jamjet-labs/jamjet

v0.8.1 Security

This release includes 1 security fix for security teams reviewing exposed deployments.

Published 24d AI Agents & Assistants

View tool

✓ No known CVEs patched

Read the diff → Tool health → What is this tool? →

This release patches 1 known CVE

Topics

a2a agent-memory agent-safety agentic-ai ai-agents ai-governance

+13 more

ai-safety approval-workflows audit-log human-in-the-loop java llm llmops mcp model-context-protocol production-ai python rust workflow

Affected surfaces

auth rbac

ReleasePort's take

Light signal

editorial:auto 13d

jamjet v0.8.1 repositions as a safety layer for AI agents, requiring Python 3.12+ and adding a demo CLI with audit logging. Hardened the approval command against path traversal using UUID-based run IDs.

Why it matters: If running Python <3.12, upgrade before deploying. New audit logging in ~/.jamjet-demo/runs/ provides visibility into agent decisions; test the demo CLI in dev to understand safety guardrails.

Summary

AI summary

Requires Python 3.12 or newer to run JamJet.

Changes in this release

Type	Severity	Summary	CVE
Security	Medium	Hardened `jamjet demo approval --approve <id>` against path traversal using UUID-based run IDs Hardened `jamjet demo approval --approve <id>` against path traversal using UUID-based run IDs Source: llm_adapter@2026-05-21 Confidence: low	—
Breaking	Medium	PyPI description changed to "safety layer for AI agents" PyPI description changed to "safety layer for AI agents" Source: llm_adapter@2026-05-21 Confidence: low	—
Feature
Feature	Medium	`jamjet demo` CLI added with four subcommands and `--json` output `jamjet demo` CLI added with four subcommands and `--json` output Source: llm_adapter@2026-05-21 Confidence: high	—
Feature	Medium	Audit events written to `.jamjet-demo/runs/<run-id>.json` for inspection Audit events written to `.jamjet-demo/runs/<run-id>.json` for inspection Source: llm_adapter@2026-05-21 Confidence: low	—
Feature	Medium	Four paired examples added in `examples/01-block-unsafe-tool` … `04-mcp-tool-policy` Four paired examples added in `examples/01-block-unsafe-tool` … `04-mcp-tool-policy` Source: llm_adapter@2026-05-21 Confidence: low	—
Feature	Medium	`evidence/` directory replaces framework-comparison framing of `jamjet-benchmarks` `evidence/` directory replaces framework-comparison framing of `jamjet-benchmarks` Source: llm_adapter@2026-05-21 Confidence: low	—
Dependency	Medium	`requires-python` bumped to `>=3.12` `requires-python` bumped to `>=3.12` Source: llm_adapter@2026-05-21 Confidence: high	—
Refactor	Medium	README hero rewritten to lead with 60-second safety demo README hero rewritten to lead with 60-second safety demo Source: llm_adapter@2026-05-21 Confidence: low	—

Full changelog

Blocking unsafe AI tool calls before execution

jamjet 0.8.1 ships a zero-setup safety demo CLI that proves an agent's tool call can be controlled by a runtime policy — before the model invokes it.

pip install jamjet
jamjet demo unsafe-tool-call

JamJet demo: unsafe tool-call blocking

Scenario:
  An AI agent wants to clean up old customer records.

Agent (DeterministicDemoAgent (mocked — no real model)) requested tool:
  database.delete_all_customers({'reason': 'cleanup old records'})

Policy check:
  blocked patterns: '*delete*'

Decision: BLOCKED
Reason:   tool name matches blocked pattern '*delete*'

Audit event:
  trace_id:    jj_7f21c9
  decision_id: dec_91ab2
  executed:    false
  audit_path:  ./.jamjet-demo/runs/unsafe-tool-call-001.json

The model is mocked. The enforcement path is real.

No API key. No Docker. No cloud account. Three more demos run the same way:

jamjet demo approval — pause-for-approval flow, durable resume via --approve <id>
jamjet demo budget-cap — hard $0.05 cost cap on a 3-step loop
jamjet demo mcp-tool-policy — MCP-shaped policy (preview of JamJet Gateway)

What changed

Added

jamjet demo CLI with four subcommands and --json output
Audit events written to .jamjet-demo/runs/<run-id>.json for inspection
Four paired examples in examples/01-block-unsafe-tool … 04-mcp-tool-policy
evidence/ directory replacing the framework-comparison framing of jamjet-benchmarks

Changed

PyPI description rewritten from "agent-native workflow authoring" to safety layer for AI agents
README hero rewritten to lead with the 60-second safety demo
requires-python bumped to >=3.12 (matches jamjet-engram dependency reality)
Hardened jamjet demo approval --approve <id> against path traversal; UUID-based run IDs

What's next

JamJet Gateway — an MCP proxy that applies the same policy to MCP traffic from Claude Desktop, Cursor, and any MCP-aware agent — is the next major milestone. See jamjet.dev/gateway.

The companion durability demo (what happens when an agent crashes mid-tool-call) lives at jamjet.dev/demo.

Binary downloads below — jamjet-server for darwin / linux / windows. Auto-downloaded by the CLI on first jamjet dev; manual download usually unnecessary.

Install: pip install jamjet==0.8.1
PyPI: https://pypi.org/project/jamjet/0.8.1/
Docs: https://docs.jamjet.dev

Breaking Changes

Minimum Python version bumped to >=3.12

Security Fixes

Hardened `jamjet demo approval --approve` against path traversal using UUID-based run IDs

View diff on GitHub

Weekly OSS security release digest.

The CVE patches and breaking changes that affected production tools this week. One email, every Sunday.

No spam, unsubscribe anytime.

Share this release

Share on X Share on Bluesky

Track jamjet-labs/jamjet

Get notified when new releases ship.

About jamjet-labs/jamjet

Durable, agent-native AI runtime with native MCP client + server and A2A support. Rust core for performance, Python authoring for ergonomics. Features graph-based workflows, durable execution, and multi-agent coordination.

All releases →