🌟Vasilij’s note

This week the plumbing layer got interesting. Citrix built a gateway into NetScaler, Nutanix took its Agent Gateway to general availability, and OpenRouter's latest funding round confirmed just how much money is now riding on being the pipe that AI traffic runs through. I spent the week putting two of the best-known gateways, OpenRouter and Requesty, through the same four tests side by side: cost, control, data residency and reporting. The honest answer surprised me – these two have converged far more than the marketing suggests, and the real decision isn't a feature checklist, it's who in your firm has to answer for the risk. Full comparison in the Maker Note and Deep Dive below.

In today's edition

This week in agents | What changed

OpenAI's GPT-5.6 reached general availability on 9 July, ending a two-week hold the US government imposed over national security concerns – the same review process that took Anthropic's Fable 5 and Mythos 5 offline for nearly three weeks in June.

The pattern is now repeating across labs: frontier releases increasingly clear a government checkpoint before they clear your procurement process. → If your firm is standardising on a single frontier model for client work, build a fallback provider into the contract now – availability is no longer guaranteed on the vendor's timeline alone.

Citrix added an MCP Gateway to NetScaler and Nutanix took its Agent Gateway to general availability this week, making "one governed front door for LLM and MCP traffic" the industry's default pitch.

Gartner's own numbers explain the rush: 60% of GenAI proof-of-concepts were abandoned in 2024 over governance gaps exactly like this, and the analyst now expects 70% of teams building multi-model applications to run a gateway by 2028. → This is infrastructure you'll be buying inside two years regardless of which vendor wins; better to choose the shape of it deliberately now than inherit whichever one IT bought first.

CISA added a second Langflow flaw, a cross-tenant authorisation bypass, to its Known Exploited Vulnerabilities catalogue on 7 July, giving federal agencies three days to patch.

It's the fourth Langflow CVE in the KEV catalogue since last year, and this one lets one authenticated user run another tenant's workflow simply by supplying its ID. → Any client running self-hosted agent-building tools needs a patch-and-tenant-isolation review this week, not next sprint – "we patched the ransomware CVE" isn't the same as "we patched Langflow."

Top moves | Signal → impact

  • OpenRouter's plumbing gets serious money

    The gateway raised a $113M Series B led by CapitalG, with weekly volume up five-fold to roughly 25 trillion tokens in six months. → Gateway/routing is no longer a scrappy layer between you and the frontier labs; expect consolidation, and expect the pricing you're building against today to look different within a year.

  • Cheap models are eating agentic workloads

    DeepSeek doubled its share of OpenRouter's token volume in six months, driven mostly by agentic tasks routed to its V4 Flash model. → If every task in your stack still defaults to your most expensive model, you're paying a premium tax your competitors' routing layer has already stopped charging – this week's Deep Dive shows exactly how the major gateways attack this.

  • A second Langflow flaw lands on the federal must-patch list

    CVE-2026-55255, a cross-tenant authorisation bypass, joined CISA's KEV catalogue on 7 July with a three-day remediation deadline. → Treat any self-hosted agent-building or gateway tool exposed to the internet as tier-1 infrastructure with a patch cadence to match, not experimental tooling you'll get to eventually.

Maker note | What I built this week

This week I put OpenRouter and Requesty through the same client-summary prompt, side by side, scored across cost, control, data residency and reporting.

Decision: there's no universal winner – route by who owns the risk, because a COO answering to a data protection officer needs a different tool than a developer shipping fast, and the market-leader label matters less than who's accountable for the answer.

Upskilling spotlight | Learn this week

LLM Gateway Comparison 2026: Enterprise Buyer's Guide

A 15-criteria framework (routing, observability, agentic support, governance) to score any gateway pitch against before you sign anything.

Citrix's NetScaler MCP Gateway announcement

See how one enterprise platform folds LLM routing and MCP tool-access governance into a single dashboard – a useful blueprint when you're advising a client on their own stack, not just choosing your own gateway.

Operator’s picks | Tools to try

OpenRouter

Use for: breadth and speed, 300+ models via one OpenAI-compatible key.

Standout: a tunable auto-router that picks the model for you, plus no markup on token rates.

