The first feature release after v1.0.0 sharpens three areas: the AI Assistant, security, and AI model control. The chat assistant can now filter candidates by years of experience and generate a shortlist of a job's top applicants in a guided flow — backed by a new experience field extracted from every CV so the filter works on any model. Chat itself got a major reliability and UX pass: history search, rename, and delete, a stall-recovery watchdog so a stuck model response no longer hangs forever, per-chat model persistence, and plain-language model labels. On the platform side, this release ships two batches of security hardening — multiple IDOR fixes, stored-XSS patches on offer letters, AI-SQL tenant isolation, webhook signature verification, and a production guard on a test endpoint — plus per-company S3 storage isolation. Recruiters also get per-module AI model selection (choose a different model for CV review, job posting, scheduling, behavioural analysis, and more — including a Taqat-hosted Qwen model), a visible scoring rubric, selective CV download as a ZIP, background suggested-candidate matching with live progress, deferred rejection emails until a job closes, and a reaper that auto-recovers and retries CV uploads that were silently killed mid-process. Outgoing emails are now branded Truepick.
Ask for "under 15 years" and get a real shortlist
The chat assistant previously could not honor a request like *"exclude candidates with more than N years of experience"* on any model — candidates had no numeric experience field, and the scoring tools reported job-count as if it were years of experience.
What changed:
| Area | What's new |
|---|---|
| Reliable signal | A `totalYearsExperience` value is now extracted from the CV at ingest (and persisted across apply, re-upload, and create-candidate), with a resolver that falls back to the AI review's total years or flags "experience unknown" |
| Filtering | `minYears` / `maxYears` filters added to candidate listing; unknown-years candidates are kept and clearly flagged rather than silently dropped |
| Correctness | Match-candidates, deep CV analysis, and semantic search now use the real experience value instead of a job-count stand-in |
| Shortlist | A new shortlist tool ranks a job's applicants, applies the years filter, and persists the top-N as shortlisted via a two-step preview/save confirmation |
The assistant works the request agentically — discovering the job, listing applicants, and ranking them — then persists the chosen candidates as shortlisted once you confirm.
Choose the right model for each job
AI Settings now lets a workspace pick a different model for each AI operation instead of using one model everywhere.
| Capability | Details |
|---|---|
| Per-module models | Independent model choice for Chat & assistant, Candidate & CV, Interview, Assessment, and Jobs |
| Taqat Qwen | A Taqat-hosted Qwen custom model — private and hosted in-house — is available as an option |
| GPT-5 Mini default | All modules default to GPT-5 Mini |
| Request logging | LLM requests are logged for observability |
| Qwen-safe generation | Job-posting generation was hardened so reasoning-style models return valid JSON; behavioural analysis is pinned to a vision-capable model |

Settings → AI Settings: pick one model per module — every AI tool call within that module uses the selected model
A faster, calmer assistant
| Improvement | What it does |
|---|---|
| History management | Search, rename, and delete past conversations |
| Stall recovery | A client-side stall timeout plus a recovery prompt surface and retry a stuck AI response instead of hanging forever |
| Model persistence | The selected model is remembered across chats via a secure cookie |
| Plain-language labels | The model selector uses human-readable labels and descriptions, grouped by provider, with localized loading strings |
| Character counter | Live counter with a 2,000-character client-side input limit |
| Multi-tool summaries | The agent step limit was raised so multi-tool replies return a final summary |
| Recruiter-friendly | Token-usage telemetry hidden from recruiters; assistant tool links use relative URLs; date-range candidate analytics and open-job listing added |

The model selector now shows plain-language names and descriptions grouped by provider

Chat History — searchable, grouped by date, with rename and delete on every conversation
When a model response stalls, the assistant no longer hangs — it surfaces a recovery prompt so you can retry in place.

If a response takes too long, a "taking longer than expected — Try again" control appears instead of an indefinite spinner
No more permanently spinning uploads
When a background CV-processing function was silently killed mid-step (server redeploy, out-of-memory, AI-credit exhaustion), its failure handler never ran — leaving the upload stuck in "processing" forever with no way to cancel or retry.
See how the score is built
The candidate evaluation view now exposes the AI scoring methodology so recruiters can understand and defend a score:
The rubric is wired in additively — older evaluations without the new fields render exactly as before, and a per-question rubric is hidden for legacy evaluations that lack the asked-question flag.
Cleaner intake, accurate counts
The redesigned Import Candidates dialog adds location and skills filters, excludes candidates already on the job, flags duplicates, and confirms before importing.

Import Candidates — search plus location and skills filters, with select-all and a clear import action
Applicant status counts now reconcile to the total, `review_done` is counted as interviewed, and the applicants toolbar carries selective Download CVs (ZIP), Compare, and Refresh.

Applicants overview — status cards that sum to the total, interview-score grades, and Download CVs / Compare / Refresh actions
Other changes: one active application per candidate per job (DB-enforced), serial numbers unique per company, background suggested-candidate matching with live progress, and assessment anti-cheat (paste blocked on text answers, question text non-copyable).
Two batches of fixes
| Area | Fix |
|---|---|
| IDOR | Company ownership enforced on candidate update, bulk upload history, offer-letter download, and the S3 file proxy |
| Stored XSS | User-supplied fields escaped in offer-letter HTML (two sinks closed) |
| AI SQL | The AI SQL tool scoped to the caller's company; a comma-join bypass closed |
| Auth | Auth required on private user job endpoints; deny-by-default middleware for private `/api/jobs` routes |
| Webhooks | Fireflies and Composio webhook signatures verified before processing |
| Prod guard | The test Inngest-trigger endpoint blocked in production |
| Auth-bypass batch | OTP auth-bypass, chat path-traversal, and additional IDOR holes closed |
| S3 tenant isolation | All company-owned uploads scoped to a `companies/{companyId}/{type}/...` namespace, with legacy keys still authorized by per-type ownership checks |
| Area | Change |
|---|---|
| Performance | Bulk CV ZIP export streamed to avoid worker OOM; job-analytics active-count query bounded; candidate-search render loop fixed |
| Recordings | Presigned URLs instead of public ACLs; egress auto-detects LiveKit Cloud vs self-hosted; video downloaded to temp before FFmpeg; retry when a recording isn't ready yet |
| Interviews | Incomplete interviews are not scored; behavioural writes no longer clobber the evaluation; integrity score reflects behavioral concerns |
| Auth | Inline name/email validation on register, TLD required, Confirm Password show/hide toggle, login honors `redirectUrl` |
| CV parsing | Arabic Presentation Forms accepted by the PDF text check |
| Rebranded to Truepick with an inline CID logo; SMTP secure-connection toggle label clarified; rejection emails deferred to job close |
Released on June 22, 2026
View all releases