Changelog

Runtime evidence now covers Tool Gateway-mediated cited web search, public GitHub repository read workflows, and Google Workspace Sheets review with redacted metadata.

Agents are more useful when they can inspect current sources, repositories, and business context. Keeping that work behind Tool Gateway lets AgentNexus apply authorization, entitlement, scope checks, redaction, and audit evidence before a runtime receives the result.

Use cited web search when the answer needs source links that users can inspect.

AgentNexus clarified the Channel Publish webhook pilot, Managed Browser approval-gated pilot, and Developer Mode diagnostic request path.

High-impact agent capabilities should be easy to evaluate without making every powerful action available by default. The baseline keeps routine read workflows fast while routing browser, shell, publishing, scheduled, and memory-backed work through explicit control points.

Use default read capabilities for cited search, public repository context, and approved Google Workspace review.

AgentNexus added approval states for organizations and users, plus a request-access path for new private beta applicants.

Invite-first launches need a clean boundary between public marketing pages and production actions such as agent creation, billing checkout, managed deploys, sandbox jobs, runtime tool calls, and approved workspace actions.

Existing approved workspaces continue using the product normally. New users can request access through the gate page or use an issued invite before entering the dashboard.

AgentNexus added a signed Worker-to-Cloud-Run dispatcher path for ephemeral sandbox jobs. The Worker can now use a dispatcher URL and HMAC secret instead of a Google access token or service account JSON.

This keeps sandbox execution aligned with Google Cloud organization policies that prohibit service account key creation and reduces the blast radius of Worker configuration.

Deploy the dispatcher service, grant it permission to run only the approved sandbox job, then configure the Worker with `GCP_SANDBOX_DISPATCHER_URL` and `GCP_SANDBOX_DISPATCHER_SECRET`.

Public pages now define self-canonical metadata instead of inheriting the homepage canonical. The docs, changelog, research, about, privacy, terms, and status pages also expose page-specific Open Graph and Twitter metadata.

Canonical URLs, social previews, and structured data help crawlers and sharing surfaces understand which page they are seeing, what it describes, and how it relates to the rest of the public resource library.

Share resource pages directly instead of relying on homepage previews.

AgentNexus added server-side approval actions for Calendar, Sheets, and Drive writes, plus a more conservative Gmail send path for enterprise review. Google Workspace read actions remain the default GA surface.

Business workflow automation often needs calendar, spreadsheet, file, or email actions. Separating read actions from approval-based writes lets teams review sensitive work without exposing provider credentials to agent runtimes.

Use Google Workspace read actions for GA search and review workflows.

When the Tool Gateway produces a complete cited web search answer or Google Calendar read result, the chat route can return that answer directly without waiting for an external model pass.

Tool-backed answers are often already structured, cited, and ready for the user. Returning them directly reduces avoidable latency and keeps transient model capacity issues from blocking supported tool workflows.

Use cited web search for source-backed public web questions.

Agent chat now classifies provider capacity and overload errors as retryable provider availability events. The API returns a structured capacity code, and the dashboard explains that the issue is transient and not a deployment failure.

Model providers can occasionally run out of serving capacity. Clear classification keeps teams from debugging healthy deployments when the right action is to retry or select a fallback model.

Retry the chat request after a short wait when a provider-capacity message appears.

Pricing and support copy now separate GA capabilities from beta and enterprise capabilities. GA defaults include cited web search, public GitHub repository import, Google Workspace OAuth read actions, and AgentC Runtime/Hermes managed runtimes without raw shell or browser access.

Hosted cloud agents are more valuable when they can use search, repositories, business files, and managed runtimes. Those same powers need clear boundaries so customers know what is available by default and what requires approval.

Use the updated pricing cards when comparing Starter, Advanced, and Enterprise.

The Runtime lifecycle card now keeps the high-level AgentNexus deployment status while adding a health proof block with health path, last check, config hash, image reference, and full instance URL copy.

Operators previously had to infer whether an active cloud badge meant health actually passed, which URL to copy, and where to look next. The workspace now exposes non-sensitive runtime proof and maps common deployment questions to the right inspection destination.

Use Runtime chat for a quick smoke test after a deployment turns active.

Privacy choices now keep optional product analytics off until a user opts in, and browser DNT or Global Privacy Control signals keep analytics capture disabled.

Privacy review depends on product behavior, not only policy copy. These controls make consent, data portability, deletion intake, and retained-record boundaries visible before enterprise review.

Use Privacy choices on the privacy page or dashboard settings to manage optional analytics.

The landing navigation no longer shows Docs as both a top-level item and a Resources item. Resources remains the public entry point for Docs, Research, Changelog, and About.

A public docs portal should help buyers and builders find the right next step quickly. The new structure reduces navigation ambiguity and makes setup, testing, and launch guidance easier to scan.

Use the Quickstart when creating a first governed agent.