{"schema_version":"onlylabs.public_signal.v1","title":"Microsoft Release: microsoft/PyRIT v0.12.1","description":"Microsoft release signal with public source context, captured evidence pages, related signals, and data-business radar classification.","url":"https://onlylabs.fyi/signals/d31f531d-24c8-4cad-a8f3-b6bc1731e165","json_url":"https://onlylabs.fyi/signals/d31f531d-24c8-4cad-a8f3-b6bc1731e165/signal.json","generated_at":"2026-06-11T03:43:39.415563+00:00","org":{"slug":"microsoft","name":"Microsoft","category":"frontier-lab","category_label":"Frontier lab","dossier_url":"https://onlylabs.fyi/labs/microsoft","dossier_json_url":"https://onlylabs.fyi/labs/microsoft/dossier.json"},"related_urls":{"signal":"https://onlylabs.fyi/signals/d31f531d-24c8-4cad-a8f3-b6bc1731e165","signal_json":"https://onlylabs.fyi/signals/d31f531d-24c8-4cad-a8f3-b6bc1731e165/signal.json","source":"https://github.com/microsoft/PyRIT/releases/tag/v0.12.1","lab_dossier":"https://onlylabs.fyi/labs/microsoft","lab_dossier_json":"https://onlylabs.fyi/labs/microsoft/dossier.json","analysis":"https://onlylabs.fyi/analysis/microsoft","analysis_json":"https://onlylabs.fyi/analysis/microsoft/analysis.json","analysis_evidence_json":"https://onlylabs.fyi/analysis/microsoft/evidence.json","category":"https://onlylabs.fyi/frontier","category_json":"https://onlylabs.fyi/frontier.json","category_feed":"https://onlylabs.fyi/frontier/feed.xml","category_signals_json":"https://onlylabs.fyi/signals.json","topic":"https://onlylabs.fyi/topics/releases","topic_signals_json":"https://onlylabs.fyi/topics/releases/signals.json","topic_feed":"https://onlylabs.fyi/topics/releases/feed.xml","data_business":null},"answer_pack":{"answer":"Microsoft published microsoft/PyRIT v0.12.1 (microsoft/PyRIT). This release signal is evidence of what shipped, changed, or was packaged for users. High-signal details: Routine version release of a security tool · v0.12.1 Repository: microsoft/PyRIT Tag: v0.12.1 Published: 2026-04-09T22:52:15Z Prerelease: no Release notes: v0.12.1 — Security Patch This is a patch release that.... onlylabs links this event to 1 captured evidence page and 6 related release signals.","signal_desk":"releases","source_context":{"source_url":"https://github.com/microsoft/PyRIT/releases/tag/v0.12.1","source_host":"github.com","occurred_at":"2026-04-09T22:52:15+00:00","first_seen_at":"2026-06-06T01:49:41.740219+00:00","date_source":"source","context":"microsoft/PyRIT"},"context_markers":[{"label":"Lab","value":"Microsoft","source":"signal"},{"label":"Signal desk","value":"releases","source":"signal"},{"label":"Source host","value":"github.com","source":"source"},{"label":"Repository","value":"microsoft/PyRIT","source":"source"},{"label":"Release","value":"v0.12.1","source":"source"},{"label":"Notability","value":"Routine version release of a security tool","source":"signal"},{"label":"Watch term","value":"Data pipeline","source":"evidence"},{"label":"Watch term","value":"Safety and alignment","source":"evidence"}],"evidence_coverage":{"target_pages":1,"captured_pages":1,"readable_pages":1,"capture_methods":["plain"],"missing_page_urls":[],"failed_page_urls":[],"blocked_page_urls":[],"page_urls":["https://github.com/microsoft/PyRIT/releases/tag/v0.12.1"],"related_signals":6,"has_source_url":true,"latest_page_fetched_at":"2026-06-11T03:43:39.415563+00:00"},"data_business":{"matches":false,"lanes":[],"matched_terms":[],"score":null,"reason":null},"agent_handoff":{"signal_json":"https://onlylabs.fyi/signals/d31f531d-24c8-4cad-a8f3-b6bc1731e165/signal.json","dossier_json":"https://onlylabs.fyi/labs/microsoft/dossier.json","analysis_json":"https://onlylabs.fyi/analysis/microsoft/analysis.json","analysis_evidence_json":"https://onlylabs.fyi/analysis/microsoft/evidence.json","topic_signals_json":"https://onlylabs.fyi/topics/releases/signals.json","topic_feed":"https://onlylabs.fyi/topics/releases/feed.xml","category_signals_json":"https://onlylabs.fyi/signals.json","data_radar_json":null,"opportunities_json":null},"analysis_playbook":{"objective":"Turn