What nearly 10,000 developer environments reveal about agentic development risk

2026-06-23 · Source: Blog RSS Feed | Snyk · Field: Technology & Digital — Artificial Intelligence & Machine Learning, Cybersecurity & Data Privacy, Software Development & Engineering · Depth: Intermediate, medium

Summary

Snyk's recent research, analyzing nearly 10,000 developer environments and early adopter setups, reveals significant security risks introduced by agentic development. The study found widespread AI coding tool sprawl, with 43% of developers running two or more environments and 37% running three or more. Model Context Protocol (MCP) server adoption is also prevalent, with 50.8% of developers having at least one installed; critically, 1 in 7 of these had a security finding, and 1 in 12 had a high or critical finding. Agent skills, which shape agent behavior, were present in 22.8% of environments, introducing another risk layer. The research identified 392 confirmed prompt injection findings in tool descriptions and 98 malicious code patterns in agent skill files, indicating that agentic development creates a new software supply chain layer that traditional AppSec controls are not designed to govern.

Key takeaway

For AppSec teams managing evolving software supply chains, you must expand your security programs beyond code artifacts to include the systems producing them. Inventory AI coding environments, MCP servers, and agent skills to gain visibility into this new attack surface. Define policies for agent configurations and evaluate guardrails for agent actions, integrating these controls into your existing AppSec framework to mitigate pre-commit risks and secure the entire development lifecycle.

Key insights

Agentic development shifts software supply chain risk earlier into developer environments and AI tools.

Principles

• AI tool sprawl complicates governance and visibility.
• MCP servers and agent skills form new supply chain layers.
• Risk emerges pre-commit, within developer environments.

Method

Inventory AI tools, treat agent configurations as supply chain components, extend policy to MCP/skills, evaluate agent action guardrails, and integrate with existing AppSec.

In practice

• Scan for AI coding environments and MCP servers.
• Implement policies for agent tool usage and permissions.
• Validate AI-generated code with existing AppSec tools.

Topics

• Agentic Development
• Software Supply Chain Security
• AI Coding Agents
• MCP Servers
• Prompt Injection
• Application Security

Best for: CTO, VP of Engineering/Data, Director of AI/ML, AI Security Engineer, Security Engineer, MLOps Engineer

Related on AIssential

• The New Security Risks of the Agentic Development Lifecycle — Agentic development shifts security focus from code artifacts to the trustworthiness of the AI system creating them.
• [AINews] Every Lab serious enough about Developers has bought their own Devtools — AI development is converging on agentic coding, multi-agent systems, and enterprise-grade tooling, driven by strategic acquisitions and product innovations.
• Stack Overflow for AI Agents — AI agent development focuses on enhancing context, memory, collaboration, and integration with developer tools.
• Agentic Workflows Have Changed EVERYTHING in 2026 (DEATH Of The Senior Dev?) — Agentic AI workflows have fundamentally reshaped software development by 2026, making traditional coding skills obsolete while elevating engineering principles.
• AI Agents Will Accelerate DevOps Maturity, and it’s Vital Your Security Keeps Pace — AI agents accelerate DevOps maturity through automation but demand robust security measures to mitigate inherent risks.
• Claude Code, A Technical Guide for the Business Executive — Claude Code is transitioning from a developer tool to a secure, full-stack agentic OS, leveraging whole-project context.

Open in AIssential →

Editorial summary, takeaway, and curation by AIssential. Original article published by Blog RSS Feed | Snyk.