yakuphanycl/instinct

v1.4.3 Security

This release includes 1 security fix for security teams reviewing exposed deployments.

Published 1d MCP Developer Tools

View tool

✓ No known CVEs patched

Read the diff → Tool health → What is this tool? →

This release patches 1 known CVE

Topics

ai-memory anthropic claude-code llm-tools mcp mcp-server

+2 more

memory-management self-learning

Affected surfaces

rce_ssrf

ReleasePort's take

Light signal

editorial:auto 1d

v1.4.3 neutralizes stored fields in MCP prompts to address security issue R89-167b.

Why it matters: Security issue R89-167b affects MCP prompts; patching with v1.4.3 mitigates the risk.

Summary

AI summary

Neutralize stored fields in MCP prompts and export formatters to address security issue R89-167b.

Changes in this release

Type	Severity	Summary	CVE
Security	Critical	Neutralizes stored fields in MCP prompts. Neutralizes stored fields in MCP prompts. Source: llm_adapter@2026-06-02 Confidence: high	—

Full changelog

What's Changed

fix(security): R89-167b — neutralize stored fields in MCP prompts + export formatters by @WRG-11 in https://github.com/WRG-11/instinct/pull/48

Full Changelog: https://github.com/WRG-11/instinct/compare/v1.4.2...v1.4.3

Security Fixes

R89-167b — neutralize stored fields in MCP prompts and export formatters

View diff on GitHub

Weekly OSS security release digest.

The CVE patches and breaking changes that affected production tools this week. One email, every Sunday.

No spam, unsubscribe anytime.

Share this release

Share on X Share on Bluesky

Track yakuphanycl/instinct

Get notified when new releases ship.

About yakuphanycl/instinct

Self-learning memory for AI coding agents. Observes tool sequences, user preferences, and recurring fixes; confidence-based promotion (hits ≥5 → mature, ≥10 → rule)

All releases →