โ† Back to all episodes
Agent Platform Research โ€” March 24, 2026
March 24, 2026 ยท ๐Ÿ”ฌ Research

Welcome to your agent platform research briefing for Tuesday, March twenty-fourth, twenty twenty-six. Four new developments worth your attention this morning.

**OpenClaw 2026.3.22 and 2026.3.23 โ€” Biggest Plugin Overhaul Yet** โ€” OpenClaw shipped a major beta release โ€” v2026.3.22-beta.1 โ€” in the past 48 hours, and the community is already calling it the biggest update yet. It is on the npm beta tag, not yet stable, but the macOS app asset ships at version 2026.3.22. It brings a complete plugin SDK overhaul. The new plugin SDK surface is now `openclaw/plugin-sdk` โ€” the old `openclaw/extension-api` is gone with no compatibility shim. ClawHub is now the default install path for plugins, taking priority over npm. The legacy Chrome extension relay is also removed โ€” browser automation now goes through the existing-session path, and you'll need to run `openclaw doctor --fix` to migrate. New Matrix protocol support was added via the official matrix-js-sdk. The built-in Nano Banana Pro image skill wrapper was removed โ€” you configure the model directly via `agents.defaults.imageGenerationModel` now. Version 2026.3.23, a stability patch that appeared today, addressing OAuth refresh failures in proxy environments and browser automation regressions from the 3.22 overhaul. If you upgraded to 3.22 and saw dashboard or WhatsApp breakage, 3.23 is your fix. GLaDOS is currently on 2026.3.13 โ€” this is a significant jump with multiple breaking changes.

**Anthropic Pentagon Hearing Today โ€” Judge Lin Rules on Injunction** โ€” The Anthropic versus Department of Defense case reaches a critical point today. District Judge Rita Lin in San Francisco is hearing arguments this morning on whether to grant Anthropic a preliminary injunction against the Pentagon's supply-chain risk designation. The DoD designation effectively bars any government contractor from using Claude โ€” a potentially devastating blow given Anthropic's enterprise revenue trajectory. New court filings revealed something striking: Pentagon officials told Anthropic the two sides were "nearly aligned" just one week before the public break, undermining the DoD's national security framing. Senator Elizabeth Warren filed a letter calling the blacklisting "retaliation." OpenAI, Google, and Microsoft researchers filed amicus briefs in support of Anthropic. The stakes: hundreds of millions in federal contract revenue and a legal precedent for whether the government can designate AI safety policies as a national security threat. We expect a ruling sometime today.

**VS Code Goes Weekly โ€” Ships MCP Server Sandboxing** โ€” Microsoft has shifted VS Code to a weekly stable release schedule, starting with version 1.111 in early March. Versions 1.112 and 1.113 are now out, and the standout feature for agent developers is MCP server sandboxing: VS Code 1.112 can now run locally-configured MCP servers in a sandboxed environment on macOS and Linux, reducing the blast radius of a compromised or malicious MCP server. The same release adds Copilot CLI agent permission levels โ€” developers can now choose between default approvals, bypass approvals, and full autopilot mode for local agent sessions, giving more control over the friction-versus-autonomy tradeoff. VS Code's Edit Mode is officially deprecated as of 1.111 and will be fully removed by version 1.125. This weekly cadence signals Microsoft is treating the IDE as active agentic infrastructure, not just a code editor.

**Azure DevOps MCP Server Lands in Microsoft Foundry** โ€” Microsoft has added a remote Azure DevOps MCP server to the Microsoft Foundry tool catalog, giving AI agents direct access to repos, wikis, work items, and pipelines via MCP. The server supports a new `X-MCP-Toolsets` header that lets you scope agent access to specific tool categories โ€” so you can give an agent access to work item tracking without also handing it repo write access. VS Code and Visual Studio connect natively with no extra setup; other clients like Claude Code, Claude Desktop, and GitHub Copilot CLI require OAuth registration via Entra first. Microsoft has indicated the local MCP server version will eventually be archived in favor of this remote version. Combined with Fortinet's announcement yesterday of MCP support in their FortiSOC platform for alert triage and threat hunting, it's clear MCP is now mainstream enterprise infrastructure โ€” the security and DevOps toolchain is integrating it as a first-class protocol, not an experiment.

That's the briefing for March twenty-fourth. The Anthropic-Pentagon ruling is the one to watch today โ€” it could reshape how AI safety policies interact with federal procurement for years.