Battam1111/Myco

v0.8.6 Security

This release includes 1 security fix for security teams reviewing exposed deployments.

Published 22d AI Agents & Assistants

View tool

✓ No known CVEs patched

Read the diff → Tool health → What is this tool? →

This release patches 1 known CVE

Topics

agent-memory ai-agents ai-infrastructure autonomous-agents biomimetics claude

+14 more

claude-code codex cognitive-substrate cursor knowledge-management llm-memory llm-tools long-term-memory mcp mycelium python self-evolving substrate vscode

Affected surfaces

auth

ReleasePort's take

Light signal

editorial:auto 13d

The OAuth token residency path was corrected from src/myco/surface/mcp_auth.py to src/myco/boundary/surface/mcp_auth.py, and related mirror integrity and discipline hook paths were updated.

Why it matters: Update your deployment scripts and CI pipelines to reference the new .plugin/ directory structure for agents, commands, and hooks; failure to do so will break token residency handling.

Summary

AI summary

Revives eight lint dimensions and retires three permanently‑silent ones, fixing a critical OAuth token residency bug.

Changes in this release

Type	Severity	Summary	CVE
Performance	Low	In digestion/pipeline.py, check_write_allowed runs before integrated_dir.mkdir to avoid race‑condition style ordering bugs. In digestion/pipeline.py, check_write_allowed runs before integrated_dir.mkdir to avoid race‑condition style ordering bugs. Source: granite4.1:30b@2026-05-23-audit Confidence: low	—
Deprecation	Low	SE4, RL2, and RL3 dimensions permanently retired as they were permanently empty or dead code. SE4, RL2, and RL3 dimensions permanently retired as they were permanently empty or dead code. Source: granite4.1:30b@2026-05-23-audit Confidence: low	—
Deprecation	Low	mcp-resources pyproject extra removed as orphaned after v0.8.5 excretion. mcp-resources pyproject extra removed as orphaned after v0.8.5 excretion. Source: granite4.1:30b@2026-05-23-audit Confidence: low	—
Bugfix
Bugfix	Medium	CL2 oauth token residency path updated from src/myco/surface/mcp_auth.py to src/myco/boundary/surface/mcp_auth.py. CL2 oauth token residency path updated from src/myco/surface/mcp_auth.py to src/myco/boundary/surface/mcp_auth.py. Source: llm_adapter@2026-05-21 Confidence: high	—
Bugfix	Medium	MF5 generated mirror integrity bundle paths moved from agents/, commands/ to .plugin/agents/, .plugin/commands/. MF5 generated mirror integrity bundle paths moved from agents/, commands/ to .plugin/agents/, .plugin/commands/. Source: llm_adapter@2026-05-21 Confidence: high	—
Bugfix	Medium	DI2 discipline hooks content path updated from hooks/hooks.json to .plugin/hooks/hooks.json. DI2 discipline hooks content path updated from hooks/hooks.json to .plugin/hooks/hooks.json. Source: llm_adapter@2026-05-21 Confidence: low	—
Bugfix	Medium	LB2 Living Bets two‑regime axis now explicitly declared in pyproject.toml entry‑points and canon_lint.yaml, fixing a coverage gap. LB2 Living Bets two‑regime axis now explicitly declared in pyproject.toml entry‑points and canon_lint.yaml, fixing a coverage gap. Source: granite4.1:30b@2026-05-23-audit Confidence: low	—
Bugfix	Low	M1 canon identity fields now use ctx.substrate.paths.canon instead of hardcoded "_canon.yaml". M1 canon identity fields now use ctx.substrate.paths.canon instead of hardcoded "_canon.yaml". Source: granite4.1:30b@2026-05-23-audit Confidence: low	—
Bugfix	Low	CG1 doctrine reference updated to use ctx.substrate.paths.docs with local subpath join. CG1 doctrine reference updated to use ctx.substrate.paths.docs with local subpath join. Source: granite4.1:30b@2026-05-23-audit Confidence: low	—
Bugfix	Low	CG2 regex extended to accept .docs/ and .myco/notes/ prefixes for hidden‑prefix layout support. CG2 regex extended to accept .docs/ and .myco/notes/ prefixes for hidden‑prefix layout support. Source: granite4.1:30b@2026-05-23-audit Confidence: low	—
Bugfix	Low	SE5 version anchor freshness now uses ctx.substrate.canon.entry_point and ctx.substrate.paths.canon lookups instead of literal globs. SE5 version anchor freshness now uses ctx.substrate.canon.entry_point and ctx.substrate.paths.canon lookups instead of literal globs. Source: granite4.1:30b@2026-05-23-audit Confidence: low	—
Bugfix	Low	INSTALL.md updated to reference .zip bundle extensions instead of six .plugin references (Anthropic GitHub issue #40414). INSTALL.md updated to reference .zip bundle extensions instead of six .plugin references (Anthropic GitHub issue #40414). Source: granite4.1:30b@2026-05-23-audit Confidence: low	—
