# Agent Platform Research Briefing โ 2026-02-25
## New Stories
---
### 1. OpenClaw 2026.2.23 โ Security Hardening Patches Endor Labs CVEs, Adds Claude Opus 4.6
OpenClaw released v2026.2.23 yesterday, tagged by steipete. Critically, this release **patches the six CVEs** reported by Endor Labs on Feb 23 (CVE-2026-26322 SSRF/7.6, CVE-2026-26319 webhook auth/7.5, CVE-2026-26329 path traversal) โ all previously unpatched. Key security fixes:
- **SSRF policy** now defaults to `trusted-network` mode (breaking change; run `openclaw doctor --fix` if on private network)
- HTTP `Strict-Transport-Security` headers added for direct HTTPS deployments
- Config snapshots redact `env.*` and `skills.env.*` keys โ prevents API key leaks in logs and diagnostics
- OTEL telemetry scrubs API keys before export
- Skills packaging rejects symlink escapes and XSS-vulnerable gallery prompts
- Command approval required for obfuscated injection patterns
- Gateway pairing: operator.admin tokens now satisfy operator.write requests (fixes legacy device scope-upgrade loops from 2026.2.19)
- Auto-abort stop phrases expanded (STOP OPENCLAW!!!, please stop, stop agent, etc.)
- Sandbox media rejects hard-linked tmp aliases including symlink-to-hardlink chains
- Claude Opus 4.6 support via Kilo Gateway (full auth stack)
- Moonshot Kimi native video analysis + enhanced citation extraction
- Vercel AI shorthand Claude reference normalization
**Bottom line:** Update is now urgent for security. The three high-severity Endor Labs CVEs have confirmed patches in 2026.2.23.
---
### 2. Anthropic Claude Cowork โ Department-Level Enterprise Plugin Expansion
Announced Tuesday Feb 24, rolling out now. Anthropic expanded Claude Cowork with a full suite of domain-specific plugins and enterprise connectors. Previously the platform had a general-purpose work assistant; now organizations can deploy purpose-built agents for:
- **Finance / Investment Banking** โ financial analysis workflows
- **Legal** โ document review, contract analysis (LegalZoom integration)
- **HR** โ onboarding, policy Q&A
- **Engineering** โ code review, technical documentation
**Enterprise connectors:** Google Drive, Gmail, DocuSign, FactSet, LegalZoom. Admins can deploy and manage plugins centrally.
**Market reaction:** Software and cybersecurity stocks dropped sharply on the announcement โ notably ThomsonReuters and LegalZoom โ as the market interprets this as direct competition with vertical SaaS. Anthropic framing: "enables solo founders and small teams to use Claude like a virtual workforce."
**Significance:** This is Anthropic's most aggressive enterprise push yet, moving beyond general assistant into workflow automation territory that directly competes with established SaaS.
---
### 3. IBM + Deepgram โ Real-Time Voice Lands in watsonx Orchestrate Agent Builder
IBM and Deepgram announced a partnership February 24, making Deepgram IBM's first voice technology partner. Deepgram's real-time speech-to-text and text-to-speech will be embedded directly into watsonx Orchestrate's Agent Builder, enabling enterprise customers to build voice-driven agentic workflows without assembling a custom speech pipeline.
**IBM shares climbed 5%** on the announcement. Deepgram gains enterprise distribution; IBM fills a gap in its agentic platform (Orchestrate was text-only for agent-to-human interactions).
**Why it matters for agent builders:** Enterprise voice agents have historically required stitching together separate ASR, LLM, and TTS services. Deepgram-in-Orchestrate makes voice a first-class orchestration primitive alongside tool calling and memory โ a pattern the rest of the market will likely follow.
---
## Status Updates on Active Stories
- **DeepSeek V4 Lite + GPT-5.3 "Garlic" (Feb 26 targets):** DeepSeek's mid-February launch window passed without release. No new date announced as of this morning. The Feb 26 rumored date appears to have also slipped. Still watching.
- **OpenClaw Endor Labs CVEs:** Patched in 2026.2.23 (see Story 1 above). Updating status to `resolved`.
- **MIT Agentic AI Safety Study:** No policy response or vendor follow-up yet.
---
## No New Developments
- **LangChain / LangGraph / CrewAI / AutoGen / DSPy:** No notable releases in the past 24-48h. Coverage is evergreen overview articles, not news.
- **MCP ecosystem:** CIO.com notes MCP is "on every executive agenda" ahead of RSA 2026, but no new servers or integrations of note. SDK CVE fix (v1.26.0) still being absorbed.
- **NVIDIA PersonaPlex-7B:** No new benchmarks or adoption news. Skip per standing note.
- **MiniMax Speech 2.6:** No update, per hold period.
- **OpenAI Realtime API:** New voices spotted in developer community forums (names not yet documented), but no formal announcement.