This release includes 1 security fix for security teams reviewing exposed deployments.
Affected surfaces
ReleasePort's take
Light signalThe release introduces several new features for skill management and improves MCP reliability, while also adding a critical security safeguard during boot‑time preflight.
Why it matters: Boot-time preflight now blocks half‑configured catalog servers from spawning failing subprocesses (severity 80), preventing silent failures that could disrupt operations.
Summary
AI summaryUpdates Other user-visible changes, MCP reliability trio, and Highlights across a mixed release.
Changes in this release
| Type | Severity | Summary | CVE |
|---|---|---|---|
| Security | High |
Boot-time preflight prevents half‑configured catalog servers from spawning subprocesses that would silently fail (e.g., 401/missing credentials). Boot-time preflight prevents half‑configured catalog servers from spawning subprocesses that would silently fail (e.g., 401/missing credentials). Source: granite4.1:30b@2026-05-22-audit Confidence: low |
— |
| Feature | Medium |
Skills split into catalog (browsable, not in system prompt) vs active (loaded). Star to activate. Skills split into catalog (browsable, not in system prompt) vs active (loaded). Star to activate. Source: llm_adapter@2026-05-21 Confidence: high |
— |
| Feature | Medium |
External Git repos can pull skills for the catalog with backend C1 and hierarchical UI C2. External Git repos can pull skills for the catalog with backend C1 and hierarchical UI C2. Source: llm_adapter@2026-05-21 Confidence: high |
— |
| Feature | Medium |
Per-repo Update button added for skill catalog sources (C3). Per-repo Update button added for skill catalog sources (C3). Source: llm_adapter@2026-05-21 Confidence: high |
— |
| Feature | Medium |
Recommended presets seeded including `obra/superpowers` in the external skill catalog. Recommended presets seeded including `obra/superpowers` in the external skill catalog. Source: llm_adapter@2026-05-21 Confidence: high |
— |
| Feature | Medium |
/skills legend gains inline category icons. /skills legend gains inline category icons. Source: llm_adapter@2026-05-21 Confidence: high |
— |
| Feature | Medium |
Boot-time preflight skips catalog-backed MCP servers with missing required config, issuing a warning instead of silent subprocess failure. Boot-time preflight skips catalog-backed MCP servers with missing required config, issuing a warning instead of silent subprocess failure. Source: llm_adapter@2026-05-21 Confidence: high |
— |
| Feature | Medium |
Runtime failure monitor raises bell notification for repeatedly failing MCP server. Runtime failure monitor raises bell notification for repeatedly failing MCP server. Source: llm_adapter@2026-05-21 Confidence: high |
— |
| Feature | Medium |
Error hint chip provides catalog-derived Error hint chip provides catalog-derived Source: llm_adapter@2026-05-21 Confidence: low |
— |
| Feature | Medium |
Error hint chip adds catalog‑derived "how to fix" hints to MCP tool errors in the sidebar. Error hint chip adds catalog‑derived "how to fix" hints to MCP tool errors in the sidebar. Source: granite4.1:30b@2026-05-22-audit Confidence: low |
— |
| Feature | Low |
Graceful degradation for missing optional host tools (ffmpeg, docker) shows clear notification and affected‑feature list instead of hard exit at startup. Graceful degradation for missing optional host tools (ffmpeg, docker) shows clear notification and affected‑feature list instead of hard exit at startup. Source: granite4.1:30b@2026-05-22-audit Confidence: low |
— |
| Feature | Low |
New `--disable-sandbox` flag added; bundled boolean CLI flags introduced (#1089 / #1397). New `--disable-sandbox` flag added; bundled boolean CLI flags introduced (#1089 / #1397). Source: granite4.1:30b@2026-05-22-audit Confidence: low |
— |
| Feature | Low |
Multi‑day calendar events are supported. Multi‑day calendar events are supported. Source: granite4.1:30b@2026-05-22-audit Confidence: low |
— |
| Feature | Low |
Role‑aware empty state includes clickable starter queries. Role‑aware empty state includes clickable starter queries. Source: granite4.1:30b@2026-05-22-audit Confidence: low |
— |
| Feature | Low |
Investor role gains `searchX` and `readXPost` for X/Twitter access. Investor role gains `searchX` and `readXPost` for X/Twitter access. Source: granite4.1:30b@2026-05-22-audit Confidence: low |
— |
| Feature | Low |
`presentMulmoScript` advances silent beats by duration during Play (#1073). `presentMulmoScript` advances silent beats by duration during Play (#1073). Source: granite4.1:30b@2026-05-22-audit Confidence: low |
— |
| Feature | Low |
Inline error chip with retry option added for movie‑generation failure (#1197). Inline error chip with retry option added for movie‑generation failure (#1197). Source: granite4.1:30b@2026-05-22-audit Confidence: low |
— |
Full changelog
Highlights
External skill catalog (#1383 / #1335)
Skills are split into catalog (browsable, not in the system prompt) vs active (loaded). Star to activate; Preview and Run-once before committing. The catalog can pull skills from external Git repos (backend C1, hierarchical UI C2, per-repo Update button C3), with recommended presets seeded including obra/superpowers. The /skills legend gains inline category icons.
MCP reliability trio
- Boot-time preflight (#1352) — catalog-backed MCP servers with missing required config are skipped with a warning instead of spawning a subprocess that fails every call silently.
- Runtime failure monitor (#1353) — a server that fails repeatedly raises a bell notification.
- Error hint chip (#1354) — MCP tool errors in the right sidebar carry a catalog-derived "how to fix" hint.
Graceful degradation for optional host dependencies (#1385)
Missing ffmpeg / docker / other optional host tools degrade gracefully (clear notification + affected-feature list) instead of hard-exiting at startup. New --disable-sandbox flag plus bundled boolean CLI flags (#1089 / #1397).
Other user-visible changes
- Multi-day calendar events (#1368)
- Role-aware empty state with clickable starter queries
- Investor role gains
searchX/readXPost(X/Twitter access) presentMulmoScript: silent beats advance by duration during Play (#1073); inline error chip + retry on movie-generation failure (#1197)
Security
MCP boot preflight (#1352) stops half-configured catalog servers from spawning subprocesses that would otherwise fail every tool call silently (401 / missing-credentials), reducing the chance of a misconfigured server being mistaken for working.
Full Changelog
See CHANGELOG.md for the complete list.
Security Fixes
- MCP boot preflight (#1352) prevents half-configured catalog servers from spawning subprocesses that silently fail due to authentication or credential issues.
Weekly OSS security release digest.
The CVE patches and breaking changes that affected production tools this week. One email, every Sunday.
No spam, unsubscribe anytime.
Share this release
About MulmoClaude
All releases →Related context
Related tools
Earlier breaking changes
- v0.6.4 `General` role split into lean `General` and new `Personal` role; Encore seed role pinned to Personal.
Beta — feedback welcome: [email protected]