Skip to content

lanchuske/local-mcp

v3.0.265 Security

This release includes 1 security fix for security teams reviewing exposed deployments.

Published 6d MCP Developer Tools
✓ No known CVEs patched
Read the diff → Tool health → What is this tool? →
This release patches 1 known CVE

Topics

ai-tools anthropic apple-silicon calendar chatgpt claude
+14 more
cursor email gdpr imessage local-first macos mcp mcp-server onedrive privacy productivity slack teams whatsapp

Affected surfaces

auth rbac

ReleasePort's take

Light signal
editorial:auto 6d

The release hardens data handling to stop email and message content from derailing AI tasks, and it fixes a rare crash during updates.

Why it matters: Prevents security‑critical steering of AI via email/message content (severity 80) and resolves an update‑process crash that could disrupt deployments.

Summary

AI summary

Hardened data handling prevents email/message content from steering the AI off task.

Changes in this release

Security High

Prevents email and message content from steering AI off task.

Prevents email and message content from steering AI off task.

Source: llm_adapter@2026-06-08

Confidence: high
Security High

Locks local connection to user's account.

Locks local connection to user's account.

Source: llm_adapter@2026-06-08

Confidence: high
Feature Low

Adds option to opt out of anonymous improvement signals in Settings.

Adds option to opt out of anonymous improvement signals in Settings.

Source: llm_adapter@2026-06-08

Confidence: high
Feature Low

Shows clearer status in Slack.

Shows clearer status in Slack.

Source: llm_adapter@2026-06-08

Confidence: high
Bugfix Medium

Fixes rare crash during updates.

Fixes rare crash during updates.

Source: llm_adapter@2026-06-08

Confidence: high
Full changelog

Local MCP is more reliable and more private. We fixed a rare crash, updates now restart cleanly, and we hardened how your data is handled: content from your emails and messages can no longer steer the AI off task, and the local connection is locked to your account. Slack shows clearer status, and you can opt out of anonymous improvement signals in Settings.

Security Fixes

  • Prevented email and message content from influencing AI off‑task behavior; locked local connection to the user's account.
View diff on GitHub

Weekly OSS security release digest.

The CVE patches and breaking changes that affected production tools this week. One email, every Sunday.

No spam, unsubscribe anytime.

Share this release

Share on X Share on Bluesky

Track lanchuske/local-mcp

Get notified when new releases ship.

Sign up free

About lanchuske/local-mcp

Connect Claude, Cursor, Windsurf and other AI agents to macOS native apps: Mail, Calendar, Contacts, Reminders, Notes, iMessage, Finder, Safari, OmniFocus, Microsoft Teams, Outlook, OneDrive, and Office documents. 82 tools. Runs entirely on your Mac — no cloud, no tokens, no API keys.

All releases →

Related context

Beta — feedback welcome: [email protected]