Bugfix	Low	package_map.md refreshed with current dim totals and subcategory membership; logs added for host_integration and risk_classifier.py retirements. package_map.md refreshed with current dim totals and subcategory membership; logs added for host_integration and risk_classifier.py retirements. Source: granite4.1:30b@2026-05-23-audit Confidence: low	—
Bugfix	Low	README.md title, dim count, and substrate breakdown updated from v0.8.5 to v0.8.6 values. README.md title, dim count, and substrate breakdown updated from v0.8.5 to v0.8.6 values. Source: granite4.1:30b@2026-05-23-audit Confidence: low	—
Bugfix	Low	Example substrate canons (_canon.yaml files) rewritten to schema‑v3, adding llm_policy enum, cycle and boundary rows, governance.last_living_bets_audit_at, and metrics.lint_dim_count: 47. Example substrate canons (_canon.yaml files) rewritten to schema‑v3, adding llm_policy enum, cycle and boundary rows, governance.last_living_bets_audit_at, and metrics.lint_dim_count: 47. Source: granite4.1:30b@2026-05-23-audit Confidence: low	—
Bugfix	Low	bump_version.py path corrected from scripts/sync_plugin_mirrors.py to .scripts/sync_plugin_mirrors.py, fixing a missed root‑cleanup issue. bump_version.py path corrected from scripts/sync_plugin_mirrors.py to .scripts/sync_plugin_mirrors.py, fixing a missed root‑cleanup issue. Source: granite4.1:30b@2026-05-23-audit Confidence: low	—
Refactor
Refactor	Low	IngestResult.source POSIX‑normalizes via .as_posix() for cross‑platform consistency on Windows. IngestResult.source POSIX‑normalizes via .as_posix() for cross‑platform consistency on Windows. Source: granite4.1:30b@2026-05-23-audit Confidence: low	—
Refactor	Low	session_end_run re‑export removed per doctrine rename horizon; satisfies scheduled deletion note. session_end_run re‑export removed per doctrine rename horizon; satisfies scheduled deletion note. Source: granite4.1:30b@2026-05-23-audit Confidence: low	—
Refactor	Low	_SKIP_DIRS clone and _iter_py_files in circulation/graph_src.py replaced with core/skip_dirs.should_skip_dir delegation. _SKIP_DIRS clone and _iter_py_files in circulation/graph_src.py replaced with core/skip_dirs.should_skip_dir delegation. Source: granite4.1:30b@2026-05-23-audit Confidence: low	—
Refactor	Low	Orphan bytecode .scripts/__pycache__/install_cowork_plugin.cpython-313.pyc removed. Orphan bytecode .scripts/__pycache__/install_cowork_plugin.cpython-313.pyc removed. Source: granite4.1:30b@2026-05-23-audit Confidence: low	—
Refactor	Low	extensibility.md rewritten to reference data‑driven JsonClientSpec table, acknowledging excreted host_integration package and retired MF3 dim. extensibility.md rewritten to reference data‑driven JsonClientSpec table, acknowledging excreted host_integration package and retired MF3 dim. Source: granite4.1:30b@2026-05-23-audit Confidence: low	—
Refactor	Low	README.md extensibility‑axis reference changed to boundary/install/clients.py; verb‑surface SSoT path bumped to boundary/surface/manifest.yaml. README.md extensibility‑axis reference changed to boundary/install/clients.py; verb‑surface SSoT path bumped to boundary/surface/manifest.yaml. Source: granite4.1:30b@2026-05-23-audit Confidence: low	—
Refactor	Low	.claude/settings.local.json stripped of deprecated verb aliases and cross‑project permission entries; now lists only current 20 verbs. .claude/settings.local.json stripped of deprecated verb aliases and cross‑project permission entries; now lists only current 20 verbs. Source: granite4.1:30b@2026-05-23-audit Confidence: low	—
Refactor	Low	.gitignore updated: tests/benchmark/.cache/ → .tests/benchmark/.cache/ and added .claude/worktrees/ exclusion. .gitignore updated: tests/benchmark/.cache/ → .tests/benchmark/.cache/ and added .claude/worktrees/ exclusion. Source: granite4.1:30b@2026-05-23-audit Confidence: low	—
Refactor	Low	.docker/.dockerignore removed exclusion for .cowork-plugin as it was consolidated into .plugin/ at v0.8.5. .docker/.dockerignore removed exclusion for .cowork-plugin as it was consolidated into .plugin/ at v0.8.5. Source: granite4.1:30b@2026-05-23-audit Confidence: low	—
Refactor	Low	pyproject.toml sdist include added /.myco to ship canon‑tree skeleton; exclude added /.myco/state/ to omit runtime state from distribution. pyproject.toml sdist include added /.myco to ship canon‑tree skeleton; exclude added /.myco/state/ to omit runtime state from distribution. Source: granite4.1:30b@2026-05-23-audit Confidence: low	—
Other	Low	affected_surface affected_surface Source: llm_adapter@2026-05-21 Confidence: low	—

