Agents got safer: Antigravity patches sk…

ANTIGRAVITY PUB_DATE: 2026.06.08

AGENTS GOT SAFER: ANTIGRAVITY PATCHES SKILL SECURITY; WINDSURFAPI FIXES WEBFETCH COMPLETION SEMANTICS

Antigravity hardened its popular skill library against path traversal and unsafe plugin behaviors, and related agent stacks tightened up tool-call handling. Th...

Antigravity hardened its popular skill library against path traversal and unsafe plugin behaviors, and related agent stacks tightened up tool-call handling.

The latest antigravity-awesome-skills patch v12.2.1 closes symlink traversal and tar header edge cases, strips risky docs, and raises risk labels on remote-exec skills.

Windsurf’s proxy update v2.0.144 stops surfacing dead WebFetch tool calls and preserves final assistant text, with sane fallbacks for completed documents.

For reliable agent edits, Simon Willison shipped datasette-agent-edit 0.1a0 with view/str_replace/insert tools, while an OpenAI Apps SDK thread flags built-ins vanishing after a custom MCP call discussion.

[ WHY_IT_MATTERS ]

01.

Closing traversal and archive quirks reduces real supply‑chain and workspace risks in agent toolchains.

02.

Fixing WebFetch completion paths cuts flaky tool-call noise and makes runs more deterministic.

[ WHAT_TO_TEST ]

terminal
Try symlink and realpath escape repros plus mixed PAX/GNU tar cases against your agent skill sandbox; confirm they are blocked or flagged.
terminal
Run a WebFetch flow through WindsurfAPI and verify no dead tool proposals, correct finish_reason, and fallback to document body when needed.

[ BROWNFIELD_PERSPECTIVE ]

Legacy codebase integration strategies...

01.
Pin and roll out antigravity-awesome-skills v12.2.1; re-audit allowlists for external-code and remote-exec skills.
02.
If using ChatGPT Apps with custom MCP, watch for disappearing built-ins; split sessions or isolate connectors until fixed.

[ GREENFIELD_PERSPECTIVE ]

Fresh architecture paradigms...

01.
Adopt constrained edit tools like datasette-agent-edit’s view/replace/insert pattern instead of freeform patches.
02.
Design tool-calling with explicit completion semantics and fallbacks similar to WindsurfAPI’s WebFetch handling.

Enjoying_this_story?

Get daily ANTIGRAVITY + SDLC updates.

Practical tactics you can ship tomorrow
Tooling, workflows, and architecture notes
One short email each weekday

arrow_back

PREVIOUS_DATA_LOG

Agent platforms step out of the IDE: Augment Cosmos preview, Devin ships desktop agent fleet manager

Initialize_Return_to_Core

LINK_STATUS: 127.0.0.1 (SECURE)

NEXT_DATA_LOG

Expose your catalog as an MCP tool or assistants won’t see your products

arrow_forward