Runlayer Joins Anthropic, OpenAI, & Google as AAIF Founding Member ->
Back to blog
Jan 13, 2026
 • 

Runlayer product update - 0.24.0

This update is about momentum: moving faster in the CLI, getting clearer visibility into what’s running, and debugging with less friction. Expect smoother workflows, better control, and fewer surprises as you build and ship.

Highlights

Catalog & Runlayer Deploy Updates

  • New servers added: Braintrust, Gong, Snowflake (with full OAuth support!), Lever, Workday, Salesforce
  • Runlayer Deploy now lets you launch supported servers straight from the Catalog — fewer steps and less copy/paste to get a server running.
  • Clearer deployment status makes it easier to tell when a deployment is finished vs when the server is actually ready after cold starts. Includes a new Trigger Deployment button for manual re-deployments.

MCP Watch: plug into your current MDM to uncover shadow MCP

  • Admins can now see where unmanaged ("shadow") MCP servers are being configured on devices—plus trends over time and where managed alternatives exist.
  • MDM-friendly deployment: a lightweight, self-contained script that keeps itself updates and runs on whatever schedule you define—completing in under 10 seconds.
  • Shadow server discovery is surfaced in Analytics, including discovery trends and "managed available" migration opportunities.
  • Shadow servers are categorized to help you prioritize: new/unknown servers vs "managed available" servers you can migrate to Runlayer-managed alternatives.
  • Click through to see affected users and drill down into audit logs for investigation.

Server metrics: tool call health, usage, and performance

  • A new Metrics tab on server details makes it easier to understand how a server is behaving over time.
  • Track tool call success rate and failures, plus security violations.
  • See which tools are most used, slowest, or most failure-prone—and which clients are driving traffic.

Agents Accounts (Beta): programmatic access for your AI apps

  • Agents Accounts let you register AI applications as first-class clients in Runlayer, so they can authenticate programmatically and call MCP tools through the platform.

Skills: safer authentication and smoother setup

  • Skills now support OAuth authentication, expanding what can be connected safely and reducing setup friction in more environments.
  • OAuth-authenticated Skills enable more secure connections without relying on long-lived secrets.
  • Skills UX continued to improve, including better control over tooling behavior and setup flows.

Full release notes

Platform automation (4)

  • Agents (Beta): Register AI applications as agents to authenticate programmatically (machine-to-machine or on-behalf-of) and call MCP tools through Runlayer.
  • Runlayer self-MCP server: Run Runlayer itself as an MCP server for safe automation and debugging workflows.
  • MCP Catalog API service: Added a dedicated API for serving the catalog to downstream security scanners (API key authenticated).
  • Catalog tool list support: Tool lists are now available alongside catalog data to support static analysis and compatibility checks.

Deploy & operations (8)

  • Deploy servers directly from the Catalog with Runlayer Deploy.
  • Clearer deployment status that distinguishes "deployment complete" from actual server readiness after cold starts.
  • Automatic redaction of sensitive environment variables in deployment logs.
  • Ability to force a new deployment and trigger redeploys more explicitly.
  • Backlinks from Deploy back to the originating Connector to make change tracking easier.
  • Improved deployment performance.

Visibility & auditability (10)

  • Server metrics: Tool call health, usage, and performance charts in the server details Metrics tab.
  • MCP Watch dashboard: See shadow MCP discoveries, "managed available" migration opportunities, and trends over time in Analytics.
  • MCP Watch CLI: A CLI workflow to collect device-side MCP configuration scans.
  • Broader MCP Watch client support: Added support for additional MCP clients (including Goose and Zed).
  • MCP Watch in production: Expanded MCP Watch availability for production environments.
  • Slack notifications improvements: Easier org-wide installs, richer message context (including tool input/output), and better support for common Slack deployment patterns.
  • Request correlation: Added request IDs to audit logs to make investigations and support workflows faster.
  • More readable audit log records: Typed actor/resource fields and compatibility improvements for long-lived deployments.
  • Audit log performance: Routed more read-heavy operations to Aurora read replicas and optimized additional read paths.
  • Better tracing: Added MCP method metadata and tool-call events to improve debugging and performance analysis.

