
  * Intel Feed tool support for automated detection rule exploration

  💎 Improvements

  * Faster load times for chat messages and agent execution history
  * Github tools now include closing and merging PRs
  * Enhanced Linear trigger setup and webhook configuration experience
  * Improved detection agent output formatting
  * Deep linking to detection agents from execution history
  * Dynamic tool list rendering in chat interface

  🐞 Fixes

  * Fixed detection authoring entity tabs and agent instruction input
  * Fixed multiple agent loop error handling issues for better user-visible messaging
</Update>

<Update label="Feb 2, 2026" description="v0.36.0">
  ## v0.36.0

  ✨ New

  * Tines Cases integration
  * RunReveal integration
  * New Audit Logging UI / UX

  💎 Improvements

  * Detection agents now display query hit counts for better visibility
  * Minor detection agent improvements
  * SumoLogic environment mapping enhancements
  * Agent builder UI improvements

  🐞 Fixes

  * Fixed custom Databricks & MCP server logos display
  * Fixed title truncation and button labels in UI
  * Fixed structured outputs rendering in chat
  * Fixed diff generation for prompt suggestions
</Update>

<Update label="Jan 27, 2026" description="v0.35.0">
  ## v0.35.0

  ✨ New

  * Suggested Detections Tab: Cotool now automatically suggests good detection rule candidates to improve coverage in your environment
  * RunReveal integration for log analysis and detection authoring
  * MCP Resources support for attaching context from MCP servers to chats

  💎 Improvements

  * Enhanced Slack tooling: Slack now supports file attachments alongside sent messages (screenshots, charts, pdfs, etc.)
  * Code42 integration improvements

  🐞 Fixes

  * More reliable evaluations
  * Fixed share option appearing incorrectly on agent pages
</Update>

<Update label="Jan 22, 2026" description="v0.34.0">
  ## v0.34.0

  💬 Slack Improvements 💬

  * Replying to Cotool in a thread will continue the existing agent run
  * You can now DM Cotool and it will create a private chat which can be continued in 🧵
  * The full details are [here](https://docs.cotool.ai/integrations/communication/slack). You will have to [reauth the Slack integration](https://app.cotool.ai/tools/slack) to use the DM feature.

  ✨ Additional New Features

  * PagerDuty integration (also is supported as a Detection Agent Destination)
  * API key authentication support for custom MCP servers

  💎 Improvements

  * Slack threads with Agents are now re-entrant
  * GPT-5.2 is now the default model for new chats
  * Enhanced sandbox code execution display in chat event drawer
  * Improved email parsing for triggers with better decoding and formatting

  🐞 Fixes

  * Fixed Slack integration issues for large organizations
  * Fixed trigger save errors when configuring agent triggers
  * Fixed miscellaneous alert display issues
</Update>

<Update label="Jan 15, 2026" description="v0.33.0">
  ## v0.33.0

  ✨ New

  * Chat sharing for collaboration on agent conversations
  * Slack as a detection output destination
  * Slack confirmations allowing agents to request user approval before taking actions
  * GPT-5.2 model support

  💎 Improvements

  * Enhanced agent template capabilities with tool associations
  * Increased frontend timeout values for long-running operations

  🐞 Fixes

  * Fixed Scanner tool definition backwards compatibility issue
</Update>

<Update label="Jan 9, 2026" description="v0.32.0">
  ## v0.32.0

  ✨ New

  * Sumo Logic integration

  💎 Improvements

  * Enhanced Scanner indexing with improved detection suggestions
  * In-agent Scanner validation for detection authoring
  * Admin controls to disable login methods (Google, password, SAML)

  🐞 Fixes

  * Fixed GitHub create PR tool
  * Fixed Formal integration
</Update>

<Update label="Dec 30, 2025" description="v0.31.0">
  ## v0.31.0

  ✨ New

  * Tags for agents and detections with sortable, filterable tables
  * Custom scheduling cadence for detection agents
  * Google Admin integration for detection authoring

  💎 Improvements

  * Agent run infrastructure is more durable
  * Detection agents can now use other agents as tools
  * Improved reasoning token streaming and updated reasoning UI behavior
  * Detection authoring experience improvements
  * Chat interruption handling with improved UI feedback
  * Agent details full screen button now has a tooltip
  * Schedule status chips for detection agents
  * Improved detection and agent list pages with better table controls

  🐞 Fixes

  * Various visual UI and UX fixes
  * Fixed missing fields in detection builder
  * Fixed memories CSV export error
</Update>

