« All posts

Agent Runtime Security: Foundry, GitHub, Mastra Updates

This week, updates from Foundry, GitHub, and Mastra provide essential insights for engineers.

This week highlighted the critical differences between building and safely running agents in production. Alongside Microsoft's significant advancements in production-grade agent infrastructure, two major supply chain and trust-boundary failures were reported. Foundry has evolved beyond simple model endpoint hosting, introducing features like procedural memory and centralized tool registration. Meanwhile, GitHub's Agentic Workflows faced a serious vulnerability allowing unauthorized access to private repositories, and a Mastra account breach compromised numerous packages in a short time.