Molecule AI
Changelog

Changelog

Customer-facing release notes for Molecule AI — current month here, earlier months in the archive.

All notable changes to the Molecule AI platform are documented here. The current month's releases are below; earlier months live in the monthly archive.

2026-06-02

🔒 Security

  • Closed a cross-tenant messaging leak: two unrelated organization-root workspaces could communicate with each other through a bypass path; agents can now only reach peers within their own org. (molecule-core #1961)

🐛 Bug fixes

  • Workspace creation now returns its access token: the POST /workspaces response includes the workspace's first bearer token (auth_token) so newly created managed-runtime workspaces can authenticate immediately. (molecule-core #1669)

🧹 Internal

  • Stabilized the serving end-to-end gate against real provider keys — fixed the Anthropic OAuth and OpenAI test arms and pointed the gate at a dedicated, conflict-free Infisical key folder. (molecule-controlplane #439, #442)
  • Hardened control-plane internals with mechanical safety fixes — context-leak prevention, error checking on response reads/JSON decode, and test env isolation. (molecule-controlplane #436, #437)
  • CI, test-coverage, and docs upkeep: branch-aware force-merge audit, suppression-rationale and tracker renewals, added handler unit coverage, and stale repo-name reference cleanup. (molecule-core #1958, #2114, #1951)

2026-06-01

🔒 Security

  • Hierarchy access-control hardened — root-sibling bypass removed: CanCommunicate no longer treats all root-level workspaces as mutually reachable. Cross-team messaging between unrelated root workspaces is now denied unless an explicit parent/child or shared-parent relationship exists, closing a lateral-reach gap in the A2A authorization model. (molecule-core #1961)

✨ Improvements

  • Google ADK runtime on Vertex AI (keyless): the google-adk runtime now serves Gemini 2.5 Pro on Vertex AI using keyless Application Default Credentials over Workload Identity Federation — no API key on disk. Added as a first-class pluggable runtime alongside the existing nine. (provider registry sync, molecule-core #2103)
  • Provisioning fails loud on runtime/config mismatch: if a workspace names a runtime whose template isn't available at provision time, provisioning now aborts with a clear failure instead of silently seeding a default config — so a misconfigured agent fails visibly rather than appearing online but answering generically.
  • auth_token returned on workspace creation: POST /workspaces now includes the issued auth_token in its 201 response, so clients no longer need a second call to retrieve it. (molecule-core #1669)

🧹 Internal

  • Provider serving-URL fixes (Kimi-coding /v1, Gemini api-key base_url) mirrored from the control-plane SSOT; CI review-check now distinguishes token-provisioning (all-403) failures; stale molecule-monorepo references cleaned up across docs. (molecule-core #2103, #1967, #1951)

Archive

Earlier releases, grouped by month:

Changelog entries are compiled by the Documentation Specialist from all merged pull requests for the day. Times are UTC.

Welcome to Molecule AI

Multi-agent organisations as code — templates, plugins, channels, and the runtime that ties them together.

Changelog — May 2026

Molecule AI release notes for May 2026.

On this page

2026-06-02🔒 Security🐛 Bug fixes🧹 Internal2026-06-01🔒 Security✨ Improvements🧹 InternalArchive