Your agents are only as trustworthy as what they consume, build, and ship. JFrog governs every AI model, agent skill, MCP server, AI-generated code, and assembled artifact in a single source of truth.
Secure your entire agentic software supply chain so you can ship trusted software at your new speed.
In an AI-native world where Model Context Protocol (MCP) is the universal standard for AI connectivity, the security and governance stakes have never been higher. AI’s ability to take autonomous action through MCPs means that a single breach of an MCP server can grant attackers control over mission-critical enterprise systems, putting enterprises in an immediate …
The race to adopt AI agents has created a massive, unmonitored blind spot in the enterprise software supply chain. At the heart of this revolution is the Model Context Protocol (MCP) – an open connectivity standard designed to move AI models (LLMs) out of their passive “chat box” and give them direct active access to …
When we first introduced the JFrog AI Catalog, it was our mission to provide the industry with a single system of record for governing the complex landscape of internal, open-source, and external commercial AI models. This foundational step was critical for enterprises to move from uncontrolled innovation to delivering AI with trust and confidence. However, …
JFrog Security Research recently discovered and disclosed multiple CVEs in oatpp-mcp – the Oat++ framework’s implementation of Anthropic’s Model Context Protocol (MCP) standard. Among these, CVE-2025-6515 stood out due to its potential threat of hijacking MCP session IDs. Within the context of MCP we’ve dubbed this new attack technique “Prompt Hijacking“. Your browser does not …
NVIDIA 
Cursor 
GitHub 
Docker 
Maven 
Financial Services 
Public Sector 
Technology 
Healthcare 
Gaming 
Automotive 
Enterprise 