model cards, repository releases, and launch artifacts into a current view of what shipped and what changed.","evidence_focus":["model card","release note","version or tag","pipeline tag","license","downloads, likes, stars, and linked papers"],"extraction_questions":["What actually shipped, and through which public artifact?","Which releases include inspectable model, repo, paper, or package evidence?","Which launches create new eval, data, infra, or deployment needs?","Which shipped signals are missing captured page context?"],"signal_questions":["What changed in this release, and what downstream data or infrastructure need could it create?","What actually shipped, and through which public artifact?","Which releases include inspectable model, repo, paper, or package evidence?","Do the 6 related release signals show a repeated pattern?"],"output_fields":["org","release_type","artifact","traction","data_business_lane","evidence_url"],"data_business_relevance":"Release signals show the hard edge of lab execution and help connect data-business opportunities to concrete model, repo, and deployment changes.","required_sources":[{"label":"signal_json","url":"https://onlylabs.fyi/signals/d31f531d-24c8-4cad-a8f3-b6bc1731e165/signal.json","required":true},{"label":"source","url":"https://github.com/microsoft/PyRIT/releases/tag/v0.12.1","required":true},{"label":"dossier_json","url":"https://onlylabs.fyi/labs/microsoft/dossier.json","required":true},{"label":"analysis_evidence_json","url":"https://onlylabs.fyi/analysis/microsoft/evidence.json","required":true},{"label":"topic_signals_json","url":"https://onlylabs.fyi/topics/releases/signals.json","required":false},{"label":"data_radar_json","url":null,"required":false}],"expected_output":["one-paragraph source-grounded interpretation","category-specific implication","confidence and missing evidence","recommended next source to inspect"],"prompt_seed":"Using only the linked onlylabs JSON, captured source context, and cited evidence, analyze Microsoft's release signal \"microsoft/PyRIT v0.12.1\" for frontier lab strategy."},"semantic_triples":[{"subject":"Microsoft","predicate":"released","object":"microsoft/PyRIT v0.12.1","text":"Microsoft released microsoft/PyRIT v0.12.1."},{"subject":"microsoft/PyRIT v0.12.1","predicate":"is classified as","object":"release signal","text":"microsoft/PyRIT v0.12.1 is classified as release signal."},{"subject":"microsoft/PyRIT v0.12.1","predicate":"belongs to","object":"releases desk","text":"microsoft/PyRIT v0.12.1 belongs to releases desk."},{"subject":"microsoft/PyRIT v0.12.1","predicate":"has context","object":"microsoft/PyRIT","text":"microsoft/PyRIT v0.12.1 has context microsoft/PyRIT."},{"subject":"microsoft/PyRIT v0.12.1","predicate":"has evidence coverage","object":"1 captured evidence page","text":"microsoft/PyRIT v0.12.1 has evidence coverage 1 captured evidence page."},{"subject":"microsoft/PyRIT v0.12.1","predicate":"has captured page count","object":"1","text":"microsoft/PyRIT v0.12.1 has captured page count 1."},{"subject":"microsoft/PyRIT v0.12.1","predicate":"has readable page count","object":"1","text":"microsoft/PyRIT v0.12.1 has readable page count 1."