Skip to content

IgorGanapolsky/mcp-memory-gateway

v1.21.0 Security

This release includes 1 security fix for security teams reviewing exposed deployments.

Published 15d MCP Developer Tools
✓ No known CVEs patched
Read the diff → Tool health → What is this tool? →
This release patches 1 known CVE

Topics

agent-reliability ai-agents ai-cost-optimization ai-safety amp claude-code
+14 more
codex cursor developer-tools feedback-loop gemini guardrails mcp mcp-server opencode pre-action-checks reduce-llm-cost save-llm-tokens thompson-sampling thumbgate

Affected surfaces

auth deps

Summary

AI summary

Fixes checkout-pro, landing claims; adds Stripe Payment Links attributes, reframe regulated industries, Context Architecture, Agent Manager positioning, PostgreSQL AI guardrails, and dependency bumps.

Changes in this release

Security Medium

implement high-ROI PostgreSQL AI guardrails (Google AI DB mandate)

implement high-ROI PostgreSQL AI guardrails (Google AI DB mandate)

Source: granite4.1:8b-q6_K@2026-05-20

Confidence: low
Feature Medium

document xAI Grok Build CLI support with no new config needed

document xAI Grok Build CLI support with no new config needed

Source: granite4.1:8b-q6_K@2026-05-20

Confidence: high
Feature Medium

/learn/claude-code-goal-with-rubrics uses 4-field pattern → rubric-engine

/learn/claude-code-goal-with-rubrics uses 4-field pattern → rubric-engine

Source: granite4.1:8b-q6_K@2026-05-20

Confidence: high
Feature Medium

attribute and brand customer-facing Payment Links via API in Stripe

attribute and brand customer-facing Payment Links via API in Stripe

Source: granite4.1:8b-q6_K@2026-05-20

Confidence: high
Feature Medium

regulated-industries reframe includes $1.4M TNS anchor, Regulated tier, GitLab outreach

regulated-industries reframe includes $1.4M TNS anchor, Regulated tier, GitLab outreach

Source: granite4.1:8b-q6_K@2026-05-20

Confidence: high
Feature Medium

align manifests with Anthropic marketplace submission form for plugins

align manifests with Anthropic marketplace submission form for plugins

Source: granite4.1:8b-q6_K@2026-05-20

Confidence: high
Feature Medium

/broker-audit landing + mailto: scheduling added to API

/broker-audit landing + mailto: scheduling added to API

Source: granite4.1:8b-q6_K@2026-05-20

Confidence: high
Feature Medium

implement Context Architecture with structured layers, proactive governance, TS routing

implement Context Architecture with structured layers, proactive governance, TS routing