<Update label="Dec 19, 2025" description="v0.30.0">
  ## v0.30.0

  ✨ New

  * Agent templates for quick setup and common use cases
  * Output destinations for detection agents
  * Toggle to enable or disable detection agents

  💎 Improvements

  * Unsaved changes warning now appears across all pages

  🐞 Fixes

  * Fixed streaming state not updating correctly in chat
  * Fixed execution plan display in chat message timeline
</Update>

<Update label="Dec 14, 2025" description="v0.29.0">
  ## v0.29.0

  ✨ New

  * *🔎 Our Agentic Detections Platform is out in Beta 🔍*: Our detection platform allows for users to specify complex detections which go beyond rule-based detections to catch complex threats in their environment.
  * Check out the detections tab in Cotool to see detection suggestions for your environment!

  💎 Improvements

  * TheHive: Create case from alert capability
  * Improved Splunk querying capabilities
  * Enhanced datetime handling utilities

  🐞 Fixes

  * Fixed Jira 204 response handling
  * Fixed detection authoring for Scanner
</Update>

<Update label="Dec 10, 2025" description="v0.28.0">
  ## v0.28.0

  ✨ New

  * Slack integration now supports targeting groups and channels in addition to individual users

  💎 Improvements

  * Enhanced Splunk query validation with parser that identifies invalid fields
  * Added listApps tool and improved detection tools for Splunk integration
  * Improved subagent tools display and UX in chat interface
  * Added updatedAt filter to TheHive listCases and updated listAlerts

  🐞 Fixes

  * Fixed Unix timestamp conversion in datetime utilities
  * Fixed table component rendering issues
  * Fixed trigger email rename functionality
  * Fixed agent run deletion from chat page
</Update>

<Update label="Dec 03, 2025" description="v0.27.1">
  ## v0.27.1

  💎 Improvements

  * Enhanced theHive integration with improved filtering capabilities

  🐞 Fixes

  * Fixed persistent context compression notice remaining visible across chat navigation
  * Fixed navigation bug after deleting a chat
  * Fixed memory handling for code42 integration
  * Agent triggers are now automatically deleted when their parent agent is deleted
</Update>

<Update label="Dec 02, 2025" description="v0.27.0">
  ## v0.27.0

  ✨ New

  * Claude Opus 4.5 model now available for agent conversations

  💎 Improvements

  * Improved structured output schema handling with dedicated JSON schema types
  * Added comprehensive documentation for structured outputs
  * Refreshed tool environment map UI for better usability
  * Improved pie chart component consistency

  🐞 Fixes

  * Fixed login page styling issues
  * Fixed "show raw output" button in tool result drawer
  * Fixed automatic saving and scrolling in schema builder JSON mode
  * Fixed Crowdstrike integration errors
</Update>

<Update label="Nov 24, 2025" description="v0.26.0">
  ## v0.26.0

  ✨ New

  * Structured outputs for agents: Define JSON schemas to receive structured responses from agent runs
  * GPT 5.1 model support
  * Formal integration for infrastructure access management

  💎 Improvements

  * URLScan now prefers private scans by default for enhanced privacy
  * Improved retry configuration for better reliability
  * Restored tool call ordering for consistent execution
  * Enhanced timeout logging for background jobs
  * Reduced MITRE map file size for improved performance

  🐞 Fixes

  * Fixed prompt suggestions type handling and checkpoints
  * Fixed socket connection stability issues
  * Fixed sending messages from the side panel
  * Fixed various agent loop bugs
</Update>

<Update label="Nov 17, 2025" description="v0.25.0">
  ## v0.25.0

  ✨ New

  * Role Based Access Control is now live!!! See the [documentation](https://docs.cotool.ai/settings/roles-permissions-overview) for how to get started

  💎 Improvements

  * Enhanced Splunk query refinement and tool prompts
  * Context counter now displays warning when approaching limits
  * Detection documentation published
  * Splunk timeout configuration now available in frontend
  * Webhook details now displayed when editing

  🐞 Fixes

  * Fixed JSON repair handling for empty objects and nullable fields
  * Fixed icon display issues in documentation
</Update>

<Update label="Nov 12, 2025" description="v0.24.0">
  ## v0.24.0

  ✨ New

  * Integration enable/disable feature: You can now enable or disable integrations from the tools details page without removing credentials

