This release includes breaking changes for platform teams planning a safe upgrade.
✓ No known CVEs patched in this version
Topics
+7 more
Affected surfaces
Summary
AI summaryUpdates https://github.com/Pantheon-Security/notebooklm-mcp-secure/releases/tag/v1.5.1, Full Changelog See CHANGELOG.md, and https://github.com/Pantheon-Security/chrome-mcp-secure/blob/main/CHANGELOG.md across a mixed release.
Full changelog
Chrome MCP Secure v2.2.1
Cross-Platform File Permissions Fix
Fixed
- All file operations now use centralized
file-permissions.tsutility- Fixed 12 instances of insecure
fs.mkdirSync()andfs.writeFileSync()calls - Proper Windows ACL support via
icacls - Consistent 0o700 directory and 0o600 file permissions on Unix
- Fixed 12 instances of insecure
Files Updated
| File | Changes |
|------|---------|
| crypto.ts | Uses mkdirSecure() and writeFileSecure() |
| credential-vault.ts | Uses mkdirSecure() and writeFileSecure() |
| secure-memory.ts | Deprecated internal functions, delegates to file-permissions.ts |
| mcp-auth.ts | Uses mkdirSecure() and writeFileSecure() |
| logger.ts | Audit log directory uses mkdirSecure() |
This is the same fix applied to notebooklm-mcp-secure v1.5.1.
Full Changelog
See CHANGELOG.md
Weekly OSS security release digest.
The CVE patches and breaking changes that affected production tools this week. One email, every Sunday.
No spam, unsubscribe anytime.
Share this release
About Pantheon-Security/chrome-mcp-secure
Security-hardened Chrome automation with post-quantum encryption (ML-KEM-768 + ChaCha20-Poly1305), secure credential vault, memory scrubbing, and audit logging. 22 tools for browser automation and secure logins.
Related context
Beta — feedback welcome: [email protected]