Product Updates

Starting February 25, 2026, we are introducing snyk_package_health_check for Snyk Studio. This update brings Secure at inception protection to dependency selection in agentic development workflows, ensuring that AI coding assistants evaluate open-source packages before they enter your project.

As AI coding assistants increasingly select and install dependencies autonomously, security must move earlier in the workflow. This feature enables AI agents to use insights from the Snyk security database to evaluate packages at the moment they are chosen.
This functionality is available in an Experimental profile for several supported ecosystems, including npm, PyPI, Maven, NuGet, and Golang.

New capabilities

• Package health checks across four dimensions: Security, Maintenance, Community, and Popularity.

• Clear guidance outcomes to help manage agent behavior, including Healthy, Review recommended, Not recommended, and Unknown/insufficient data.

• Policy-driven guardrails that allow Organizations to require health checks, pause on risk signals, block unsafe packages, and enforce human approval.

Why this matters

Evaluating package health before installation reduces supply chain risk, which is critical because AI agents can introduce dependencies at scale. Integrating snyk_package_health_check into MCP extends your security policies and governance directly into AI-assisted development.

If you have any questions, please reach out to the Snyk Support team. To learn more about snyk_package_health_check, visit the Snyk documentation.

We have released a new version of our Visual Studio Code IDE plugin. This update addresses minor bug fixes and improvements, including:

• Fix for the automated registration of Snyk’s MCP server when using Snyk’s IDE plugin and Copilot in VSCode

If you have any questions, feel free to reach out to the Snyk support team.

We have released a new CLI hotfix (v1.1301.2) to address a bug when using Snyk with agentic integrations such as Amazon Kiro:

• MCP: Ensure compliance with the model context protocol specification

Release notes can be found here.

If you have any questions, feel free to reach out to the Snyk Support team.

We have released a new CLI hotfix (v1.1301.1) to address bugs and improve the overall user experience:

• Reachability

  • Fixed an issue in test, when using reachability, that caused the fix advice to display incorrectly on certain occasions

  • Resolved a monitor bug with double-dashed arguments when using reachability

• General improvements

  • Improved scanning speed when running test/monitor with reachability

  • Improved SCA scanning through MCP with fewer I/O operations

  • Fixed multiple issues to make Snyk work more smoothly in your code editor

  • Updated dependencies to improve stability and security

Release notes can be found here.

If you have any questions, feel free to reach out to the Snyk Support team.

Following our Early Access launch of Snyk MCP for Agentic Workflows, we are excited to introduce powerful new visibility into how your teams are adopting Snyk in their local and AI-driven development environments.

We are rolling out key new metrics to the Developer IDE and CLI usage report to capture detailed MCP usage. This update will provide deeper insights into developer adoption with three key additions:

• Top-Level MCP Scan Count: A high-level summary of the total number of MCP scans performed by your team.

• Usage Breakdown Chart: A new chart that visualizes the usage split between the Snyk CLI, our various IDE plugins, and Agentic Scans (MCP), helping you clearly see which platforms developers leverage.

• MCP Host Breakdown Chart: To offer more granular insights, a new chart will break down Agentic Scans by the specific host application, such as Windsurf, Cursor, and others.

These new reporting features will allow security teams to demonstrate strong shift-left behavior and identify teams that are successfully adopting Snyk locally as a model for the rest of the organization.

To enable this new level of insight, it is required for users to update to the latest versions of the Snyk CLI (v1.1298.1).

Please reference our documentation for all the details and prerequisites to use the report.