},{"subject":"microsoft/PyRIT v0.12.1","predicate":"has related signal count","object":"6","text":"microsoft/PyRIT v0.12.1 has related signal count 6."},{"subject":"microsoft/PyRIT v0.12.1","predicate":"has analysis playbook objective","object":"Turn model cards, repository releases, and launch artifacts into a current view of what shipped and what changed.","text":"microsoft/PyRIT v0.12.1 has analysis playbook objective Turn model cards, repository releases, and launch artifacts into a current view of what shipped and what changed.."},{"subject":"microsoft/PyRIT v0.12.1","predicate":"has source host","object":"github.com","text":"microsoft/PyRIT v0.12.1 has source host github.com."},{"subject":"microsoft/PyRIT v0.12.1","predicate":"has lab","object":"Microsoft","text":"microsoft/PyRIT v0.12.1 has lab Microsoft."},{"subject":"microsoft/PyRIT v0.12.1","predicate":"has signal desk","object":"releases","text":"microsoft/PyRIT v0.12.1 has signal desk releases."},{"subject":"microsoft/PyRIT v0.12.1","predicate":"has source host","object":"github.com","text":"microsoft/PyRIT v0.12.1 has source host github.com."},{"subject":"microsoft/PyRIT v0.12.1","predicate":"has repository","object":"microsoft/PyRIT","text":"microsoft/PyRIT v0.12.1 has repository microsoft/PyRIT."},{"subject":"microsoft/PyRIT v0.12.1","predicate":"has release","object":"v0.12.1","text":"microsoft/PyRIT v0.12.1 has release v0.12.1."},{"subject":"microsoft/PyRIT v0.12.1","predicate":"has notability","object":"Routine version release of a security tool","text":"microsoft/PyRIT v0.12.1 has notability Routine version release of a security tool."},{"subject":"microsoft/PyRIT v0.12.1","predicate":"has watch term","object":"Data pipeline","text":"microsoft/PyRIT v0.12.1 has watch term Data pipeline."},{"subject":"microsoft/PyRIT v0.12.1","predicate":"has watch term","object":"Safety and alignment","text":"microsoft/PyRIT v0.12.1 has watch term Safety and alignment."}]},"intelligence":{"signal_desk":"releases","answer":"Microsoft published microsoft/PyRIT v0.12.1 (microsoft/PyRIT). This release signal is evidence of what shipped, changed, or was packaged for users. High-signal details: Routine version release of a security tool · v0.12.1 Repository: microsoft/PyRIT Tag: v0.12.1 Published: 2026-04-09T22:52:15Z Prerelease: no Release notes: v0.12.1 — Security Patch This is a patch release that.... onlylabs links this event to 1 captured evidence page and 6 related release signals.","semantic_triples":[{"subject":"Microsoft","predicate":"released","object":"microsoft/PyRIT v0.12.1","text":"Microsoft released microsoft/PyRIT v0.12.1."},{"subject":"microsoft/PyRIT v0.12.1","predicate":"is classified as","object":"release signal","text":"microsoft/PyRIT v0.12.1 is classified as release signal."},{"subject":"microsoft/PyRIT v0.12.1","predicate":"belongs to","object":"releases desk","text":"microsoft/PyRIT v0.12.1 belongs to releases desk."},{"subject":"microsoft/PyRIT v0.12.1","predicate":"has context","object":"microsoft/PyRIT","text":"microsoft/PyRIT v0.12.1 has context microsoft/PyRIT."},{"subject":"microsoft/PyRIT v0.12.1","predicate":"has evidence coverage","object":"1 captured evidence page","text":"microsoft/PyRIT v0.12.1 has evidence coverage 1 captured evidence page."