Stop Treating Coding Agent Plugins Like Settings: Introducing Agent Plugins Repositories
AI coding agent plugins (for tools like Claude Code, Cursor, and Codex) are executable software running with developer privileges, yet most enterprises distribute them through unmanaged GitHub repos with no versioning, provenance, or audit trails. This creates a textbook supply-chain attack surface: a malicious update to a shared plugin repo can silently execute arbitrary shell commands on every developer machine that syncs. JFrog is introducing Agent Plugins Repositories in Artifactory to bring the same governance controls used for npm packages and Docker images to agent plugins — including signed immutable releases, ACL-based access control, complete audit trails, and single-copy storage. CVE and license scanning is noted as coming soon. For Claude Code, Artifactory acts as a corporate marketplace; for Cursor and Codex, the JFrog CLI handles verified installation.