Agent stacks, guardrails, and model exits #51

TaeyoungPark

3 min read
Agent stacks, guardrails, and model exits #51

Today's Letter

  1. Vercel, Agent Stack for production AI apps
  2. Amazon Bedrock, InvokeGuardrailChecks API introduced
  3. GitHub Models closed to new customers
  4. Cloudflare, One Stack for Zero Trust agents

Vercel, Agent Stack for production AI apps

  • Vercel introduced the Agent Stack, a product bundle for building and shipping production-grade agents across model access, workflow execution, and system integration
  • The stack combines AI SDK for model access, AI Gateway for multi-provider routing, Workflow SDK for durable runs, and Vercel Sandbox for isolated code execution
  • AI SDK exposes a single interface for model calls across text, image, speech, and video generation, with model switching handled by changing the model string rather than app code
  • AI Gateway routes requests across hundreds of models through one endpoint, adds provider failover, and tracks usage and cost while keeping provider pricing unchanged and allowing user-supplied keys
  • Workflow SDK checkpoints each job step, persists state, retries failed steps, and resumes from the last successful point instead of restarting the full run
  • Vercel Sandbox gives each agent an isolated microVM with its own Linux kernel, filesystem, and Docker support for running unreviewed code away from the host system
  • Vercel said credentials are injected only when agent code calls a service, reducing direct exposure of raw tokens inside the execution environment
  • The post also positioned Vercel Connect as the data and tool access layer, providing scoped short-lived access to external systems used by an agent

Source: vercel.com

Amazon Bedrock, InvokeGuardrailChecks API introduced

Amazon Bedrock, InvokeGuardrailChecks API introduced
  • AWS announced the InvokeGuardrailChecks API for Amazon Bedrock Guardrails on June 16, 2026, aimed at multi-turn agentic AI workflows.
  • The API applies individual safety checks at any step in an agent loop without creating separate guardrail resources.
  • It runs in detect-only mode and returns numeric scores, letting applications set custom thresholds for block, bypass, retry, or audit actions.
  • Supported checks include content filters, prompt attack detection, and sensitive information filters covering 31 PII entity types.
  • Prompt attack detection is exposed as a standalone check, separate from content filters, with category-level control for jailbreak, prompt injection, and prompt leakage.
  • The request and response are symmetric: only the safeguards requested, such as contentFilter or sensitiveInformation, are returned in results.
  • AWS positions the API as a way to reduce create-invoke-delete lifecycle overhead when agents run through 10, 20, or more turns with different risk profiles.
  • Score outputs use a 0–1 scale, allowing developers to enforce context-specific policies instead of relying on built-in blocking or rewriting.

Source: aws.amazon.com

GitHub Models closed to new customers

  • GitHub said GitHub Models is being retired, and new customers can no longer start using the service as of June 16, 2026.
  • Organizations and enterprises with no prior GitHub Models usage no longer see the product on either free or paid plans.
  • Existing customers with active usage are not affected by this step and can continue using the playground, API, and model access for now.
  • GitHub said more details and retirement timelines will be shared later as the service moves toward full shutdown.
  • For new projects that need model access, GitHub pointed users to Azure AI Foundry as an alternative with a broader model catalog.
  • The change was published through the official GitHub Changelog, which labels the update as a retired product notice.

Source: github.blog

Cloudflare, One Stack for Zero Trust agents

  • Cloudflare released the Cloudflare One stack on 2026-06-17 as an agent-focused toolkit for configuring, deploying, and managing Cloudflare One environments.
  • The stack ships as two skill files, `cloudflare-one` and `cloudflare-one-migration`, covering deployment, migration, operations, and troubleshooting.
  • Supported areas include Cloudflare Access for remote access, Gateway for user and device security, and Tunnel, Mesh, and WAN for connectivity.
  • The migration skill includes vendor mapping and workflow guidance for moves from legacy SASE platforms including Zscaler and Palo Alto Networks.
  • With the Cloudflare code mode MCP server, agents get a typed interface to the Cloudflare API for account inspection, configuration review, and controlled changes.
  • Cloudflare said the stack packages knowledge built from work with thousands of customers and tens of thousands of hours of deployment experience.

Source: blog.cloudflare.com

Jocoletter curates AI, software, and product trends for developers and builders.

#AWS #Cloudflare #GitHub #Vercel

Subscribe to Jocoletter

Read more