LumabyteCo/clarifyprompt-mcp

v1.6.5 Security

This release includes 2 security fixes for security teams reviewing exposed deployments.

Published 3d MCP Developer Tools

View tool

✓ No known CVEs patched

Read the diff → Tool health → What is this tool? →

This release patches 2 known CVEs

Affected surfaces

deps

ReleasePort's take

Moderate signal

editorial:auto 3d

The v1.6.5 release patches two critical security issues in @modelcontextprotocol/sdk and updates dependency floors to mitigate further risks.

Why it matters: Patches CVE-2026-0621 ReDoS (severity 90) and GHSA‑345p data‑leak (severity 85); bumps sdk floor from ^1.12.1 to ^1.29.0, reducing vulnerability exposure in production.

Summary

AI summary

Updates Numbers, Tools, and unchanged across a mixed release.

Changes in this release

Type	Severity	Summary	CVE
Security	Critical	Patches CVE-2026-0621 ReDoS vulnerability in @modelcontextprotocol/sdk UriTemplate regex. Patches CVE-2026-0621 ReDoS vulnerability in @modelcontextprotocol/sdk UriTemplate regex. Source: llm_adapter@2026-05-31 Confidence: high	—
Security	High	Patches GHSA-345p-7cg4-v4c7 data‑leak in shared server/transport instances of @modelcontextprotocol/sdk. Patches GHSA-345p-7cg4-v4c7 data‑leak in shared server/transport instances of @modelcontextprotocol/sdk. Source: llm_adapter@2026-05-31 Confidence: high	—
Feature	Low	Ensures npm audit --production reports 0 vulnerabilities after updates. Ensures npm audit --production reports 0 vulnerabilities after updates. Source: llm_adapter@2026-05-31 Confidence: high	—
Dependency	Medium	Bumps @modelcontextprotocol/sdk floor from ^1.12.1 to ^1.29.0 and zod floor from ^3.24.0 to ^3.25.76. Bumps @modelcontextprotocol/sdk floor from ^1.12.1 to ^1.29.0 and zod floor from ^3.24.0 to ^3.25.76. Source: llm_adapter@2026-05-31 Confidence: high	—
Bugfix	Low	Reduces package-lock.json size by −336 lines after dependency updates. Reduces package-lock.json size by −336 lines after dependency updates. Source: llm_adapter@2026-05-31 Confidence: high	—

Full changelog

What's new in 1.6.5

Security patch. No engine code changes, no MCP tool surface changes, no platform changes, no env-var changes.

Bumps `@modelcontextprotocol/sdk` floor from `^1.12.1` to `^1.29.0` and `zod` floor from `^3.24.0` to `^3.25.76`. Clears two SDK-level CVEs and 7 transitive vulnerabilities in the SDK's HTTP-transport substack. `npm audit --production` now reports 0 vulnerabilities (was 2 SDK CVEs + 7 transitive).

Fixed

CVE-2026-0621 — ReDoS in `@modelcontextprotocol/sdk`'s `UriTemplate` regex (patched upstream in SDK `1.25.2`). The previous `^1.12.1` floor allowed vulnerable resolutions on stale npm caches; bumped to `^1.29.0` so the floor itself is patched.
GHSA-345p-7cg4-v4c7 — Shared server/transport instances leak cross-client response data (patched upstream in SDK `1.26.0`). Not exploitable in practice for ClarifyPrompt (one host = one server instance) but the vulnerable code is now out of the dependency graph entirely.
7 transitive vulnerabilities (2 moderate, 5 high) in the SDK's bundled HTTP-transport substack — `hono`, `express-rate-limit`, `fast-uri`, `ip-address`, `path-to-regexp`, `qs`, `@hono/node-server`. Never affected runtime — ClarifyPrompt is stdio-only and doesn't load the HTTP transport — but they were noise in `npm audit` reports and made the install look unsafe.

Why the floor bump matters beyond CVEs

`^1.12.1` was misleading documentation — caret resolution was actually pulling SDK `1.27.1` for any fresh `npm install` since early 2026. The floor bump aligns the declared baseline with what `npm` was already doing for most users while guaranteeing the floor for users on stale caches. It also positions us for the eventual `2.0.0-alpha` migration when that line stabilizes.

Verification

Full suite green on local Ollama (`qwen2.5-coder:7b`) against the new floor:

`tsc` build: clean
`npm run test:wire`: MCP stdio protocol verified end-to-end (7 stages)
`npm run test:integration`: 9/9 cases pass
`npm run test:day2`: pass
`npm run test:reasoning`: pass
`npm run eval`: 29/30 fixtures pass. The one fail (`analyzer-creative-media`) is a pre-existing qwen-coder-7b classifier flake — verified SDK-independent by stash-reverting and re-running against the previous SDK floor (identical failure mode, same misclassification). On CI against `gpt-4o-mini` the fixture passes as it has since 1.6.0.

Numbers

`package-lock.json` net delta: −336 lines (slimmer dep graph)
Tools: 23 (unchanged). Platforms: 60+ (unchanged). Eval fixtures: 30 (unchanged).

Migration

None. Anyone on `[email protected]` with a normal `npm install` was already getting SDK `1.27.1` via caret. Upgrading to `1.6.5` just makes the floor honest and clears the audit warnings.

Install

```bash
npm install -g [email protected]
```

Security Fixes

CVE-2026-0621 — ReDoS in @modelcontextprotocol/sdk UriTemplate regex, patched upstream starting with SDK 1.25.2.
GHSA-345p-7cg4-v4c7 — Shared server/transport instances leak cross-client response data, removed from dependency graph by bumping floor to ^1.29.0.

View diff on GitHub

Weekly OSS security release digest.

The CVE patches and breaking changes that affected production tools this week. One email, every Sunday.

No spam, unsubscribe anytime.

Share this release

Share on X Share on Bluesky

Track LumabyteCo/clarifyprompt-mcp

Get notified when new releases ship.

About LumabyteCo/clarifyprompt-mcp

MCP server for AI prompt optimization — transforms vague prompts into platform-optimized prompts for 58+ AI platforms across 7 categories (image, video, voice, music, code, chat, document).