OpenAI adds plugin system to Codex to help enterprises govern AI coding agents. OpenAI ships installable, versioned plugins for Codex so enterprises can control what tools agents can access and manage integrations through a policy catalog. Outcome engineers can now enforce least-privilege, versioning, and policy at the tool layer — a practical governance lever for agentic developer workflows (Principles 10 & 11).

RAG Poisoning and EU AI Act Article 10: Data Governance Is Not Optional for Retrieval Pipelines. The write-up shows Article 10 compliance cuts RAG-poisoning success from ~95% to ~20%. Treating retrieval datasets and ingestion pipelines as governed, auditable assets becomes mandatory engineering work if you want resilient, compliant outcome systems (Principles 02 & 10).

Context Hub vulnerable to supply chain attacks, says tester. Tester finds unvetted Context Hub docs can hide poisoned dependencies that coding agents silently inject into projects. Locking provenance, scanning context bundles, and isolating execution environments are now essential controls for any agent that consumes third-party context (Principles 02 & 14).

Agent-to-agent pair programming. Loop runs two coding agents side-by-side in tmux to enable steerable, interactive code reviews between agents. Use this pattern to design multi-agent collaboration primitives and rapid feedback loops that increase velocity while keeping human reviewers in the circuit (Principles 03 & 09).

$500 GPU outperforms Claude Sonnet on coding benchmarks. ATLAS demonstrates a frozen 14B model running on a single consumer GPU can match Claude Sonnet on code tasks using constraint-driven generation and self-verified repair. That changes the calculus for agent infrastructure — self-hosting cheaper models shifts trade-offs around latency, cost, and control when architecting production agent stacks (Principles 06 & 07).