costajohnt/oss-autopilot

vcore-v3.3.0 scope: core Security

This release includes 1 security fix for security teams reviewing exposed deployments.

Published 1mo AI Agents & Assistants

View tool

✓ No known CVEs patched

Read the diff → Tool health → What is this tool? →

This release patches 1 known CVE

Topics

ai-agent anthropic claude-code claude-code-plugin cli contribution-tracker

+6 more

developer-tools github github-automation issue-discovery pr-management typescript

Summary

AI summary

Fixed three critical data‑loss bugs identified in the 2026-04-28 audit.

Full changelog

3.3.0 (2026-05-04)

Features

add manifest command + plugin/CLI contract verification (#1190) (#1194) (887d819)
security: add wrapUntrustedContent fence + prompt-injection corpus (#1192) (#1197) (e86c8d2)

Bug Fixes

3 critical data-loss bugs from 2026-04-28 audit (#1200, #1201, #1202) (#1210) (8ae74ce)
surface stale-cache fallback from refreshFromGist in --json (#1193) (#1198) (c68f130)

Security Fixes

wrapUntrustedContent fence added to mitigate prompt‑injection risks

View diff on GitHub

Weekly OSS security release digest.

The CVE patches and breaking changes that affected production tools this week. One email, every Sunday.

No spam, unsubscribe anytime.

Share this release

Share on X Share on Bluesky

Track costajohnt/oss-autopilot

Get notified when new releases ship.

About costajohnt/oss-autopilot

Open source contribution manager with PR tracking across repos, issue discovery, CI failure diagnosis, and maintainer response drafting. Available as CLI, MCP server, and Claude Code plugin.

All releases →