Skip to main content
January 30, 2026

Summary

This release introduces centralized agent governance, secure execution controls, and agent traceability across the Poolside platform. Organizations can now manage agents consistently through a dedicated console, restrict access to tools and environments using role-based controls, and audit agent behavior with detailed execution traces. The release also expands platform support and improves deployment and operational visibility.

New features

Poolside Console

  • Centralized agent management
    The Poolside Console provides a single place to create, configure, and manage agents across teams, enabling consistent behavior and governance at enterprise scale. For more information, see Poolside Console.
  • Configurable agent behavior
    Administrators can extend agent behavior by defining additional instructions, controlling which tools and knowledge sources agents can use, and setting execution limits to constrain agent activity. For more information, see Agents.
  • MCP servers
    Centralized configuration of MCP servers controls how agents and IDE workflows interact with external tools and services. This reduces ungoverned access to enterprise resources while still supporting flexible integrations and development workflows. For more information, see MCP servers.
  • Role-based access control (RBAC)
    Fine-grained permissions control who can create, use, and manage agents. Permissions are enforced at runtime to ensure least-privilege access. For more information, see Organization.
  • Agent traceability and auditing
    Detailed execution views make it easier to understand how agents behave, including which steps were performed, how tools were used, and where errors occurred. Usage metrics provide visibility into inference time and token consumption. For more information, see Agent auditing and trajectories.

Poolside Assistant (IDE)

  • Agent-first default interaction
    Poolside Assistant now defaults to agent mode. Users can continue to interact conversationally, while agent execution capabilities are available without switching modes.
  • Expanded command access
    The existing command menu has been expanded and surfaced more prominently, making common actions easier to discover and use directly.     Available actions include starting new conversations, switching agents, configuring approvals, selecting sandboxes (beta), and accessing debugging tools.
  • MCP support in the IDE
    MCP servers configured centrally can be selected and used within the IDE, allowing agents and interactive sessions to access external tools and services under the same governance controls.
  • Configurable command auto-approval
    Users can define allow patterns for command execution, reducing manual approvals for trusted workflows such as common Git or package manager commands.

Poolside Web Assistant

  • Custom system prompt in Settings
    The Poolside Web Assistant Settings page now includes a custom system prompt field, allowing users to adjust the assistant’s behavior directly from the web UI.

Poolside Agent CLI

  • Cross-platform CLI runtime
    The pool CLI now uses a native, platform-independent runtime, ensuring consistent behavior across operating systems.
  • Configurable command auto-approval
    Users can define allow patterns for command execution, reducing manual approvals for trusted workflows such as common Git or package manager commands.
  • Improved direct execution from the terminal
    The CLI is optimized for running multi-step agent workflows directly from the terminal, improving reliability for longer or more complex sessions.

Platform and infrastructure

  • RHEL support
    Poolside now runs natively on Red Hat Enterprise Linux, supporting organizations with standardized RHEL environments and security requirements.
  • Improved packaging and distribution
    Deployment bundles have been streamlined to reduce installation friction and speed up time-to-value for new deployments.
  • Operational metrics export
    Inference-level metrics can be exported to Grafana and VictoriaMetrics, enabling deeper insight into performance and resource usage.
  • Documentation improvements
    User documentation has been significantly updated to improve clarity, structure, and completeness.

Beta features

The following features are available in beta and may change before general availability.
  • Knowledge bases
    Agents can reference read-only knowledge sources backed by Git or Amazon S3, enabling retrieval of contextual information through indexed full-text search. For more information, see Knowledge bases.
  • Execution environments (sandboxes)
    Agents can run in isolated, disposable container environments that separate execution from the host system while maintaining access to developer workspaces. For more information, see Sandboxes.
  • Agent Client Protocol (ACP)
    Agent Client Protocol (ACP) enables Poolside agents to be used from ACP-compatible editors such as JetBrains, Zed, Neovim, and other supported tools. Editors connect to Poolside through the pool acp command to send prompts, receive responses, and run agent-assisted workflows directly within the development environment. For more information, see Agent Client Protocol (ACP).
  • OpenShift deployment
    Poolside can be deployed directly onto OpenShift clusters, supporting customers with existing Red Hat container orchestration investments.
  • Independent inference endpoints
    Support for running agents against independent inference endpoints, tested with Lite vLLM for specialized deployment scenarios.

