NEXO 6.3.1 — Privacy hotfix over v6.3.0

Published 2026-04-19. Patch release.

What happened

v6.3.0 shipped src/presets/entities_universal.json with operator-specific vhost_mapping entries: private IPs, docroots under an operator's home, and tenant names belonging to an operator's downstream clients. The entries were harmless on the operator's own runtime but should never have crossed the npm package boundary into every fresh install.

How the leak was caught

The nightly auditor — an Opus 4.7 xhigh session with the pr-review-toolkit skills — reviewed every commit merged during the v6.3.0 cycle. It flagged the preset as HIGH severity the same night the package was tagged, before any user outside the publisher pulled it on a fresh box. A patch was prepared in the same session.

Fix

• src/presets/entities_universal.json now only contains universal entries (destructive-command shapes, legacy-path migration mappings, artifact-class templates, and the public nexo-brain.com vhost). Seven operator-specific vhost_mapping entries have been removed.
• src/presets/entities_local.sample.json is the new template operators copy to ~/.nexo/brain/presets/entities_local.json and fill in with their real domains / hosts / IPs / tenants.
• .gitignore blocks entities_local.json so the pattern cannot recur by mistake.
• scripts/install_guardian.py drops the sample at nexo init and never overwrites an existing operator copy.

Behavioural impact

None on the Guardian side. Rules R21 / R23 / R25 read entities regardless of whether they live in entities_universal.json or entities_local.json — the merger is transparent.

Who should care

• Anyone who ran npm install nexo-brain@6.3.0 on a box they had never installed NEXO on before. Upgrade to 6.3.1 and, if you ran nexo init, move your local entries out of entities_universal.json (which will be overwritten on nexo update) into entities_local.json.
• Future contributors — the .gitignore rule makes the pattern permanent.

Open the changelog entry · Previous: NEXO 6.3.0