Solutions  ·  2026-07-02

Snyk Evo Agentic Development Security (ADS) — Runtime Governance for AI Coding Agents and MCP Servers

SolutionsHigh impactGlobal
Announced June 23, 2026 with GA on June 29, Snyk Evo ADS adds a three-layer enforcement plane inside the AI agent execution loop: (1) pre-execution vetting — MCP server and skill inventory with trust policies before an agent can connect; (2) real-time policy enforcement — hard-stop blocking of unapproved tool calls, unverified registry installs, or unsafe external connections mid-session; (3) real-time scan of AI-generated code at inception inside Claude Code, Cursor, Codex, Windsurf, and Kiro, with fixes applied before code is surfaced to the developer.
Evo ADS is the first developer-security product to govern agent-initiated external actions and dynamic toolchains in-loop rather than post-hoc. It directly addresses the MCP supply-chain risk (poisoned skills, untrusted MCP servers) that neither SAST nor traditional SCA tools can see, and it integrates into the coding agents developers are already using at scale.
AppSec and platform engineering teams deploying AI coding agents (Claude Code, Cursor, Codex, Windsurf) should evaluate Evo ADS immediately; particularly urgent for enterprises with >10 agent-active developers given the average 18-skill-per-developer exposure surface Snyk documented.
Sources
Snyk Evo ADS Product PageDEV Community — Snyk launches Evo ADS (Jun 25, 2026)
See this in the live feed Explore related AI security and governance findings — updated every morning.
Open the feed →