molecule-core

History

Hongming Wang 5be8ba4b45 fix(security): GLOBAL memory delimiter spoofing + pin MCP npm version SAFE-T1201 (#807): Escape [MEMORY prefix in GLOBAL memory content on write to prevent delimiter-spoofing prompt injection. Content stored as "[_MEMORY " so it renders as text, not structure, when wrapped with the real delimiter on read. SAFE-T1102 (#805): Pin @molecule-ai/mcp-server@1.0.0 in .mcp.json.example. Prevents supply-chain attacks via unpinned npx -y. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>		2026-04-18 11:09:24 -07:00
..
cmd/server	chore: open-source restructure — rename dirs, remove internal files, scrub secrets	2026-04-18 00:24:44 -07:00
internal	fix(security): GLOBAL memory delimiter spoofing + pin MCP npm version	2026-04-18 11:09:24 -07:00
migrations	chore: open-source restructure — rename dirs, remove internal files, scrub secrets	2026-04-18 00:24:44 -07:00
pkg/provisionhook	chore: open-source restructure — rename dirs, remove internal files, scrub secrets	2026-04-18 00:24:44 -07:00
.gitignore	chore: final open-source cleanup — binary, stale paths, private refs	2026-04-18 00:38:55 -07:00
Dockerfile	fix: Dockerfile go.sum path after platform → workspace-server rename	2026-04-18 00:31:16 -07:00
Dockerfile.tenant	chore: open-source restructure — rename dirs, remove internal files, scrub secrets	2026-04-18 00:24:44 -07:00
entrypoint-tenant.sh	chore: open-source restructure — rename dirs, remove internal files, scrub secrets	2026-04-18 00:24:44 -07:00
go.mod	chore: open-source restructure — rename dirs, remove internal files, scrub secrets	2026-04-18 00:24:44 -07:00
go.sum	chore: open-source restructure — rename dirs, remove internal files, scrub secrets	2026-04-18 00:24:44 -07:00