Agents
GitHub Agentic Workflows Adds Cache-Memory Sanitization and OpenCode Engine in Security Hardening Update
GitHub's Agentic Workflows received a significant security update: before each agent run, working trees are now scanned and cleaned of planted executables and disallowed files from cached memory, closing a supply-chain attack vector where malicious artifacts could persist across runs. The update also adds OpenCode as a new first-class agentic engine (joining Copilot, Claude, and Codex) and introduces pre-agent steps for custom setup Actions before AI execution begins. Defense-in-depth architecture runs AI-powered threat detection on all proposed changes before any writes.
Source
↳ Follow the thread