AI Tool Briefs

Skybridge 1.0 stabilizes MCP app development

Single entry point (server.registerTool) and integrated dev tools eliminate the feedback loop friction of building inside AI assistants.

npm account atool publishes 637 malicious packages

Compromised atool account injected Bun-based credential harvester into 317 packages (size-sensor, echarts-for-react, @antv scope) via preinstall hooks and orphan GitHub commits, exfiltrating AWS/GCP/Vault/GitHub tokens through dual channels and installing persistent C2 backdoors.

Gemini 3.5 Flash launches GA at 3x prior cost

Google ships Gemini 3.5 Flash into production across consumer and API surfaces with 1M token context, but pricing jumped 3–6x versus prior Flash variants.

Forge lifts 8B models to agent-class reliability

Drop-in guardrails middleware + proxy server that rescues malformed tool calls, enforces step ordering, and manages VRAM context for self-hosted agentic workflows — no model retraining required.

TypeScript 6.0 beta ships, Go rewrite coming

TypeScript 6.0 is the last JavaScript-based release; type inference for this-less functions improves, and #/ subpath imports now work.

Supabase ships MCP server, UI library, Postgres LSP

Official MCP server connects Claude/Cursor to Supabase; Postgres Language Server adds LSP tooling for SQL autocompletion and type-checking; UI library provides ready-made auth and realtime components.

Ollama switches to llama.cpp backend, adds GGUF support

Ollama 0.30.0-rc28 replaces its GGML foundation with direct llama.cpp integration and GGUF compatibility, with MLX acceleration on Apple Silicon.

Agent adoption doubles to 59% but humans stay in control

Developers are adopting single-agent workflows with mandatory human review rather than autonomous systems; GitHub Copilot (65%) and Claude Code (50%) dominate practical implementations.

Run local speech pipeline for Reachy Mini robots

VAD → STT → LLM → TTS cascade on single machine eliminates cloud dependency; swap components as models improve.

Anchor formalizes ERP agent benchmarking with constraint optimization

Anchor generates task harnesses from constraint specs, producing verifiable ground-truth solutions and state-based rewards that eliminate artifact drift in agent evaluation.

Next.js fixes Turbopack imports, devtools, benchmarking

Turbopack now respects module-sync exports and external package subpaths; devtools detects renamed VS Code macOS binary; benchmarking adds percentile comparison and retry logic.

Logic Apps agents execute code in Hyper-V sandboxes

Azure Logic Apps now runs agent-generated Python, JavaScript, C#, and PowerShell in isolated containers, eliminating the need to call external Functions for mid-workflow data transformation.

Treat Claude Code as autonomous agent with guardrails

Stop treating Claude Code as autocomplete; build feedback loops so it verifies its own work, compounds improvements via CLAUDE.md rules extracted from failures.

Laguna releases mixture-of-experts coding models

M.1 (225.8B parameters, 23.4B activated) and XS.2 (33.4B total, 3B activated) are MoE models trained end-to-end in a versioned Model Factory stack, competitive on SWE-bench and terminal coding tasks.

Pull requests slow teams, catch few bugs

PR workflows are a trust-mismatch mechanism borrowed from open source; research shows less than 15% of review comments find bugs, while code waits 86-99% of lead time in queues.

Tonic gRPC library upstreams to CNCF governance

Tonic moves to grpc/grpc-rust under CNCF, Google and LinkedIn now co-maintain; new transport layer ships alongside backward-compatible codegen for existing users.

Single neuron disables safety across model families

Flipping one hidden neuron in MLPs achieves 91.7% jailbreak success with white-box access to activations—safety isn't distributed, it's localized and fragile.

Point GitHub Copilot Chat at any OpenAI-compatible API

BYOK support lets Copilot Chat and CLI use Claude, Gemini, or local vLLM via environment variables or UI form—inline completions still use GitHub's infra.

Smaller models leak privacy under adversarial probing

POLAR-Bench exposes that 1–30B open-weight models running as on-device agents leak over 50% of protected attributes, while frontier models withhold 99%+—forcing a choice between privacy and local inference.

OCR bottleneck dominates document processing pipelines

Production document understanding systems saturate on GPU inference capacity, not worker count, and OCR latency—not LLM parsing—drives end-to-end throughput.

HELLoRA targets MoE experts for efficient adaptation

Attach LoRA modules only to frequently activated experts per layer, reducing trainable parameters to 15.7% of vanilla LoRA while improving accuracy 9.2% on OlMoE.

elementary-data PyPI package publishes credential stealer

Version 0.23.3 compromised via GitHub Actions script injection; malware harvests dbt profiles, cloud credentials, SSH keys, and secrets at interpreter startup using .pth file execution.

Deno 2.7.12 hardens Node.js stdlib compatibility

File descriptor passthrough, native pipe implementation, and memory leak fixes enable drop-in Node.js module compatibility in Deno runtime.

DecisionBench measures router fidelity across agentic delegation

New benchmark suite isolates delegation routing quality (7.5%–29.5% fidelity-at-1) from end-task quality, revealing that delivery channel beats description content for model selection.

Route cheap work away from expensive models

Agent cost explodes not from reasoning calls but from using Claude Opus for heartbeat checks, status validation, and retry logic—move those to cheaper models or simple code.

Measure prompt cache hits to verify cost savings

Anthropic prompt caching silently fails in four ways (misplaced breakpoints, prefix drift, TTL expiration, unmeasured hit rates); wrap the SDK with explicit cache metrics to catch regressions.

Node.js patches nine vulnerabilities across active releases

Two high-severity TLS/HTTP flaws can crash production servers; requires immediate updates to 20.x, 22.x, 24.x, 25.x.

HealthCraft measures LLM safety collapse under clinical pressure

RL environment with FHIR R4 state and dual-layer safety rubric exposes that frontier models fail multi-step workflows (Claude 1.0%, GPT-5.4 0.0%) despite partial single-step competence.

Supabase adds PrivateLink, Claude connector, Postgres rules

PrivateLink routes AWS traffic through VPC without internet exposure; Claude connector enables direct database management via natural language; 30-rule Postgres ruleset teaches AI agents correct SQL patterns.

Gemini Omni Flash generates video from multimodal input

Conversational video editing and generation via text prompts on images, audio, and video references—now in Gemini app and Google Flow.