OpenAI adds plugin system to Codex to help enterprises govern AI coding agents. OpenAI adds installable, versioned plugins to Codex, giving enterprises a cataloged way to control agent workflows, tool access, and integration policies. This creates a concrete control plane for permissions, versioning, and auditing that outcome engineers can integrate into governance and compliance workflows (Principle 10).

LangChain framework hit by several worrying security issues — ‘Each vulnerability exposes a different class of enterprise data’. Researchers disclose multiple LangChain vulnerabilities that expose different classes of enterprise data, forcing urgent patches and mitigations. If LangChain is your orchestration layer, these flaws expand agent blast radius and demand runtime defenses, CI checks, and supply-chain controls (Principle 14).

RAG Poisoning and EU AI Act Article 10: Data Governance Is Not Optional for Retrieval Pipelines. Analysis shows Article 10–style data governance cuts RAG poisoning success rates dramatically, proving sanitization and provenance materially reduce retrieval-based attacks. Outcome engineers must treat data governance as a functional requirement for retrieval systems—build provenance, validation, and audit trails into your pipelines now (Principle 02).

Anatomy of the .claude/ Folder. The post explains how project- and user-level .claude folders centralize Claude Code instructions, commands, permissions, and memory to control agent behavior precisely. Treat this folder pattern as a reproducible way to version agent config, enforce least privilege, and make agent behavior auditable in production (Principle 11).

Don’t YOLO Your File System. Stanford’s Jai provides one-command Linux sandboxes that protect home directories with copy-on-write overlays to reduce AI agent blast radius. Practical sandboxes let you run agents against real data safely, turn threat models into testable fixtures, and shrink the attack surface for deployed autonomous systems (Principle 14).