Full changelog

v0.8.6 - 2026-05-12 - Dead-dim revival sweep + 永恒删减 retirement wave

10-way parallel-agent audit (Round 7 of the v0.8.x cleanup sequence)
uncovered eight lint dimensions that had been emitting zero findings
for entire release windows because of hardcoded paths that no longer
matched the live substrate layout. This molt simultaneously revives
those gates AND retires three permanently-silent dimensions whose
infrastructure premise was never built.

What changed

Dim count: 50 → 47 (net −3 from the SE4/RL2/RL3 retirement). The
new totals — Mechanical 32 + Shipped 2 + Metabolic 6 + Semantic 7 —
match the live dimensions_run output of myco immune.

Real bugs fixed (8 dims newly emitting again):

CL2 (oauth token residency): path src/myco/surface/mcp_auth.py
→ src/myco/boundary/surface/mcp_auth.py. CL2 had silently
returned for every release v0.6.0…v0.8.5 — token-redaction
enforcement was a permanent no-op for five minor versions.
MF5 (generated mirror integrity): bundle dirs agents/,
commands/ → .plugin/agents/, .plugin/commands/. The bundle
paths moved at v0.8.4 (root cleanup); MF5 silently no-op'd until
this fix.
DI2 (discipline hooks content): hooks/hooks.json →
.plugin/hooks/hooks.json (the actual Cowork-bundle binding).
M1 (canon identity fields) fix(): root / "_canon.yaml" →
ctx.substrate.paths.canon (canon-configurable layout support).
CG1 (doctrine ← src reference): hardcoded
"docs/architecture/L2_DOCTRINE" → ctx.substrate.paths.docs
with the subpath joined locally.
CG2 (subpackage → doctrine link): regex extended to accept
.docs/ + .myco/notes/ prefixes (hidden-prefix layout support).
SE5 (version anchor freshness): literal MYCO.md + _canon.yaml
globs replaced by ctx.substrate.canon.entry_point and
ctx.substrate.paths.canon lookups.
digestion/pipeline.py ordering: check_write_allowed now
runs BEFORE integrated_dir.mkdir(...) (same class of bug as
the v0.8.5 molt-then-write reorder).

Coverage gap fixed:

LB2 (Living Bets two-regime axis) was registered in _BUILT_IN
but missing from pyproject.toml::[project.entry-points."myco.dimensions"]
and .myco/canon_lint.yaml::dimensions. The dim was loading only
through the gap-fill fallback; now declared explicitly in both
inventories. metrics.lint_dim_count corrected 51 → 47.

Cross-platform consistency:

ingestion/adapters/code_repo.py::IngestResult.source now POSIX-
normalizes via .as_posix() so Windows ingestion sources don't
embed backslashes that break cross-platform search/dedup.

Excretions (per L0 P3 永恒删减):

SE4 (reciprocal backlink): white-list shipped permanently
empty at v0.6.0; never populated through five releases.
RL2 + RL3 (R3 sense + R4 eat discipline signals): read
.myco/state/session_calls.jsonl that no production code has
ever written — dead-letter checkers from landing.
session_end_run re-export in myco/cycle/__init__.py:
v0.5.x → v0.6.0 rename horizon shim; satisfies the doctrine note
that scheduled deletion "via a v0.9+ craft once the rename horizon
is doctrinally past".
_SKIP_DIRS clone + _iter_py_files in circulation/graph_src.py:
divergent skip-dir set + duplicate walker. Now delegates to the
canonical core/skip_dirs.should_skip_dir.
mcp-resources pyproject extra: orphan since the v0.8.5
boundary/surface/mcp_resources excretion. Removed.
.scripts/__pycache__/install_cowork_plugin.cpython-313.pyc:
orphan bytecode. Removed.

