upstash/context7

[email protected] scope: ctx7 Security

This release includes 1 security fix for security teams reviewing exposed deployments.

Published 13d MCP Developer Tools

View tool

✓ No known CVEs patched

Read the diff → Tool health → What is this tool? →

This release patches 1 known CVE

Topics

llm mcp mcp-server vibe-coding

Affected surfaces

deps breaking_upgrade

ReleasePort's take

Moderate signal

editorial:auto 13d

The ctx7 CLI now enforces a safe character set for skill names during installation and removal.

Why it matters: Restricting skill names mitigates injection risks; update any scripts that generate skill identifiers to use only the allowed characters.

Summary

AI summary

Harden skill name handling during install/remove by restricting characters and asserting correct directory placement.

Changes in this release

Type	Severity	Summary	CVE
Security	Medium	Restrict skill names to safe character set during installation. Restrict skill names to safe character set during installation. Source: llm_adapter@2026-05-21 Confidence: high	—
Feature	Medium	Add --stdio flag to ctx7 setup for MCP server. Add --stdio flag to ctx7 setup for MCP server. Source: llm_adapter@2026-05-21 Confidence: low	—
Bugfix	Medium	Declare @inquirer/core as direct dependency of CLI. Declare @inquirer/core as direct dependency of CLI. Source: llm_adapter@2026-05-21 Confidence: low	—

Full changelog

Patch Changes

dea0e43: Declare @inquirer/core as a direct dependency of the CLI. It was previously imported in selectOrInput.ts but only resolvable as a transitive of @inquirer/prompts, which caused ctx7 to fail at startup with ERR_MODULE_NOT_FOUND under pnpm's isolated node linker.
34fda7d: Add --stdio flag to ctx7 setup to configure Context7 as a local stdio MCP server.
61de754: Harden skill name handling during ctx7 skills install and ctx7 skills remove. Skill names from remote SKILL.md files are now restricted to a safe character set, and the install sinks assert the target directory is a direct child of the skills root before writing.

Security Fixes

Skill name handling now restricted to a safe character set and directory placement asserted during install/remove, preventing injection attacks.

View diff on GitHub

Weekly OSS security release digest.

The CVE patches and breaking changes that affected production tools this week. One email, every Sunday.

No spam, unsubscribe anytime.

Share this release

Share on X Share on Bluesky

Track upstash/context7

Get notified when new releases ship.

About upstash/context7

Up-to-date code documentation for LLMs and AI code editors.

All releases →