JFrog has announced the next evolution of its AI Catalog, aiming to provide comprehensive, centralized governance over the entire AI ecosystem. Initially introduced to offer a system of record for managing internal, open-source, and external AI models, the updated platform now addresses emerging challenges such as Shadow AI and the security risks posed by Model Context Protocol (MCP) servers. Shadow AI refers to the unchecked and unmanaged use of external APIs and model packages, creating security and compliance risks, while MCP servers represent a new risk vector with their powerful automation capabilities. The enhanced AI Catalog introduces features for automatic discovery and cataloging of unmanaged AI resources, asset vetting, policy enforcement, and a centralized AI Gateway to mitigate these risks. Additionally, the platform will soon extend its governance framework to MCP servers, providing a unified registry and enabling organizations to secure their AI infrastructure fully. This development positions JFrog's platform as a trusted source for managing the entire AI supply chain, from code to advanced AI agents.