OpenAI agent platform: threat-model update and ChatGPT Apps/MCP regressions
OpenAI’s agent platform saw tightened threat-model guidance alongside community-reported regressions in ChatGPT Apps/MCP affecting tool metadata, embedded UI rendering, and Custom GPT memory. OpenAI outlined improvements to agent safety and risk modeling in its threat-model guidance, signaling more conservative assumptions for tool use and state handling; see Improving the threat model in the docs [here](https://developers.openai.com/codex/security/threat-model). Meanwhile, builders report two breaking changes in ChatGPT Apps/MCP: tool results have their _meta stripped, breaking viewUUID-based state persistence [report](https://community.openai.com/t/bug-chatgpt-strips-meta-from-tool-results-and-breaks-mcp-apps-viewuuid-state-persistence-pattern/1375980), and embedded UIs fail to render on web after multi-step agentic flows [report](https://community.openai.com/t/chatgpt-apps-embedded-ui-no-longer-renders-on-web-after-agentic-multi-step-exploration/1375844). Enterprise controls and persistence also need attention: Zero Data Retention requires a sales-enabled toggle [discussion](https://community.openai.com/t/how-to-contact-sales-to-enable-zero-data-retention-controls/1375972), and Custom GPTs currently cannot access memory [thread](https://community.openai.com/t/custom-gpts-cannot-access-memory/1059182), which affects long-lived context strategies.