{ "interval": { "intervalStart": "2026-02-18T00:00:00.000Z", "intervalEnd": "2026-02-19T00:00:00.000Z", "intervalType": "day" }, "repository": "elizaos/eliza", "overview": "From 2026-02-18 to 2026-02-19, elizaos/eliza had 3 new PRs (0 merged), 1 new issues, and 6 active contributors.", "topIssues": [ { "id": "I_kwDOMT5cIs7r-OR4", "title": "Microsoft, Google X Sign up", "author": "borisudovicic", "number": 6511, "repository": "elizaos/eliza", "body": "", "createdAt": "2026-02-18T17:26:03Z", "closedAt": null, "state": "OPEN", "commentCount": 0 } ], "topPRs": [ { "id": "PR_kwDOMT5cIs7EjIkM", "title": "feat: add SAID Protocol on-chain Solana identity for ElizaOS agents", "author": "kaiclawd", "number": 6510, "body": "## What this does\n\nEvery new agent created via `elizaos create` now automatically gets a free on-chain identity on [SAID Protocol](https://saidprotocol.com) — Solana AI Identity.\n\n## Changes\n\n- `packages/elizaos/src/utils/said.ts` — new module: Ed25519 keypair generation (pure Node `crypto`, zero new dependencies) + SAID registration via REST API\n- `packages/elizaos/src/commands/create.ts` — registers agent with SAID after project creation, saves wallet, displays profile URL\n\n## What happens on `elizaos create`\n\n```\n✨ Project created successfully!\n\n⚡ SAID Protocol identity created\n Wallet: 7xKXtg2CW87d97TXJSDpbD5jBkheTqA83TZRuJosgAs\n Profile: https://saidprotocol.com/agents/7xKXtg2CW87d97TXJSDpbD5jBkheTqA83TZRuJosgAs\n\n Key saved to .said-wallet.json (add to .gitignore!)\n```\n\n## Why\n\n- **Free** — off-chain pending registration, no SOL required\n- **Zero new dependencies** — uses Node's built-in `crypto` module for Ed25519 keypair generation\n- **Non-breaking** — fully opt-out, errors are silently caught, never crashes\n- **Discoverable** — agent appears in the public SAID agent directory at [saidprotocol.com/agents](https://saidprotocol.com/agents)\n- **On-chain upgrade available** — ~0.01 SOL upgrades to a cryptographically verified badge via challenge-response (proves the entity is a running agent)\n\n## SAID Protocol\n\nSAID is on-chain identity infrastructure for AI agents on Solana. Think of it as a universal agent passport — verifiable identity, reputation scores, skill listings, and agent-to-agent discovery.\n\n[saidprotocol.com](https://saidprotocol.com) | [Docs](https://saidprotocol.com/docs.html)", "repository": "elizaos/eliza", "createdAt": "2026-02-18T08:01:49Z", "mergedAt": null, "additions": 648299, "deletions": 302354 }, { "id": "PR_kwDOMT5cIs7Evo1l", "title": "feat: add plugin-scout for x402 trust intelligence and transaction safety", "author": "yaooooooooooooooo", "number": 6513, "body": "## Relates to\r\n\r\n- [x402 Protocol](https://x402.org) - trust scoring for the x402 payment ecosystem\r\n- [ScoutScore](https://scoutscore.ai) - the trust intelligence platform\r\n\r\n## Risks\r\n\r\nLow. This is a self-contained new plugin with no modifications to existing code. Zero runtime dependencies beyond `@elizaos/core`. All API calls go to the ScoutScore public API (free during launch period).\r\n\r\n## Background\r\n\r\n### What does this PR do?\r\n\r\nAdds **plugin-scout** - gives ElizaOS agents trust intelligence for the x402 ecosystem. Before your agent pays for an x402 service, it can verify whether that service is trustworthy, check if it actually delivers what it advertises, and block unsafe transactions automatically.\r\n\r\nThe x402 protocol enables HTTP-native micropayments, but agents need a way to evaluate whether services are safe before sending money. ScoutScore provides that trust layer - scoring 400+ x402 services across 4 pillars and monitoring them continuously.\r\n\r\n### What kind of change is this?\r\n\r\nFeature (non-breaking change which adds functionality)\r\n\r\n## Actions\r\n\r\n| Action | Description |\r\n|--------|-------------|\r\n| `CHECK_SERVICE_TRUST` | Score any x402 service across 4 trust pillars (Contract Clarity, Availability, Response Fidelity, Identity & Safety) |\r\n| `CHECK_FIDELITY` | Probe whether a service actually follows the x402 protocol and delivers what it advertises |\r\n| `SCAN_SKILL` | Security scan a GitHub-hosted skill or MCP server before installing |\r\n| `BROWSE_LEADERBOARD` | Discover trusted x402 services by category (AI & ML, Trading & DeFi, Data & Analytics, etc.) |\r\n| `BATCH_SCORE_SERVICES` | Score up to 20 services at once for comparison |\r\n\r\n## Providers\r\n\r\n| Provider | Description |\r\n|----------|-------------|\r\n| `scout_trust_context` | Automatically injects trust data for any domain mentioned in conversation - the LLM sees scores without the user asking |\r\n| `scout_trust_policy` | Injects the agent's configured risk tolerance (min score, auto-reject flags) so the LLM respects safety constraints |\r\n\r\n## Evaluator\r\n\r\n| Evaluator | Description |\r\n|-----------|-------------|\r\n| `scout_transaction_guard` | Watches for payment-related messages and blocks/warns based on service trust score, auto-reject flags, and transaction amount limits |\r\n\r\n## Background Service\r\n\r\n| Service | Description |\r\n|---------|-------------|\r\n| `TrustMonitorService` | Monitors watched domains for significant trust score changes (>=10 point delta or level change) at configurable intervals |\r\n\r\n## How it works\r\n\r\n**Trust Context (automatic):**\r\nWhen a user mentions a domain, the trust-context provider automatically fetches its score and injects it into the LLM context:\r\n\r\n```\r\nTrust context for questflow.ai: Score 78/100 (HIGH).