[Snyk] Security upgrade @modelcontextprotocol/sdk from 1.15.1 to 1.26.0

[omercnet]

Snyk has created this PR to fix 1 vulnerabilities in the pnpm dependencies of this project.

Snyk changed the following file(s):

• package.json

⚠️ Warning

Failed to update the pnpm-lock.yaml, please update manually before merging.

Vulnerabilities that will be fixed with an upgrade:

	Issue	Score
	Race Condition SNYK-JS-MODELCONTEXTPROTOCOLSDK-15208843	641

---

Important

• Check the changes in this PR to ensure they won't cause issues with your project.
• Max score is 1000. Note that the real score may have changed since the PR was raised.
• This PR was automatically created by Snyk using the credentials of a real user.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report
📜 Customise PR templates
🛠 Adjust project settings
📚 Read about Snyk's upgrade logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Race Condition

[Copilot]

Pull request overview

Updates @modelcontextprotocol/sdk to a newer version to remediate a reported vulnerability.

Changes:

• Bump @modelcontextprotocol/sdk dependency from ^1.15.1 to ^1.26.0 in package.json

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[Copilot]

This PR only updates package.json, but the PR description indicates pnpm-lock.yaml was not updated. With pnpm, CI/production installs typically follow the lockfile, so leaving it unchanged can mean the vulnerable version remains installed and the security fix is ineffective. Regenerate and commit an updated pnpm-lock.yaml (e.g., pnpm install or pnpm up @modelcontextprotocol/sdk@^1.26.0) so the resolved version is upgraded.

Suggested change

	"@modelcontextprotocol/sdk": "^1.26.0",
	"@modelcontextprotocol/sdk": "^1.27.0",