IntentProbe v0.1.4

Local MCP scan false-positive cleanup.

Changes:

• Benign negated secret text such as does-not-read secrets/private keys no longer triggers static secret findings.
• Low activation-only scores below the product review floor now allow instead of warn.
• CLI regression now requires the safe package fixture to allow and the poisoned skill fixture to block.

Verified:

• Unit tests passed.
• Activation scanner regressions passed.
• CLI and hook/runtime regressions passed.
• Local MCP auto scan found 11 MCP servers: 9 allow, 2 review, 0 block.
• Fresh wheel install smoke passed: safe package allowed, poisoned skill blocked.
• PyPI 0.1.4 published and post-publish smoke passed.

Install:
python -m pip install intentprobe==0.1.4

IntentProbe 0.1.3

Fixes scan-config auto discovery for real local MCP setups.

Highlights:

• Adds Claude Code global config discovery via ~/.claude.json.
• Adds Codex MCP config discovery via ~/.codex/config.toml.
• Adds TOML parsing support with a Python 3.10 tomli fallback.
• Calibrates config inventory noise: remote HTTP, env vars, repo/ticketing, and email/identity are info flags by default; browser, filesystem, and code execution remain review-tier.
• On Nicole's local machine after this change: 11 MCP servers scanned, 9 allow, 2 review, 0 block.

PyPI package: https://pypi.org/project/intentprobe/0.1.3/

IntentProbe 0.1.2

Adds scan-config, a one-command local MCP client config scanner for Claude Desktop, Claude Code, Cursor, Windsurf, and repo .mcp.json files.

Highlights:

• New intentprobe scan-config auto --format summary entrypoint.
• Config-specific decision policy: short MCP manifests with activation-only signal are downgraded to inventory-only instead of noisy warnings.
• Review tier for concrete operator concerns such as env vars, remote HTTP endpoints, browser/filesystem/code/email/repo capabilities.
• JSON output avoids emitting raw config or secret values.
• PyPI package: https://pypi.org/project/intentprobe/0.1.2/

IntentProbe v0.1.0

IntentProbe v0.1.0

First public research-preview release of IntentProbe, a local activation-probe scanner for MCP/tool poisoning.

Highlights:

• Local CLI scanner and runtime hook.
• Qwen2.5-0.5B activation probe artifact bundled with the package.
• GitHub install path:
  uvx --python 3.11 --from git+https://github.com/mcpware/IntentProbe.git@v0.1.0 intentprobe --help
• Benchmarks and reproducibility docs are included in the repository.

Notes:

• First model-backed scan downloads Qwen2.5-0.5B once.
• PyPI/npm registry publishing is planned but blocked until registry auth is configured.