Cloudflare Blog
Public MindPattern findings, entities, and graph evidence that cite this source.
Findings
40
All-time hits
46
High value
16
Last seen
2026-07-02
Connected entities
Cloudflare BlogCloudflare Opens Monetization Gateway to Charge for Any Resource via x402 StablecoinsPattern: Vibe Coding Infrastructure Layer Emerging — Platforms-for-Platforms Becoming a CategoryCloudflare + Stripe Launch Open Protocol for AI Agent Self-Service: Agents Can Now Create Accounts, Cloudflare — Enterprise MCP Reference ArchitectureCloudflare Ships Shadow MCP Detection in Gateway: JSON-RPC Body Inspection Catches Unauthorized MCP Cloudflare Code Mode MCP: 99.9% Token Reduction for API-Calling AgentsCloudflare Launches Agent Readiness Score — Only 4% of Top 200K Websites Support AI Agent StandardsCloudflare Agents Week: Unweight Compresses LLMs 22% Losslessly, Plus Agent Memory, AI Search, FlagsCloudflareCloudflare Agents Week: Email Service, Git-Compatible Artifacts, and AI Platform LaunchCloudflare and Coinbase Ship x402 Agent Payments: HTTP 402 Status Code Finally Gets a JobCloudflare Launches Agents Week: Container Sandboxes GA, Dynamic Workers, and Agent Security InfrastCloudflare Blog — Sandboxing AI Agents, 100x FasterCloudflare Dynamic Workers Open Beta: V8 Isolate Sandboxing for AI Agent Code Execution, 100x Faster
Related findings
- 2026-07-02 / DISPATCHCloudflare Rolls Out Tools to Make AI Search Smarter — and Pay CreatorsCloudflare details new infrastructure aimed at keeping creators and merchants discoverable in an agentic-search era while also getting paid, as AI rewrites how the web is indexed and monetized. The move positions Cloudflare in the fight over how content owners are compensated when AI agents, not humans, do the browsing.
- 2026-07-01 / NEWSCloudflare's One-Year 'Content Independence Day' Report Charts a Monetized Agentic WebOne year after declaring 'Content Independence Day,' Cloudflare published a report arguing a dynamic market for monetized content has emerged as autonomous AI agents upend traditional web traffic and referral economics. The report quantifies how agent crawling is displacing human search referrals and pressuring creators caught between staying discoverable and getting paid. It's a data-backed argument that the crawl-for-free era is ending.
- 2026-07-01 / NEWSCloudflare Opens Monetization Gateway to Charge for Any Resource via x402 StablecoinsCloudflare opened a waitlist for its Monetization Gateway, letting developers charge for any web page, dataset, API, or MCP tool behind Cloudflare, with charges settling peer-to-peer in stablecoins over the open x402 protocol and no payment stack to build. The x402 protocol — co-governed by Cloudflare and Coinbase — has processed 119M+ transactions on Base and 35M on Solana at roughly $600M annualized volume with zero protocol fees. This is direct infrastructure for the agentic-commerce era where AI agents pay per request over HTTP 402.
- 2026-06-23 / AGENTSCloudflare ships Flue, the Astro team's open-source TypeScript agent framework, as a runtime on its Agents SDKPublished June 17, 2026, Flue (built by the Astro team, now at Cloudflare) is a declarative TypeScript agent framework where you 'describe what an agent knows' — model, skills, sandbox, instructions — rather than scripting its behavior. It ships pre-wired Slack/GitHub/Linear/Discord channels with event verification, a @flue/react library that streams agent state and tool execution into the frontend, 'Durable Streams' append-only logs for crash recovery, sandboxed TypeScript via @cloudflare/codemode (isolates start in <10ms at $0.002/load), and a SQLite-backed virtual filesystem with read/write/grep/diff. It runs as long-lived Node processes on any VM or as Durable Objects on Cloudflare; v1.0 Beta shipped the same week, making the Agents SDK a runtime any framework can target.
- 2026-06-04 / NEWSVoidZero — Team Behind Vite, Vitest, and Rolldown — Joins CloudflareVoidZero, the company building the Vite/Vitest/Rolldown/Oxc JavaScript toolchain, is joining Cloudflare, with assurances that Vite stays open source and vendor-agnostic. The acquisition consolidates control of foundational frontend build tooling under a major infrastructure player.
