Agentic Business

DEPLOYMENT INC

OpenAI just turned "Forward Deployed Engineer" into a $10B company

via OpenAI

Palantir spent a decade proving that the real product is the engineer sitting next to the customer. OpenAI just stapled that idea to a frontier model and gave it a balance sheet.

The new OpenAI Deployment Company is a majority-OpenAI joint venture, seeded with more than $4B from TPG, Bain Capital, Brookfield, McKinsey, Capgemini and 14 other backers. To staff it on day one, OpenAI is acquiring Tomoro and folding in roughly 150 Forward Deployed Engineers.

Translation: the people who actually get models into a Fortune 500 are no longer a cost center inside sales. They are a PE-backed services arm, co-owned by the same consultancies that already live inside enterprise IT budgets.

• $10B target valuation, OpenAI keeps majority control.
• Capital from TPG, Bain, Brookfield, McKinsey, Capgemini, plus 14 others.
• Tomoro acquisition brings ~150 FDEs in on day one.

Why it matters: If you build agents for enterprises, your new competition (and possibly your new channel) is a McKinsey partner with an OpenAI badge. Read more.

AGENT AUDIT

Mythos read all of curl and found one real bug

via daniel.haxx.se

Daniel Stenberg has been triaging curl bug reports since before most agents could spell "buffer overflow." So when Anthropic pointed Mythos at his codebase, he was the worst possible grader.

Mythos crawled 178,000 lines of C, flagged five "confirmed" security vulnerabilities, and shipped them over for review. After the curl security team did the work, the verdict landed: "yes, as in singular one." A single low-severity CVE, plus about 20 ancillary bugs that were real but not security issues.

This is the cleanest public number we have on agentic code-audit precision in the wild: top-tier model, famous codebase, adversarial human reviewer, 1-of-5 true-positive rate on the security claims.

• 178,000 lines of curl analyzed in one pass.
• 5 "confirmed" vulnerabilities reported, 1 held up as a real CVE.
• ~20 ancillary, non-security bugs surfaced as a side effect.

Why it matters: If you are wiring agents into a SAST pipeline, the bottleneck is not model capability, it is the human hour-cost of triaging four false positives for every real one. Read more.

SAME-DAY PATCH

OpenAI Agents SDK v0.17.1 closes three classes of prod-breaker

via GitHub

Agents SDK shipped a release, then shipped a patch on the same calendar day. That is usually a tell that something was on fire in production.

v0.17.1 hits almost every subsystem. Sandbox providers now surface errors instead of swallowing them, archive extraction is bounded so a hostile zip cannot blow out your disk, and tracing finally shuts down gracefully instead of dropping spans on exit.

The Realtime side gets the bigger glow-up: max_output_tokens is now exposed, tool-approval scoping is tighter, and the parallel tool-call path no longer duplicates content when two tools fire at once. Session retrieval against MongoDB and Redis is now corruption-resistant.

• Sandbox: archive-extraction limits + visible provider errors.
• Realtime: scoped tool approvals, exposed token caps, fixed tool-call iterator.
• Sessions: corruption-resistant retrieval on MongoDB and Redis.

Why it matters: If you run Agents SDK in prod, this is a no-brainer upgrade: it closes a sandbox safety gap and stops two real, observable failure modes in Realtime. Read more.

CLOUD CHANNELS

Anthropic gives AWS shops a direct lane that is not Bedrock

via GitHub

For two years, "Claude on AWS" effectively meant "Claude through Bedrock." That changed quietly in a Python SDK release note.

anthropic-sdk-python v0.101.0 introduces a first-class AWS client for Claude Platform on AWS, a native access path that sits alongside (not inside) the Bedrock integration.

It is a small surface change with a big procurement implication: Anthropic is hardening its enterprise AWS story without making Bedrock the only door.

• New AWS client distinct from the Bedrock route.
• Vendor-supported, first-class SDK surface.
• Cleaner upgrade path for teams standardized on AWS.

Why it matters: Fewer abstraction layers between your agent and the model, and one less reason to argue with your AWS rep about which catalog SKU to expense. Read more.

ADS ARRIVE

ChatGPT becomes an ad surface

The most-used consumer LLM is no longer a pure subscription product. OpenAI confirmed it has started testing ads inside ChatGPT, with formats, objectives, and ranking rules "evolving over time."

The detail is thin on purpose. The structural shift is not: there is now an ad auction sitting somewhere between the user prompt and the model response, and every custom GPT, GPT Store listing, and Apps SDK integration is going to live next to it.

The economics of being a third-party agent on ChatGPT just got more complicated, in the same way the economics of being a third-party app on Google did around 2009.

• Ads now in active testing inside ChatGPT.
• Formats, objectives, and capabilities still TBD.
• No public eligibility or attribution rules yet for third-party agents.

Why it matters: If your distribution plan was "ship a GPT and let ChatGPT route users," you now have a second variable to model: ad ranking. Read more.