Requesty

Use for: governance owned by a non-technical partner, EU-hosted routing out of the box.

Caveat: EU residency is Requesty's architecture, not a feature OpenRouter currently matches without an enterprise contract.

Bifrost (Maxim AI)

Use for: firms that want the gateway self-hosted rather than routed through anyone's cloud.

Pair with: its enterprise tier for SOC 2/GDPR-grade audit logs if you outgrow the open-source core.

Deep dive | Thesis & Playbook

Two AI Gateways, One Screen: OpenRouter vs Requesty

Most firms already routing AI calls to two or three providers need exactly what a gateway does: one key, unified billing, and a spend cap that actually stops a request rather than just alerting after the fact. This week's test ran the identical client-summary prompt through OpenRouter and Requesty, scoring cost, control, data residency and reporting side by side, live.

On paper
  • OpenRouter: 60+ providers, an auto-router, passthrough token pricing plus a 5.5% fee on card top-ups; this week's $113M raise put volume at roughly 25 trillion tokens a week.

  • Requesty: a flat 5% fee on base cost with no minimum, built-in PII redaction, and an EU gateway hosted in Frankfurt.

  • Both expose an OpenAI-compatible endpoint, so switching between them is a base-URL change, not a rewrite.

In practice
  • Cost and routing: a genuine tie – both route intelligently to a cheaper equivalent model, and both charge in a way that's easy to explain to a partner.

  • Control: also a tie on capability – both can hard-block a key once it hits a spend cap rather than merely alert; Requesty's interface is simply more approachable for a non-technical budget owner.

  • PII scrubbing: tie again – both redact phone numbers, emails and card numbers before a request leaves the gateway.

  • Data residency is where they genuinely diverge: Requesty's gateway runs in Frankfurt by default, so the whole request path sits inside the EU; OpenRouter's default is US-hosted, and EU-only routing exists but sits behind an enterprise contract, not a toggle.

Issues/backlash
  • Both companies' "your data stays in the EU" claims are vendor statements to confirm in a data processing agreement, not audited facts.

  • If your firm doesn't handle client-confidential data through these calls, the residency round barely matters and OpenRouter's breadth wins outright.

My take (what to do)
  • Startup (15-40 staff): Bring your own keys, use OpenRouter's auto-router at low-to-moderate volume, and don't build a governance layer you don't need yet.

  • SMB (50-120 staff): Assign one person to own the gateway decision, and let "who signs off on the budget" decide between the two – Requesty's dashboard is built for that person, OpenRouter's for a developer.

  • Enterprise (150-250 staff): If a client's data protection officer will ask where the data is processed, Requesty's EU-hosted-by-default answer is simpler to give than negotiating OpenRouter's enterprise EU endpoint.

How to try (15-minute path)
  1. Create a free account with each gateway and grab an API key. (7 min)

  2. Run one identical prompt through both, noting which model each picked and what it cost. (8 min)

Success metric: you can name the model and the cost for both, in under two minutes, without opening a second tab to check.

"Querying systems of record through MCPs will become the new API call."

Steve Shah, General Manager of NetScaler at Citrix – on this week's launch of NetScaler MCP Gateway, announced 9 July 2026.

Spotlight tool | Requesty EU Gateway

Purpose: An LLM gateway built so the entire request path, not just the routing decision, stays inside EU jurisdiction.

Edge: Frankfurt-hosted infrastructure with zero data retention, no enterprise contract required.

  • → 77 EU-region model deployments (Claude on Bedrock eu-central-1/eu-west-1, Gemini on europe-west)

  • → Built-in PII redaction before requests leave the gateway

  • → Same OpenAI-compatible API as OpenRouter, so migration is a base-URL change

Try it: Requesty

What did you think of today's issue?

Login or Subscribe to participate

Did you find it useful? Or have questions? Please drop me a note., I respond to all emails. Simply reply to the newsletter or email [email protected].

This issue’s sponsor

n8n

An open‑source automation platform that lets you chain tools like DeepSeek, OpenAI, Gemini and your existing SaaS into real business workflows without paying per step. Ideal as the backbone for your first serious AI automations.

Refer and win

Share this newsletter for a chance to win!

Keep Reading