Skip to main content

Inside the Agentic Development Supply Chain

Anonymized telemetry from nearly 10,000 developer environments, plus agent skill analysis across enterprise environments

AI agents are no longer just assisting developers. They are actively building software: pulling in tools, executing actions, and generating production-ready code at machine speed. And they consume a supply chain of their own: MCP servers, skills, and integrations installed directly on developer machines, outside existing security controls.

Just over half of the developers we surveyed already have live MCP server connections, and 1 in 12 has a High or Critical finding in their setup today.

This report quantifies this new attack surface. The data shows measurable security exposure already present in scanned developer environments, before any specific attack has been attempted.

Download the report to explore:

  • The agentic development surface: why 37% of developers run three or more AI coding environments, and what that means for the machines where software now gets built.

  • The MCP supply chain at scale: just over half of the developers scanned (50.8%) already have live MCP server connections: 4,524 unique server configurations across fewer than 10,000 developers.

  • Risk already embedded: 1 in 12 developers with MCP servers has a HIGH or CRITICAL finding today, including confirmed prompt injection in tool descriptions.

  • Skills, the second supply chain layer: developers average 18 installed skills (up to 135 on a single machine), with 28% exposing agents to uncontrolled third-party content and confirmed malicious code patterns in the wild.

This report is based on anonymized telemetry collected and analyzed by Snyk, 2026.

Download now