Snyk Unveils Evo ADS to Secure Autonomous AI Coding Agents in Real Time

Snyk introduces Evo Agentic Development Security, a new platform layer that monitors and controls AI coding agents’ tools, actions, and generated code during development.

Editorial Team · Jun 23, 2026 · 2 min read · Source: siliconangle.com

Snyk has released Evo Agentic Development Security (Evo ADS) to address critical security gaps exposed by the rise of autonomous AI coding agents that independently build enterprise software. Unlike traditional tools that only scan finished code, Evo ADS governs AI agents throughout their entire workflow, controlling the external tools they access, their runtime behaviors, and the code they produce.

These AI coding assistants increasingly operate as autonomous agents, interacting with external services and internal systems using Model Context Protocol (MCP) servers, plugins, and third-party integrations. Conventional security solutions lack visibility into these real-time actions or the agents’ connections, leaving enterprises exposed to unseen risks. Snyk’s telemetry from nearly 9,700 developer environments reveals widespread deployment: nearly half of developers run multiple AI coding environments simultaneously, while over half use MCP servers, some running more than 80 at once. Alarmingly, a significant share of these environments register high-severity security findings.

Evo ADS enforces policies across three critical stages. Before agents execute, it vets all MCP servers, skills, and external tools they intend to use. During runtime, it monitors the agents’ actions and applies controls to prevent malicious or risky behavior. Finally, it scans the AI-generated code as it is created, identifying and fixing vulnerabilities instantaneously. This proactive approach aims to close the “blind spot” around AI-driven development, where security inventories and oversight are often lacking or incomplete.

Snyk has documented real-world attack scenarios involving compromised components within the agent toolchain. These include a backdoored LiteLLM library disguised as a security scanner and prompt injection attacks hidden in dependencies consumed by agents. Such threats highlight the need for continuous, in-line security enforcement rather than retrospective code scanning.

Among the early adopters is Relay Network LLC, which employs multiple AI coding assistants like GitHub Copilot, Codex, Windsurf, and is transitioning to Claude Code. Evo ADS complements Snyk’s broader AI Security Platform, which includes Evo AI-SPM for AI asset visibility and Evo Continuous Offensive Security for simulated attack testing. The product’s general availability is scheduled to coincide with the AI Engineer World’s Fair, where Snyk sponsors the first dedicated security track.