- 2026-05-28 / HACKER NEWSCloudflare Launches Flagship: Native Feature Flags Built for AI-Driven Deployments — 345 PointsCloudflare released Flagship in public beta on May 26 — a native feature flag service built entirely on Workers, Durable Objects, and KV with sub-millisecond edge evaluation and zero external dependencies. Built on OpenFeature (CNCF standard), it supports targeting rules, percentage rollouts, and audit trails. Cloudflare explicitly positions this for AI-era deployments where autonomous agents deploy code independently and teams need blast-radius control and instant rollback capability.
- 2026-05-23 / TOOLSPattern: Vibe Coding Infrastructure Layer Emerging — Platforms-for-Platforms Becoming a CategoryCloudflare's VibeSDK (one-click vibe coding platform), Vercel v0, and Replit's agent mode represent a new architectural tier: platforms that let anyone deploy their own AI coding environment. VibeSDK is open-source, runs entirely on Workers with sandboxed execution, and uses Gemini by default. The pattern is clear — vibe coding is moving from 'app you use' to 'infrastructure you deploy,' much like how hosting platforms commoditized web app deployment. Builders should watch this layer for white-label and embedded opportunities.
- 2026-05-21 / MARKETSCloudflare + Stripe Launch Open Protocol for AI Agent Self-Service: Agents Can Now Create Accounts, Buy Domains, and Deploy to ProductionCloudflare and Stripe launched an open protocol (April 30, now in open beta) that lets AI agents autonomously create cloud accounts, register domains, start subscriptions, and deploy to production. Stripe handles identity and payment with a $100/month default cap; if no Cloudflare account exists, one is automatically provisioned via OAuth. Human gates exist only at legal/financial decision points — everything technical is fully autonomous. This is the first production-grade agent commerce protocol from major infrastructure providers.
- 2026-05-19 / HACKER NEWSCloudflare Project Glasswing: Mythos Preview Chains Multiple Low-Severity Bugs into Working Exploits AutonomouslyCloudflare published their firsthand experience testing Anthropic's unreleased Mythos Preview model against 50+ of their own repositories as part of Project Glasswing. The model can chain multiple individually low-severity vulnerabilities into working exploit chains, then prove they're real by writing, compiling, and running proof-of-concept code on its own. Launch partners include AWS, Apple, Microsoft, Google, NVIDIA, and JPMorganChase — 350 points, 134 comments on HN.
- 2026-05-18 / TOOLSTip: Cloudflare's MCP Code Mode Compresses Full Toolsets to Two Commands, Cutting Context CostsCloudflare's MCP Server Portals include a 'Code Mode' that reduces complex MCP toolsets to just two meta-commands: search and execute. Instead of sending every tool's full schema to the LLM (which can consume thousands of tokens), Code Mode lets the model search available tools by description, then execute the one it needs. For enterprises running dozens of MCP servers, this can cut per-turn token costs by 60-80% while maintaining full tool access.
- 2026-05-15 / SKILLSCloudflare Ships Production MCP Security Reference Architecture: Access SSO + MCP Server Portals + Gateway DLP Scanning — Enterprise Blueprint for Governing Agent Tool AccessCloudflare published a production-ready reference architecture for securing enterprise MCP workflows, combining three layers: Cloudflare Access for SSO/MFA authentication with device posture signals, MCP Server Portals for centralized tool discovery and fine-grained policy enforcement, and Cloudflare Gateway for detecting unauthorized MCP server usage and applying DLP scanning to MCP traffic. MCP server portals now route traffic through Gateway for HTTP request logging and data loss prevention. This is the first major CDN/security vendor to ship an opinionated enterprise architecture for MCP governance — addressing the 'shadow MCP' problem where employees connect to unvetted tool servers.
- 2026-05-12 / SKILLSCloudflare Dynamic Workflows: MIT-Licensed Durable Execution That Gives Each AI Agent Its Own Stateful Workflow at Near-Zero Idle CostCloudflare shipped Dynamic Workflows in May 2026, an MIT-licensed library extending its durable execution engine so workflow code can differ per tenant, agent, or request at runtime. Built on Dynamic Workers (V8 isolates that boot in milliseconds, 100x faster than containers), it enables platforms to serve millions of unique durable workflows. Each agent gets persistent state via Durable Object Facets — its own SQLite database. This solves the 'one-size-fits-all workflow' problem: per-agent durable state with the isolation guarantees of V8 sandboxing.