\r\nPillars: Contract 85, Availability 100, Fidelity 72, Safety 55.\r\nVerdict: RECOMMENDED (max $5,000). Health: UP (142ms).\r\n```\r\n\r\n**Transaction Guard (example - blocking an unsafe payment):**\r\n\r\n```\r\nUser: \"Pay $500 to sketchy-api.xyz for their data service\"\r\n\r\nAgent: Transaction BLOCKED.\r\n\r\nsketchy-api.xyz has a trust score of 12/100 (VERY_LOW) with critical flags:\r\n- ENDPOINT_DOWN: Service endpoint is not responding\r\n- WALLET_SPAM_FARM: Wallet address associated with spam\r\n\r\nThis service is not recommended for any x402 transactions.\r\nRecommended action: Do not proceed with payment.\r\n```\r\n\r\n**Trust Policy (customizable risk tolerance):**\r\n\r\n```env\r\n# Conservative agent - only transact with highly trusted services\r\nSCOUT_MIN_SERVICE_SCORE=75\r\nSCOUT_AUTO_REJECT_FLAGS=WALLET_SPAM_FARM,TEMPLATE_SPAM,ENDPOINT_DOWN,SCHEMA_PHANTOM\r\n\r\n# Permissive agent - broader access, lower threshold\r\nSCOUT_MIN_SERVICE_SCORE=30\r\nSCOUT_AUTO_REJECT_FLAGS=WALLET_SPAM_FARM\r\n```\r\n\r\n## Configuration\r\n\r\nAll environment variables are optional with sensible defaults:\r\n\r\n| Variable | Default | Description |\r\n|----------|---------|-------------|\r\n| `SCOUT_API_URL` | `https://scoutscore.ai` | Scout API base URL |\r\n| `SCOUT_MIN_SERVICE_SCORE` | `50` | Minimum trust score for x402 payments |\r\n| `SCOUT_AUTO_REJECT_FLAGS` | `WALLET_SPAM_FARM,TEMPLATE_SPAM,ENDPOINT_DOWN` | Comma-separated auto-reject flags |\r\n| `SCOUT_CACHE_TTL` | `30` | Cache TTL in minutes |\r\n| `SCOUT_WATCHED_DOMAINS` | _(empty)_ | Comma-separated domains to monitor |\r\n| `SCOUT_WATCH_INTERVAL` | `60` | Monitor check interval in minutes |\r\n| `SCOUT_API_KEY` | _(empty)_ | API key for authenticated endpoints |\r\n\r\n## Trust Levels\r\n\r\n| Score | Level | Verdict | Max Transaction |\r\n|-------|-------|---------|-----------------|\r\n| >= 75 | HIGH | RECOMMENDED | $5,000 |\r\n| >= 50 | MEDIUM | USABLE | $1,000 |\r\n| >= 25 | LOW | CAUTION | $100 |\r\n| < 25 | VERY_LOW | NOT_RECOMMENDED | $0 (blocked) |\r\n\r\n## Architecture\r\n\r\n- **Zero runtime dependencies** beyond `@elizaos/core` - clean and lightweight\r\n- **WeakMap-based state storage** - no monkey-patching `IAgentRuntime`, automatic GC\r\n- **In-memory LRU cache** with TTL-based expiry (500 entries, 30-min default)\r\n- **ReDoS-safe domain extraction** with bounded regex quantifiers and input length caps\r\n- **Graceful degradation** - API failures don't crash the plugin or block other actions\r\n\r\n# Documentation changes needed?\r\n\r\nNo changes to existing project documentation. The plugin includes its own README with usage examples, configuration reference, and trust level documentation.\r\n\r\nFull documentation: [ScoutScore Docs](https://scoutscore.ai/docs)\r\n\r\n# Testing\r\n\r\n## Test suite\r\n\r\n**236 unit tests, all passing.** Covers every action, provider, evaluator, service, utility, and client method.\r\n\r\n```\r\nTest Files 17 passed (17)\r\n Tests 236 passed (236)\r\n Duration 392ms\r\n```\r\n\r\nTest breakdown:\r\n- 5 action test suites (check-service, check-fidelity, scan-skill, browse-leaderboard, batch-score)\r\n- 2 provider test suites (trust-context, trust-policy)\r\n- 1 evaluator test suite (transaction-guard)\r\n- 1 service test suite (trust-monitor)\r\n- 1 client test suite (scout-client)\r\n- 1 cache test suite\r\n- 1 config test suite\r\n- 1 runtime-store test suite\r\n- 4 utility test suites (domain extraction, flag interpreter, recommendations, trust levels)\r\n\r\n## Where should a reviewer start?\r\n\r\n1. `src/index.ts` - plugin definition, init flow, and exports\r\n2. `src/evaluators/transaction-guard.ts` - the transaction safety guard (most interesting piece)\r\n3. `src/providers/trust-context.ts` - automatic trust context injection\r\n4. `src/client/scout-client.ts` - API client with caching\r\n\r\n## Detailed testing steps\r\n\r\n```bash\r\ncd packages/plugin-scout\r\nbun install\r\nbun run test\r\n```\r\n\r\n## Screenshots\r\n\"Screenshot\r\n\"Screenshot\r\n\r\n## Links\r\n\r\n- [ScoutScore](https://scoutscore.ai) - trust intelligence platform\r\n- [ScoutScore Leaderboard](https://scoutscore.ai/leaderboard) - 400+ scored x402 services\r\n- [x402 Protocol](https://x402.org)\r\n- [ScoutScore MCP Server](https://github.com/scoutscore/scout/tree/main/packages/mcp-server)\r\n\r\n\r\n\r\n

