March 13, 2026

MCP Weekly: Microsoft Picks Claude, OpenAI Productizes Security, Meta Bets on Agent Networks

Security, orchestration, and model-agnostic execution were key developments this week

This issue of MCP Weekly covers March 6th to March 13 and showcases enterprise platform launches, major security investments, infrastructure upgrades, and new agent tooling across the ecosystem.

TL;DR

Microsoft launched Wave 3 of Microsoft 365 Copilot, embedding Claude into Office apps and introducing a new M365 E7 tier enterprise suite. Meta acquired Moltbook, an agent-to-agent communication platform, folding it into Superintelligence Labs. OpenAI launched Codex Security and acquired Promptfoo to make agentic security a core product requirement inside Frontier. NVIDIA released Nemotron 3 Super, an open 120B parameter model built for multi-agent cost efficiency.

On the Anthropic side, Claude Code Review launched in research preview, Claude now builds inline visuals, and Excel and PowerPoint integrations were significantly upgraded. Anthropic also launched a $100M Claude Partner Network and a new research body, The Anthropic Institute. Infrastructure updates came from AWS Bedrock AgentCore with stateful MCP support and Datadog's MCP Server reaching general availability. Legora raised $550M for legal AI, JetBrains launched Air, and Zoom unveiled its Agentic AI 3.0 platform.

Major Updates of the Week

Microsoft: Copilot Cowork, Wave 3, Agent 365, and the M365 E7 Tier

Microsoft launched Wave 3 of Microsoft 365 Copilot, moving it from a single-shot assistant into embedded agents inside Word, Excel, and PowerPoint. The centerpiece is Copilot Cowork, powered by Anthropic's Claude, handling long-running tasks across multiple apps in one session. Microsoft also introduced Agent 365, a control panel for IT teams to monitor and govern every AI agent inside their organization. Everything is packaged into Microsoft 365 E7, launching May 1, 2026. Microsoft now selects between Claude and its own models automatically based on which performs better for the task. This effectively abstracts the model layer away from the end user.

Meta Acquires Moltbook

Meta acquired Moltbook, an AI agent communication platform using the OpenClaw wrapper across Slack and iMessage. The founders joined Meta's Superintelligence Labs. Meta values Moltbook's agent directory model for persistent identity and structured agent-to-agent communication. However, pre-acquisition security flaws, including exposed credentials allowing agent impersonation, highlight new enterprise security risks from agent-to-agent networks that standard tools can't handle.

Anthropic Updates

Product	Key Action	Significance
Claude Code Review	Multi-agent PR review in research preview for Team and Enterprise plans. Increased substantive PR comments from 16% to 54% with a 99%+ human agreement rate. Priced at $15 to $25 per review.	Addresses the bottleneck of manual code review as AI-assisted coding accelerates output. Agents flag and rank issues but humans retain final approval.
The Anthropic Institute	New research body under co-founder Jack Clark focused on societal and governance challenges of frontier AI. A Washington D.C. office opens Spring 2026.	Positions Anthropic as the primary transparent link between frontier AI development and public policy, treating AI-driven disruption as imminent rather than theoretical.
Claude Builds Visuals	New beta allows Claude to generate interactive charts and diagrams directly in chat across all plan types. Visuals update in real time as the conversation moves forward.	Moves Claude from a text assistant toward a real-time data analyst without requiring a separate tool or export step.
Claude Excel and PowerPoint Updates	Claude now shares context across multiple open files in one session. New repeatable Skills save complex workflows as one-click automations. Financial Analysis plugin covers DCF modeling and LBO templates. Now available via Amazon Bedrock, Vertex AI, and Microsoft Foundry.	Breaks the silo between spreadsheets and presentations, directly targeting finance and consulting teams where data transcription errors are a daily cost.

OpenAI: Security Becomes a Product

OpenAI is repositioning security from a developer concern to a first-class product surface inside agent workflows. Codex Security launched as an agentic application security tool that builds project-specific threat models, tests findings in sandboxed environments, and filters low-impact noise. During private beta it cut false positives by over 50% and found critical vulnerabilities in Chromium, PHP, and OpenSSH.

OpenAI also acquired Promptfoo, an AI red-teaming platform used by over 25% of Fortune 500 companies, integrating it directly into Frontier. The open-source version continues to be maintained.