- 2026-04-30 / SKILLSCloudflare Code Mode MCP: Two-Tool Pattern Gives Agents an Entire API in 1,000 Tokens — 99.9% Reduction from 1.17M Tokens Across 2,500 EndpointsCloudflare released a Code Mode MCP server that reduces the token footprint of their 2,500+ API endpoints from 1.17M tokens to ~1,000 — a 99.9% reduction. The approach uses just two tools: search() to query the OpenAPI spec by product area without loading it into context, and execute() to run agent-generated JavaScript inside a secure V8 isolate handling pagination and chained calls in a single cycle. The key insight: converting MCP tool definitions into a TypeScript API and asking the LLM to write code against it consistently outperforms sequential tool calling while cutting token usage by 81-99.9%. For builders: apply this pattern to any large API — expose search + execute over your OpenAPI spec instead of one MCP tool per endpoint.
- 2026-04-30 / SKILLSCloudflare Ships Dynamic Workers Open Beta: V8 Isolate-Based Agent Sandboxing 100x Faster Than Containers at $0.002/Worker/DayCloudflare launched Dynamic Workers in open beta — a runtime that lets AI agents execute code in V8 isolates that start in milliseconds and use a few MB of memory, roughly 100x faster to boot and 10-100x more memory efficient than containers. The Dynamic Worker Loader API lets a parent Worker instantiate a sandboxed child Worker with code specified at runtime, running on the same machine (often same thread) as the caller. Pricing: $0.002 per unique Worker loaded per day plus standard CPU/invocation costs — negligible compared to inference costs. JavaScript-first, with Python and WASM support. For builders: if you're running AI-generated code in production, this is the cheapest secure sandbox option available — replace your Docker-based agent execution with isolates.
- 2026-04-30 / NEWSCloudflare Agents Week: AI Agents Can Now Create Accounts, Buy Domains, and Deploy Production AppsCloudflare launched Agents Week on April 30, enabling AI agents to autonomously become Cloudflare customers — creating accounts, starting paid subscriptions, registering domains, and receiving API tokens to deploy code. Built on a new protocol co-designed with Stripe Projects, the system requires human consent for terms of service but eliminates all manual dashboard steps. Alongside this, Cloudflare shipped Sandboxes GA (agents get their own compute), Project Think for next-gen agent architecture, and Code Mode for 1,000-token API access.
- 2026-04-29 / MARKETSCloudflare Open-Sources VibeSDK: One-Click Deployment of Full Vibe Coding Platforms on WorkersCloudflare open-sourced VibeSDK, a framework for deploying complete AI vibe coding platforms with one click on Cloudflare's infrastructure. Users describe what they want in natural language, and the platform generates code, installs dependencies, starts servers, and provides instant preview links — all running in isolated Cloudflare Containers. Apps deploy globally on Workers for Platforms. At 4,988 GitHub stars and trending, this commoditizes the entire vibe coding platform layer — making it free infrastructure rather than a paid SaaS product, directly threatening Replit, Bolt, and Lovable's core business model.
- 2026-04-27 / TOOLSPattern: Enterprise MCP Governance Crystallizes — SSO Gating and Opt-In Defaults Become Table StakesCloudflare's enterprise MCP architecture and IP Fabric's opt-in-by-default MCP server (both April 2026) establish a governance pattern: enterprise MCP deployments gate tool access behind SSO/MFA, enforce DLP rules on tool outputs, require explicit opt-in rather than ambient availability, and centralize discovery through server portals. This mirrors how enterprises adopted REST APIs a decade ago — the protocol is open, but production deployment demands an access control layer.
- 2026-04-27 / TOOLSCloudflare Publishes Enterprise MCP Reference Architecture with SSO, DLP, and Server PortalsCloudflare released a reference architecture for enterprise MCP deployments on April 20, featuring SSO/MFA authentication via Cloudflare Access, DLP rule enforcement, device posture checks, and MCP server portals for centralized discovery and policy administration. The architecture addresses the governance gap that has blocked enterprise MCP adoption — administrators can now expose tools selectively with fine-grained access controls.