}]},"signal":{"id":"d31f531d-24c8-4cad-a8f3-b6bc1731e165","url":"https://onlylabs.fyi/signals/d31f531d-24c8-4cad-a8f3-b6bc1731e165","json_url":"https://onlylabs.fyi/signals/d31f531d-24c8-4cad-a8f3-b6bc1731e165/signal.json","source_url":"https://github.com/microsoft/PyRIT/releases/tag/v0.12.1","title":"microsoft/PyRIT v0.12.1","summary":"Microsoft published release notes. onlylabs watches releases for what actually shipped.","context":"microsoft/PyRIT","kind":{"key":"release","label":"Release"},"org":{"slug":"microsoft","name":"Microsoft","category":"frontier-lab"},"occurred_at":"2026-04-09T22:52:15+00:00","first_seen_at":"2026-06-06T01:49:41.740219+00:00","date_source":"source","evidence_coverage":{"target_pages":1,"captured_pages":1,"readable_pages":1,"capture_methods":["plain"],"missing_page_urls":[],"failed_page_urls":[],"blocked_page_urls":[],"page_urls":["https://github.com/microsoft/PyRIT/releases/tag/v0.12.1"]},"facets":{"repo":"microsoft/PyRIT"},"traction":{"github_stars":null,"hn_points":null,"hn_comments":null,"hn_story_id":null,"hf_downloads":null,"hf_likes":null},"data_radar":null},"primary_evidence_page":{"url":"https://github.com/microsoft/PyRIT/releases/tag/v0.12.1","final_url":"https://github.com/microsoft/PyRIT/releases/tag/v0.12.1","title":"microsoft/PyRIT v0.12.1","http_status":200,"content_type":"application/json","capture_method":"plain","fetched_at":"2026-06-11T03:43:39.415563+00:00","bytes":4096,"raw_path":"52e170b3b5b1e2b37ce84fbc638ae559ae4fb99e474208aa130d3e7973eea29f.json","content_hash":"8393bac8d750f40928c4a0bc667ce699a2d3fac23770752ff4b9a48031036195","excerpt_chars":1200,"truncated":true,"excerpt":"v0.12.1 Repository: microsoft/PyRIT Tag: v0.12.1 Published: 2026-04-09T22:52:15Z Prerelease: no Release notes: v0.12.1 — Security Patch This is a patch release that addresses a Jinja2 template injection vulnerability. All users of PyRIT 0.12.0 and earlier are encouraged to upgrade. `pip install --upgrade pyrit` What's changed Security fix: Jinja2 Template Injection (SSTI) PyRIT's template rendering used an unsandboxed Jinja2 `Environment`. Remote dataset loaders passed fetched data directly into `SeedPrompt(value=...)`, which rendered it as a Jinja2 template in `__post_init__`. A poisoned dataset could exploit this for Python object traversal. **Mitigations in this release:** - **Sandboxed rendering**: All Jinja2 rendering now uses `SandboxedEnvironment`, blocking unsafe attribute access (`__class__`, `__mro__`, `__subclasses__()`) - **Safe-by-default `SeedPrompt`**: New `is_jinja_template` field (default `False`) auto-escapes values. Only trusted sources (YAML files loaded via `from_yaml_file`) opt in to template rendering. - **Vendored many-shot dataset**: The many-shot jailbreaking dataset is now bundled locally, eliminating a runtime `requests.get()` to an external GitHub URL...."},"evidence_pages":[{"url":"https://github.com/microsoft/PyRIT/releases/tag/v0.12.1","final_url":"https://github.com/microsoft/PyRIT/releases/tag/v0.12.1","title":"microsoft/PyRIT v0.12.1","http_status":200,"content_type":"application/json","capture_method":"plain","fetched_at":"2026-06-11T03:43:39.415563+00:00","bytes":4096,"raw_path":"52e170b3b5b1e2b37ce84fbc638ae559ae4fb99e474208aa130d3e7973eea29f.json","content_hash":"8393bac8d750f40928c4a0bc667ce699a2d3fac23770752ff4b9a48031036195","excerpt_chars":1200,"truncated":true,"excerpt":"v0.12.1 Repository: microsoft/PyRIT Tag: v0.12.1 Published: 2026-04-09T22:52:15Z Prerelease: no Release notes: v0.12.1 — Security Patch This is a patch release that addresses a Jinja2 template injection vulnerability. All users of PyRIT 0.12.0 and earlier are encouraged to upgrade. `pip install --upgrade pyrit` What's changed Security fix: Jinja2 Template Injection (SSTI) PyRIT's template rendering used an unsandboxed Jinja2 `Environment`. Remote dataset loaders passed fetched data directly into `SeedPrompt(value=...)