[News Brief] React Sleepers, OCR Wins, and Braintrust Agents
A technical post-mortem on detecting dormant RCE payloads, the data-backed decision to use Landing AI for legacy contracts, and how Braintrust is bringing asynchronous, collaborative agents to you
This week’s Office Hours was one of our most technical sessions yet, pivoting from a critical security post-mortem to a definitive solution for enterprise document processing, and finally, a deep dive into the internal platform that is reshaping how we work.
Here is the comprehensive breakdown of the session’s findings, tools, and strategic takeaways.
Security Alert: The “Sleeper Cell” React Vulnerability
We began with a sobering look at CVE-2025-55182, the Critical (CVSS 10.0) Unauthenticated Remote Code Execution (RCE) vulnerability in React Server Components. While the vulnerability itself has gone viral this week due to its severity (10/10), the session focused on a specific, dangerous nuance discovered during a live incident response: the concept of the “Sleeper Cell” payload.
The Incident
Leonardo Gonzalez shared a personal case study where a project was suspended by Google Cloud Platform (GCP) due to cryptocurrency mining activity. The investigation revealed a critical timeline:
The Exploit: The system was likely compromised during the active exploitation window before the patch was applied.
The Patch: The system was patched to fix the vulnerability.
The “Sleeper”: Despite the patch, the malicious payload (a crypto-miner) lay dormant or persisted, triggering after the security fix was in place.
Crucial Insight: If you managed a vulnerable Next.js deployment during the exposure window, applying the patch prevents future infection but does not remove existing compromises.
The Forensic Challenge
The investigation highlighted a major gap in standard container workflows. While containerization successfully isolated the attack (preventing host file system compromise), restarting the containers to apply updates destroyed the forensic evidence needed to identify the exact injection vector.
Strategic Takeaways & New Tooling
Patching is Not Remediation: You must assume persistence mechanisms exist even after code is updated.
Forensics First: Before cleaning or rebuilding compromised containers, teams should snapshot the disk or export the file system to preserve evidence (IoCs).
Community Tool: To address this, Leonardo is finalizing an AI-assisted forensics scanner. Unlike standard scanners that check for outdated packages, this tool uses specific Indicators of Compromise (IoCs) to retroactively detect if a system has already been breached.
The Verdict: Solving the Legacy OCR Saga
For weeks, the “AI CoE Assist” task force has been investigating a solution for a persistent business problem: accurately digitizing and querying legacy, non-standard contracts (often scanned, skewed, or faded).
After rigorous benchmarking of open-source local models (like Marker) against commercial multimodal giants (like Gemini and Landing AI), we have reached a final decision.
The Winner: Landing AI
David Proctor presented the data, identifying Landing AI as the superior solution for our enterprise use cases.
“In testing, Landing AI delivered a near 100% success rate in retrieving complex data points, even from poor-quality sources where other tools hallucinated or missed sections.”
The “Double Pass” Strategy: The most effective pattern discovered was a two-step workflow:
Parse: Run an initial pass to understand the document structure.
Dynamic Schema Generation: Use an LLM to generate a custom schema based on that specific document (e.g., “This contract has 11 clauses, not the standard 9”).
Extract: Run a second pass using this tailored schema for perfect retrieval.
Cost vs. Build: At approximately $0.03 per page, the cost is negligible compared to the engineering overhead of maintaining a custom pipeline or the billable hours of legal review.
The Runner-Up: Marker (Open Source)
For use cases requiring strict data isolation (where sending data to a third party is a non-starter), the open-source tool Marker is a viable alternative. With recent updates (using a T4 GPU), processing speed improved from ~45 seconds/page to ~18 seconds/page. While slightly less structurally accurate than Landing AI, it remains a robust “Code Red” backup for highly sensitive documents.
Next Steps: The CoE is proceeding with Landing AI as the primary recommendation. We are finalizing compliance checks with Legal and will deploy this capability directly into Braintrust (see below) for easy access.
Deep Dive: Project Braintrust
The BrainTrust Lead (HUGE THANK YOU TO Sahil for this demo) showcased Braintrust, our internal AI orchestration platform. Unlike the standard chatbots most teams use, Braintrust is designed for long-running, asynchronous agentic workflows that live directly in your Google Chat.
The “Agentic” Difference
Braintrust agents don’t just answer questions; they perform multi-step jobs. They can collaborate with one another, persist over hours of processing time, and ping you when the work is done.
Core Capabilities Demonstrated
Multi-Agent Collaboration: Sahil Marwaha demoed an “ESA Analysis” workflow where a Searcher Agent (browsing the web for funding rules) collaborated with a Data Agent (querying internal demographic databases) to synthesize a comprehensive report for 50 states without human intervention.
The Deck Factory: Agents that take a raw Google Doc or data outline and autonomously generate fully formatted, branded Google Slide decks.
Geospatial Intelligence: A “Schools Analysis” agent that accepts a simple address and returns a deep-dive dashboard covering zoning laws, wealth distribution, and competitor locations.
Vision Crafter: A creative agent leveraging Nano Banana Pro to generate infographics and videos on demand.
How it works: You add the Braintrust app to any team channel. The app will automatically route your prompt to the most relevant agent - or spin up a squad of agents to solve it together.
Looking Ahead
The “Contract OCR” solution discussed above will be deployed as a Braintrust expert. Soon, you will be able to simply tag @ContractExpert in a chat, point it to a Drive folder, and ask it to audit your documents.