How Can JFrog Enhance AI Software Security?

On June 10, 2026, JFrog announced the launch of the JFrog Platform plugin for Claude Code, in collaboration with Anthropic. The plugin essentially acts as a protective, corporate "trust layer" for Anthropic’s AI coding assistant.

The company called the new plugin an important milestone in bringing enterprise-grade software supply chain governance to one of the fastest-growing AI coding agent platforms in the world.

The new plugin aims to keep AI agents in check, by letting developers scan and secure every software artifact and dependency the AI touches. It extends Claude Code with domain-specific JFrog Platform Skills that allow developers and agents to execute platform operations using natural language. The new plugin is also combined with the recently announced JFrog MCP Registry and JFrog Agent Skills Registry, the company added.

“AI-enabled innovation cannot come at the expense of security or compliance. Enterprises need a universal system of record with real-time control and visibility into the decisions these agents make, that’s what this integration enables,” said Yoav Landman, Co-Founder and CTO of JFrog.

The central tracking system

According to the company, the new plugin is expected to deliver instant security checks, safe AI skills, automated DevOps and easy tracking. By integrating directly into the developer's workflow, the plugin automatically scans and secures every software package and AI model the agent uses in real time, stopping malicious code and data leaks before they reach production.

Additionally, it automates tedious DevOps chores to save developers time while maintaining a crystal-clear paper trail for fast, stress-free security audits, the company said.

The company also said that instead of securing just one tool at a time, the JFrog Platform offers three universal connectivity layers that let companies safely use any AI coding assistant they choose, which are JFrog Platform Skills, JFrog MCP Tools and Additional Agent-Native Plugins Support.

According to the company, these layers together make JFrog the central tracking system for all AI tools, ensuring that security rules, tracking data, and compliance guidelines follow the developer everywhere, no matter which AI assistant they choose to use.

Anthropic said that as AI agents get smarter, they create new security risks, and as these vulnerabilities affect everyone, the tech industry must work together to build specialized security standards, share threat information, and co-test defenses.

Landman added that AI agents are actively building and deploying software, but they are doing it "blind" to corporate security rules. Because these tools don't understand the software supply chain, they frequently pull in dangerous vulnerabilities, malicious packages, or unapproved AI models, leaving companies wide open to cyberattacks.