This release adds 2 notable features for engineering teams evaluating rollout.
✓ No known CVEs patched in this version
Topics
+11 more
ReleasePort's take
Light signalv0.3.2 introduces a tool definition scanner for prompt injection, typosquatting, and secrets detection, plus smithery.yaml for Smithery directory listings.
Why it matters: Test the new MCP tool definition scanner in dev to catch security issues early; adopt smithery.yaml for consistent Smithery listings.
Summary
AI summaryAdded MCP tool definition scanner and smithery.yaml for Smithery listings.
Changes in this release
| Type | Severity | Summary | CVE |
|---|---|---|---|
| Feature | Medium |
Add MCP tool definition scanner detects prompt injection, typosquatting, secrets in tool definitions. Add MCP tool definition scanner detects prompt injection, typosquatting, secrets in tool definitions. Source: llm_adapter@2026-05-21 Confidence: low |
— |
| Refactor | Medium |
Add smithery.yaml for Smithery MCP directory listing. Add smithery.yaml for Smithery MCP directory listing. Source: llm_adapter@2026-05-21 Confidence: low |
— |
Full changelog
MCP tool definition scanner.
- Add MCP tool definition scanner: detects prompt injection, typosquatting, secrets in tool definitions
- Add smithery.yaml for Smithery MCP directory listing
Weekly OSS security release digest.
The CVE patches and breaking changes that affected production tools this week. One email, every Sunday.
No spam, unsubscribe anytime.
Share this release
About jagmarques/asqav-mcp
AI agent governance MCP server with policy enforcement, quantum-safe audit trails (ML-DSA), multi-party authorization, and compliance reporting. Check policies, sign actions, and verify signatures through MCP tools.
Related context
Beta — feedback welcome: [email protected]