How-Tos & Practical Guides

Claude Code 2.1.139 shipped three features that fundamentally change how you use it: the /goal command, Agent View, and persistent background sessions. Together, they transform Claude Code from a coding assistant into an autonomous agent fleet management tool. This guide focuses specifically on /goal — what it does, how to use it, and how to combine it with Agent View for multi-task orchestration. Accuracy note: This guide is based on the confirmed feature set from Claude Code 2.1.139 release coverage and community documentation. For the most current syntax and flag options, refer to the official Claude Code documentation — exact command syntax may evolve across releases. ...

If your organization is deploying AI agents that connect to external tools and services, you’re using MCP servers — and you probably haven’t audited every one of them. This guide walks through using Manifold’s free Manifest platform to assess the security posture of your MCP server stack before production deployment. Manifold expanded Manifest on May 12, 2026 to cover 7,700+ MCP servers from the official MCP Registry. The scoring is free, available now, and provides the starting point for any serious MCP security review. ...

Red Hat’s Summit 2026 announcement introduced AI Skills Repositories as a core part of their agentic AI enterprise strategy. If you’re an enterprise architect, platform engineer, or developer team lead evaluating how to operationalize agentic AI on OpenShift, this guide covers the conceptual model, the design decisions behind the announcement, and what you should be thinking through before your first implementation. ⚠️ Accuracy note: AI Skills Repositories were announced at Red Hat Summit on May 12, 2026. Specific CLI commands, configuration syntax, and exact API details will be available in Red Hat’s official documentation as the product ships. This guide focuses on the design philosophy and implementation considerations. For exact commands and syntax, refer to the Red Hat AI documentation once generally available. ...

Anthropic’s Agent View for Claude Code adds a full TUI (terminal UI) dashboard for managing parallel background agent sessions. Instead of running one coding task at a time and waiting, you can now spawn multiple agents working in parallel — each tackling a different file, feature, or codebase — and monitor them all from a single interface. This guide walks you through the core workflow: spawning background agents, using the Agent View dashboard, and applying best practices for parallel agent development. ...

Mandiant’s M-Trends 2026 report, published today, documented a new credential stealer called QUIETVAULT that specifically targets AI CLI configurations and API tokens — the exact secrets that autonomous agent pipelines depend on. This isn’t theoretical. The attack surface is real, and if you’re running AI agents with stored API keys, you should address this today. This guide covers practical, actionable hardening steps for AI developers and operators running agent stacks like OpenClaw, Anthropic Claude CLI, OpenAI CLI, or similar frameworks. ...

Most AI agents die in production. They work perfectly in a notebook, then crumble under real-world load — hallucinating responses, leaking data, crashing when APIs timeout. According to AI systems practitioner Fareed Khan, 87% of agentic projects fail at the gap between demo and deployment. The solution? Stop building agents and start building agentic systems — with a deliberate, layered architecture that addresses every failure mode before it becomes your 3 AM incident. ...

On May 1, 2026, six national cybersecurity agencies published something that didn’t exist before: a joint playbook specifically for hardening agentic AI systems. The 29-page document, “Careful Adoption of Agentic AI Services”, was produced by CISA, the UK’s NCSC, Canada’s CCCS, Australia’s ASD/ACSC, New Zealand’s NCSC, and Germany’s NCSC. This guide translates the framework’s core recommendations into concrete steps you can take before, during, and after deploying AI agents in a production environment. ...

At RSAC 2026, Cisco VP Matt Caulfield and CrowdStrike CTO Elia Zaitsev presented findings that should alarm any enterprise running AI agents: 50% of AI agent activity is invisible to enterprise security teams. The culprit? A gap in traditional Identity and Access Management (IAM) that was designed for humans, not autonomous software agents. The good news: they also presented a 6-stage maturity model for closing that gap. This guide walks through each stage with a practical readiness checklist. ...

The next supply chain crisis might not come through a compromised npm package or a malicious PyPI module. It might come through a SKILL.md file. Researchers published findings in SecurityWeek on May 7, 2026, backed by Snyk’s ToxicSkills report — a scan of 3,984 AI agent skills from registries including ClawHub and skills.sh. The results: 36.8% of scanned skills had security flaws, and 13.4% were rated critical. Seventy-six confirmed malicious skills were identified. ...

If you’re running AI agents built on popular frameworks like Semantic Kernel, LangChain, AutoGen, or CrewAI, you have new CVEs to address. Microsoft Security researchers published findings on May 7, 2026, revealing how prompt injection in AI agent frameworks can escalate all the way to remote code execution (RCE) — and they named specific vulnerabilities with concrete CVE numbers. This guide covers what was found, what to patch, and how to harden your stack beyond the immediate fixes. ...