  💎 Improvements

  * Enhanced Splunk search with pagination, automatic query timeout (with query cancelation) after 2 minutes
  * Removed Splunk wildcards on index parameter and prefix wildcards to prevent performance degradation

  🐞 Fixes

  * Made endTime parameter required for SentinelOne PowerQuery
</Update>

<Update label="Nov 6, 2025" description="v0.23.0">
  ## v0.23.0

  ✨ New

  * Built-in Managed Investigation Agent with Intel Feed exposure checking
  * Planning mode selector in agent creation UI

  💎 Improvements

  * Filter built-in agents from agent builder UI
  * User email now included in application logs
  * Google Drive auth now displays authenticated user
  * Delete user button added to accounts page
  * Cron-triggered agent run titles are now static

  🐞 Fixes

  * Fixed SentinelOne and agent system prompt issues
  * Streamlined Google Drive authentication flow
  * Fixed type errors in agent loop
  * Removed `any` type usage for better type safety
  * Agent loop no longer throws unhandled errors
  * Fixed missing tools in agent execution loop
</Update>

<Update label="Nov 5, 2025" description="v0.22.0">
  ## v0.22.0

  ✨ New

  * Elasticsearch integration with MITRE mapping
  * Sublime Security MDM documentation tool
  * Account listing functionality

  💎 Improvements

  * theHive comment function requirements clarified
  * Visual feedback when saving settings

  🐞 Fixes

  * Fixed ephemeral authentication failure issue
</Update>

<Update label="Oct 29, 2025" description="v0.21.0">
  ## v0.21.0

  ✨ New

  * Confluence documentation integration
  * Agent performance metrics in logs and lists
  * Scanner environment job with dedicated UI

  💎 Improvements

  * Added support for observables in theHive
  * API documentation improvements

  🐞 Fixes

  * Fixed 400 error responses
  * Removed LRU cache from tool credentials
  * Fixed insights page default graph and tab
  * Fixed documentation generation
</Update>

<Update label="Oct 27, 2025" description="v0.20.0">
  ## v0.20.0

  ✨ New

  * Mintlify documentation site

  💎 Improvements

  * MITRE rule mapping optimization
  * Chat access permissions simplified

  🐞 Fixes

  * Fixed memory tool association bug in UI
  * Fixed missing chat retrieval bug
</Update>

<Update label="Oct 20, 2025" description="v0.19.0">
  ## v0.19.0

  ✨ New

  * Scanner environment job and UI

  💎 Improvements

  * Consolidated and deduped prompt suggestions
  * Updated Linear webhook configuration

  🐞 Fixes

  * Fixed document search authentication issues
  * Fixed chat repository issues
  * Fixed token counter for LLM judge
</Update>

<Update label="Oct 7, 2025" description="v0.18.0">
  ## v0.18.0

  ✨ New

  * AI-powered agent suggestions feature
  * Evaluation scores in agent run detail headers

  💎 Improvements

  * Context manager applied to LLM judge evaluations

  🐞 Fixes

  * Fixed API documentation rendering
  * Fixed possible recursive agent reference issue
</Update>

<Update label="Sep 29, 2025" description="v0.17.0">
  ## v0.17.0

  ✨ New

  * Task planning in chat and agents

  💎 Improvements

  * Extended agent execution loop retry policy
  * Wiz integration with projectId filtering
  * Improved model selector UI

  🐞 Fixes

  * Fixed context error when generating agents from chat
  * Fixed Document Parser 404 responses
  * Multiple database query fixes
</Update>

<Update label="Sep 26, 2025" description="v0.16.0">
  ## v0.16.0

  💎 Improvements

  * Linear status detection for better model understanding
  * More aggressive context window management
</Update>

<Update label="Sep 23, 2025" description="v0.15.0">
  ## v0.15.0

  ✨ New

  * LLM judge scoring in agent details UI
  * Context manager implementation

  💎 Improvements

  * User deletion capability for admins

  🐞 Fixes

  * Fixed visual bugs in agent evaluation UI
  * Fixed chat interruption error display
  * Fixed Splunk and Hive schemas for Gemini/OpenAI
  * Fixed time conversion tool for OpenAI
</Update>

<Update label="Sep 22, 2025" description="v0.14.0">
  ## v0.14.0

  ✨ New

  * Organization insights dashboard with metrics

  💎 Improvements

  * Slack message writing guidance

  🐞 Fixes

  * Fixed time conversion tool schema for Gemini
</Update>

<Update label="Sep 22, 2025" description="v0.13.0">
  ## v0.13.0

  💎 Improvements

  * Token counter improvements

  🐞 Fixes

  * Fixed webhook trigger errors
  * Fixed 404 error handling
  * Fixed null/undefined content checks
</Update>