Known issues

Models

  • Instruction-following limitations in Malibu 2.2
    Malibu 2.2 improves instruction following compared to 2.1, but may still struggle with complex or layered custom system prompts compared to other models. Workaround: Refer directly to critical instructions in the user prompt.
  • Potential tool-call looping in long sessions
    Malibu 2.2 may enter a looping state where the same tool call is repeated. This has been observed more frequently with long custom instruction sets, large numbers of MCP tools, or extended sessions.
    Mitigation: Guardrails are in place to detect some looping patterns and interrupt execution with a warning.

Poolside Console

  • Multiple open Poolside Console tabs may cause authorization issues
    Opening the Poolside Console in multiple browser tabs simultaneously may result in authorization errors.
    Workaround: Use a single tab when working in the Poolside Console.
  • Trajectories cannot be downloaded directly
    There is currently no direct way to download a trajectory file from the Poolside Console.
    Workaround: Use /debug in Poolside Assistant.
  • Editing individual MCP tool selections for an agent does not apply
    Changing the selected tools for an MCP server that is already associated with an agent may appear to succeed, but the changes are not applied and can revert after a refresh.
    Workaround: Disable all tools for the MCP server on the agent, save the agent, then re-enable the desired tools for the MCP server on the agent and save again.

Poolside Assistant (IDE)

  • MCP servers cannot be selectively disabled per agent
    When enabled for an agent, MCP servers cannot be individually deselected from Poolside Assistant.
  • Apply Changes may fail after multiple edits in sandboxed sessions (beta)
    In some cases, applying changes from a read-only sandbox may fail after follow-up edits in the same conversation.
    Workaround: Apply changes at the end of a conversation before starting a new one.
  • Local sandbox execution cannot be strictly enforced (beta)
    It is not possible to restrict an agent to run exclusively with local sandboxing enabled. Users can still run the agent without sandboxing.
  • Binary files may appear in diffs in sandboxed sessions (beta)
    Binary files created in read-only mode may be incorrectly rendered or included in line-count diffs during change review.
    Workaround: Ask the agent to remove built binaries before using Apply Changes, or add them to .gitignore.
  • Limited tooling in default sandbox images (beta)
    The bundled default images provide a minimal toolset and may not include commonly expected development tools.
  • Private container registries require pre-authentication (beta)
    Poolside Assistant cannot negotiate container registry authentication. Runtimes must already be authenticated to pull from private registries.
  • Sandbox state is not preserved (beta)
    Sandbox state is lost when switching conversations or restarting Poolside Assistant.
  • Incorrect approval labeling in sandbox mode (beta)
    Some tool approvals in sandbox mode may be incorrectly labeled as user-enabled unsafe auto-allow.
  • Remote-only agents appear in the agent picker
    Agents without a local execution environment may still appear in the agent selector in Poolside Assistant, even though they cannot be run from Poolside Assistant.
    Workaround: Assign specific agents to roles rather than assigning all agents to roles.
  • Knowledge bases cannot be selectively disabled per agent (beta)
    When enabled for an agent, knowledge bases cannot be individually deselected from Poolside Assistant.

Platform

  • Trajectory storage growth
    All execution trajectories are stored in the database, which can lead to rapid database growth over time.
    Workaround: A pruning script is available for administrators to manage storage usage.

Component versions

ComponentVersion
Poolside Assistant for VS Codev2.23.27
Poolside Assistant for Visual Studiov1.2.6
Splash CLIv0.4.7
Poolside Agent CLI (pool)v0.2.144