🔥 What's New in v9.2.0?

The era of manual system administration is officially over! ZAI Shell v9.2.0 introduces game-changing autonomy, deeper context awareness, and bulletproof safety features.

🤖 1. Full Autonomy (--auto)

Don't just give ZAI a command; give it a mission! By adding the --auto flag, ZAI enters a loop. It executes steps, reads terminal outputs, fixes its own errors, and loops until the task is 100% complete.

⏪ 2. 1-Click Rollback (undo)

Trusted the AI with your file and it broke everything? No worries. ZAI now automatically backs up any file it edits before making changes. Just type undo to restore it instantly!

🛑 3. Sentinel 1.5 & Prompt Injection Defense

Your guardian angel just got smarter. Sentinel now actively blocks Prompt Injection attacks when reading files or web pages. Plus, run sentinel report to get a beautifully formatted markdown security summary of your session.

👁️ 4. Conversation Memory & Deep Reading

• Chain Memory: ZAI now remembers the input/output of the last 5 actions to make logical connections. It's not a goldfish anymore.
• Deep Web Reading: ZAI no longer relies just on search snippets. It now fully scrapes and reads URL contents to understand complex documentation.

🛠️ Updates & Polish

• Revamped README.md and README_TR.md with detailed feature explanations.
• Added Local Offline Mode documentation for ultimate privacy.
• Enhanced execution modes (fixer, lightning, eco).

Upgrade now to experience a truly autonomous P2P SysOps agent! 🚀

✨ What's New

• Background Watch System (--watch): Tell Zai to monitor anything (RAM, files, processes). It writes a custom stateful script and runs it in the background, alerting you instantly when conditions are met.
• Visual Context (Ctrl+Shift+Z): Zai can now see what you see. Press the hotkey to capture your screen and send it to Zai's vision model for context-aware debugging.
• Fixer Mode: A brand new operational mode (fixer). It ignores generic chatter and acts as a strict, dedicated system medic to troubleshoot and repair issues.
• Enhanced --show Mode: The safety --show parameter now uses AI to explicitly explain what the generated command will do before you decide to run it.

🐛 Improvements

• Streamlined README files and added Linux setup instructions.
• Optimized prompt handling to prevent background thread race conditions.
• Improved idle checking to ensure background alerts don't interrupt your active tasks.

This release fixes a critical security vulnerability that could allow
unauthenticated remote code execution when using P2P terminal sharing
in --no-ai mode.

All users are strongly advised to upgrade immediately.

See the GitHub Security Advisory for full details.

🐛 Bug Fix

• Fixed PostHog/ChromaDB version conflict causing telemetry errors (Thanks @neodev27!)

📦 Important

After updating, run:

pip install --upgrade chromadb posthog

What's New

Sentinel 1.5 - Complete Rewrite

Sentinel is no longer a simple risk scorer. It is now a behavioral intelligence system that understands context, learns from mistakes, and knows when you are panicking.

Key Features:

• 4-Dimension Risk Breakdown: Every action is analyzed across Structural, Behavioral, Contextual, and Intent dimensions
• Panic Mode Detection: Detects user frustration through language patterns ("please work", "trying again") and adjusts risk thresholds accordingly
• Lesson Memory: Maintains .sentinel_lessons.json to remember past failures that caused actual damage - prevents repeating the same mistakes
• Context-Aware Warnings: Risk is evaluated based on accumulated state, not isolated events
• Silence Threshold: Low-risk actions are deliberately not warned about - because a warning is valuable when it is rare

Philosophy Update:

"Sentinel speaks to survive, not to control."

Sentinel never says "Risk Score: 75". It says: "Risk is HIGH because you have failed 3 times consecutively, and the system is already showing degradation signs."

Documentation

• README completely rewritten to reflect Sentinel 1.5 capabilities
• Added real terminal output examples showing risk escalation
• Updated comparison table with new unique features

Upgrade Notes

• Sentinel 1.5 is backward compatible
• New file .sentinel_lessons.json will be created automatically
• Use sentinel reset to clear behavioral history if needed

Sentinel Mode Added: A new safety layer that analyzes user intent to prevent dangerous actions autonomously.

Smart Path Logic Removed: Removed manual path correction to allow the AI full control over filesystem paths without interference.

🔧 Bug Fixes

• Fixed keyboard import error when package is not installed
• Added keyboard availability check for GUI automation
• Program no longer crashes if keyboard module is missing

Thanks to @babayagaga2 for the contribution! 🙏

🔧 Encoding Fix

• Removed hardcoded encoding defaults
• AI now selects the appropriate encoding for each task
• System encoding used as fallback when AI doesn't specify
• Fixed shell selection in hybrid plan execution

New Features

🔑 Enhanced Encryption System

• share encrypt - View current encryption status and full key
• share encrypt random - Generate random key (displays full key for sharing)
• share encrypt key <key> - Use a specific Fernet key
• share encrypt on/off - Toggle encryption
• Encryption state now persists between sessions

🚫 No-AI Mode for P2P

• share start --no-ai - Start terminal sharing without AI processing
• Helper sends actual commands (e.g., dir, not "list files")
• Same workflow: send → approve → execute (just without AI)

🐚 Shell Suffix (No-AI Mode)

