goklab/guardvibe

v3.0.34 Bugfix

This release fixes issues for SREs watching stability and regressions.

Published 1mo MCP Security & Auth

View tool

✓ No known CVEs patched

Read the diff → Tool health → What is this tool? →

✓ No known CVEs patched in this version

Topics

ai-security claude clerk cursor cve drizzle

+14 more

gemini-cli-extension hono mcp nextjs owasp prisma static-analysis security stripe supabase supply-chain typescript vercel vibe-coding

Summary

AI summary

Rule ID VG430 conflict resolved by moving Clerk SSRF rule to VG449; added VG101 and VG409 for cross‑rule deduplication.

Full changelog

VG430 was duplicated — same ID used by both Supabase Anon Key on Server (older) and Clerk SSRF (newer). Clerk rule moved to VG449, Supabase keeps VG430. Total now 365 rules with 365 unique IDs (was 365 array entries, 364 unique). Added VG101 + VG409 to cross-rule dedup so res.redirect(req.query.url) only counts once. Tool count corrected to 38 across docs.

View diff on GitHub

Weekly OSS security release digest.

The CVE patches and breaking changes that affected production tools this week. One email, every Sunday.

No spam, unsubscribe anytime.

Share this release

Share on X Share on Bluesky

Track goklab/guardvibe

Get notified when new releases ship.

About goklab/guardvibe

Security MCP for vibe coding with 330 rules and 29 tools. Purpose-built for AI-generated code — scans Next.js, Supabase, Clerk, Stripe, Prisma, Hono, GraphQL, and 25+ modules. Cross-file taint analysis, host security audit, auto-fix, SARIF export, pre-commit hook, and CVE version detection. Zero config, runs locally.

All releases →

goklab/guardvibe

Summary

Related context

Related tools