โ† Back to all episodes
Agent Platform Research โ€” May 05, 2026
May 05, 2026 ยท ๐Ÿ”ฌ Research

Welcome to the agent platform research briefing for Tuesday, May 5th, 2026.

**Anthropic Launches $1.5B Enterprise AI Services JV with Wall Street Giants** โ€” Anthropic announced Monday a joint venture with Blackstone, Hellman & Friedman, and Goldman Sachs to create a new AI-native enterprise services firm. The unnamed company, described by Business Insider as the "McKinsey of AI," will deploy Claude-based AI transformation playbooks across private equity portfolios and beyond. The $1.5B venture is Anthropic's most direct push yet into the consulting and enterprise services market, putting it in competition with OpenAI's TPG-anchored PE vehicle announced the same week. This marks a structural shift in how frontier AI labs sell to enterprise: not just APIs, but full-stack services and implementation.

**OpenClaw 2026.5.3 โ€” File-Transfer Plugin and Security Scanner Hotfix** โ€” OpenClaw released v2026.5.3 on May 4-5, adding a bundled file-transfer plugin with file_fetch, dir_list, dir_fetch, and file_write agent tools for binary file operations across paired nodes. The plugin ships with a default-deny per-node path policy โ€” symlinks refused by default, 16MB byte ceiling per round-trip, operator approval required for new node access. Also included: a core npm hotfix preventing the install scanner from blocking official bundled plugin packages. This is the first meaningful stable release after the April regression cycle โ€” a quality-of-life and safety update rather than a feature spectacle.

**Microsoft Agent 365 Goes Generally Available at $15/User** โ€” Microsoft launched Agent 365 GA on May 1st, giving enterprises a full control plane for managing AI agents across M365. Agents get Entra identities, governed via Defender, Purview, and Intune. A new Shadow AI page โ€” powered by Defender and Intune โ€” detects and manages local agent activity on Windows devices. Runtime blocking and alerts through Intune arrive in public preview in June. The move formalizes what Microsoft previewed earlier this year: a future where enterprises don't just deploy agents, they govern them the same way they govern human identities and endpoint access.

**Noma Security Whitepaper: "Lethal by Design" โ€” MCP and Skills Under the Microscope** โ€” A new whitepaper from Noma Security, reported May 5th, warns that enterprise MCP servers and Skills introduce significant execution and data-risk vectors for AI agents. Noma coins the term "Agentic Paradox": highly capable agents with browsing, coding, and execution powers lack the common sense to prevent rapid production damage. The report identifies five attack chains already observed in real incidents, including "ContextCrush" โ€” where a poisoned Context7 library instructs a Cursor agent to read local files and leak them to an attacker-controlled GitHub issue. With 25% of MCP servers exposing code execution risk per Help Net Security, the paper proposes a governance framework built around controls organizations can actually enforce.

That's the briefing for today.