<Update label="Sep 16, 2025" description="v0.12.0">
  ## v0.12.0

  ✨ New

  * Tool cache versioning

  💎 Improvements

  * Jira tool updates
  * Reasoning token saving for Anthropic models

  🐞 Fixes

  * Fixed agent follow-up in agent details
</Update>

<Update label="Sep 16, 2025" description="v0.11.0">
  ## v0.11.0

  ✨ New

  * Agent details page redesign
  * Stop chat during tool call execution

  💎 Improvements

  * Token counter and context window improvements
  * Agent linking to sub-agents

  🐞 Fixes

  * Fixed critical error display
  * Fixed Document Parser image parsing
  * Fixed deleted chat error
</Update>

<Update label="Sep 9, 2025" description="v0.10.0">
  ## v0.10.0

  ✨ New

  * Chat title updates now stream in real-time

  💎 Improvements

  * Error classification and handling improvements
  * Token counting accuracy

  🐞 Fixes

  * Fixed SentinelOne 504 errors
  * Fixed Linear tool null pointer exception
  * Fixed thumbs feedback icon in light mode
</Update>

<Update label="Sep 7, 2025" description="v0.9.0">
  ## v0.9.0

  ✨ New

  * Material Security integration

  💎 Improvements

  * Sentry error tracking improvements
  * Scanner query timeout extended
  * Splunk tool descriptions

  🐞 Fixes

  * Fixed sliding context window implementation
</Update>

<Update label="Sep 5, 2025" description="v0.8.0">
  ## v0.8.0

  ✨ New

  * Intel Feed integration
  * Sentry error tracking

  💎 Improvements

  * Memory tool improvements
  * Splunk mapping with retry logic

  🐞 Fixes

  * Fixed SentinelOne issues
  * Fixed object generation flakiness
  * Fixed memory bugs
</Update>

<Update label="Sep 2, 2025" description="v0.7.0">
  ## v0.7.0

  ✨ New

  * Email trigger functionality

  💎 Improvements

  * SentinelOne MITRE mapping
  * Splunk mapping optimizations

  🐞 Fixes

  * Fixed email trigger issues
</Update>

<Update label="Sep 1, 2025" description="v0.6.0">
  ## v0.6.0

  ✨ New

  * Time conversion tool
  * Detection authoring capabilities

  🐞 Fixes

  * Fixed agent system prompt bug
  * Fixed tool schema parsing
</Update>

<Update label="Aug 28, 2025" description="v0.5.0">
  ## v0.5.0

  ✨ New

  * Scheduled job execution

  💎 Improvements

  * Slack attachment parsing
  * IP lookup tool error handling

  🐞 Fixes

  * Fixed detection counts
  * Fixed Splunk issues
  * Fixed browser-use error rendering
</Update>

<Update label="Aug 26, 2025" description="v0.4.0">
  ## v0.4.0

  ✨ New

  * Memory management in UI
  * Splunk exploration capabilities

  💎 Improvements

  * SentinelOne tool enhancements

  🐞 Fixes

  * Fixed chat migration issues
  * Tool call loop error handling improved
  * Fixed Scanner implementation
</Update>

<Update label="Aug 25, 2025" description="v0.3.0">
  ## v0.3.0

  ✨ New

  * SAML login audit logging
  * Scanner integration with MITRE mapping
  * Splunk integration with MITRE mapping

  💎 Improvements

  * SentinelOne PowerQuery functionality
  * Auto-provision access for SAML logins
  * Agent description notice improvements
</Update>

<Update label="Aug 24, 2025" description="v0.2.0">
  ## v0.2.0

  ✨ New

  * SAML authentication support
  * Hive integration
  * Splunk integration

  💎 Improvements

  * Increased Claude Sonnet context window

  🐞 Fixes

  * Fixed Hive authentication
</Update>

<Update label="Aug 19, 2025" description="v0.1.0">
  ## v0.1.0

  ✨ New

  * File attachments in chat
  * Browser automation tool

  💎 Improvements

  * Distributed caching for tool status
  * Cross-organization chat support

  🐞 Fixes

  * Fixed tool use confirmation rendering
  * Chat stop functionality restored
</Update>
