gitmotion/ntfy-me-mcp

v1.4.0 Security

This release includes 1 security fix for security teams reviewing exposed deployments.

Published 1mo MCP Developer Tools

View tool

✓ No known CVEs patched

Read the diff → Tool health → What is this tool? →

This release patches 1 known CVE

Topics

agent ai ai-tools claude docker llm

+12 more

llm-agent mcp modelcontextprotocol notifications npm npx ntfy ntfy-mcp ntfy-mcp-server ntfymcp ntfysh vscode

Affected surfaces

auth breaking_upgrade

Summary

AI summary

Strict URL validation removes prompt‑injection vectors in ntfy server calls.

Full changelog

ntfy-me-mcp v1.4.0 Release Notes

This release delivers a security and maintainability upgrade, addressing prompt-injection risks, improving schema validation, and refactoring the codebase for clarity and testability.

Highlights

Security Hardening
- Strict URL validation for all ntfy server calls (prevents prompt injection via malicious URLs)
- Topic validation: only allows alphanumeric, underscore, hyphen (max 128 chars)
- Error sanitization: never reflects attacker-controlled content in error messages
- Removes all prompt-injection vectors from error handling and tool output
Schema-Driven Validation
- All tool input and config types are now Zod schemas (no duplicate interfaces)
- Schemas for notify, fetch, config, message data, and view actions
- TypeScript types are derived from schemas for runtime and compile-time safety
Handler & Utility Refactor
- Tool handler logic moved to src/utils/toolHandlers.ts (factory pattern)
- Logger abstraction enforced everywhere (no direct console.* calls)
- Markdown detection and action extraction modularized
Config & Workflow Improvements
- .env loading is now silent (no stdout banner in MCP mode)
- PROTECTED_TOPIC env removed; token input is auto-detected via unresolved input reference
- Updated Dockerfile, workflows, and VS Code MCP config for consistency
Test Coverage
- New and updated tests for schemas, handlers, validation, and message parsing
- General test coverage in tests/ and run via Vitest
Documentation & Contribution
- Updated README.md, CONTRIBUTING.md, and .github/copilot-instructions.md
- Issue and PR templates improved for clarity and security

Migration Notes

PROTECTED_TOPIC env variable has been removed in favor of auto detection. (no longer needed in your mcp config)
All environment variables must be set in .env or .vscode/mcp.json as before.
See the updated README for usage and configuration examples.

Changelog

fix: add url validation during calls and error outputs (address #13)
update dependencies
add and update tests for all handlers, schemas, and validation
update npm & docker workflows
update issue and PR templates
remove PROTECTED_TOPIC env and autodetect based on ${input:ntfy_token}
refactor schemas to their own files
fix all PR review comments (security, logging, schema, config)
add .github/copilot-instructions.md and improve contributing docs

What's Changed

fix: add url validation during calls and error outputs (address #13). by @gitmotion in https://github.com/gitmotion/ntfy-me-mcp/pull/14
- address #13

Full Changelog: https://github.com/gitmotion/ntfy-me-mcp/compare/v1.3.5...v1.4.0

Please report any issues or feedback.

Breaking Changes

Removed `PROTECTED_TOPIC` environment variable; token detection is now automatic.

Security Fixes

Strict URL validation for all ntfy server calls prevents prompt injection via malicious URLs; error sanitization removes attacker‑controlled content from messages.

View diff on GitHub

Weekly OSS security release digest.

The CVE patches and breaking changes that affected production tools this week. One email, every Sunday.

No spam, unsubscribe anytime.

Share this release

Share on X Share on Bluesky

Track gitmotion/ntfy-me-mcp

Get notified when new releases ship.

About gitmotion/ntfy-me-mcp

An ntfy MCP server for sending/fetching ntfy notifications to your self-hosted ntfy server from AI Agents (supports secure token auth & more - use with npx or docker!)

All releases →