- 2026-04-26 / SKILLSCloudflare Enterprise MCP Reference Architecture: Zero Trust for Agent Infrastructure with SSO/MFA via Access, AI Gateway Observability, and Centralized Remote MCP Server DeploymentCloudflare published a full enterprise reference architecture for MCP deployments arguing that locally-deployed MCP servers are a security liability. The architecture mandates remote MCP servers on Cloudflare's developer platform managed by a centralized team, with Cloudflare Access providing enterprise SSO and MFA as MCP authentication. Conditional access uses IP, device certificates, and geolocation. AI Gateway provides observability and cost tracking. MCP Server Portals handle authorization. Combined with Shadow MCP detection and Code Mode, this is the first comprehensive Zero Trust framework specifically designed for agent-to-tool infrastructure.
- 2026-04-26 / SKILLSCloudflare Ships Shadow MCP Detection in Gateway: JSON-RPC Body Inspection Catches Unauthorized MCP Servers Even Without Telltale URIsDuring Agents Week 2026, Cloudflare added rules to Cloudflare Gateway that detect unauthorized remote MCP servers by inspecting JSON-RPC body fields (method values like 'tools/call', 'prompts/get', 'initialize'). DLP-based body inspection catches MCP traffic even when URIs don't contain '/mcp' or '/sse'. Shadow MCP — employees connecting unsanctioned MCP servers to AI tools — is emerging as the 2026 equivalent of shadow AI. The detection pairs with new MCP Server Portals that place Cloudflare Access (SSO + MFA) in front of every authorized MCP server.
- 2026-04-22 / NEWSCloudflare Proposes New Web Accountability Model to Replace Bots-vs-Humans ParadigmCloudflare published a blog post arguing that AI assistants and privacy proxies have broken traditional bot detection, and the web needs a new model for accountability beyond the binary bots-vs-humans framework. The proposal shifts control to the client side and envisions a web where AI agents, privacy tools, and humans coexist under verifiable identity frameworks. For builders deploying AI agents that interact with web services, this signals a fundamental shift in how agent traffic will be governed.
- 2026-04-21 / HACKER NEWSCloudflare Reveals Internal AI Stack: 93% R&D Adoption, 51B Input Tokens/Month, Developer Merge Requests Up 55%Cloudflare published a detailed blog post about their internal AI engineering stack, reporting 3,683 active AI coding tool users (60% company-wide, 93% across R&D), with Workers AI handling 51.47B input tokens and 361M output tokens in the last month. The measurable impact: 4-week rolling average of merge requests climbed from ~5,600/week to over 8,700 — a 55% increase. Kimi K2.5 is deployed on Workers AI internally. For builders evaluating AI tool ROI, these are some of the most specific internal adoption metrics any major infrastructure company has published.
- 2026-04-20 / DISPATCHCloudflare Ships CI-Native AI Code Review at Scale Using OpenCodeCloudflare published how they built an AI code reviewer that runs in CI on every pull request, using OpenCode. The system reviews diffs for security issues, performance regressions, and code quality. This is notable because it's a production-grade implementation from a major tech company, not a startup demo — and it's built on their own AI Gateway infrastructure processing millions of review requests. For teams evaluating AI code review: Cloudflare's approach of CI-native integration (not IDE plugins) may be the more sustainable pattern.
- 2026-04-20 / DISPATCHCloudflare Reveals Internal AI Stack — 241B Tokens Processed, 20M Requests Through AI Gateway, Security Agent Runs 7B Tokens/Day at 77% Less Than ProprietaryCloudflare published a detailed breakdown of their own internal AI engineering stack built on the same products they ship. Key numbers: 241 billion tokens processed total, 20 million requests routed through AI Gateway, 3,683 internal users, and their OpenCode AI Gateway handles 688K requests/day (10.57B tokens/day) across four providers. Most striking: a security agent processing 7B tokens/day on Kimi K2.5 via Workers AI costs 77% less than a mid-tier proprietary model ($2.4M/year savings). This is the most detailed 'dogfooding at scale' report from any cloud provider on AI infrastructure.
- 2026-04-19 / HACKER NEWSCloudflare Shared Dictionaries for the Agentic Web: Agentic Traffic Now 10% of All RequestsCloudflare's Agents Week blog post reveals that agentic actors now represent just under 10% of total requests across its global network, up ~60% year-over-year. To address the cache-busting problem (agents push fixes, bundlers re-chunk, every user re-downloads), Cloudflare is shipping shared dictionary compression that shrinks a 272KB asset from 92KB (gzip) to just 2.6KB by using the previous version as a dictionary. Open beta of Phase 1 passthrough support targets April 30, 2026.
