Claude Report — 2026-07-08
- Claude Code ships v2.1.203 and v2.1.204 (Jul 7-8), fixing background-session, hook-streaming, and Windows PATH bugs.
- Claude Cowork expands to web/mobile and reaches a FedRAMP High government beta (Jul 7); Anthropic discloses only 8.7% of Cowork usage is coding.
- Anthropic confirms its hidden Claude Code tracker was an intentional March "experiment" against reseller/distillation abuse (Jul 7).
- Anthropic signs a $19B, 20-year TeraWulf data-center lease in Kentucky (Jul 6).
- New MCP server <a href="https://github.com/shlokkhemani/rabbithole">rabbithole</a> (140★) and supply-chain scanner <a href="https://github.com/chawdamrunal/assay">assay</a> target Claude Code agent workflows and security (Jul 6-7).
🚀 Anthropic Official
Claude Code v2.1.203 and v2.1.204
v2.1.203 (Jul 7) adds a login-expiration warning and a grey pause badge for manual permission mode, and fixes background sessions going unresponsive on stale daemon tokens, claude agents silently killing/re-running subagents, a memory/CPU regression in the context-usage indicator, stale Windows PATH inheritance, and a dropped ANTHROPIC_BASE_URL causing background-session 401s. v2.1.204 (Jul 8) fixes hook events failing to stream during SessionStart hooks in headless sessions, which could get remote workers idle-reaped mid-hook.
Claude Agent SDK Python v0.2.112/v0.2.113 and TypeScript v0.3.203/v0.3.204
Both SDKs ship paired version bumps tracking each Claude Code release: Python moves v0.2.112 (Jul 7) → v0.2.113 (Jul 8), and TypeScript moves v0.3.203 (Jul 7) → v0.3.204 (Jul 8), with no independent functional changes beyond mirroring the CLI release.
Claude Code and Claude Cowork reach Claude for Government Desktop
Launches Claude Code and Claude Cowork in public beta inside the FedRAMP High-authorized Claude for Government Desktop, adding department-level admin controls, tamper-evident audit logs, fixed spend/model/seat limits, and local-device conversation storage for agencies deploying via standard MDM.
Claude Cowork expands to web and mobile
Syncs Cowork sessions and files across devices with beta remote sessions, unifies Chat and Cowork into one home, enables scheduled tasks that run with no device online, and adds Microsoft 365 write tools (draft/send email, manage calendars, create/update OneDrive and SharePoint files); rollout starts on the Max plan. Anthropic discloses that only 8.7% of a 1.2M-session Cowork sample was software development, versus 33.4% business operations and 16.4% content/copywriting.
Anthropic confirms hidden Claude Code tracker was an intentional experiment
Following the Jul 6 report on a steganographic marker tied to Asia/Shanghai and Asia/Urumqi timezones (discovered by reverse-engineer "Thereallo" in v2.1.196's minified JS), an Anthropic engineer confirms on X it was "an experiment we launched in March" to detect reseller and distillation abuse.
Anthropic signs $19B, 20-year TeraWulf data center lease
Leases roughly 401 MW at TeraWulf's Justified Data campus in Hawesville, Kentucky (a former aluminum smelter site), with initial capacity live in H2 2027 and full ramp by early 2028.
🔌 Claude Code Plugins
Top-10 install-ranked plugin tracking skipped again this cycle — ranking cache still unavailable. Items below surfaced via general search and aren't ranked by installs.
claude-helm
Ships six releases in a single day (v2.8.0 through v2.12.2, all Jul 7), rapidly iterating past the previous v2.7.1 baseline with adoption-mode and config fixes.
toolshed (doc-lifecycle plugin)
Jumps from v0.7.0 to v0.9.4 via five merged PRs (#37-#41, Jul 8): grants actions:read so the doc-bloat resume step stops 403ing, pins the marketplace via local checkout instead of a URL ref, adds version-agnostic pins with workflow-file fallback, and ships a deterministic upgrade lane needing no model call for a version bump.
compact-plus
New plugin ships v1.0.3 (Jul 7) to fix context loss on /compact: backs up the transcript pre-compaction, has an LLM write a structured 10-section state file (active plan, current phase, constraints, failed attempts), and injects it back via additionalContext on the next prompt, plus a 60%-context-usage warning.
