aktsmm/skill-ninja-mcp-server

v0.1.2 Security

This release includes 1 security fix for security teams reviewing exposed deployments.

Published 14d MCP Developer Tools

View tool

✓ No known CVEs patched

Read the diff → Tool health → What is this tool? →

This release patches 1 known CVE

Affected surfaces

rce_ssrf breaking_upgrade

ReleasePort's take

Light signal

editorial:auto 9d

v0.1.2 enforces exact skill name matches when multiple partial matches exist, eliminating ambiguous selections during install, localize, and uninstall operations.

Why it matters: Ensures unambiguous skill selection; all installations now require precise name matching to avoid unintended actions.

Summary

AI summary

Exact skill name matching now required when multiple partial matches exist, preventing ambiguous selections.

Changes in this release

Type	Severity	Summary	CVE
Security	Medium	Restricts filesystem operations to trusted workspace roots, fixing arbitrary read/write/delete. Restricts filesystem operations to trusted workspace roots, fixing arbitrary read/write/delete. Source: llm_adapter@2026-05-25 Confidence: high	—
Security	Medium	Tightens addSource validation to accept only repository‑root GitHub URLs. Tightens addSource validation to accept only repository‑root GitHub URLs. Source: granite4.1:30b@2026-05-25-audit Confidence: low	—
Feature	Medium	Adds duplicate skill disambiguation with source‑aware search, recommend, install, and localize flows. Adds duplicate skill disambiguation with source‑aware search, recommend, install, and localize flows. Source: llm_adapter@2026-05-25 Confidence: high	—
Dependency	Medium	Updated dependency versions to remove known production audit issues. Updated dependency versions to remove known production audit issues. Source: llm_adapter@2026-05-25 Confidence: high	—
Performance	Low	Enabled forceConsistentCasingInFileNames in tsconfig and expanded regression coverage for ambiguity and URL normalization paths. Enabled forceConsistentCasingInFileNames in tsconfig and expanded regression coverage for ambiguity and URL normalization paths. Source: granite4.1:30b@2026-05-25-audit Confidence: low	—
Bugfix
Bugfix	Medium	Prevents silent overwrite when installing a skill with the same name from a different source. Prevents silent overwrite when installing a skill with the same name from a different source. Source: llm_adapter@2026-05-25 Confidence: high	—
Bugfix	Medium	Enforces exact skill name matches when multiple partial matches exist for install, localize, and uninstall. Enforces exact skill name matches when multiple partial matches exist for install, localize, and uninstall. Source: llm_adapter@2026-05-25 Confidence: high	—
Bugfix	Medium	Adds 10‑second timeout guards and safer raw‑content URL conversion for GitHub API and content fetches. Adds 10‑second timeout guards and safer raw‑content URL conversion for GitHub API and content fetches. Source: llm_adapter@2026-05-25 Confidence: low	—
Refactor	Medium	Cleans dist directory before build and stops generating sourcemaps, excluding development mapping artifacts from the npm tarball. Cleans dist directory before build and stops generating sourcemaps, excluding development mapping artifacts from the npm tarball. Source: llm_adapter@2026-05-25 Confidence: low	—

Full changelog

Changelog

0.1.2

Stopped install, localize, and uninstall flows from selecting the first ambiguous partial match; exact names are now required when multiple skills match.
Added 10-second timeout guards and safer raw-content URL conversion for GitHub API and content fetches.
Tightened addSource validation to accept only repository-root GitHub URLs.
Enabled forceConsistentCasingInFileNames in tsconfig and expanded regression coverage for ambiguity and URL normalization paths.
Cleaned dist before build and stopped generating sourcemaps so the npm tarball excludes development mapping artifacts.

0.1.1

Fixed arbitrary workspacePath read/write/delete by restricting filesystem operations to trusted workspace roots.
Added duplicate skill disambiguation with source-aware search, recommend, install, and localize flows.
Stopped install, localize, and uninstall flows from choosing the first partial match when multiple different skill names match a query.
Prevented silent overwrite when the same skill name is installed from a different source.
Preserved manual AGENTS.md content while updating only the managed installed-skills section.
Added bounded timeouts and safer raw-content URL handling for GitHub API and content fetches.
Tightened addSource repository URL validation to accept only repository roots and enabled forceConsistentCasingInFileNames in TypeScript config.
Updated dependency versions to remove known production audit issues.
Synchronized English and Japanese documentation with security and duplicate-skill behavior.

Breaking Changes

install, localize, and uninstall flows now require exact skill name matches when multiple ambiguous partial matches exist

Security Fixes

Fixed arbitrary workspacePath read/write/delete by restricting filesystem operations to trusted workspace roots

View diff on GitHub

Weekly OSS security release digest.

The CVE patches and breaking changes that affected production tools this week. One email, every Sunday.

No spam, unsubscribe anytime.

Share this release

Share on X Share on Bluesky

Track aktsmm/skill-ninja-mcp-server

Get notified when new releases ship.

About aktsmm/skill-ninja-mcp-server

Agent Skill Ninja for MCP: Search, install, and manage AI agent skills (SKILL.md files) from GitHub repositories. Features workspace analysis for personalized recommendations and supports 140+ pre-indexed skills.