Webhooks catalog, collections RBAC, and team invitations
This release introduces a typed webhooks catalog for audit log events, enforces RBAC on the collections API, normalizes risk finding identifiers across scanners, and ships a DB-backed team invitation flow with trusted domain guards.
Features
Webhooks catalog#2905 - The webhooks feature now generates a catalog of event types and schemas. The catalog is emitted as an OpenAPI 3.1 document that is synced to Svix. (Author: @disintegrator )
Granular per-subject audit log webhook events#2927 - Each auditable subject (deployments, projects, MCP servers, API keys, toolsets, risk policies, sessions, and more) now emits its own typed webhook event (for example,
), enabling subscribers to filter by subject domain rather than receiving all audit activity under a single event type. (Author: @disintegrator )
. Update, AttachServer, and DetachServer now run in a transaction alongside the audit insert, and a new
identifier (prefix
) is used as the audit subject. (Author: @subomi )
Team invitations with trusted domain guards#2896 - Adds RBAC and assigned roles on pending organization invites, lets org admins change the role before acceptance, and emits audit log entries for invite creation and role changes. Invite acceptance now uses Gram invite tokens plus WorkOS User Management Magic Auth codes — the server validates the invite token, creates and consumes the Magic Auth code for the invited email, verifies the email match, and completes provisioning. (Author: @ThomasRooney )
Bulk install all servers in a collection#2899 - Adds an Install All button to the collection detail page for bulk server installation. (Author: @subomi )
Improved trace session detail UX#2864 - Adds filtering and a clearer presentation for trace entries. (Author: @alx-xo )
Bug fixes
Drop IPv6 short-form and IPv4 unspecified false positives#2915 - Drops Presidio
false positives produced from short-form IPv6 strings (
,
,
) and IPv4 unspecified
. Analysis of prod
showed these single-hex-group
matches dominated
noise alongside the existing
filter; they are now dropped before becoming findings. (Author: @mfbx9da4 )
Exclude plugin download key creation from audit log#2760 - Excludes per-request plugin download API key creation from the audit log to prevent flooding with
Skip WorkOS reads when org is linked locally#2844 - Skips WorkOS reads when the org is already linked locally, removing redundant lookups on the auth path. (Author: @bflad )
Filter already-added toolsets from plugin add-server dialog#2904 - Filters the plugin Add Server dialog to exclude toolsets already attached to the plugin, preventing duplicate entries. (Author: @bradcypert )
Credits-exhausted message in chat#2921 - Shows a graceful message in AI Insights and the Playground when an organization runs out of chat credits. Previously the chat would silently stop streaming on a 402 from the gateway because the AI SDK masks stream errors by default. The thread now renders a clear credit-limit message, and the new
and
exports are available on
for downstream consumers that want to react to the same condition. (Author: @simplesagar )