- 2026-04-19 / TOOLSTip: Cloudflare's 2-Tool MCP Pattern — Replace Per-Endpoint Tooling with search() + execute()Cloudflare's Code Mode demonstrates a reusable pattern for MCP server design: instead of defining one tool per API endpoint (which explodes token budgets), expose just search() for discovery and execute() for running generated code against the OpenAPI spec inside a sandbox. The execute() tool handles pagination, conditional logic, and chained calls in a single cycle. Any team exposing large APIs via MCP can adopt this pattern.
- 2026-04-19 / TOOLSCloudflare Code Mode MCP: 99.9% Token Reduction for API-Calling AgentsCloudflare's new Code Mode MCP server replaces per-endpoint tool definitions with just two tools — search() and execute() — backed by a type-aware SDK inside a V8 isolate. This compresses 2,500+ API endpoints from 1.17M tokens to ~1,000 tokens. Enterprise deployments collapsed 52 tools from four MCP servers (9,400 tokens) down to 2 portal tools (600 tokens).
- 2026-04-18 / AGENTSCloudflare Ships Browser Run with WebMCP, Live View, Human-in-the-Loop, and 4x Concurrency for AI AgentsDuring Agents Week (April 15), Cloudflare rebranded Browser Rendering to Browser Run and shipped five major features: Live View for real-time agent observation, Human-in-the-Loop handoff when agents hit edge cases, native Chrome DevTools Protocol exposure, WebMCP support enabling websites to declare agent-callable actions, and session recordings for debugging. Concurrent browser limit quadrupled to 120, positioning Browser Run as dedicated infrastructure for agent-driven web automation.
- 2026-04-18 / DISPATCHCloudflare Launches Agent Readiness Score — Only 4% of Top 200K Websites Support AI Agent StandardsCloudflare introduces an Agent Readiness Score, akin to Google Lighthouse for web performance, that measures how well websites support AI agents. Radar data from 200,000 top websites reveals a massive adoption gap: only 4% have declared AI usage preferences in robots.txt. New tools include isitagentready.com for self-assessment, URL Scanner integration with an 'Agent Readiness' tab, and a Radar dataset tracking agent standard adoption. For builders, this defines the emerging standard for making sites agent-compatible.
- 2026-04-17 / DISPATCHCloudflare Agents Week: Unweight Compresses LLMs 22% Losslessly, Plus Agent Memory, AI Search, Flagship Feature Flags, Email ServiceCloudflare's Agents Week 2026 dropped a dozen infrastructure products for agentic workloads. Unweight achieves 15-22% lossless LLM compression by decompressing weights directly into on-chip shared memory, bypassing slow main memory. Agent Memory gives agents persistent recall. AI Search provides hybrid retrieval with relevance boosting. Flagship is a native feature-flag service using KV and Durable Objects. Email Service enters public beta for agent-to-inbox communication. Workers AI Binding integrates with 14+ model providers.
- 2026-04-17 / HACKER NEWSCloudflare Agents Week: Email Service, Git-Compatible Artifacts, and AI Platform LaunchCloudflare shipped three major agent infrastructure products: Email Service (public beta — agents can send, receive, and process email natively), Artifacts (Git-compatible versioned storage supporting millions of repos and forking), and an AI inference platform designed for agents. Also introduced Project Think, an Agents SDK framework for persistent, multi-step agent tasks. 450pts + 305pts + 202pts across three HN posts.
- 2026-04-16 / DISPATCHCloudflare Project Think — Durable Agentic Platform with Sub-Agents, Sandboxed Execution, npm Resolution, and Headless BrowserCloudflare previewed Project Think, the next-gen Agents SDK for building agents that persist across long-running, multi-step tasks. Architecture includes durable virtual filesystem (Workspace), sandboxed JavaScript execution (Dynamic Worker), runtime npm resolution, headless browser for web automation, and full OS sandbox access. Also launched this week: AI Platform as unified inference layer across 14+ providers, AI Search primitive for agents, and Email Service for agent-initiated communication.
