3 stories across channels
Anthropic released 'auto mode' for Claude Code, allowing the AI to autonomously decide which actions are safe to execute without waiting for user approval. The system uses embedded safety guardrails to detect risky behavior and prompt injection attacks before executing code. Rolling out to Enterprise and API users, currently works with Claude Sonnet 4.6 and Opus 4.6.
Threat actor TeamPCP compromised three critical AI development tools within 5 days in March 2026: Trivy (vulnerability scanner), Checkmarx (code analysis), and LiteLLM (the most widely used LLM proxy in the Python ecosystem). Each compromise leveraged previous access to escalate to higher-value targets in a cascading supply-chain attack.
Uber Engineering published details on uSpec, an agentic system using the open-source Figma Console Model Context Protocol to automate component design specification generation. Running locally in Cursor IDE via Figma Desktop WebSocket bridge (not cloud APIs), the system reduces documentation time from weeks to minutes while keeping proprietary design data on-network. Domain expertise is encoded in structured Markdown 'Agent Skills' for platform-specific accessibility logic.