yakuphanycl/instinct

v1.4.2 Security

This release includes 1 security fix for security teams reviewing exposed deployments.

Published 3d MCP Developer Tools

View tool

✓ No known CVEs patched

Read the diff → Tool health → What is this tool? →

This release patches 1 known CVE

Topics

ai-memory anthropic claude-code llm-tools mcp mcp-server

+2 more

memory-management self-learning

Affected surfaces

auth rbac

ReleasePort's take

Moderate signal

editorial:auto 3d

Version v1.4.2 hardens security by mitigating disk‑persistent prompt injection and improves server host/port configuration.

Why it matters: The release fixes a high-severity (severity 90) vulnerability that could allow persistent prompt injection via unsanitized content, and updates the serve CLI to correctly apply --host and --port flags for proper container reachability.

Summary

AI summary

Hardened security against persistent prompt injection, updated server host/port handling, and added a coverage badge to the readme.

Changes in this release

Type	Severity	Summary	CVE
Security	Critical	Hardens against disk‑persistent prompt injection via content sanitization and path guards. Hardens against disk‑persistent prompt injection via content sanitization and path guards. Source: llm_adapter@2026-05-31 Confidence: high	—
Bugfix	Medium	Fixes housekeep() to use _ok(store.gc(...)) instead of bare gc(). Fixes housekeep() to use _ok(store.gc(...)) instead of bare gc(). Source: llm_adapter@2026-05-31 Confidence: high	—
Bugfix	Medium	Wires --host and --port flags to FastMCP settings for SSE container reachability. Wires --host and --port flags to FastMCP settings for SSE container reachability. Source: llm_adapter@2026-05-31 Confidence: high	—

Full changelog

What's Changed

fix(server): housekeep() bare gc() call → _ok(store.gc(...)) (R89-19b INST-L2-01) by @WRG-11 in https://github.com/WRG-11/instinct/pull/42
docs(readme): R89-48f add coverage badge (84%) by @WRG-11 in https://github.com/WRG-11/instinct/pull/44
chore(coverage): R89-17f add fail_under=60 + CI/release cov gate by @WRG-11 in https://github.com/WRG-11/instinct/pull/43
fix(serve): wire --host/--port to FastMCP settings for SSE container reachability (R89-94f) by @WRG-11 in https://github.com/WRG-11/instinct/pull/45
ci(security): OIDC trusted-publishing + SHA-pin GitHub Actions by @WRG-11 in https://github.com/WRG-11/instinct/pull/46
fix(security): disk-persistent prompt-injection hardening (inject_claude_md content-sanitization + path guards) by @WRG-11 in https://github.com/WRG-11/instinct/pull/47

New Contributors

@WRG-11 made their first contribution in https://github.com/WRG-11/instinct/pull/42

Full Changelog: https://github.com/WRG-11/instinct/compare/v1.4.1...v1.4.2

Security Fixes

disk-persistent prompt‑injection hardening via inject_claude_md content‑sanitization and path guards

View diff on GitHub

Weekly OSS security release digest.

The CVE patches and breaking changes that affected production tools this week. One email, every Sunday.

No spam, unsubscribe anytime.

Share this release

Share on X Share on Bluesky

Track yakuphanycl/instinct

Get notified when new releases ship.

About yakuphanycl/instinct

Self-learning memory for AI coding agents. Observes tool sequences, user preferences, and recurring fixes; confidence-based promotion (hits ≥5 → mature, ≥10 → rule)

All releases →