`, which rendered it as a Jinja2 template in `__post_init__`. A poisoned dataset could exploit this for Python object traversal. **Mitigations in this release:** - **Sandboxed rendering**: All Jinja2 rendering now uses `SandboxedEnvironment`, blocking unsafe attribute access (`__class__`, `__mro__`, `__subclasses__()`) - **Safe-by-default `SeedPrompt`**: New `is_jinja_template` field (default `False`) auto-escapes values. Only trusted sources (YAML files loaded via `from_yaml_file`) opt in to template rendering. - **Vendored many-shot dataset**: The many-shot jailbreaking dataset is now bundled locally, eliminating a runtime `requests.get()` to an external GitHub URL...."}],"related_signals":[{"id":"432f6193-5e4c-4f16-bbe0-6a87ef01916f","url":"https://onlylabs.fyi/signals/432f6193-5e4c-4f16-bbe0-6a87ef01916f","source_url":"https://github.com/microsoft/accessibility-insights-web/releases/tag/web%402.47.0","title":"microsoft/accessibility-insights-web web@2.47.0","context":"microsoft/accessibility-insights-web","kind":{"key":"release","label":"Release"},"org":{"slug":"microsoft","name":"Microsoft","category":"frontier-lab"},"occurred_at":"2026-06-11T06:37:28+00:00","first_seen_at":"2026-06-11T07:01:13.026392+00:00","date_source":"source"},{"id":"afc38512-1630-4041-9fb3-39414d8d2b0a","url":"https://onlylabs.fyi/signals/afc38512-1630-4041-9fb3-39414d8d2b0a","source_url":"https://github.com/microsoft/content-processing-solution-accelerator/releases/tag/v2.1.1","title":"microsoft/content-processing-solution-accelerator v2.1.1","context":"microsoft/content-processing-solution-accelerator","kind":{"key":"release","label":"Release"},"org":{"slug":"microsoft","name":"Microsoft","category":"frontier-lab"},"occurred_at":"2026-06-11T06:06:46+00:00","first_seen_at":"2026-06-11T07:01:13.026392+00:00","date_source":"source"},{"id":"5271de48-ab99-4310-8d2c-174188866071","url":"https://onlylabs.fyi/signals/5271de48-ab99-4310-8d2c-174188866071","source_url":"https://github.com/microsoft/CsWin32/releases/tag/v0.3.287","title":"microsoft/CsWin32 v0.3.287","context":"microsoft/CsWin32","kind":{"key":"release","label":"Release"},"org":{"slug":"microsoft","name":"Microsoft","category":"frontier-lab"},"occurred_at":"2026-06-11T04:22:28+00:00","first_seen_at":"2026-06-11T07:01:13.026392+00:00","date_source":"source"},{"id":"6adcd577-5563-4fd8-85dd-268919492cf0","url":"https://onlylabs.fyi/signals/6adcd577-5563-4fd8-85dd-268919492cf0","source_url":"https://github.com/microsoft/sqltoolsservice/releases/tag/6.0.20260610.1","title":"microsoft/sqltoolsservice 6.0.20260610.1","context":"microsoft/sqltoolsservice","kind":{"key":"release","label":"Release"},"org":{"slug":"microsoft","name":"Microsoft","category":"frontier-lab"},"occurred_at":"2026-06-10T23:57:44+00:00","first_seen_at":"2026-06-11T07:01:13.026392+00:00","date_source":"source"},{"id":"7557f4d3-5544-422b-b39d-1e668cb0dfa5","url":"https://onlylabs.fyi/signals/7557f4d3-5544-422b-b39d-1e668cb0dfa5","source_url":"https://github.com/microsoft/agent-framework/releases/tag/dotnet-1.10.0","title":"microsoft/agent-framework dotnet-1.10.0","context":"microsoft/agent-framework","kind":{"key":"release","label":"Release"},"org":{"slug":"microsoft","name":"Microsoft","category":"frontier-lab"},"occurred_at":"2026-06-10T17:50:17+00:00","first_seen_at":"2026-06-11T07:01:13.026392+00:00","date_source":"source"},{"id":"e18f0e7d-b1df-421e-a845-19cad8151a11","url":"https://onlylabs.fyi/signals/e18f0e7d-b1df-421e-a845-19cad8151a11","source_url":"https://github.com/microsoft/ai4s-jobq/releases/tag/v3.13.1","title":"microsoft/ai4s-jobq v3.13.1","context":"microsoft/ai4s-jobq","kind":{"key":"release","label":"Release"},"org":{"slug":"microsoft","name":"Microsoft","category":"frontier-lab"},"occurred_at":"2026-06-10T17:19:31+00:00","first_seen_at":"2026-06-11T07:01:13.026392+00:00","date_source":"source"}]}