Greptile Summary

\r\n\r\nAdded `plugin-scout` - a self-contained trust intelligence plugin for the x402 payment ecosystem. Provides trust scoring, transaction safety guards, and skill scanning capabilities for autonomous agents.\r\n\r\n**Key Features:**\r\n- **Transaction Guard Evaluator**: Automatically blocks/warns on unsafe payments based on trust scores and auto-reject flags\r\n- **Trust Context Provider**: Enriches LLM context with domain trust data for up to 3 domains per message\r\n- **Trust Policy Provider**: Injects agent risk tolerance configuration\r\n- **5 Actions**: CHECK_SERVICE_TRUST, CHECK_FIDELITY, SCAN_SKILL, BROWSE_LEADERBOARD, BATCH_SCORE_SERVICES\r\n- **Background Monitoring**: Watches configured domains for trust score changes at configurable intervals\r\n\r\n**Architecture Highlights:**\r\n- Zero runtime dependencies beyond `@elizaos/core`\r\n- WeakMap-based state storage (no runtime monkey-patching)\r\n- LRU cache with TTL-based expiry (500 entries, 30-min default)\r\n- ReDoS-safe domain extraction with bounded regex quantifiers\r\n- HTTPS enforcement for API URLs\r\n- Graceful degradation on API failures\r\n\r\n**Test Coverage:**\r\n236 unit tests across 17 test suites covering all actions, providers, evaluators, services, utilities, and client methods.\r\n\r\n

Confidence Score: 5/5

\r\n\r\n- This PR is safe to merge with minimal risk\r\n- Self-contained new plugin with zero modifications to existing code, comprehensive test coverage (236 tests), clean architecture using WeakMap-based state management, proper security considerations (HTTPS enforcement, ReDoS prevention, graceful error handling), and zero runtime dependencies beyond @elizaos/core\r\n- No files require special attention\r\n\r\n

Important Files Changed

\r\n\r\n\r\n\r\n\r\n| Filename | Overview |\r\n|----------|----------|\r\n| packages/plugin-scout/src/index.ts | Plugin definition and initialization - clean architecture with WeakMap-based state management |\r\n| packages/plugin-scout/src/config.ts | Configuration loader with HTTPS enforcement and safe parsing of environment variables |\r\n| packages/plugin-scout/src/evaluators/transaction-guard.ts | Transaction safety evaluator - blocks/warns based on trust scores and auto-reject flags |\r\n| packages/plugin-scout/src/providers/trust-context.ts | Automatic trust context injection - enriches LLM context with domain trust data |\r\n| packages/plugin-scout/src/client/scout-client.ts | API client with proper error handling, caching, and authentication headers |\r\n| packages/plugin-scout/src/runtime-store.ts | WeakMap-based state storage - avoids monkey-patching runtime, enables GC |\r\n| packages/plugin-scout/src/utils/domain.ts | ReDoS-safe domain extraction with bounded quantifiers and length limits |\r\n| packages/plugin-scout/package.json | Package manifest with zero runtime dependencies beyond @elizaos/core |\r\n\r\n\r\n\r\n\r\n\r\n

Flowchart

\r\n\r\n```mermaid\r\n%%{init: {'theme': 'neutral'}}%%\r\nflowchart TD\r\n A[User Message] --> B{Contains Payment Keywords?}\r\n B -->|No| C[Trust Context Provider]\r\n B -->|Yes| D[Transaction Guard Evaluator]\r\n \r\n C --> E{Domain Mentioned?}\r\n E -->|Yes| F[Extract Domains]\r\n E -->|No| G[Skip]\r\n \r\n F --> H[Scout API Client]\r\n H --> I[Cache Check]\r\n I -->|Hit| J[Return Cached Score]\r\n I -->|Miss| K[Fetch from API]\r\n K --> L[Update Cache]\r\n L --> M[Inject Trust Context]\r\n M --> N[LLM Processing]\r\n \r\n D --> O[Extract Domain & Amount]\r\n O --> H\r\n H --> P{Check Auto-Reject Flags}\r\n P -->|Match| Q[BLOCK Transaction]\r\n P -->|Pass| R{Score >= Min Threshold?}\r\n \r\n R -->|No| S[WARN Below Minimum]\r\n R -->|Yes| T{Amount <= Max Transaction?}\r\n T -->|No| U[WARN Exceeds Limit]\r\n T -->|Yes| V[ALLOW Transaction]\r\n \r\n Q --> W[Return to User]\r\n S --> W\r\n U --> W\r\n V --> W\r\n \r\n X[Trust Monitor Service] -.->|Background| H\r\n X --> Y[Batch Score Watched Domains]\r\n Y --> Z{Significant Change?}\r\n Z -->|Yes| AA[Log Score Delta]\r\n Z -->|No| AB[Continue Monitoring]\r\n```\r\n\r\nLast reviewed commit: b8b4d69\r\n\r\n\r\n\r\n(2/5) Greptile learns from your feedback when you react with thumbs up/down!\r\n\r\n", "repository": "elizaos/eliza", "createdAt": "2026-02-18T23:54:25Z", "mergedAt": null, "additions": 5035, "deletions": 0 }, { "id": "PR_kwDOMT5cIs7EsyVR", "title": "chore(deps): bump the npm_and_yarn group across 3 directories with 4 updates", "author": "dependabot", "number": 6512, "body": "Bumps the npm_and_yarn group with 1 update in the /packages/computeruse/crates/computeruse-mcp-agent directory: [@modelcontextprotocol/sdk](https://github.com/modelcontextprotocol/typescript-sdk).\nBumps the npm_and_yarn group with 1 update in the /packages/computeruse/crates/computeruse-mcp-agent/tests/integration directory: [@modelcontextprotocol/sdk](https://github.com/modelcontextprotocol/typescript-sdk).\nBumps the npm_and_yarn group with 2 updates in the /packages/computeruse/examples/mcp-client-elicitation directory: [@modelcontextprotocol/sdk](https://github.com/modelcontextprotocol/typescript-sdk) and [ajv](https://github.com/ajv-validator/ajv).\n\nUpdates `@modelcontextprotocol/sdk` from 1.17.3 to 1.26.0\n
\nRelease notes\n

Sourced from @​modelcontextprotocol/sdk's releases.

\n
\n

v1.26.0

\n

Addresses "Sharing server/transport instances can leak cross-client response data" in this GHSA https://github.com/modelcontextprotocol/typescript-sdk/security/advisories/GHSA-345p-7cg4-v4c7

\n

What's Changed

\n\n

New Contributors

\n\n

Full Changelog: https://github.com/modelcontextprotocol/typescript-sdk/compare/v1.25.3...v1.26.0

\n

v1.25.3

\n

What's Changed

\n\n

Full Changelog: https://github.com/modelcontextprotocol/typescript-sdk/compare/v1.25.2...v1.25.3

\n

v1.25.2

\n

What's Changed

\n\n

New Contributors

\n\n

Full Changelog: https://github.com/modelcontextprotocol/typescript-sdk/compare/1.25.1...v1.25.2

\n

1.25.1

\n

What's Changed

\n\n

Full Changelog: https://github.com/modelcontextprotocol/typescript-sdk/compare/1.25.0...1.25.1

\n

1.25.0

\n

What's Changed

\n\n\n
\n

... (truncated)

\n
\n
\nCommits\n\n
\n
\nMaintainer changes\n

This version was pushed to npm by pcarleton, a new releaser for @​modelcontextprotocol/sdk since your current version.

\n
\n
\n\nUpdates `ajv` from 6.12.6 to 8.18.0\n
\nRelease notes\n

Sourced from ajv's releases.

\n
\n

v8.18.0

\n

What's Changed

\n\n

New Contributors

\n\n

Full Changelog: https://github.com/ajv-validator/ajv/compare/v8.17.1...v8.18.0

\n
\n
\n
\nCommits\n\n
\n
\n\nUpdates `qs` from 6.14.0 to 6.15.0\n
\nChangelog\n

Sourced from qs's changelog.

\n
\n

6.15.0

\n\n

6.14.2

\n\n

6.14.1

\n\n
\n
\n
\nCommits\n\n
\n
\n\nUpdates `@modelcontextprotocol/sdk` from 1.17.3 to 1.26.0\n
\nRelease notes\n

Sourced from @​modelcontextprotocol/sdk's releases.

\n
\n

v1.26.0

\n

Addresses "Sharing server/transport instances can leak cross-client response data" in this GHSA https://github.com/modelcontextprotocol/typescript-sdk/security/advisories/GHSA-345p-7cg4-v4c7

\n

What's Changed

\n\n

New Contributors

\n\n

Full Changelog: https://github.com/modelcontextprotocol/typescript-sdk/compare/v1.25.3...v1.26.0

\n

v1.25.3

\n

What's Changed

\n\n

Full Changelog: https://github.com/modelcontextprotocol/typescript-sdk/compare/v1.25.2...v1.25.3

\n

v1.25.2

\n

What's Changed

\n\n

New Contributors

\n\n

Full Changelog: https://github.com/modelcontextprotocol/typescript-sdk/compare/1.25.1...v1.25.2

\n

1.25.1

\n

What's Changed

\n\n

Full Changelog: https://github.com/modelcontextprotocol/typescript-sdk/compare/1.25.0...1.25.1

\n

1.25.0

\n

What's Changed

\n\n\n
\n

... (truncated)

\n
\n
\nCommits\n\n
\n
\nMaintainer changes\n

This version was pushed to npm by pcarleton, a new releaser for @​modelcontextprotocol/sdk since your current version.

\n
\n
\n\nUpdates `ajv` from 6.12.6 to 8.18.0\n
\nRelease notes\n

Sourced from ajv's releases.

\n
\n

v8.18.0

\n

What's Changed

\n\n

New Contributors

\n\n

Full Changelog: https://github.com/ajv-validator/ajv/compare/v8.17.1...v8.18.0

\n
\n
\n
\nCommits\n\n
\n
\n\nUpdates `qs` from 6.14.0 to 6.15.0\n
\nChangelog\n

Sourced from qs's changelog.

\n
\n

6.15.0

\n\n

6.14.2

\n\n

6.14.1

\n\n
\n
\n
\nCommits\n\n
\n
\n\nUpdates `@modelcontextprotocol/sdk` from 1.25.1 to 1.26.0\n
\nRelease notes\n

Sourced from @​modelcontextprotocol/sdk's releases.

\n
\n

v1.26.0

\n

Addresses "Sharing server/transport instances can leak cross-client response data" in this GHSA https://github.com/modelcontextprotocol/typescript-sdk/security/advisories/GHSA-345p-7cg4-v4c7

\n

What's Changed

\n\n

New Contributors

\n\n

Full Changelog: https://github.com/modelcontextprotocol/typescript-sdk/compare/v1.25.3...v1.26.0

\n

v1.25.3

\n

What's Changed

\n\n

Full Changelog: https://github.com/modelcontextprotocol/typescript-sdk/compare/v1.25.2...v1.25.3

\n

v1.25.2

\n

What's Changed

\n\n

New Contributors

\n\n

Full Changelog: https://github.com/modelcontextprotocol/typescript-sdk/compare/1.25.1...v1.25.2

\n

1.25.1

\n

What's Changed

\n\n

Full Changelog: https://github.com/modelcontextprotocol/typescript-sdk/compare/1.25.0...1.25.1

\n

1.25.0

\n

What's Changed

\n\n\n
\n

... (truncated)

\n
\n
\nCommits\n\n
\n
\nMaintainer changes\n

This version was pushed to npm by pcarleton, a new releaser for @​modelcontextprotocol/sdk since your current version.

\n
\n
\n\nUpdates `ajv` from 8.17.1 to 8.18.0\n
\nRelease notes\n

Sourced from ajv's releases.

\n
\n

v8.18.0

\n

What's Changed

\n\n

New Contributors

\n\n

Full Changelog: https://github.com/ajv-validator/ajv/compare/v8.17.1...v8.18.0

\n
\n
\n
\nCommits\n\n
\n
\n\nUpdates `qs` from 6.14.0 to 6.15.0\n
\nChangelog\n

Sourced from qs's changelog.

\n
\n

6.15.0

\n\n

6.14.2

\n\n

6.14.1

\n\n
\n
\n
\nCommits\n\n
\n
\n\nUpdates `hono` from 4.11.1 to 4.11.10\n
\nRelease notes\n

Sourced from hono's releases.

\n
\n

v4.11.10

\n

What's Changed

\n\n

Full Changelog: https://github.com/honojs/hono/compare/v4.11.9...v4.11.10

\n

v4.11.9

\n

What's Changed

\n\n

Full Changelog: https://github.com/honojs/hono/compare/v4.11.8...v4.11.9

\n

v4.11.8

\n

What's Changed

\n\n

New Contributors

\n\n

Full Changelog: https://github.com/honojs/hono/compare/v4.11.7...v4.11.8

\n

v4.11.7

\n

Security Release

\n

This release includes security fixes for multiple vulnerabilities in Hono and related middleware. We recommend upgrading if you are using any of the affected components.

\n

Components

\n

IP Restriction Middleware

\n

Fixed an IPv4 address validation bypass that could allow IP-based access control to be bypassed under certain configurations.

\n

Cache Middleware

\n

Fixed an issue where responses marked with Cache-Control: private or no-store could be cached, potentially leading to information disclosure on some runtimes.

\n

Serve Static Middleware (Cloudflare Workers adapter)

\n

Fixed an issue that could allow unintended access to internal asset keys when serving static files with user-controlled paths.

\n

hono/jsx ErrorBoundary

\n

Fixed a reflected Cross-Site Scripting (XSS) issue in the ErrorBoundary component that could occur when untrusted strings were rendered without proper escaping.

\n

Recommendation

\n

Users are encouraged to upgrade to this release, especially if they:

\n\n
\n

... (truncated)

\n
\n
\nCommits\n\n
\n
\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n
\nDependabot commands and options\n
\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore ` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore ` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore ` will remove the ignore condition of the specified dependency and ignore conditions\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/elizaOS/eliza/network/alerts).\n\n
\n\n\n\n

Greptile Summary

\n\nSecurity-focused dependency bump across 3 directories in the `packages/computeruse` tree. The primary change updates `@modelcontextprotocol/sdk` to v1.26.0, which addresses [GHSA-345p-7cg4-v4c7](https://github.com/modelcontextprotocol/typescript-sdk/security/advisories/GHSA-345p-7cg4-v4c7) (cross-client response data leak when sharing server/transport instances). Transitive dependency updates include security patches for `hono` (IP restriction bypass, cache middleware, XSS in ErrorBoundary), `ajv` (ReDoS via CVE-2025-69873), and `qs`.\n\n- `@modelcontextprotocol/sdk`: 1.17.3 → 1.26.0 (two directories) and 1.25.1 → 1.26.0 (one directory)\n- `ajv`: 6.12.6 → 8.18.0 (transitive, major version bump handled internally by the SDK)\n- `hono`: 4.11.1 → 4.11.10 (transitive, includes multiple security fixes)\n- `qs`: 6.14.0 → 6.15.0 (transitive)\n- `express-rate-limit`: 7.x → 8.x (transitive, now includes `ip-address` dependency)\n- **Note**: The new SDK version declares `zod` as a required (non-optional) peer dependency, but none of the 3 `package.json` files explicitly list it. The lockfiles resolve it transitively so `npm ci` will work, but explicit declaration is recommended.\n\n

Confidence Score: 4/5

\n\n- This PR is a standard Dependabot security bump with low risk; the main concern is an undeclared peer dependency that resolves transitively.\n- All changes are lockfile and version specifier updates generated by Dependabot. The SDK upgrade addresses a known security advisory. The ajv major version bump (6→8) is purely transitive (internal to the SDK) and not used directly by this codebase. The only concern is the missing explicit `zod` peer dependency declaration across all 3 package.json files, which could cause npm warnings but won't break `npm ci` since the lockfiles resolve it.\n- The three `package.json` files should be reviewed for the missing `zod` peer dependency: `packages/computeruse/crates/computeruse-mcp-agent/package.json`, `packages/computeruse/crates/computeruse-mcp-agent/tests/integration/package.json`, and `packages/computeruse/examples/mcp-client-elicitation/package.json`.\n\n

Important Files Changed

\n\n\n\n\n| Filename | Overview |\n|----------|----------|\n| packages/computeruse/crates/computeruse-mcp-agent/package.json | Bumps `@modelcontextprotocol/sdk` from ^1.17.3 to ^1.26.0. Missing explicit `zod` dependency required as a non-optional peer by the new SDK version. |\n| packages/computeruse/crates/computeruse-mcp-agent/tests/integration/package.json | Bumps `@modelcontextprotocol/sdk` from ^1.17.3 to ^1.26.0. Missing explicit `zod` dependency required as a non-optional peer by the new SDK version. |\n| packages/computeruse/examples/mcp-client-elicitation/package.json | Bumps `@modelcontextprotocol/sdk` from ^1.25.0 to ^1.26.0. Missing explicit `zod` dependency required as a non-optional peer by the new SDK version. |\n| packages/computeruse/crates/computeruse-mcp-agent/package-lock.json | Lock file updated for SDK 1.26.0. Resolves zod@4.3.6, ajv@8.18.0, hono@4.11.10, and other transitive dependencies correctly. |\n| packages/computeruse/crates/computeruse-mcp-agent/tests/integration/package-lock.json | Lock file updated for SDK 1.26.0. Resolves zod@4.3.6, ajv@8.18.0, hono@4.11.10, and other transitive dependencies correctly. |\n| packages/computeruse/examples/mcp-client-elicitation/package-lock.json | Lock file updated for SDK 1.26.0. Resolves zod@4.3.6, ajv@8.18.0, hono@4.11.10, qs@6.15.0, and other transitive dependencies correctly. |\n\n\n\n\n\n

Flowchart

\n\n```mermaid\nflowchart TD\n A[\"@modelcontextprotocol/sdk\\n1.17.3 → 1.26.0\"] --> B[\"ajv\\n6.12.6 → 8.18.0\\n(CVE-2025-69873 fix)\"]\n A --> C[\"hono\\n4.11.1 → 4.11.10\\n(security fixes)\"]\n A --> D[\"express-rate-limit\\n7.x → 8.x\"]\n A --> E[\"zod ^3.25 || ^4.0\\n(NEW required peer dep)\"]\n A --> F[\"qs\\n6.14.0 → 6.15.0\"]\n D --> G[\"ip-address 10.0.1\\n(new transitive dep)\"]\n \n subgraph \"Affected Packages\"\n H[\"computeruse-mcp-agent\"]\n I[\"integration tests\"]\n J[\"mcp-client-elicitation\"]\n end\n \n H --> A\n I --> A\n J --> A\n```\n\nLast reviewed commit: 67287fb\n\n\n\n", "repository": "elizaos/eliza", "createdAt": "2026-02-18T19:25:36Z", "mergedAt": null, "additions": 481, "deletions": 333 }, { "id": "PR_kwDOMT5cIs7EOXpL", "title": "chore(deps): bump the npm_and_yarn group across 3 directories with 3 updates", "author": "dependabot", "number": 6506, "body": "Bumps the npm_and_yarn group with 1 update in the /packages/computeruse/crates/computeruse-mcp-agent directory: [@modelcontextprotocol/sdk](https://github.com/modelcontextprotocol/typescript-sdk).\nBumps the npm_and_yarn group with 1 update in the /packages/computeruse/crates/computeruse-mcp-agent/tests/integration directory: [@modelcontextprotocol/sdk](https://github.com/modelcontextprotocol/typescript-sdk).\nBumps the npm_and_yarn group with 1 update in the /packages/computeruse/examples/mcp-client-elicitation directory: [@modelcontextprotocol/sdk](https://github.com/modelcontextprotocol/typescript-sdk).\n\nUpdates `@modelcontextprotocol/sdk` from 1.17.3 to 1.26.0\n
\nRelease notes\n

Sourced from @​modelcontextprotocol/sdk's releases.

\n
\n

v1.26.0

\n

Addresses "Sharing server/transport instances can leak cross-client response data" in this GHSA https://github.com/modelcontextprotocol/typescript-sdk/security/advisories/GHSA-345p-7cg4-v4c7

\n

What's Changed

\n\n

New Contributors

\n\n

Full Changelog: https://github.com/modelcontextprotocol/typescript-sdk/compare/v1.25.3...v1.26.0

\n

v1.25.3

\n

What's Changed

\n\n

Full Changelog: https://github.com/modelcontextprotocol/typescript-sdk/compare/v1.25.2...v1.25.3

\n

v1.25.2

\n

What's Changed

\n\n

New Contributors

\n\n

Full Changelog: https://github.com/modelcontextprotocol/typescript-sdk/compare/1.25.1...v1.25.2

\n

1.25.1

\n

What's Changed

\n\n

Full Changelog: https://github.com/modelcontextprotocol/typescript-sdk/compare/1.25.0...1.25.1

\n

1.25.0

\n

What's Changed

\n\n\n
\n

... (truncated)

\n
\n
\nCommits\n\n
\n
\nMaintainer changes\n

This version was pushed to npm by pcarleton, a new releaser for @​modelcontextprotocol/sdk since your current version.

\n
\n
\n\nUpdates `qs` from 6.14.0 to 6.15.0\n
\nChangelog\n

Sourced from qs's changelog.

\n
\n

6.15.0

\n\n

6.14.2

\n\n

6.14.1

\n\n
\n
\n
\nCommits\n\n
\n
\n\nUpdates `@modelcontextprotocol/sdk` from 1.17.3 to 1.26.0\n
\nRelease notes\n

Sourced from @​modelcontextprotocol/sdk's releases.

\n
\n

v1.26.0

\n

Addresses "Sharing server/transport instances can leak cross-client response data" in this GHSA https://github.com/modelcontextprotocol/typescript-sdk/security/advisories/GHSA-345p-7cg4-v4c7

\n

What's Changed

\n\n

New Contributors

\n\n

Full Changelog: https://github.com/modelcontextprotocol/typescript-sdk/compare/v1.25.3...v1.26.0

\n

v1.25.3

\n

What's Changed

\n\n

Full Changelog: https://github.com/modelcontextprotocol/typescript-sdk/compare/v1.25.2...v1.25.3

\n

v1.25.2

\n

What's Changed

\n\n

New Contributors

\n\n

Full Changelog: https://github.com/modelcontextprotocol/typescript-sdk/compare/1.25.1...v1.25.2

\n

1.25.1

\n

What's Changed

\n\n

Full Changelog: https://github.com/modelcontextprotocol/typescript-sdk/compare/1.25.0...1.25.1

\n

1.25.0

\n

What's Changed

\n\n\n
\n

... (truncated)

\n
\n
\nCommits\n\n
\n
\nMaintainer changes\n

This version was pushed to npm by pcarleton, a new releaser for @​modelcontextprotocol/sdk since your current version.

\n
\n
\n\nUpdates `qs` from 6.14.0 to 6.15.0\n
\nChangelog\n

Sourced from qs's changelog.

\n
\n

6.15.0

\n\n

6.14.2

\n\n

6.14.1

\n\n
\n
\n
\nCommits\n\n
\n
\n\nUpdates `@modelcontextprotocol/sdk` from 1.25.1 to 1.26.0\n
\nRelease notes\n

Sourced from @​modelcontextprotocol/sdk's releases.

\n
\n

v1.26.0

\n

Addresses "Sharing server/transport instances can leak cross-client response data" in this GHSA https://github.com/modelcontextprotocol/typescript-sdk/security/advisories/GHSA-345p-7cg4-v4c7

\n

What's Changed

\n\n

New Contributors

\n\n

Full Changelog: https://github.com/modelcontextprotocol/typescript-sdk/compare/v1.25.3...v1.26.0

\n

v1.25.3

\n

What's Changed

\n\n

Full Changelog: https://github.com/modelcontextprotocol/typescript-sdk/compare/v1.25.2...v1.25.3

\n

v1.25.2

\n

What's Changed

\n\n

New Contributors

\n\n

Full Changelog: https://github.com/modelcontextprotocol/typescript-sdk/compare/1.25.1...v1.25.2

\n

1.25.1

\n

What's Changed

\n\n

Full Changelog: https://github.com/modelcontextprotocol/typescript-sdk/compare/1.25.0...1.25.1

\n

1.25.0

\n

What's Changed

\n\n\n
\n

... (truncated)

\n
\n
\nCommits\n\n
\n
\nMaintainer changes\n

This version was pushed to npm by pcarleton, a new releaser for @​modelcontextprotocol/sdk since your current version.

\n
\n
\n\nUpdates `qs` from 6.14.0 to 6.15.0\n
\nChangelog\n

Sourced from qs's changelog.

\n
\n

6.15.0

\n\n

6.14.2

\n\n

6.14.1

\n\n
\n
\n
\nCommits\n\n
\n
\n\nUpdates `hono` from 4.11.1 to 4.11.9\n
\nRelease notes\n

Sourced from hono's releases.

\n
\n

v4.11.9

\n

What's Changed

\n\n

Full Changelog: https://github.com/honojs/hono/compare/v4.11.8...v4.11.9

\n

v4.11.8

\n

What's Changed

\n\n

New Contributors

\n\n

Full Changelog: https://github.com/honojs/hono/compare/v4.11.7...v4.11.8

\n

v4.11.7

\n

Security Release

\n

This release includes security fixes for multiple vulnerabilities in Hono and related middleware. We recommend upgrading if you are using any of the affected components.

\n

Components

\n

IP Restriction Middleware

\n

Fixed an IPv4 address validation bypass that could allow IP-based access control to be bypassed under certain configurations.

\n

Cache Middleware

\n

Fixed an issue where responses marked with Cache-Control: private or no-store could be cached, potentially leading to information disclosure on some runtimes.

\n

Serve Static Middleware (Cloudflare Workers adapter)

\n

Fixed an issue that could allow unintended access to internal asset keys when serving static files with user-controlled paths.

\n

hono/jsx ErrorBoundary

\n

Fixed a reflected Cross-Site Scripting (XSS) issue in the ErrorBoundary component that could occur when untrusted strings were rendered without proper escaping.

\n

Recommendation

\n

Users are encouraged to upgrade to this release, especially if they:

\n\n\n
\n

... (truncated)

\n
\n
\nCommits\n\n
\n
\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n
\nDependabot commands and options\n
\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore ` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore ` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore ` will remove the ignore condition of the specified dependency and ignore conditions\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/elizaOS/eliza/network/alerts).\n\n
\n\n\n\n

Greptile Summary

\n\nThis Dependabot PR bumps `@modelcontextprotocol/sdk` to v1.26.0 across three directories in the `computeruse` package, addressing a security advisory (GHSA-345p-7cg4-v4c7) for cross-client response data leakage when sharing server/transport instances. Transitive dependencies `qs` (6.14.0 → 6.15.0) and `hono` (4.11.1 → 4.11.9) are also updated, with hono's update including multiple security fixes (IP restriction bypass, cache middleware disclosure, static file access, and XSS in ErrorBoundary).\n\n- **Security**: The SDK update fixes a vulnerability where shared server/transport instances could leak cross-client response data. The hono update patches four separate security issues.\n- **Breaking change risk**: The SDK jump is significant (1.17.3 → 1.26.0 for two directories, 1.25.1 → 1.26.0 for the third). The SDK now pulls in zod v4.x as a transitive dependency (previously v3.x), but no project code directly imports zod, so this should be transparent.\n- **New transitive dependencies**: The updated SDK now depends on `hono`, `jose`, `json-schema-typed`, and `ajv-formats`, expanding the dependency tree. The lock files reflect these additions correctly.\n- **Consistency**: All three lock files resolve to the same SDK version (1.26.0), and the `bun.lock` in the elicitation example was not updated (expected for an npm-focused Dependabot PR).\n\n

Confidence Score: 4/5

\n\n- This PR is safe to merge — it addresses known security vulnerabilities with well-established upstream releases.\n- Score of 4 reflects that this is a standard dependency security update from Dependabot. The SDK version jump is large (1.17.3 → 1.26.0) but the codebase only uses stable client-facing APIs (Client, transports, schema types) that are maintained across versions. The new transitive dependencies (hono, jose, etc.) expand the dependency tree, which is the only minor concern. No code changes are needed since the existing imports remain compatible.\n- The lock files (`package-lock.json`) in all three directories deserve a quick sanity check to ensure the expanded dependency tree doesn't introduce unexpected packages. The `bun.lock` in `packages/computeruse/examples/mcp-client-elicitation/` was not updated and may need a separate update if bun is used for builds.\n\n

Important Files Changed

\n\n\n\n\n| Filename | Overview |\n|----------|----------|\n| packages/computeruse/crates/computeruse-mcp-agent/package.json | Bumps `@modelcontextprotocol/sdk` from `^1.17.3` to `^1.26.0`. Straightforward version range update. |\n| packages/computeruse/crates/computeruse-mcp-agent/package-lock.json | Lock file updated with SDK 1.26.0 and new transitive dependencies (hono, jose, ajv-formats, json-schema-typed). Dependency tree expanded but all resolutions are consistent. |\n| packages/computeruse/crates/computeruse-mcp-agent/tests/integration/package.json | Bumps `@modelcontextprotocol/sdk` from `^1.17.3` to `^1.26.0`. Simple version range update for integration tests. |\n| packages/computeruse/crates/computeruse-mcp-agent/tests/integration/package-lock.json | Lock file updated with SDK 1.26.0 and expanded transitive dependencies. All resolutions match the other directories. |\n| packages/computeruse/examples/mcp-client-elicitation/package.json | Bumps `@modelcontextprotocol/sdk` from `^1.25.0` to `^1.26.0`. Minor version bump for elicitation example. |\n| packages/computeruse/examples/mcp-client-elicitation/package-lock.json | Lock file updated with SDK 1.26.0. Note: `bun.lock` in this directory was not updated (expected for npm-only Dependabot PR). |\n\n\n\n\n\n

Flowchart

\n\n```mermaid\nflowchart TD\n A[\"@modelcontextprotocol/sdk\\n1.17.3 / 1.25.1 → 1.26.0\"] --> B[\"Security Fix:\\nGHSA-345p-7cg4-v4c7\\nCross-client data leak\"]\n A --> C[\"New transitive deps\"]\n C --> D[\"hono 4.11.9\\n(+4 security fixes)\"]\n C --> E[\"jose 6.1.3\"]\n C --> F[\"ajv-formats 3.0.1\"]\n C --> G[\"json-schema-typed 8.0.2\"]\n A --> H[\"Updated transitive deps\"]\n H --> I[\"qs 6.14.0 → 6.15.0\"]\n H --> J[\"zod 3.x → 4.3.6\"]\n H --> K[\"express 5.0.1 → 5.2.1\"]\n H --> L[\"express-rate-limit 7.x → 8.x\"]\n\n style A fill:#4a90d9,color:#fff\n style B fill:#e74c3c,color:#fff\n style D fill:#e67e22,color:#fff\n```\n\nLast reviewed commit: de1e307\n\n\n\n", "repository": "elizaos/eliza", "createdAt": "2026-02-17T00:43:19Z", "mergedAt": null, "additions": 478, "deletions": 330 }, { "id": "PR_kwDOMT5cIs7Cmuc_", "title": "docs: add ClawdTalk voice calling integration", "author": "a692570", "number": 6489, "body": "Adds [ClawdTalk](https://clawdtalk.com) to the Key Features section as a voice calling integration.\n\nClawdTalk is an open source skill that lets AI agents make and receive real phone calls, built on [Telnyx](https://telnyx.com) voice infrastructure. It works with OpenClaw today and could integrate natively with ElizaOS via the plugin system.\n\n- Website: https://clawdtalk.com\n- GitHub: https://github.com/team-telnyx/clawdtalk-client\n\n\n\n

Greptile Overview

\n\n

Greptile Summary

\n\nUpdates `README.md` to add ClawdTalk as a voice-calling item in the Key Features list.\n\nMain issue to address before merge: the new bullet is written as if ElizaOS already has a ClawdTalk integration that enables real phone calls, but there’s no corresponding code/plugin/docs in this repository (the README line is the only mention). Rewording to avoid implying shipped/native support would prevent misleading users.\n\n

Confidence Score: 4/5

\n\n- Safe to merge if the README wording is corrected to avoid implying an integration that isn’t shipped in this repo.\n- The change is docs-only and low impact, but the current wording is likely to mislead users about existing functionality because there is no corresponding ClawdTalk integration code or docs in the repository.\n- README.md (Key Features bullet wording)\n\n

Important Files Changed

\n\n\n\n\n| Filename | Overview |\n|----------|----------|\n| README.md | Adds a Key Features bullet for ClawdTalk voice calling; wording currently implies an existing integration that is not present elsewhere in the repo. |\n\n\n\n\n\n

Sequence Diagram

\n\n```mermaid\nsequenceDiagram\n participant User as Reader\n participant README as README.md\n participant Repo as elizaos/eliza repo\n\n User->>README: Read Key Features section\n README-->>User: Claims \"ClawdTalk integration\" enables voice calling\n User->>Repo: Search for ClawdTalk/plugin/docs\n Repo-->>User: No other references found\n User-->>User: Assumes integration exists (misleading)\n```\n\n\n\n(5/5) You can turn off certain types of comments like style [here](https://app.greptile.com/review/github)!\n\n", "repository": "elizaos/eliza", "createdAt": "2026-02-10T00:00:39Z", "mergedAt": null, "additions": 1, "deletions": 0 } ], "codeChanges": { "additions": 0, "deletions": 0, "files": 0, "commitCount": 2 }, "completedItems": [], "topContributors": [ { "username": "kaiclawd", "avatarUrl": "https://avatars.githubusercontent.com/u/257877415?u=2c8763bb75f5fd07b37a1939903a8b557dd7a46f&v=4", "totalScore": 59.475878208526346, "prScore": 59.475878208526346, "issueScore": 0, "reviewScore": 0, "commentScore": 0, "summary": null }, { "username": "yaooooooooooooooo", "avatarUrl": "https://avatars.githubusercontent.com/u/62118705?v=4", "totalScore": 43.5437738965761, "prScore": 43.5437738965761, "issueScore": 0, "reviewScore": 0, "commentScore": 0, "summary": null }, { "username": "buzzbysolcex", "avatarUrl": "https://avatars.githubusercontent.com/u/259807261?v=4", "totalScore": 36.87767790223022, "prScore": 36.439677902230216, "issueScore": 0, "reviewScore": 0, "commentScore": 0.43799999999999994, "summary": null }, { "username": "greptile-apps", "avatarUrl": "https://avatars.githubusercontent.com/in/867647?v=4", "totalScore": 18.2, "prScore": 0, "issueScore": 0, "reviewScore": 18, "commentScore": 0.2, "summary": null }, { "username": "mbatini", "avatarUrl": "https://avatars.githubusercontent.com/u/34915878?v=4", "totalScore": 2, "prScore": 0, "issueScore": 2, "reviewScore": 0, "commentScore": 0, "summary": null }, { "username": "borisudovicic", "avatarUrl": "https://avatars.githubusercontent.com/u/31806472?u=8935f4d43fd7e4eb9bf5ff92d54d4d2f8ac8a786&v=4", "totalScore": 2, "prScore": 0, "issueScore": 2, "reviewScore": 0, "commentScore": 0, "summary": null } ], "newPRs": 3, "mergedPRs": 0, "newIssues": 1, "closedIssues": 0, "activeContributors": 6 }