Projects Dashboard

SentinelEdge-API

Active

FastAPI backend — the central brain of the SentinelEdge ecosystem. Manages agent registration, heartbeats, remote commands, endpoint inventory, audit logs, and secrets via Vaultwarden. Deployed on Hostinger VPS as a Docker container. · Live · GitHub

✅

Done

🔄

In Progress

⛔

Blocked

📋

Backlog

📋 Backlog6

**SEC-2026-04-002 — IDOR en GET /agents/inventory/{id}**

Falta verificar que el agent_id pertenece al tenant_id de la request — IDOR vector

Securityidorhigh

**SEC-2026-04-003 — DASHBOARD_API_KEY no es tenant-scoped**

Key global — holder puede consultar datos de cualquier tenant. Mapear keys a tenant en DB.

SecurityAuthmedium

**Rate limiting in Nginx**

Add nginx rate limiting for /agents and /commands endpoints — prevent abuse

InfraSecurity

**Validate tenant_id in /commands POST**

Ensure command can only be sent to agents belonging to the caller's tenant

Securityvalidation

**Webhook notifications on command completion**

POST to configurable webhook URL when agent reports command result

Featurenotifications

**Paginated /audit endpoint**

Cursor-based pagination on audit log — current endpoint returns unbounded results

apiperformance

🔄 In Progress0

Vacío

⛔ Blocked0

Vacío

✅ Done14

Linux Agent Compatibility + Ports Documentation

shippedupdateupdateupdate

**Agent Health Metrics — POST /agents/metrics + GET /agents/{id}/health** (V2026.04.29-001)

apimetricsshipped

**Local Docker Dev — docker-compose.local.yml** (V2026.04.29-001)

dockershipped

**Domain migration — saapi.sentineledge.ai** (V2026.04.29-001)

Infrashipped

**Agent register + heartbeat** (V2026.04.29-001)

apiAuthshipped

**Command queue (pending/result/status)** (V2026.04.29-001)

apicommandsshipped

**Vaultwarden secrets loader (lifespan)** (V2026.04.29-001)

Securityvaultshipped

**Relational inventory (9 normalized tables)** (V2026.04.29-001)

apiinventoryshipped

**Software search cross-agent** (V2026.04.29-001)

apiinventoryshipped

**Audit logs + COMMAND_COMPLETED event** (V2026.04.29-001)

apiauditshipped

**Version endpoint for auto-update** (V2026.04.29-001)

apiagentshipped

**Docker deploy — nginx-proxy + SSL + VIRTUAL_HOST** (V2026.04.29-001)

dockerInfrashipped

**Security audit 2026-04-04 — 11 findings fixed** (V2026.04.29-001)

Securityauditshipped

**Agent token hashing SHA-256** (V2026.04.29-001)

SecurityAuthshipped

📓 Daily Recaps

2026-05-142026-05-13 — SentinelEdge-API — 📝 ACTIVE

▼

2026-05-132026-04-29 — sentineledge-api — 📝 ACTIVE

▼

2026-04-29Agent Health Metrics endpoints + local dev env

▼

2026-04-29Agent Health Metrics endpoints + local dev env

▼

2026-04-04Security audit fixes applied + VPS deploy resolved (7 error cycles) + version in GET /agents

▼

2026-03-20Full security audit — 8 findings, PDF generated

▼

2026-03-20Project imported — complete codebase analysis

▼

2026-04-04Full security audit — 0 CRITICAL · 2 HIGH · 7 MEDIUM · 4 LOW

▼