Doctrine drift fixed:

.docs/INSTALL.md: 6 .plugin bundle extension references →
.zip (Anthropic GitHub issue #40414 / v0.7.4 hotfix).
.docs/architecture/L2_DOCTRINE/extensibility.md: "Per-host"
section rewritten to reference the data-driven
boundary/install/clients.py::JsonClientSpec table; the
excreted boundary/host_integration/ package + retired MF3
dim acknowledged as v0.8.5 永恒删减 entries.
.docs/architecture/L3_IMPLEMENTATION/package_map.md: dim totals
- subcategory membership refreshed to match the v0.8.6 roster;
  excretion log gains host_integration v0.8.5 retirement +
  risk_classifier.py v0.8.5 retirement.
.docs/architecture/README.md: title v0.8.5 → v0.8.6; dim count
51 → 47; subcategory breakdown corrected.
.docs/README.md: extensibility-axis ref points at
boundary/install/clients.py (not the excreted symbionts/);
verb-surface SSoT path bumped to boundary/surface/manifest.yaml.

Example substrate canons (v0.5.10 schema-v1 → v0.8.6 schema-v3):

.docs/examples/minimal/_canon.yaml and
.docs/examples/research-assistant/_canon.yaml rewritten to the
current shape: llm_policy enum (replacing no_llm_in_substrate),
cycle + boundary subsystem rows, governance.last_living_bets_audit_at,
metrics.lint_dim_count: 47. A downstream user copying either as
a template now passes SC1 schema-parity on first myco immune.

Config cleanup:

.claude/settings.local.json: stripped deprecated verb aliases
(session-end, reflect, distill, perfuse, genesis) and
cross-project permission entries. Rewritten to list only the
current 20-verb surface.
.gitignore: tests/benchmark/.cache/ → .tests/benchmark/.cache/;
added .claude/worktrees/ to keep abrupt-termination cruft from
being committed.
.docker/.dockerignore: .cowork-plugin exclude removed (directory
consolidated into .plugin/ at v0.8.5).
pyproject.toml: sdist include gains /.myco (canon-tree
skeleton ships in sdist now); matching exclude gains
/.myco/state/** (runtime state doesn't pollute the distribution).
.scripts/bump_version.py: scripts/sync_plugin_mirrors.py →
.scripts/sync_plugin_mirrors.py (path missed by the v0.8.4
hidden-prefix root cleanup; would have failed for any
Myco-self bump until this fix landed).

Break from v0.8.5

No backward-incompatible contract change. Three dims (SE4, RL2, RL3)
disappear from myco immune --list output — substrates that pinned
those IDs in their lint.skeleton_downgrade.affected_dimensions
allowlist will see an unknown-ID warning at load (existing kernel
behavior; not a hard failure). Eight dims (CL2, MF5, DI2, M1 fix,
CG1, CG2, SE5, plus LB2 via entry-points registration) now produce
findings on substrates where they previously emitted none — this is
the intended behavior; new findings on substrates that were silently
missing checks are signal, not regression.

Breaking Changes

Dimensions SE4, RL2, and RL3 removed from `myco immune` output; substrates referencing them will see unknown‑ID warnings.

Security Fixes

CL2 now correctly enforces OAuth token residency; previously returned a no‑op for releases v0.6.0–v0.8.5, causing silent lack of redaction enforcement.

View diff on GitHub

Weekly OSS security release digest.

The CVE patches and breaking changes that affected production tools this week. One email, every Sunday.

No spam, unsubscribe anytime.

Share this release

Share on X Share on Bluesky

Track Battam1111/Myco

Get notified when new releases ship.

About Battam1111/Myco

Agent-first cognitive substrate with 18 manifest-driven verbs (germinate / eat / assimilate / sporulate / traverse / immune / molt / …) and 25 lint dimensions enforcing contract invariants mechanically (R1–R7). Cross-session / cross-project memory via a self-validating filesystem graph — AST + markdown-link derived, not embedding-based. Provider-agnostic by design: MP1/MP2 dims forbid LLM-SDK imports in the kernel and plugin tree. Editable-default install. Works with Claude Code, Cursor, Windsurf, Zed, VS Code, and any MCP client.

All releases →