Skip to content

pastorsimon1798/mcp-video

v1.2.2 Security

This release includes 5 security fixes for security teams reviewing exposed deployments.

Published 1mo MCP Developer Tools
✓ No known CVEs patched
Read the diff → Tool health → What is this tool? →
This release patches 5 known CVEs

Topics

agent-tools ai-agents ai-video claude claude-code cli
+14 more
cursor ffmpeg hyperframes mcp mcp-server mcp-tools media-automation model-context-protocol python python-library subtitles video video-automation video-editing

Affected surfaces

rce_ssrf

Summary

AI summary

Fixed TOCTOU race conditions, sanitized FFmpeg filter values, and hardened AI engine resource guards.

Full changelog

Release v1.2.2

Security

  • Fixed TOCTOU race conditions and sanitized numeric values in FFmpeg filters (#134)
  • Added _validate_output_path() and rolled it out across all engines (#135)
  • Hardened AI engine resource guards for scene detection, spatial audio, stem separation, transcription, and upscaling (#136, #141, #142)
  • Hardened direct download paths with timeout and size limits (#142)
  • Fixed design quality security and SRT format safety issues (#131)

Added

  • Client-side validation and return type annotations (#137)
  • Current edge-case audit document
  • Startup validation for remotion_engine.studio()

Changed

  • Replaced grey social preview with generated media artwork (#138)
  • Updated public tool count messaging, landing page metadata, and canonical links

Notes

  • Full test suite: 813 passed, 9 skipped, 2 xpassed
  • Ruff checks clean
  • Built packages: mcp_video-1.2.2.tar.gz and mcp_video-1.2.2-py3-none-any.whl

Security Fixes

  • Fixed TOCTOU race conditions and sanitized numeric values in FFmpeg filters (#134)
  • Added _validate_output_path() across all engines (#135)
  • Hardened AI engine resource guards for scene detection, spatial audio, stem separation, transcription, and upscaling (#136, #141, #142)
  • Hardened direct download paths with timeout and size limits (#142)
  • Fixed design quality security and SRT format safety issues (#131)
View diff on GitHub

Weekly OSS security release digest.

The CVE patches and breaking changes that affected production tools this week. One email, every Sunday.

No spam, unsubscribe anytime.

Share this release

Share on X Share on Bluesky

Track pastorsimon1798/mcp-video

Get notified when new releases ship.

Sign up free

About pastorsimon1798/mcp-video

Video editing MCP server with 26 tools for trimming, merging, text overlays, audio sync, filters, color grading, audio normalization, picture-in-picture, split-screen, batch processing, format conversion, subtitles, watermarks, and more. 380 tests, CI on Python 3.11+3.12, progress callbacks, works with Claude Code, Cursor, and any MCP client.

All releases →

Related context

Beta — feedback welcome: [email protected]