This release includes 1 breaking change for platform teams planning a safe upgrade.
✓ No known CVEs patched in this version
Affected surfaces
Summary
AI summaryFetches larger than limits now return FetchError with max_words suggestion.
Full changelog
What's new
Auto size guard
The pipeline now enforces default size limits to prevent oversized content from reaching LLM context windows:
- 2MB pre-extraction limit — fires before any processing; applies to all content types
- 20KB post-extraction limit — fires after extraction, with a suggested
max_wordsvalue in the error message
Both limits are bypassed when max_words is set, giving callers explicit control when needed.
Tighter injection pattern
The act_as_if pattern now only fires when followed by an AI role word (model, assistant, agent, bot, gpt, claude, dan, etc.), reducing false positives on phrases like "act as a guide" or "act as a bridge."
Breaking changes
None for callers using max_words. Callers fetching large pages without max_words will now receive a FetchError with a suggested override value instead of receiving oversized content.
Breaking Changes
- Calls without `max_words` that exceed size limits now raise a FetchError with suggested override value instead of returning oversized content.
Weekly OSS security release digest.
The CVE patches and breaking changes that affected production tools this week. One email, every Sunday.
No spam, unsubscribe anytime.
Share this release
About Erodenn/fetch-guard
URL fetcher and HTML-to-markdown converter with three-layer prompt injection defense: pre-extraction sanitization of hidden/off-screen elements and non-printing Unicode, 15-pattern risk scanning (HIGH/MEDIUM/OK), and per-request session-salt content boundary wrapping.
Related context
Beta — feedback welcome: [email protected]