LoginSign Up
← Back to Infra & APIs
Weekly · Infra & APIs · Week of May 11, 2026

The devtools sector spent the week rewiring itself around AI agents as first-class users.

agent-first inframcpidentity for agentsagent clienterprise hardeninglakehouse
Y
By Yahya Tür
LinkedIn ↗
Generated 10d agoDrawn from 19 products

The week in devtools

The dominant pattern this week is unmistakable: devtools vendors are no longer shipping AI features as a wrapper on top of existing products. They are rebuilding their core surfaces — auth, CI, infrastructure, observability, notifications — so that an agent is a legitimate caller, not a curiosity. The week's most consequential moves came from companies that previously sold to humans now formally onboarding agents: agent-readable CLIs, MCP servers, scoped credentials, agent-shaped pricing, and policy primitives that assume non-human traffic.

The second pattern is consolidation pressure. Security batches, governance features, and enterprise hardening landed in the same week as agent expansion across multiple vendors — a sign the category is maturing past launches and into the boring work of making agent platforms safe to give to a Fortune 500 buyer.

Leaders

GitHub pulled enterprise governance and security straight into the Copilot agent loop rather than leaving it as CI bolt-ons, the clearest signal that agent control planes are eating the developer platform itself. Cursor rebadged itself in version 3 from coding assistant to agentic engineering platform — pricing, surfaces, and review workflow now assume the agent is the primary actor. Cloudflare continued its move to position as the agentic cloud, with agents that self-onboard and durable workflows scoped to tenants. BigQuery doubled down on Iceberg, graph, and global data sharing as the lakehouse fight intensifies, and the AI access narrative shows up at the query layer rather than as a separate product. Clerk shipped a CLI built for humans and agents in the same surface, monetized API Keys, and graduated SCIM, threading the needle on identity for both seats and bots.

Wildcards

Supabase reversed one of its largest historical defaults, no longer auto-exposing public-schema tables via PostgREST — an unusually loud security-posture change for a product whose brand has been frictionless DX. Tailscale simultaneously launched an LLM agent control plane and pivoted to seat-based billing in the same month, an off-pattern combination for an infrastructure-priced networking company. Vercel shipped a 13-advisory Next.js security batch alongside Sandbox networking and Marketplace credential lockdown — security batches at that scale rarely accompany feature releases.

Themes that compounded

  • MCP shipped or expanded as a first-class capability in at least eight products this week (Mixpanel, SigNoz, Statsig, PlanetScale, Replicate, Composio, Docker, Raycast) — MCP is no longer optional.
  • Agent-readable CLIs and skills repos appeared across Clerk, Buildkite, Statsig, Render, Replicate, and Checkly — the CLI is being redesigned as an agent interface.
  • Notification and incident tooling — Knock, Novu, Rootly, Instatus — all pushed their workflows to be agent-driven end to end.
  • Identity vendors converged on agent authorization: Auth0 scaled FGA, Okta built around Cross App Access, Clerk monetized API Keys, WorkOS shipped Groups API and FGA roles.
  • Enterprise hardening and security batches landed alongside AI launches at Composio, Vercel, AWS, Snyk, and Elasticsearch — the AI-first products are now also the security-batch products.

Watch this week

Watch how the agent control plane consolidates. With GitHub, Cursor, Cloudflare, Windsurf and Vercel all converging on overlapping primitives — agent onboarding, scoped tokens, durable workflows, sandboxes — the question is whether vendors stake a clear lane (identity layer, runtime, IDE) or whether the bundling pressure pushes someone to commit to all of them. Pricing is the second signal: Tailscale moving to seats and Clerk monetizing API Keys are early proxies for how agent-era revenue actually lands when the unit-of-consumption is no longer a human user.