Product	Key Action	Significance
Responses API and Native Computer Env	Adds a hosted Unix shell, container workspace, native compaction for long sessions, and a secure egress proxy. Introduces an Agent Skills format for reusable logic.	Moves OpenAI from stateless models to stateful agents with managed infrastructure, reducing the engineering burden of building secure execution environments.
Prompt Injection Defense and Safe Url	New Safe Url mechanism detects and blocks attempts to send conversation data to unauthorized external endpoints.	Shifts security posture from filtering inputs to containing outputs. More reliable for agents that browse the web or process external emails.

Infrastructure: MCP Becomes Stateful and Observable

AWS Bedrock AgentCore Runtime: Stateful MCP Support

Amazon Bedrock updated its AgentCore Runtime to support stateful MCP server features including elicitation, client-side sampling, and real-time progress notifications. Each session runs in its own isolated microVM across 14 AWS regions. Agents can now ask for missing information mid-task rather than failing silently.

Datadog MCP Server: Observability Meets Agents

Datadog launched general availability of its MCP Server, feeding live metrics, logs, and traces directly into agents including Claude Code, Cursor, and GitHub Copilot. An agent fixing a bug can now check whether the fix improved production performance without leaving the IDE. All access stays within the organization's existing security controls.

Other Updates

Vendor / Product	Key Action	Significance
NVIDIA Nemotron 3 Super	Launched a 120B parameter open hybrid model activating only 12B parameters during inference. Supports a 1 million token context window. Open weights and training recipes released.	Addresses the cost and latency barrier for multi-agent systems. Enterprises can run long-horizon workflows without the compute cost of full frontier models.
Anthropic Claude Partner Network	Launched a $100 million initiative with certified partners, a Claude Certified Architect credential, a Code Modernization Kit, and direct access to Anthropic engineers on live customer deals.	Signals the main barrier to enterprise adoption is now implementation, not model capability. Partners become the go-to-market layer for regulated industries.
Google Gemini CLI v0.33.1	Added full authentication for agent-to-agent communication, upgraded Plan Mode with background research subagents, and automated truncation of large MCP tool outputs.	Directly improves MCP reliability in developer workflows and addresses context overflow in large-scale agent pipelines.
JetBrains Air	Public preview of an agentic development environment supporting concurrent agents including Codex, Claude, and Gemini. Uses Docker and Git worktrees for sandboxing. Built on the Agent Client Protocol.	Gives enterprise development teams a professional environment for running multiple agents in parallel without risking the main codebase.
Zoom Enterprise Agentic AI 3.0	Launched custom no-code agents, cross-system orchestration into Salesforce and ServiceNow, AI-native document canvases, and real-time deepfake detection during meetings.	Repositions Zoom from a communication tool to an execution layer. Deepfake detection addresses a growing security concern as synthetic media becomes easier to produce.
Legora raises $550M Series D	Legal AI platform raises $550 million at a $5.55 billion valuation, backed by Accel, Salesforce Ventures, and Benchmark. Plans to triple its U.S. workforce.	The legal sector, historically slow to adopt new technology, is now attracting major AI funding rounds. Signals agentic AI entering mission-critical professional services.

‍

My Thoughts: Execution is now the control layer

Microsoft dynamically routing between Claude and its own models inside Office signals a structural shift in where value sits. When model selection becomes automatic and performance-driven, the system making those decisions becomes the strategic layer.

That shift pushes enterprises toward model-agnostic architectures. Flexibility in model choice turns into a baseline expectation, and the focus moves to how agents are orchestrated, monitored, and governed across workflows.

At the same time, OpenAI’s investment in Codex Security and Safe URL reflects a deeper change in how agents are treated. These systems are increasingly acting on real infrastructure, which raises the stakes from generating responses to executing actions. Security, in that context, becomes tightly coupled with runtime behavior, not just input validation.

Meta’s acquisition of Moltbook extends this trajectory into agent-to-agent communication. Persistent identity and structured interaction between agents introduce new coordination capabilities, along with new operational and security considerations. The earlier credential exposure issues highlight how quickly risk surfaces expand in these environments.

Across all of this, a consistent pattern is emerging. As agents become more capable and embedded into enterprise systems, reliability, observability, and governance define whether they deliver value at scale. The teams that build strong control over execution will be the ones that move fastest with confidence.

‍

Om Shree

Technical Evangelist

About Om Shree

Om Shree is a researcher, technical writer, and AI evangelist who focuses on making complex AI and agent workflows easier to understand. Om's passion is breaking down emerging technologies into clear, practical insights. He's excited to provide useful in-depth research that supports product planning and helps developers navigate new tools and systems with ease.

Customized Plans for Real Enterprise Needs

Gentoro makes it easier to operationalize AI across your enterprise. Get in touch to explore deployment options, scale requirements, and the right pricing model for your team.

Get in Touch