Claude Report — 2026-06-14

🚀 Anthropic Official

DXC × Anthropic Global Alliance — Regulated Industries at Scale

DXC Technology and Anthropic announce a multi-year global alliance deploying Claude in banking, insurance, manufacturing, airlines, and government; DXC's new OASIS platform for managed-services orchestration was built with "more than 95% of code generated by Claude," achieving a claimed 10× development acceleration. DXC validated the deployment across 115,000 employees in 70 countries before scaling to clients, with four initial solution areas: agentic insurance, legacy-code modernization, security-engineer SOC subagents, and embedded application-maintenance agents.

Claude Corps — 1,000 AI Fellows at US Nonprofits, $150M Commitment

Anthropic launches Claude Corps, a one-year national fellowship placing early-career professionals (under 2 years experience, 18+, US work-authorized) at nonprofits across America to apply AI skills, paying $85,000/year with benefits. The first cohort of 100 fellows targets an October 2026 start (applications close July 17); the program scales to 1,000 fellows across 400+ nonprofits through 2027, funded by a $150M commitment with CodePath as employer of record and Social Finance managing measurement and scaling.

Claude Code v2.1.174–176 — Model Governance, Session Language Titles, Bedrock Overhaul

Three June 12 releases deliver enforceAvailableModels (constrains the Default model to the managed allowlist; env-variable overrides can no longer widen it), wheelScrollAccelerationEnabled (per-session fullscreen scroll control), and a corrected /model picker that shows the resolved model family. Session titles now generate in the conversation's own language; Bedrock credentials from awsCredentialExport now cache until their actual Expiration timestamp rather than a fixed 1 hour; Bedrock GovCloud endpoints are now supported.

Claude Code v2.1.177 — Fable 5 Suspension Hardening

Released June 13; when Fable 5 is selected in the model picker or via auto mode, Claude Code now automatically falls back to the best available Opus model, reflecting the US government suspension directive. Hook path-matching for Read/Edit/Write tools is corrected; tmux SSH copy/paste and Remote Control implicit model-switching bugs are fixed; 22 total changes, majority stabilization around background sessions and model control.

🔌 Claude Code Plugins

Plugin cache unavailable — top-10 tracking skipped this run.

🛠️ Skills

None of the top 5 had verifiable updates in the window.

Unchanged in window: anthropics/knowledge-work-plugins, glebis/claude-skills, anthropics/skills, Piebald-AI/claude-code-system-prompts, ComposioHQ/awesome-claude-skills

🤖 Agents & Subagents

claude-code-action v1.0.146–148 — SDK Iterator Fix, PR Stamp Sweep, Auth Hardening

v1.0.146 (June 12) fixes an SDK iterator hang in pull_request runs, corrects auth fallback to inherited environment when inputs are empty, adds labels to formatContext() output for issues and PRs, and detects image type from magic bytes rather than URL extension. v1.0.147 (June 12) adds the pr-stamp-sweep review workflow. v1.0.148 (June 13) is a maintenance release with no documented API changes.

Unchanged in window: nicobailon/pi-subagents, Chachamaru127/claude-code-harness; claude-agent-sdk-typescript v0.3.177 (parity-only, see Quick Mentions)

🔗 MCPs & Integrations

None of the top 5 had verifiable updates in the window.

Unchanged in window: modelcontextprotocol/servers, modelcontextprotocol/typescript-sdk, awslabs/mcp, portainer/portainer-mcp, github/github-mcp-server

💡 Community — Workflows & Ideas

Agentjacking: Fake Sentry Errors Hijack MCP-Connected AI Coding Agents

Cloud Security Alliance documents Tenet Security's finding that attackers inject malicious markdown payloads into Sentry via its public, write-only DSN — Claude Code, Cursor, and Codex retrieve the poisoned events via MCP and execute attacker-controlled commands with full developer privileges, no authentication breach required. Across 100 tested organizations the exploitation success rate was 85%; 2,388 orgs have exposed injectable DSNs, including a Fortune 500 enterprise and a $2B+ hosting provider; Sentry declined to implement a root-cause platform fix.

Fable 5 System Prompt (~120k chars) Leaked; Anthropic Disputes Universal Bypass

Researcher "Pliny the Liberator" claims to have bypassed Fable 5's safety classifiers within days of the June 9 launch using multi-agent decomposition, Unicode substitution, and narrative framing to extract harmful technical content in isolated chunks then reassemble it — and published the model's ~120,000-character system prompt. Anthropic disputes the claim as a universal jailbreak, citing 1,000+ hours of external bug-bounty testing and independent red-team organizations that failed to reproduce it.

📰 Quick Mentions

Relevant links that don't warrant a section of their own:

• claude-agent-sdk-typescript v0.3.177 — June 13; parity with Claude Code v2.1.177, no API changes
• Anthropic splits Agent SDK into a separate billing credit pool — effective June 15; Pro gets $20/mo, Max 5x $100, Max 20x $200 for programmatic usage (claude-p, GitHub Actions, third-party Agent SDK apps)
• Prism News: US blocks foreign access to Claude Fable 5 and Mythos 5 — June 14 follow-up; models remain fully suspended with no restoration timeline announced
• TechTimes: Fable 5 jailbreak claims and 'secret sabotage' backlash — June 12; covers both the Pliny jailbreak controversy and developer anger over silent model-switching simultaneously