erichs · erichs · Dec 20, 2025 · Dec 19, 2025 · Dec 19, 2025 · Dec 19, 2025
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
@@ -21,7 +21,7 @@ jobs:
       - name: Set up Go
         uses: actions/setup-go@40f1582b2485089dde7abd97c1529aa768e1baff # v5
         with:
-          go-version: '1.22.4'
+          go-version: '1.25'
 
       - name: Check formatting
         run: |
@@ -46,7 +46,7 @@ jobs:
       - name: Set up Go
         uses: actions/setup-go@40f1582b2485089dde7abd97c1529aa768e1baff # v5
         with:
-          go-version: '1.22.4'
+          go-version: '1.25'
 
       - name: Install dependencies
         run: go mod download
@@ -61,15 +61,15 @@ jobs:
             -v ${{ github.workspace }}:/workspace \
             -v $HOME/go/pkg/mod:/go/pkg/mod:ro \
             -w /workspace \
-            golang:1.22.4 go test -v -coverprofile=src/coverage.txt -covermode=atomic ./src/...
+            golang:1.25 go test -v -coverprofile=src/coverage.txt -covermode=atomic ./src/...
 
       - name: Run integration tests
         run: |
           docker run --rm --network=none \
             -v ${{ github.workspace }}:/workspace \
             -v $HOME/go/pkg/mod:/go/pkg/mod:ro \
             -w /workspace \
-            golang:1.22.4 go test -tags=integration -v -run TestPerformanceThreshold ./src
+            golang:1.25 go test -tags=integration -v -run TestPerformanceThreshold ./src
 
       - name: Upload coverage to Codecov
         uses: codecov/codecov-action@671740ac38dd9b0130fbe1cec585b89eea48d3de # v5
@@ -90,7 +90,7 @@ jobs:
       - name: Set up Go
         uses: actions/setup-go@40f1582b2485089dde7abd97c1529aa768e1baff # v5
         with:
-          go-version: '1.22.4'
+          go-version: '1.25'
 
       - name: Generate repository URL
         run: cd src && go generate main.go

diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
@@ -53,7 +53,7 @@ jobs:
       - name: Set up Go
         uses: actions/setup-go@40f1582b2485089dde7abd97c1529aa768e1baff # v5
         with:
-          go-version: '1.22'
+          go-version: '1.25'
 
       - name: Generate repository URL
         run: cd src && go generate
@@ -100,7 +100,7 @@ jobs:
       - name: Set up Go
         uses: actions/setup-go@40f1582b2485089dde7abd97c1529aa768e1baff # v5
         with:
-          go-version: '1.22'
+          go-version: '1.25'
 
       - name: Generate repository URL
         run: cd src && go generate

diff --git a/.github/workflows/security.yml b/.github/workflows/security.yml
@@ -29,7 +29,7 @@ jobs:
       - name: Set up Go
         uses: actions/setup-go@40f1582b2485089dde7abd97c1529aa768e1baff # v5
         with:
-          go-version: '1.21'
+          go-version: '1.25'
 
       - name: Generate repository URL
         run: cd src && go generate

diff --git a/.gitignore b/.gitignore
@@ -1,3 +1,4 @@
+*.swp
 dashlights
 dist/*
 coverage.out

diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -5,6 +5,42 @@ All notable changes to this project will be documented in this file.
 The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.1.0/),
 and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 
+## [1.1.0] - 2025-12-19
+
+This release introduces --agentic mode, see docs/agentic_mode.md for
+details.
+
+This mode is intended to be used with coding agents that support tool
+hooks, currently Claude Code and Cursor.
+
+### Added
+- Added critical threat detection for Claude configuration writes and invisible Unicode characters
+- Added file redirection and tee detection heuristics for agentic mode
+- Added tests to document symlink behavior in file read operations
+- Added support for Cursor in agentic mode
+
+### Changed
+- Improved agentic mode debug handling to avoid swallowing JSON errors
+- Improved data collection and diagnostics for invisible Unicode scanning
+- Improved context cancellation behavior for multiple signals to enhance responsiveness
+- Clarified supported hooks in agentic mode for better user understanding
+- Refactored agentic package for improved structure and maintainability
+- Hardened file and agentic input handling with bounded reads to improve safety and stability
+- Upgraded to Go version 1.25 for better performance and compatibility
+- Tweaked README documentation for clarity
+
+### Fixed
+- Handled error cases during debug mode propagation to prevent silent failures
+- Ignored swap files to avoid unnecessary processing
+- Detected use of in-place editors when modifying critical agent configuration to prevent unnoticed changes
+
+### Security
+- Improved detection of critical agent configuration modifications to enhance security monitoring
+
+### Testing
+- Increased test coverage for main application code and agentic threat detection components
+
+
 ## [1.0.7-slsa-2] - 2025-12-17
 
 ### Fixed

diff --git a/README.md b/README.md
@@ -7,7 +7,7 @@
 </td>
 <td style="border: none;">
 
-> A fast, security-focused "check engine light" for your prompt!
+> A fast, security-focused "check engine light" for your terminal!
 
 [![CI](https://github.com/erichs/dashlights/actions/workflows/ci.yml/badge.svg)](https://github.com/erichs/dashlights/actions/workflows/ci.yml)
 [![Security](https://github.com/erichs/dashlights/actions/workflows/security.yml/badge.svg)](https://github.com/erichs/dashlights/actions/workflows/security.yml)
@@ -21,7 +21,7 @@
 </tr>
 </table>
 
-[What?](#what-does-this-do) | [Why?](#why-is-this-needed) | [Install](#how-to-install) | [Configure](#configure-your-prompt) | [Usage](#usage) | [Performance](#performance) | [Security](#security)
+[What?](#what-does-this-do) | [Why?](#why-is-this-needed) | [Install](#how-to-install) | [Configure](#configure-your-prompt) | [Usage](#usage) | [Agentic](#agentic-mode) | [Performance](#performance) | [Security](#security)
 
 ## What does this do?
 
@@ -306,6 +306,20 @@ $ dashlights
 
 Any environment variable of the form `DASHLIGHT_{name}_{utf8hex}` will be displayed as a custom indicator.
 
+## Agentic Mode
+
+Dashlights includes an `--agentic` mode for AI coding assistants like Claude Code. It analyzes tool calls before execution to detect:
+
+- **Critical threats**: Writes to agent config files, invisible Unicode characters
+- **Rule of Two violations**: Actions combining untrusted input + sensitive access + state changes
+
+```bash
+# Add to .claude/settings.json hooks
+"command": "dashlights --agentic"
+```
+
+👉 **[View the complete agentic mode documentation →](docs/agentic_mode.md)**
+
 ## Performance
 
 Dashlights is designed to be fast enough for shell prompts and safe for concurrent use: