Releases: plwp/fable-meat-proxy
Releases · plwp/fable-meat-proxy
Release list
v0.2.0 — security hardening
Security-hardening release following a two-pass Codex red-team (#1). On PyPI via Trusted Publishing.
Highlights
- Reply authentication — each Fable request carries an unguessable 144-bit token (in the email body and
Message-ID); a reply is accepted only if it echoes the token, so a forgedFrom:header no longer injects a response. - Exact model routing —
FABLE_MODELSallowlist (defaultclaude-fable-5) replaces substring matching, sonot-fable/…-fable-debugcan't divert prompts to the human. (behavior change) - No Fable bypass —
stream,with_raw_response/with_streaming_response,count_tokens, and thebetamessages surface all reject Fable instead of hitting the real API. - Secrets —
token.jsoncreated0600, symlink-safe (O_NOFOLLOW+fchmod); loose-perm tokens tightened before use. - Parsing — attachments skipped; HTML fallback drops comments and hidden text.
- Prompt-injection note in the outgoing email;
FABLE_POLL_INTERVALfloor.
74 offline tests; CI green on Python 3.11–3.13.
Full notes: CHANGELOG · compare v0.1.0...v0.2.0