Security & authentication (10)

  • ToolGuard performance: Significant caching and scan optimizations to reduce repeated work and speed up security scanning.
  • Tool list scan caching: Longer cache TTLs to reduce repeated tool list scans at scale.
  • Lower token usage on large toolsets: Token reduction improvements for tool discovery/search flows.
  • PII scanner accuracy: Fixed false positives (including numeric IDs in URLs).
  • Safer proxying: Centralized and hardened sensitive-header stripping for proxied requests.
  • Policy UX improvements: Refreshed policy dialogs and tables for clearer permissions and faster edits.
  • Global policies fixes: More reliable create/edit flows and better group handling in policy assignment.
  • OAuth discovery and validation: Improved discovery behavior across providers, including better fallbacks.
  • OAuth edge-case fixes: Compatibility fixes for PKCE, redirect URIs, and numeric client IDs.
  • OAuth broker improvements: Expanded broker support and more reliable behavior for upstream providers.

Catalog & connectors UX (10)

  • Updated Catalog (Discover) to the latest UI for faster browsing and clearer information density.
  • Updated Connectors pages and Connector details to the latest UI, with improved layout and navigation.
  • Improved authorization request flow (request access, reason capture, and follow-up permission prompts).
  • Persisted search queries and connector filters when navigating between pages.
  • More consistent tools and policies presentation (sorting, layout, and dialog improvements).
  • Improved group management and group-related UX, including fixes and polish for common workflows.
  • Expanded catalog content with new vendors and servers, plus improved metadata and icons.
  • Better support for deploy-based servers inside catalog and registration flows.
  • Improved small-screen behavior and table usability across multiple settings pages.
  • Multiple UI polish fixes across dark mode, headers, spacing, and layout consistency.

CLI & developer workflow (7)

  • CLI login via device flow for easier authentication from constrained environments.
  • Added CLI cache clear command for simpler troubleshooting.
  • Improved CLI scan output for faster investigation and clearer results.
  • Multiple CLI releases with usability and stability improvements.
  • More reliable local development cleanup (e.g., terminating local processes on Ctrl+C).
  • Developer experience improvements in build/check tooling (including mypy integration).
  • Cursor / IDE workflow improvements via hooks and quality-of-life commands.

Security, reliability, and performance improvements

We shipped a set of upgrades aimed at stability at scale and safer day-to-day operations:

  1. Safer deployment logs: sensitive environment variables are now redacted by default in deployment logs.
  2. Faster operations at scale: improvements to reduce load and keep key workflows responsive (including read-heavy areas like audit logs).
  3. Tool security scanner performance: caching and scan optimizations reduce repeated work and speed up scanning.
  4. OAuth edge-case fixes: improved discovery/validation and fixes for tricky provider-specific behaviors.
  5. Bug fixes: addressed false positives in PII scanning (numeric IDs in URLs) and a number of UI polish issues.

Jan 13, 2026
 • 
Read more
Runlayer Joins Anthropic, OpenAI, & Google as AAIF Founding Member
The Linux Foundation has launched the Agentic Artificial Intelligence Foundation (AAIF), with Runlayer joining sponsors Anthropic, OpenAI, Google, AWS, Microsoft. AAIF now oversees the Model Context Protocol (MCP), reinforcing MCP as a rising standard for AI agent integration. Runlayer supports AAIF’s open, secure, and scalable AI development mission.
Dec 9, 2025
 • 
Andy Berman
Your AI agent is probably leaking your data right now
MCP adoption is accelerating across major platforms, but security risks—like malicious servers, prompt injection, and tool-level exploits—are growing just as fast. This post breaks down real attack scenarios that show how easily data can leak when MCP implementations are trusted by default. It also outlines practical defenses for users and builders, plus why companies need audited MCP catalogs, gateway proxies, and sandboxing to stay secure at scale.
Nov 12, 2025
 • 
Vitor Balocco
Runlayer Raises $11M to Scale Enterprise MCP Infrastructure
Nov 17, 2025
 • 
Andy Berman
Why MCP builders are transitioning from DCR to OAuth CIMD
Over the last year, MCP has surged in adoption. To little surprise, this has introduced some scaling issues. One of these is client registration; previously, systems were rigged together by humans. Today, AI agents discover and interface with MCP servers freely, requiring a new paradigm for client communications.
Nov 7, 2025
 • 
Vitor Balocco
What is Dynamic Client Registration?
Tired of manually registering every AI agent with every OAuth server? Dynamic Client Registration (DCR) lets your agents authenticate with MCP servers at runtime, no human clicks required. Learn how DCR works, when to use it over traditional OAuth, and why it's becoming essential for scalable agentic systems.
Nov 6, 2025
 • 
Vitor Balocco
Agents and Work. Connected.

Runlayer makes it easy to create, host, and scale MCP servers across your organization. Local or remote, every server is secure, discoverable, and simple to manage.

Solutions
Company
Resources
© Copyright 2026 Anysource Inc.
SOC 2 Certified
HIPAA Certified
Terms of Service
Privacy Policy