This release keeps dependencies and maintenance posture current for teams operating this tool.
✓ No known CVEs patched in this version
Topics
+2 more
Summary
AI summaryMinor fixes and improvements.
Full changelog
What's New
Functional Audit (91/91 passing)
- 60 MCP tool tests (59 tools + injection detection), each with individual test function
- 24 A2A skill tests via live A2A Protocol
- 7-step A2A governance E2E lifecycle test
- FUNCTIONAL_AUDIT.md with evidence
Permanent CI Security Gates (10/10 green)
- bandit: HIGH=0 blocks PR
- pip-audit: CRITICAL=0 blocks PR
- secrets-scan: patterns + .env tracking check blocks PR
- unit/adversarial/security/regression: all must pass
- performance: safety tools P99 < 200ms
- Docker build: requires all security gates
- production smoke: MCP + A2A endpoints verified
Live Audit Script
curl -sSL https://raw.githubusercontent.com/thinkneo-ai/mcp-server/master/scripts/audit_live.sh | bash
Tests 20 live surfaces in ~20 seconds. Anyone can verify.
TCK Reframed
80/82 passing + 2 documented opt-outs = 82/82 intentional compliance.
Opt-outs: batch (bypasses per-task governance), priority (unaudited reordering).
Numbers Aligned
- 59 MCP tools (README, GitHub description, badges — all match production)
- 24 A2A skills
- 10 CI gates
Weekly OSS security release digest.
The CVE patches and breaking changes that affected production tools this week. One email, every Sunday.
No spam, unsubscribe anytime.
Share this release
About ThinkneoAI/mcp-server
ThinkNEO Control Plane — Enterprise AI governance MCP server with runtime guardrails, observability, AI FinOps, and agent lifecycle control.
Related context
Beta — feedback welcome: [email protected]