Skip to content

logly/mureo

v0.2.0 Security

This release includes 3 security fixes for security teams reviewing exposed deployments.

Published 2mo AI Agents & Assistants
✓ No known CVEs patched
Read the diff → Tool health → What is this tool? →
This release patches 3 known CVEs

Topics

advertising agentic-ai ai-agents claude-code cli codex
+11 more
cursor facebook-ads gemini-cli google-ads marketing marketing-automation mcp meta-ads model-context-protocol python search-console

Affected surfaces

rce_ssrf

Summary

AI summary

Added 78 new MCP tools (Google Ads, Meta Ads) and implemented security hardening.

Full changelog

What's New

159 MCP Tools (was 81)

Added 78 new MCP tools, nearly doubling the tool count:

  • Google Ads (82 tools, +53): sitelinks, callouts, conversion tracking, targeting (device/location/schedule), recommendations, bid adjustments, change history, performance and budget analysis, RSA asset analysis, B2B optimizations, creative research, landing page analysis, monitoring and goal evaluation, screenshot capture
  • Meta Ads (77 tools, +25): pause/enable for campaigns/ad sets/ads, audience management (get/delete/lookalike), creative management (list/create/dynamic), pixel management, performance analysis, audience and placement analysis, cost investigation, ad comparison, creative improvement suggestions

Security Hardening

  • File path traversal protection on upload handlers
  • URL scheme validation on capture handlers
  • Input format validation (customer_id, account_id)

Code Quality

  • All ruff, black, and mypy checks pass (Python 3.10-3.12)
  • 1257 tests with 80%+ coverage
  • Tool definitions split into category-based sub-modules

Other

  • Project rebranded from Ad operations to Marketing operations for multi-platform future
  • Default branch renamed to main
  • Project logo added to README

Full Changelog: https://github.com/logly/mureo/compare/8f2a466...v0.2.0

Security Fixes

  • File path traversal protection on upload handlers
  • URL scheme validation on capture handlers
  • Input format validation for customer_id and account_id fields
View diff on GitHub

Weekly OSS security release digest.

The CVE patches and breaking changes that affected production tools this week. One email, every Sunday.

No spam, unsubscribe anytime.

Share this release

Share on X Share on Bluesky

Track logly/mureo

Get notified when new releases ship.

Sign up free

About logly/mureo

Framework for AI agents (Claude Code, Cursor, Codex, Gemini) to operate Google Ads, Meta Ads, and Search Console. Grounded in a local STRATEGY.md — not metric-chasing. Defense-in-depth security, local-first. Apache 2.0.

All releases →

Related context

Beta — feedback welcome: [email protected]