• Add shell name at end of command: share send sudo apt update wsl
• Supports all 13 shells: cmd, powershell, ps, pwsh, wsl, git-bash, cygwin, bash, sh, zsh, fish, ksh, tcsh, dash

Bug Fixes

• Fixed share end command not properly ending sessions
• Fixed bare except: clauses (improved error handling)
• Fixed potential None access for encryption status
• Fixed PIL import verification for ImageDraw/ImageFont
• Fixed DDGS import fallback handling
• Removed automatic pip install for posthog (now requires manual install)

Documentation

• Added Turkish documentation (README_TR.md, PRIVACY_TR.md)
• Added TR language badge to README
• Updated P2P command reference with new features

Major Features

Multi-Client P2P Terminal Sharing

ZAI Shell v8.0 includes a peer-to-peer terminal sharing system that enables collaboration between multiple users. The architecture supports one host and multiple helper clients, communicating over TCP sockets with optional end-to-end encryption.

Key Capabilities:

• Multi-client support: One host can handle multiple concurrent helper connections
• Real-time communication: Message broadcasting, command sharing, and file transfers
• User management: Automatic name conflict resolution and user tracking
• Session handling: Connection monitoring with reconnection support

End-to-End Encryption (E2E)

Optional encryption support for P2P communication.

Security Features:

• AES-256 encryption using Fernet
• Password-based key derivation: PBKDF2 with 100,000 iterations and SHA-256
• Encrypted file transfers: File contents are encrypted during transmission
• Encrypted messaging: Chat messages and shared commands are encrypted

Natural Language P2P Control

Gemini integration allows basic natural language commands for P2P operations, reducing the need to remember specific command syntax.

Examples:

• "Show me the logs" → Displays terminal logs
• "Send report.pdf to Alice" → Sends a file to a specific user
• "Tell everyone the server is ready" → Broadcasts a message
• "Run dir command on Bob's machine" → Sends a command request
• "Accept the incoming file" → Accepts a pending file transfer

File Transfer System

Chunked file transfer with integrity verification.

Features:

• Large file support: Up to 100MB per file (64KB chunks)
• MD5 checksum verification for integrity validation
• Progress tracking during transfer
• Targeted delivery to specific users or all participants
• Automatic filename conflict handling

Security Framework Improvements

Additional validation and filtering mechanisms to reduce unsafe operations.

Security Enhancements:

• Expanded blocked command list (PowerShell, Windows, Unix variants)
• Regex-based detection of potentially dangerous command patterns
• Unicode normalization to prevent hidden character abuse
• Path traversal protection (.., UNC paths, system directories)
• Reserved filename blocking (CON, NUL, COM1, etc.)
• Username sanitization for P2P sessions

Complete Feature List

P2P Session Management

share start [port]              # Start hosting session (default: 5757)
share connect IP:PORT           # Connect to a session
share encrypt [password]        # Enable encryption before connecting
share name <newname>            # Set or change display name
share end                       # End session

Communication & Collaboration

share message <text>            # Broadcast message
share chat                      # Show chat history
share send <command>            # Send command request (helper → host)
share approve / reject          # Host approves or rejects commands

File Operations

share file <path> [user]        # Send file to a user or all
share accept [path]             # Accept incoming file
share deny                      # Reject incoming file

Information & Status

share status                    # Show connection status
share list / users              # List connected users
share logs                      # Show activity logs

Global Access via ngrok

For connections outside the local network:

1. Host runs: ngrok tcp 5757
2. Host shares the ngrok address
3. Helpers connect using share connect <ngrok-address>

Security Architecture

Encryption Implementation

• Algorithm: AES-256 (Fernet)
• Key derivation: PBKDF2-HMAC-SHA256 (100,000 iterations)
• Salt: zaishell_p2p_salt_v8
• Encoding: Base64

Validation Pipeline

1. Unicode normalization
2. Regex-based command inspection
3. Path validation
4. Username sanitization
5. File checksum verification

Restricted Operations

• Destructive system commands
• Privilege escalation attempts
• Remote code execution patterns
• Path traversal exploits
• Reserved device names

Use Cases

Remote Collaboration

• Shared terminal sessions
• Command approval workflow
• Secure file sharing

Educational Use

• Instructor-led terminal demonstrations
• Controlled command execution
• Safer learning environment

DevOps & System Administration

• Troubleshooting sessions
• Log inspection
• File exchange between team members

Technical Support

• Remote terminal assistance
• Command guidance without screen sharing
• Secure data transfer

Technical Details

Architecture

• Protocol: TCP sockets with JSON messages
• Threading: Daemon threads for async I/O
• Client management: Thread-safe structures
• Message framing: Newline-delimited JSON

Performance

• File transfer: Network-limited (64KB chunks)
• Concurrent clients: Tested with multiple connections
• Latency: Low latency on local networks
• Memory usage: ~10MB base + ~2MB per client

Dependencies

• cryptography (optional)
• Standard library modules
• colorama

Installation & Setup

Requirements

pip install cryptography

Quick Start – Host

python zaishell.py
> share encrypt mypassword
> share start
# Share 192.168.1.22:5757 with helpers

Quick Start – Helper

python zaishell.py
> share encrypt mypassword
> share connect 192.168.1.22:5757