0842026-07-05

Claude Report — 2026-07-05


🚀 Anthropic Official

Fable 5 cyber safeguards and the "Cyber Jailbreak Severity" framework (Jul 2)

Details the safety classifier blocking the Amazon-discovered Fable 5 jailbreak technique (99%+ replication attempts blocked, flagged requests rerouted to Opus 4.8), and jointly proposes — with Amazon, Microsoft, and Google under Project Glasswing — a shared 5-tier "Cyber Jailbreak Severity" (CJS-0 to CJS-4) scale rating jailbreaks by capability gain, breadth, weaponization ease, and discoverability.

Anthropic escalates its own China access restrictions as Alibaba's ban story evolves (Jul 3–4)

New reporting shows Anthropic has been unilaterally implementing large-scale restrictions on Claude accounts, blocking numerous Chinese users without notice and closing loopholes (VPNs, overseas affiliates, Azure API routes) used to bypass region blocks, stating it "explicitly prohibits" Claude Code access from unsupported regions including China. Alibaba's company-wide Claude Code ban remains set for Jul 10.

Claude Code v2.1.199 (Jul 2)

Lets stacked slash-skill invocations load up to 5 leading skills at once; fixes SSL error messaging, streaming-response loss on mid-stream errors, subagents getting cut off by rate limits, and Linux background-agent daemon issues. (v2.1.200/v2.1.201, both Jul 3, were already covered in yesterday's report and carry no new developments.)

Claude Agent SDK TypeScript v0.3.199 (Jul 2)

Adds a requestId to canUseTool calls and masks sandbox credentials in logs — precedes the v0.3.200/v0.3.201 releases already reported yesterday.

Anthropic SDK Python v0.116.0 and TypeScript sdk-v0.110.0 (Jul 2)

Both add beta header support for agent-memory-2026-07-22 — minor but confirms an "agent memory" beta is in the pipeline.

claude-plugins-official: marketplace auto-migration renames map (Jul 4)

Adds a renames map to marketplace.json so Claude Code transparently migrates users off renamed plugin slugs (e.g. convex-backendconvex) instead of throwing plugin-not-found, and formalizes plugin name as an immutable slug going forward.

🔌 Claude Code Plugins

Top-10 install-ranked plugin tracking skipped this cycle — ranking cache unavailable. The items below surfaced via general search and aren't ranked by installs.

hyperframes

Ships v0.7.33 (Jul 4): an open-source plugin (installable via /plugin install hyperframes@claude-plugins-official) that turns HTML/CSS/animations into deterministic MP4 video, with 21 pre-built agent skills and MCP server support.

caveman

Ships v1.9.1 (Jul 3): a cross-agent (Claude Code, Cursor, Cline, Gemini) plugin that compresses agent output ~65% via terse "caveman-speak" instructions, adding /caveman-stats and /caveman-compress commands for local token-savings tracking.

Unchanged in window: n/a (top-10 ranking not available this cycle)

🛠️ Skills

Piebald-AI/claude-code-system-prompts

Logs three Claude Code system-prompt diffs in one window: v2.1.199 (+25,167 tokens), v2.1.200 (+6,194 tokens), and v2.1.201 (no changes), all Jul 3.

glebis/claude-skills

Adds a new "i18n-studio" skill (Jul 2) teaching agents to drive an i18n string-editing workflow (audit/suggest/review/set) for translation files, with follow-up refinements to its filters and keyboard shortcuts.

kpab/claude-fable-5-skills

Submits ten new Agent Skills purpose-built for Claude Fable 5's behavior (Jul 2) — effort-calibrator, scope-guard, subagent-orchestration, autonomous-continuation — reframing older prescriptive-style skills into outcome/boundary-based rules since Fable 5 degrades under verbose scaffolding.

Unchanged in window: anthropics/skills (last commit Jul 1), alirezarezvani/claude-skills (last commit Jul 1), ComposioHQ/awesome-claude-skills (stale since May 22)

🤖 Agents & Subagents

anthropics/claude-agent-sdk-typescript

Ships v0.3.199 (Jul 2): adds requestId to canUseTool and masks sandbox credentials in logs.

affaan-m/everything-claude-code (ECC)

Adds Hermes, OpenClaw, and Kimi Code CLI harness install targets (Jul 4) and resolves a cluster of open issues (#2295, #2298, #2303–#2306, #2340).

0xmmo/crew (Show HN)

Ships an open-source tool (Jul 4) letting multiple Claude Code agent instances talk to each other directly, part of a broader wave of multi-agent orchestration tools this week.

Unchanged in window: nicobailon/pi-subagents (still v0.33.1), anthropics/claude-plugins-official agents/ folders, Chachamaru127/claude-code-harness

🔗 MCPs & Integrations

modelcontextprotocol/typescript-sdk

Ships 2.0.0-beta.2 (Jul 2) across all v2 packages ahead of the Jul 28 MCP spec update — adds CommonJS build outputs alongside ESM and fixes HTTP error handling for missing client capabilities (now returns 400).

awslabs/mcp

Releases 2026.07.20260702161703 (Jul 2): fixes a security bypass in MySQL/data-processing read-only servers, migrates the Valkey MCP server to GLIDE V2 with new JSON/command-runner tools, and adds HealthOmics scratch storage support.

ChromeDevTools/chrome-devtools-mcp

Ships v1.5.0 (Jul 3): adds heap-snapshot diffing and duplicate-string detection for memory debugging via MCP, plus directory permission hardening.

Unchanged in window: portainer/portainer-mcp (still v2.43.1), modelcontextprotocol/python-sdk (dev commits only), github/github-mcp-server (still v1.5.0)

💡 Community — Workflows & Ideas

Possible cross-session data leak in ZDR enterprise accounts (Jul 4)

An Enterprise Zero Data Retention user reports Claude Code confidently referencing an unrelated prior session after context compaction, raising concerns about workspace isolation; labeled area:security, highest-engagement Claude item in the window (300 pts/129 comments on HN).

AskUserQuestion silently times out after 60s, bypassing approval gates (Jul 2)

Users found an undocumented regression where AskUserQuestion auto-proceeds with "best judgment" after 60 seconds of silence, defeating a pattern many rely on as a human-approval checkpoint; Anthropic confirmed a fix making the timeout configurable and off by default (addressed in Jul 3's v2.1.200).

sqlite-utils 4.0rc2, mostly written by Claude Fable (Jul 5)

Simon Willison used Claude Fable via Claude Code to review a pre-release, catching a silent data-loss bug in delete_where(), then had GPT-5.5 cross-review Fable's own fixes — a concrete cross-model verification workflow costing $149.25 across 37 prompts and 4 review sub-agents.

CVE disclosures spike 3.5x alongside Claude Mythos vulnerability discovery (Jul 3)

Data analysis shows ~1,500 high/critical CVEs disclosed in June 2026 across 21 major orgs — a record jump timed with Project Glasswing's use of Claude Mythos Preview to autonomously find 10,000+ vulnerabilities pre-disclosure.

Claude Code settings for faster architecture work (Jul 3)

A concrete settings.json/CLAUDE.md tuning write-up focused on architecture-level tasks rather than generic setup advice.

📰 Quick Mentions

← back to archiveend of edition № 084