Source: granite4.1:8b-q6_K@2026-05-20

Confidence: high
Feature Medium

email-capture wedge converts ~5k monthly installers to leads

email-capture wedge converts ~5k monthly installers to leads

Source: granite4.1:8b-q6_K@2026-05-20

Confidence: high
Feature Medium

add multi-agent goal contracts to gates

add multi-agent goal contracts to gates

Source: granite4.1:8b-q6_K@2026-05-20

Confidence: high
Dependency Medium

bump playwright-core from 1.59.1 to 1.60.0

bump playwright-core from 1.59.1 to 1.60.0

Source: granite4.1:8b-q6_K@2026-05-20

Confidence: low
Dependency Medium

bump @anthropic-ai/sdk from 0.95.2 to 0.96.0

bump @anthropic-ai/sdk from 0.95.2 to 0.96.0

Source: granite4.1:8b-q6_K@2026-05-20

Confidence: low
Dependency Medium

bump protobufjs from 7.5.6 to 8.4.0

bump protobufjs from 7.5.6 to 8.4.0

Source: granite4.1:8b-q6_K@2026-05-20

Confidence: low
Dependency Medium

bump better-sqlite3 from 12.9.0 to 12.10.0

bump better-sqlite3 from 12.9.0 to 12.10.0

Source: granite4.1:8b-q6_K@2026-05-20

Confidence: low
Dependency Medium

bump stripe from 22.0.2 to 22.1.1

bump stripe from 22.0.2 to 22.1.1

Source: granite4.1:8b-q6_K@2026-05-20

Confidence: low
Dependency Medium

bump actions/github-script from 8 to 9

bump actions/github-script from 8 to 9

Source: granite4.1:8b-q6_K@2026-05-20

Confidence: low
Dependency Medium

bump actions/setup-python from 5 to 6

bump actions/setup-python from 5 to 6

Source: granite4.1:8b-q6_K@2026-05-20

Confidence: low
Bugfix Medium

redirect natural sprint URLs to intake anchor instead of 401

redirect natural sprint URLs to intake anchor instead of 401

Source: granite4.1:8b-q6_K@2026-05-20

Confidence: high
Bugfix Medium

Fix landing funnel and position portable skills

Fix landing funnel and position portable skills

Source: granite4.1:8b-q6_K@2026-05-20

Confidence: high
Bugfix Medium

Fix funnel intake paths for Team and broker audit leads

Fix funnel intake paths for Team and broker audit leads

Source: granite4.1:8b-q6_K@2026-05-20

Confidence: high
Bugfix Medium

remove false '6 paying customers / 18,000+ installs' claim

remove false '6 paying customers / 18,000+ installs' claim

Source: granite4.1:8b-q6_K@2026-05-20

Confidence: low
Bugfix Medium

remove unverifiable '82% token savings' claim

remove unverifiable '82% token savings' claim

Source: granite4.1:8b-q6_K@2026-05-20

Confidence: low
Bugfix Medium

stop 2,251 zombie checkout-session leak from confirm=1 GETs in Stripe

stop 2,251 zombie checkout-session leak from confirm=1 GETs in Stripe

Source: granite4.1:8b-q6_K@2026-05-20

Confidence: low
Bugfix Medium

stop bots burning cs_live_* sessions via confirm=1 link in interstitial

stop bots burning cs_live_* sessions via confirm=1 link in interstitial

Source: granite4.1:8b-q6_K@2026-05-20

Confidence: low
Refactor Medium

update session hygiene rag rules

update session hygiene rag rules

Source: granite4.1:8b-q6_K@2026-05-20

Confidence: low
Other Medium

log Cursor Marketplace manual submission event

log Cursor Marketplace manual submission event

Source: granite4.1:8b-q6_K@2026-05-20

Confidence: low
Other Medium

claim 'Agent Manager' as named ICP after Anthropic role announcement

claim 'Agent Manager' as named ICP after Anthropic role announcement

Source: granite4.1:8b-q6_K@2026-05-20

Confidence: low
Other Medium

bump undici from 8.2.0 to 8.3.0

bump undici from 8.2.0 to 8.3.0

Source: granite4.1:8b-q6_K@2026-05-20

Confidence: low
Other Medium

document machine-wide vs per-project install scope in installation docs

document machine-wide vs per-project install scope in installation docs

Source: granite4.1:8b-q6_K@2026-05-20

Confidence: low
Other Medium

repair README '90-second demo' link and perform tiny root cleanup

repair README '90-second demo' link and perform tiny root cleanup

Source: granite4.1:8b-q6_K@2026-05-20

Confidence: low
Full changelog

What's Changed

  • fix(checkout-pro): remove false '6 paying customers / 18,000+ installs' claim by @IgorGanapolsky in https://github.com/IgorGanapolsky/ThumbGate/pull/2137
  • fix(landing): remove unverifiable "82% token savings" claim by @IgorGanapolsky in https://github.com/IgorGanapolsky/ThumbGate/pull/2143
  • fix(/pricing): SaaS-first hero, consulting collapsed into by @IgorGanapolsky in https://github.com/IgorGanapolsky/ThumbGate/pull/2116
  • feat(adapters): document xAI Grok Build CLI support (no new config needed) by @IgorGanapolsky in https://github.com/IgorGanapolsky/ThumbGate/pull/2146
  • feat(learn): /learn/claude-code-goal-with-rubrics — 4-field pattern → rubric-engine by @IgorGanapolsky in https://github.com/IgorGanapolsky/ThumbGate/pull/2148