Unchanged in window: claude-mem, claude-hot-limit, claude-code-hooks-daemon.
🛠️ Skills
glebis/claude-skills
Adds an "elimination research" skill and generalizes its quick-report views, currency-symbol support, and card formatting across four commits (Jul 6).
alirezarezvani/claude-skills
Follows up Jul 6's PR #904 with PR #905 syncing codex-skill symlinks (merged Jul 7), plus two in-progress PRs (Jul 8) fixing convert.sh tool-sync scanning and vendoring Microsoft's SkillOpt-Sleep into an "engineering" skill.
Piebald-AI/claude-code-system-prompts
Logs system-prompt diffs for each Claude Code release: v2.1.202 (Jul 6, +3,217 tokens), v2.1.203 (Jul 7, +16,113 tokens), and v2.1.204 (Jul 8, no changes).
Unchanged in window: anthropics/skills (last commit Jul 1), ComposioHQ/awesome-claude-skills, kpab/claude-fable-5-skills.
🤖 Agents & Subagents
anthropics/claude-agent-sdk-typescript
Ships v0.3.203 (Jul 7) and v0.3.204 (Jul 8), paired bumps tracking the same Claude Code releases covered under Anthropic Official above.
Unchanged in window: nicobailon/pi-subagents (still v0.34.0, Jul 7), 0xmmo/crew (no formal GitHub releases found, no verifiable new activity).
🔗 MCPs & Integrations
awslabs/mcp
Ships two releases Jul 6: a roda-mcp project-update script fix (22:02 UTC) and RedShift serialization fixes plus Aurora DSQL enhancements (20:46 UTC).
DeusData/codebase-memory-mcp
Merges a security-hardening batch Jul 6-7: CSP hardening, path validation rejecting non-loopback hosts and control characters, a new CBM_ALLOWED_ROOT config, a dry-run test-regression fix, and a worker-exit-handling fix.
rabbithole
New MCP server (created Jul 6, 140★) turns Claude Code, Codex, or any MCP client into an "infinite canvas for learning": select text, ask a question, and get the answer rendered as a branching child document on a pan/zoom canvas, running fully local via a one-line claude mcp add install.
Sens
New project-index MCP server plus CLI/web dashboard (v0.2.0, Jul 7) lets Claude Code query a compact code index instead of reading full files — symbol lookup, usage tracking, dead-code and duplication detection — claiming 97% fewer characters for project orientation and 100-125x faster re-indexing on unchanged files via ts-morph and tree-sitter.
Unchanged in window: modelcontextprotocol/typescript-sdk (latest Jul 2), modelcontextprotocol/python-sdk (latest Jun 30), ChromeDevTools/chrome-devtools-mcp (latest Jul 3).
💡 Community — Workflows & Ideas
assay
New LLM-based security scanner (created Jul 6) audits the Claude Code plugin/MCP/skill supply chain for prompt injection, tool poisoning, credential exfiltration, and hook abuse, citing exact code lines and running on the user's own Claude subscription via claude -p rather than a separate API key.
LianYaoHu (炼妖壶)
New Rust CLI/TUI (v0.1.2, Jul 7) runs Claude Code, Codex, or any coding agent inside a deny-by-default sandbox with VPN-only network egress, using sandbox-exec+PF on macOS and Landlock/seccomp+iptables on Linux to block exfiltration.
quickai
New Rust profiler (v0.2.0, Jul 8) reads Claude Code transcript JSONL into local SQLite to break down token/cost/time per task, subagent, and model, plus cache-hit health and waste analysis, exposed via CLI, HTML reports, and its own MCP server.
ccmux
New TypeScript/Bun tmux-pane tracker (v1.0.1, Jul 8) shows idle/working/waiting-for-attention state across concurrent Claude Code, Codex, Cursor, OpenCode, Pi, and Gemini CLI sessions via a local daemon combining log parsing, terminal pattern matching, and PID markers.
📰 Quick Mentions
- anthropics/claude-code-action — bumps to Claude Code 2.1.203 (Jul 7) and 2.1.204 (Jul 8), routine dependency sync with no functional change of its own.