OSSCheckpoints — M Seed for AI Code Provenance CLICheckpoints·high signalEx-GitHub CEO Thomas Dohmke's open-source CLI recording AI code reasoning trails. M seed at M valuation. Most well-funded bet on AI code provenance.SourceSource pageCheckpoints↳ Follow the threadPolicy dependency / Stack layerReason Less, Verify More: Deterministic Gates Catch a Silent Policy-Violation Failure in Tool-Using AgentsarXivPolicy dependency / Stack layerMicrosoft Agent Framework ships early-July releases, promotes github-copilot-sdk to v1.0.0GitHub (Microsoft Agent Framework)Stack layer / Threat patternMitigating Taint-Style MCP Server Vulnerabilities Without Touching Server Code (SPELLSMITH)arXivStack layer / Threat patternPick your agent sandbox primitive by threat model: Firecracker microVM vs gVisor vs V8 isolateNorthflankStack layer / Threat patternGhostcommit hides prompt injection in PNG files to make AI coding agents exfiltrate repo secretsSecNewsStack layer / ContrastClaude Code's July 10 Update Hardens the Agent Loop Against Forged Approvals: Transcript-Tamper Blocking + 'No Human Input Occurred' NoticesReleasebot (Anthropic Claude Code changelog, corroborated by code.claude.com/docs/whats-new)Stack layer / Update threadEvoAgentBench: A Benchmark That Isolates Whether Agents Can Turn Past Sessions Into Reusable ProceduresarXivStack layer / Threat patternFriendly Fire: auto-approve coding agents run attacker code during security scansSecurityWeek