CrabTrap: An LLM-as-a-judge HTTP proxy to secure agents in production — Brex launches CrabTrap, an LLM judge deployed as an HTTP proxy that evaluates and blocks agent requests in real time. This gives practitioners a runtime policy-enforcement pattern to stop unintended agent actions at the network edge, a practical lever for governance and runtime defenses (Principles 10 & 14).

Cloudflare Sandboxes Reach General Availability, Giving AI Agents Persistent Isolated Environments — Cloudflare releases GA Sandboxes and Containers: persistent, isolated Linux environments for AI agents with credential injection, PTY support, and snapshot recovery. Outcome engineers gain a standard execution substrate that balances persistence and isolation, simplifying reproducible artifacts, credential hygiene, and staging of multi-step agent workflows (Principle 07).

Anthropic’s Model Context Protocol includes a critical remote code execution vulnerability — newly discovered exploit puts 200,000 AI servers at risk — Researchers disclose a critical RCE flaw in Anthropic’s Model Context Protocol that threatens roughly 200,000 AI servers across the supply chain. If your stack uses MCP-like context plumbing, this elevates supply-chain and runtime risk, forcing tighter trust boundaries, patching cadence, and isolation strategies (Principles 14 & 10).

Speeding up agentic workflows with WebSockets in the Responses API — OpenAI upgrades the Responses API with WebSocket persistence, caching, and safety optimizations, cutting agentic workflow latency by ~40%. Lower latencies and persistent sessions change orchestration design: you can build tighter loops, stream state efficiently across steps, and reduce orchestration costs for multi-step outcome delivery (Principles 06, 11 & 14).

Groundcover eyes visibility gap in agentic AI monitoring by targeting multi-step workflows — Groundcover expands LLM observability to trace multi-step agentic workflows using eBPF to capture honest LLM interactions inside customer clouds. This gives outcome engineers the tracing and auditability needed to debug agent plans across steps, map causal failures, and instrument guardrails for repeatable, auditable outcomes (Principles 02 & 06).