- 2026-04-15 / NEWSCloudflare Launches Mesh: Private Networking for AI Agents at ScaleCloudflare announced Mesh on April 14, a private networking solution that unifies AI agents, humans, and multicloud infrastructure into a single secure fabric. The product gives AI agents authenticated, encrypted connectivity to internal systems without requiring traditional VPN infrastructure, addressing a critical gap as enterprises deploy autonomous agents that need access to private resources. Mesh positions Cloudflare as the networking backbone for agent-era enterprise architecture.
- 2026-04-13 / NEWSCloudflare and Coinbase Ship x402 Agent Payments: HTTP 402 Status Code Finally Gets a JobDuring Agents Week, Cloudflare announced it has shipped a withX402Client wrapper for its Agents SDK, enabling AI agents to pay for resources using the long-dormant HTTP 402 status code. The x402 Foundation, co-founded with Coinbase and hosted by the Linux Foundation, counts Stripe, Shopify, Solana, AWS, Google, Microsoft, Visa, and Mastercard among its founding members. MCP servers can now expose tools to be paid for via x402, enabling fully autonomous agentic commerce without human confirmation for each transaction.
- 2026-04-13 / NEWSCloudflare Launches Agents Week: Container Sandboxes GA, Dynamic Workers, and Agent Security InfrastructureCloudflare kicked off Agents Week on April 13 with major announcements spanning every layer of the agent stack. Container-based sandbox environments for coding agents (git, bash, binary execution) are going GA, while new Dynamic Workers launch in open beta — isolate-based compute that starts in milliseconds with ~100x less memory than containers, enabling millions of concurrent agent instances. The company is also deepening browser rendering for agents interacting with services that don't yet speak MCP, and integrating zero-trust security principles directly into agent execution models.
- 2026-04-13 / DISPATCHCloudflare Launches Agents Week — Full-Stack Infrastructure for the Agentic WebCloudflare kicked off Agents Week with announcements across compute, connectivity, security, identity, economics, and developer experience for AI agents. Key launches include EmDash (full-stack serverless JavaScript CMS on Astro 6.0) and a GoDaddy partnership supporting Agent Name Service (ANS), an open standard for AI agent naming, verification, and discovery using DNS and PKI. Cloudflare frames agents as fundamentally different from traditional apps: one-to-one unique instances serving one user and one task.
- 2026-04-11 / DISPATCHCloudflare Global Network Crosses 500 Tbps External Capacity — Routes 20%+ of the WebCloudflare announced its global network has officially crossed 500 Tbps of external capacity after 16 years of scaling, enough to route more than 20% of the web and absorb the largest DDoS attacks ever recorded. This follows a $3 billion investment in network capacity expansion for 2025-2026. For builders, Cloudflare's infrastructure scale increasingly positions it as the default edge for AI inference workloads alongside traditional CDN and security use cases.
- 2026-04-08 / HACKER NEWSCloudflare Targets 2029 for Full Post-Quantum Security — Accelerated by Oratomic Research on RSA-2048 BreakingCloudflare published a detailed roadmap to full post-quantum security by 2029, accelerated by credible new research from Oratomic demonstrating advances in algorithms and hardware capable of breaking RSA-2048 and elliptic curve cryptography. Milestones: ML-DSA for origin connections by mid-2026, Merkle Tree Certificates by mid-2027, SASE suite by early 2028, and full PQ by default across all services by 2029 — at no additional cost to customers. 334 points and 102 comments on HN.
- 2026-04-04 / SKILLSCloudflare Dynamic Workers Open Beta: V8 Isolate Sandboxing for AI Agent Code Execution, 100x Faster Than ContainersCloudflare released Dynamic Worker Loader into open beta, enabling Workers to spin up other Workers at runtime for AI-generated code execution. V8 isolates start in milliseconds with megabytes of memory — 100x faster and 100x more memory-efficient than containers. Code Mode saves up to 80% in inference tokens by running tool-calling logic as code instead of multi-step LLM calls. Pricing: $0.002 per unique Worker per day (waived during beta). Available to all paid Workers users.
- 2026-03-30 / NEWSCloudflare Opens AI-Powered Client-Side Security to All Users — Cascading GNN + LLM Detection Cuts False Positives 95%Cloudflare announced it is opening its advanced Client-Side Security tools to all plan levels, featuring a cascading AI detection system that combines graph neural networks and large language models. The system has reduced false positives by up to 95% compared to traditional pattern matching. This is significant for any builder running JavaScript-heavy applications — supply chain attacks via compromised third-party scripts have surged in 2026.