  • feat(stripe): attribute + brand the 3 customer-facing Payment Links via API by @IgorGanapolsky in https://github.com/IgorGanapolsky/ThumbGate/pull/2149
  • feat(reframe): regulated-industries reframe — $1.4M TNS anchor, Regulated tier, GitLab outreach by @IgorGanapolsky in https://github.com/IgorGanapolsky/ThumbGate/pull/2161
  • fix(server): redirect natural sprint URLs to intake anchor instead of 401 by @IgorGanapolsky in https://github.com/IgorGanapolsky/ThumbGate/pull/2156
  • feat(plugin): align manifests with Anthropic marketplace submission form by @IgorGanapolsky in https://github.com/IgorGanapolsky/ThumbGate/pull/2167
  • fix(stripe): stop 2,251 zombie checkout-session leak from confirm=1 GETs by @IgorGanapolsky in https://github.com/IgorGanapolsky/ThumbGate/pull/2170
  • docs: log Cursor Marketplace manual submission event by @IgorGanapolsky in https://github.com/IgorGanapolsky/ThumbGate/pull/2178
  • Fix landing funnel and position portable skills by @IgorGanapolsky in https://github.com/IgorGanapolsky/ThumbGate/pull/2179
  • fix: stop bots burning cs_live_* sessions via confirm=1 link in interstitial by @IgorGanapolsky in https://github.com/IgorGanapolsky/ThumbGate/pull/2181
  • feat(api): /broker-audit landing + mailto: scheduling by @IgorGanapolsky in https://github.com/IgorGanapolsky/ThumbGate/pull/2139
  • feat(security): implement high-ROI PostgreSQL AI guardrails (Google AI DB mandate) by @IgorGanapolsky in https://github.com/IgorGanapolsky/ThumbGate/pull/2193
  • feat(context): implement Context Architecture (structured layers, proactive governance, TS routing) by @IgorGanapolsky in https://github.com/IgorGanapolsky/ThumbGate/pull/2191
  • feat(positioning): claim "Agent Manager" as named ICP after Anthropic role announcement by @IgorGanapolsky in https://github.com/IgorGanapolsky/ThumbGate/pull/2187
  • chore(deps): bump playwright-core from 1.59.1 to 1.60.0 by @dependabot[bot] in https://github.com/IgorGanapolsky/ThumbGate/pull/2121
  • chore(deps): bump @anthropic-ai/sdk from 0.95.2 to 0.96.0 by @dependabot[bot] in https://github.com/IgorGanapolsky/ThumbGate/pull/2123
  • chore(deps): bump protobufjs from 7.5.6 to 8.4.0 by @dependabot[bot] in https://github.com/IgorGanapolsky/ThumbGate/pull/2125
  • chore(deps): bump better-sqlite3 from 12.9.0 to 12.10.0 by @dependabot[bot] in https://github.com/IgorGanapolsky/ThumbGate/pull/2126
  • fix: repair README "90-second demo" link + tiny root cleanup by @IgorGanapolsky in https://github.com/IgorGanapolsky/ThumbGate/pull/2183
  • chore(deps): bump stripe from 22.0.2 to 22.1.1 by @dependabot[bot] in https://github.com/IgorGanapolsky/ThumbGate/pull/2124
  • chore(deps): bump actions/github-script from 8 to 9 by @dependabot[bot] in https://github.com/IgorGanapolsky/ThumbGate/pull/2127
  • chore(deps-dev): bump undici from 8.2.0 to 8.3.0 by @dependabot[bot] in https://github.com/IgorGanapolsky/ThumbGate/pull/2122
  • feat(marketing): email-capture wedge — convert ~5k monthly installers to leads by @IgorGanapolsky in https://github.com/IgorGanapolsky/ThumbGate/pull/2198
  • chore(deps): bump actions/setup-python from 5 to 6 by @dependabot[bot] in https://github.com/IgorGanapolsky/ThumbGate/pull/2128
  • feat(gates): add multi-agent goal contracts by @IgorGanapolsky in https://github.com/IgorGanapolsky/ThumbGate/pull/2140
  • docs(install): document machine-wide vs per-project install scope by @IgorGanapolsky in https://github.com/IgorGanapolsky/ThumbGate/pull/2141
  • chore/update session hygiene rag rules by @IgorGanapolsky in https://github.com/IgorGanapolsky/ThumbGate/pull/2163
  • Fix funnel intake paths for Team and broker audit leads by @IgorGanapolsky in https://github.com/IgorGanapolsky/ThumbGate/pull/2203

Full Changelog: https://github.com/IgorGanapolsky/ThumbGate/compare/v1.20.0...v1.21.0

Security Fixes

  • Implement high-ROI PostgreSQL AI guardrails per Google AI DB mandate
View diff on GitHub

Weekly OSS security release digest.

The CVE patches and breaking changes that affected production tools this week. One email, every Sunday.

No spam, unsubscribe anytime.

Share this release

Share on X Share on Bluesky

Track IgorGanapolsky/mcp-memory-gateway

Get notified when new releases ship.

Sign up free

About IgorGanapolsky/mcp-memory-gateway

Pre-action gates that prevent AI coding agents from repeating known mistakes. Captures explicit feedback, auto-promotes failures into prevention rules, and enforces them via hooks.

All releases →

Related context

Beta — feedback welcome: [email protected]