n24q02m/better-godot-mcp

v1.6.1 Security

This release includes 1 security fix for security teams reviewing exposed deployments.

Published 2mo MCP Developer Tools

View tool

✓ No known CVEs patched

Read the diff → Tool health → What is this tool? →

This release patches 1 known CVE

Topics

ai-agents ai-coding claude claude-code cursor docker

+7 more

gdscript godot godot-engine mcp mcp-server model-context-protocol typescript

Affected surfaces

deps

Summary

AI summary

Fixed path info disclosure in safeResolve error messages.

Full changelog

v1.6.1 (2026-03-20)

Bug Fixes

Add backslash to shell metacharacter blocklist (#301, ce419c7)
Prevent path info disclosure in safeResolve error message (d501bbe)

Chores

deps: Lock file maintenance (#280, 3409dad)
deps: Update codecov/codecov-action digest to 1af5884 (#282, 6e6de30)
deps: Update dawidd6/action-send-mail action to v16 (#284, 4e908e9)
deps: Update dependency @biomejs/biome to ^2.4.8 (#283, d91dde3)

Performance Improvements

Replace extname with endsWith for directory traversal (#287, 1012996)

Detailed Changes: v1.6.0...v1.6.1

Security Fixes

Prevent path info disclosure in safeResolve error message

View diff on GitHub

Weekly OSS security release digest.

The CVE patches and breaking changes that affected production tools this week. One email, every Sunday.

No spam, unsubscribe anytime.

Share this release

Share on X Share on Bluesky

Track n24q02m/better-godot-mcp

Get notified when new releases ship.

About n24q02m/better-godot-mcp

18 composite tools for structured Godot 4.x interaction: scenes, nodes, GDScript, shaders, animation, tilemap, physics, audio, navigation, UI, input mapping, and signals.

All releases →