It is almost the end of the year, so this is the last edition of the AI++ newsletter for 2025. But we're going out with a bang, announcing the release of Langflow 1.7. This release upgrades Langflow's MCP transports to use Streamable HTTP, adds more agent options with CUGA and ALTK, and brings a bunch of new components for your flows.

In other news, Anthropic, OpenAI and Block founded the Agentic AI Foundation gifting the community with the MCP, AGENTS.md, and goose projects. Meanwhile OWASP released their top 10 security risks for agentic applications, gifting the community with a bunch of things to worry about. So good news and bad news I guess.

2025 has been an exciting year for building AI-powered applications, I can't wait to see what 2026 will bring. All I know is that AI++ will be there to help keep you up to date.

​Phil Nash​
Developer relations engineer for Langflow​

🛠️ Building with AI, Agents & MCP

​Langflow 1.7 released​

There is a lot to love about the new Langflow 1.7 release: the MCP client and server functionality now supports Streamable HTTP, you can set up authentication for webhook flow triggers, and there are some model-powered flow control components that will level up your flows. Check out the launch video for more on those features.

Also new to Langflow 1.7 is the CUGA agent component. CUGA is a benchmark topping agent built by IBM that reliably supports complex, multi-step tasks. You can read more about using CUGA in Langflow and check out this intro to CUGA on Hugging Face.

The Agentic AI Foundation

The Agentic AI Foundation was co-founded under the Linux Foundation by Anthropic, OpenAI and Block with support from Google, Microsoft, AWS, Cloudflare and Bloomberg. Anthropic donated MCP to the foundation, OpenAI contributed AGENTS.md and Block donated its open source agent goose.

Context Engineering

Context engineering is evolving and Phil Schmid shares the challenges that need to be solved, including context rot, pollution and confusion. Google also wrote up how their ADK has been designed to support the discipline of context engineering.

Agentic security

What do goal hijacking, tool misuse, and unexpected code execution have in common? They are all potential attacks on agentic systems highlighted in OWASP's top 10 for agentic applications for 2026. Take a read and consider all the ways your agents could be compromised.

One interesting paper that came out recently discussed how "semantic leakage" means that seemingly innocent phrases can weigh the probabilities of LLM output towards particular answers. Just because you like yellow doesn't make you a school bus driver.

And in a reminder that old security practices should not be forgotten, one developer reverse-engineered a legal AI tool valued at over a billion dollars.

🧠 New models

• OpenAI released GPT-5.2 and GPT Image 1.5​
• Google sent out Gemini 3 Flash into the world
• Grok released their voice agent API​

🗞️ Other news

• Sam Rose at ngrok wrote up a very in-depth look at prompt caching​
• Skills could become another standardized method of giving capabilities to agents, so check out this deep dive into Claude Skills and observe that OpenAI are also experimenting with Skills in both ChatGPT and Codex CLI​
• ​Can LLMs give us AGI if they are bad at arithmetic?​
• ​Do structured outputs decrease the quality of LLM outputs?​
• This is an interesting look into how to build resumable streaming for LLM responses using Redis
• ​Poor man's continuous learning for a Text2Sql agent

🧑‍💻 Code & Libraries

• MCP Context Forge is an MCP gateway that helps you manage and secure your agent's MCP servers and tools: https://developer.ibm.com/blogs/context-forge-mcp-gateway-now-available/. Subscribe to The Flow podcast, the next episode to be released is with the CTO for ContextForge, Mihai Criveti
• Remend handles partial markdown syntax for parsing a streaming response: https://www.npmjs.com/package/remend​
• Raptor is an automation tool for security and penetration testing built on Claude Code: https://github.com/gadievron/raptor/​
• claude-mem is a Claude Code plugin that captures everything Claude does, compresses it, and injects relevant context when required https://github.com/thedotmack/claude-mem​

🔦 Langflow Spotlight

I've mentioned this in the newsletter already, but there's so much more I can say about the CUGA Agent component. It performs task decomposition, sequences multiple step processes, and has robust error handling. It does this by handing tasks to specialist subagents that make decisions and perform actions without bloating the context. Check out this tutorial in which we build a CUGA agent that uses the file system and two different APIs to automate a fiddly process.