| 12802 |
fix(gateway): default unscoped operator connections to read-only
|
yubrew
|
Device Pairing and Gat...
|
2026-02-09 |
| 8846 |
fix(tools): block LLM writes to hooks directories
|
yubrew
|
Security Enhancements ...
|
2026-02-04 |
| 8818 |
fix(browser): block unsafe code patterns in browser evaluate
|
yubrew
|
SSRF Protection Enhanc...
|
2026-02-04 |
| 8767 |
fix(signal): validate cliPath before spawning signal-cli daemon
|
yubrew
|
Cross-Platform Fixes
|
2026-02-04 |
| 8600 |
fix(update): add --ignore-scripts to prevent supply chain attacks
|
yubrew
|
Plugin Management Enha...
|
2026-02-04 |
| 8339 |
fix(tts): validate ElevenLabs base URL against allowlist
|
yubrew
|
Voice Call and TTS Imp...
|
2026-02-03 |
| 8305 |
fix(browser): add SSRF protection to browser navigation
|
yubrew
|
SSRF Protection Enhanc...
|
2026-02-03 |
| 8228 |
fix(link-understanding): block private IPs and internal hostnames in URL extr...
|
yubrew
|
SSRF Protection Enhanc...
|
2026-02-03 |
| 8186 |
fix(sandbox): validate setupCommand to prevent shell injection
|
yubrew
|
Environment Variable S...
|
2026-02-03 |
| 8161 |
fix(sandbox): block dangerous environment variables from Docker containers
|
yubrew
|
Environment Variable S...
|
2026-02-03 |
| 8150 |
fix(skills): block dangerous environment variables from skill config
|
yubrew
|
Environment Variable S...
|
2026-02-03 |
| 8139 |
fix(config): block dangerous environment variables from config.env
|
yubrew
|
Environment Variable S...
|
2026-02-03 |
| 8129 |
fix(auth): validate OAuth redirect URI to prevent open redirects
|
yubrew
|
Authentication and Rat...
|
2026-02-03 |
| 8124 |
fix(browser): add path validation for file upload and download
|
yubrew
|
Browser Security Enhan...
|
2026-02-03 |
| 8121 |
fix(gateway): remove query parameter token support for hooks
|
yubrew
|
Security Enhancements ...
|
2026-02-03 |
| 8103 |
fix(tts): sanitize API keys from error messages
|
yubrew
|
Voice Call and TTS Imp...
|
2026-02-03 |
| 8078 |
fix(config): add prototype pollution protection to deepMerge
|
yubrew
|
Environment Variable S...
|
2026-02-03 |
| 8075 |
fix(skills): add --ignore-scripts to all package managers
|
yubrew
|
Plugin Management Enha...
|
2026-02-03 |
| 8073 |
fix(plugins): add --ignore-scripts to npm install
|
yubrew
|
Plugin Management Enha...
|
2026-02-03 |
| 8067 |
fix(telegram): use timing-safe comparison for webhook secret
|
yubrew
|
Webhook Security Enhan...
|
2026-02-03 |