Skip to content

knewstimek/agent-tool

v0.5.0 Security

This release includes 4 security fixes for security teams reviewing exposed deployments.

Published 2mo MCP Developer Tools
✓ No known CVEs patched
Read the diff → Tool health → What is this tool? →
This release patches 4 known CVEs

Topics

ai-coding automation claude-code cli codex cross-platform
+13 more
cursor developer-tools dns encoding file-tools go mcp mcp-server mysql redis sftp ssh tls

Affected surfaces

rce_ssrf auth

Summary

AI summary

Shell auto-detection on Windows now prefers PowerShell with UTF-8 and PATH enhancements.

Full changelog

Quick Start

  1. Download the binary for your OS below
  2. Run agent-tool install (or agent-tool install claude)
  3. Restart your IDE
  4. Done — all tools work immediately, no permission popups

Or just ask your AI agent:

"Download agent-tool from https://github.com/knewstimek/agent-tool/releases/latest and run agent-tool install"

Any capable AI coding agent (Claude Code, Codex, etc.) can handle the full download → install → restart flow automatically.

Tip: Add this to your project's CLAUDE.md or AGENTS.md so your agent prefers agent-tool over built-in tools:

Strict mode (for projects with non-UTF-8 files or mixed indentation):

ALWAYS use agent-tool MCP tools (mcp__agent-tool__*) instead of built-in file tools.
Do NOT use built-in Read, Edit, Write, Grep, or Glob — use mcp__agent-tool__read,
mcp__agent-tool__edit, mcp__agent-tool__write, mcp__agent-tool__grep, mcp__agent-tool__glob instead.

Soft mode (general projects):

Prefer agent-tool MCP tools (mcp__agent-tool__*) over built-in file tools when available.

What's New

Shell auto-detection on Windows

The bash tool now auto-detects the best available shell:

  • PowerShell (pwsh or powershell.exe) — preferred, with UTF-8 init script and PATH enhancement
  • Git Bash — checked at known install paths (avoids WSL bash)
  • cmd.exe — fallback

PowerShell sessions automatically configure:

  • UTF-8 output encoding ([Console]::OutputEncoding)
  • PATH enhancement (scoop, cargo, chocolatey, ~/bin)
  • Prompt suppression for clean output
  • Echo filtering for accurate results

Web Search tool

New websearch tool with dual engine support:

  • Brave Search — English/global search (API key via BRAVE_SEARCH_API_KEY)
  • Naver Search — Korean content (API keys via NAVER_CLIENT_ID + NAVER_CLIENT_SECRET)
  • Auto-selects engine based on available API keys
  • Prompt injection warning included in results

Web Fetch tool

  • Fetch and convert web pages to Markdown
  • ECH (Encrypted Client Hello) and DoH (DNS over HTTPS) enabled by default
  • SSRF protection blocks private/internal IPs

Download tool

  • Download binary files from URLs
  • Proxy support (HTTP and SOCKS5)
  • Max 2 GB file size

Security improvements

  • API key echo prevention in error messages
  • SSRF protection across all HTTP tools
  • Eviction safety: TryLock prevents killing active shell sessions
  • Fixed data race in shell session pool

Security Fixes

  • Prevented API key echo in error messages
  • Added SSRF protection across all HTTP tools
  • Implemented TryLock eviction safety to avoid killing active shell sessions
  • Fixed data race in shell session pool
View diff on GitHub

Weekly OSS security release digest.

The CVE patches and breaking changes that affected production tools this week. One email, every Sunday.

No spam, unsubscribe anytime.

Share this release

Share on X Share on Bluesky

Track knewstimek/agent-tool

Get notified when new releases ship.

Sign up free

About knewstimek/agent-tool

Encoding-aware, indentation-smart file tools for AI coding agents. 20+ tools including read/edit with automatic encoding detection, smart indentation conversion, SSH, SFTP, process management, and system utilities. Preserves file encoding (UTF-8, EUC-KR, Shift_JIS, etc.) and respects .editorconfig settings.

All releases →

Related context

Beta — feedback welcome: [email protected]