Tokens under management billing, risk exclusions for false positives, and assistants that respond instantly
Enterprise organizations can now track token consumption against their contracted allowance with a 12-cycle usage history, false-positive risk findings can be suppressed with scoped exclusions, and assistants boot their runtime at creation time and upgrade while idle — so the first message and every message after a deploy stop paying a cold-start wait.
Features
Tokens under management billing for enterprise orgs#3352 - The billing page now shows enterprise organizations their token consumption for the active billing cycle against the contracted monthly allowance, with a usage-history bar chart covering the trailing 12 billing cycles at day or cycle granularity. Usage is computed from a durable per-chat daily aggregate retained for 2 years, so historical cycles stay accurate, and platform admins can set the contracted limit and billing cycle anchor. (Author: @chase-crumbaugh )
Suppress false-positive risk findings with exclusions#3253 - Exclude findings by exact value, regex, rule ID, source, or entity type, scoped per-policy or globally. Exclusions apply to new scans immediately and retroactively flag existing findings, and removing an exclusion restores them — all manageable via the new
Assistants respond from the first message#3364 - Assistants now boot their runtime as soon as they're created, so the first message no longer pays the cold-start wait. (Author: @danielkov )
No upgrade tax after deploys#3375 - Assistant runtime VMs roll onto new runtime images right after a deploy, while they sit idle, so your next conversation turn doesn't pay the image upgrade cost. (Author: @danielkov )
Long-running assistants stay fast#3229 - Scheduled assistants summarize their conversation history after every run, and interactive threads compact earlier, so long-lived schedules and conversations no longer slow down or risk hitting model limits. (Author: @danielkov )
Unified Tools insights#3369 - Tools insights now cover hosted MCP servers, shadow MCP servers, local tools, and skills in one place. (Author: @alx-xo )
Project Assistant replies stream in live#3381 - Replies now type onto the screen token by token while the assistant cycles a set of whimsical "thinking" verbs, so you see progress instead of a silent wait. (Author: @simplesagar )
Watch the Project Assistant work#3389 - Tool calls and their results now render in the side panel as they happen, so you can see which tool the assistant is calling instead of the conversation sitting silent until the final reply. (Author: @danielkov )
Distribute MCP servers during onboarding#3327 - A new onboarding step lets teams search the MCP catalog and distribute selected servers to their organization during setup, with OAuth servers auto-configured along the way. (Author: @adaam2 )
Auto-configured identity for custom remote MCP servers#3339 - When OAuth metadata can be discovered for a custom remote MCP server, Gram now configures the remote identity provider automatically, reusing existing issuers and deriving a display name from the issuer URL. (Author: @walker-tx )
Prompt-based risk policies cover every message type#3382 - LLM-judge policies are no longer locked to tool requests: the judge runs on whatever message types a policy declares — user messages, tool requests, tool responses, and assistant messages — and the policy form lets you choose them. (Author: @vishalg0wda )
Smarter, hardened LLM-judge evaluations#3384 - The judge now receives the message type and, for tool calls, the destructured MCP server and function, so policies can target specific actors and tools. The risk view renders the judge's rationale, and the judge is hardened against adversarial input: hostile message bodies can't spoof prompt structure or pad their way to a fail-open allow. (Author: @vishalg0wda )
Filter tool traces by agent#3353 - A new Source filter on the Tools logs and insights pages narrows tool traces by originating agent — Claude Code, Cursor, Codex, and more. (Author: @simplesagar )
Easier-to-find navigation for key pages#3367 - Agent Sessions is promoted to top-level Observe navigation, Employees and Costs move to top-level navigation (#3368 ), and Risk Events moves into the Secure section (#3366 ). (Author: @alx-xo )
Check platform status from the profile menu#3392 - A new "Platform Status" link in the profile menu points to the Speakeasy status page. (Author: @simplesagar )
Every project gets its own device-agent marketplace#3337 - Marketplace names are now project-scoped, so devices in multi-project organizations receive every published marketplace, each pointing at its own project, instead of one project's marketplace silently winning. Single-project orgs keep their existing name. (Author: @bradcypert )
All org members see published plugins#3393 - Every plugin in an org's published projects is now returned to every org member, so plugins assigned via role or user principals reach devices while assignment management UI is pending. (Author: @bradcypert )
Bug fixes
Unique titles for Project Assistant threads#3350 - Thread titles no longer all render as the assistant's name; new threads get a title generated from the conversation's first turn. (Author: @simplesagar )
Prompt-based policies work for group-targeted rollouts#3356 - Organizations that enabled the
flag via a PostHog group no longer see it treated as disabled server-side, unblocking policy creation and enforcement. (Author: @vishalg0wda )
Shadow MCP access requests work across identities#3217 - Requesting access no longer fails with a 403 when the request link was minted for an agent-reported identity that differs from the authenticated dashboard user (multi-domain orgs, duplicate accounts, or shared block links). Approval stays org-admin gated. (Author: @bradcypert )
Honest Slack status updates#3390 - The Slack thread indicator no longer cycles through a fake pipeline of stages; it reports what the assistant is actually doing, one phrase at a time, updated as the work progresses. (Author: @danielkov )
Reliable trace export from assistant runtimes#3354 - Assistant runtime machines retain access to private-network DNS, so agent traces export reliably to the OpenTelemetry collector. (Author: @danielkov )
