Jovancoding/Network-AI

v5.4.2 Security

This release includes 1 security fix for security teams reviewing exposed deployments.

Published 21d MCP Developer Tools

View tool

✓ No known CVEs patched

Read the diff → Tool health → What is this tool? →

This release patches 1 known CVE

Topics

agent-framework agent-orchestration ai-agents autogen blackboard blackboard-architecture

+14 more

crewai hermes hermes-agent langchain llm mcp multi-agent nemoclaw nodejs openclaw orchestration rlm typescript workflow-engine

ReleasePort's take

Light signal

editorial:auto 13d

ClawHub v5.4.2 corrects security documentation to accurately describe three by-design patterns with documented controls. MCP tool definitions now include explicit return shapes, error behavior, and usage guidelines across all 22 tools.

Why it matters: Security teams can now accurately assess the three documented by-design patterns and their controls. All 22 MCP tools now have explicit contracts (return shapes, error behavior), reducing integration errors.

Summary

AI summary

Fixed inaccurate ClawHub security documentation to correctly describe three advisory notes as by‑design patterns with documented controls.

Changes in this release

Type	Severity	Summary	CVE
Feature	Medium	All 22 MCP tool definitions now include explicit return shapes, error behavior, and usage guidelines. All 22 MCP tool definitions now include explicit return shapes, error behavior, and usage guidelines. Source: llm_adapter@2026-05-21 Confidence: high	—
Bugfix	Medium	ClawHub security documentation accurately describes three by-design patterns with documented controls. ClawHub security documentation accurately describes three by-design patterns with documented controls. Source: llm_adapter@2026-05-21 Confidence: high	—

Full changelog

## Network-AI v5.4.2 — MCP Tool Quality + Security Doc Accuracy

Patch release improving Glama Tool Definition Quality scores and fixing inaccurate ClawHub security documentation.

Improved

MCP tool descriptions — all 22 tool definitions now include explicit return shapes, error/edge-case behavior, and usage guidelines (when to call this tool vs. a related one, recommended ordering). Targets Glama behavior and usage sub-score improvements across fsm_transition, config_get, config_set, token_create, budget_spend, audit_query, and all blackboard tools.

Fixed

ClawHub security documentation — SECURITY.md, .github/SECURITY.md, and ENTERPRISE.md now accurately describe the 3 ClawHub Notes (ASI03 advisory-token identity, ASI06 persistent-context and audit-log PII) as by-design patterns with documented controls, rather than "resolved". Notes will recur on future scans by design; the documented controls are the mitigation.

Stats

29 test suites, 2,976 passing assertions (unchanged)
Zero TypeScript compile errors (npx tsc --noEmit)

Full Changelog

https://github.com/Jovancoding/Network-AI/blob/main/CHANGELOG.md

Security Fixes

ClawHub security documentation corrected to accurately describe ASI03 advisory‑token identity, ASI06 persistent‑context and audit‑log PII as by‑design patterns with documented controls (previously marked as resolved)

View diff on GitHub

Weekly OSS security release digest.

The CVE patches and breaking changes that affected production tools this week. One email, every Sunday.

No spam, unsubscribe anytime.

Share this release

Share on X Share on Bluesky

Track Jovancoding/Network-AI

Get notified when new releases ship.

About Jovancoding/Network-AI

Multi-agent orchestration MCP server with race-condition-safe shared blackboard. 20+ MCP tools: blackboard read/write, agent spawn/stop, FSM transitions, budget tracking, token management, and audit log query. `npx network-ai-server --port 3001`.

All releases →