0892026-07-11

Claude Report — 2026-07-11


🚀 Anthropic Official

Claude Code v2.1.207

Ships Jul 11: enables Auto mode by default on Bedrock/Vertex AI/Foundry (opt out via disableAutoMode, no longer needs an opt-in env var), fixes terminal freezing/keystroke lag during long streamed output, fixes a security-consent bypass bug for remote managed settings in non-interactive runs (claude -p/SDK), fixes spurious prompt-injection warnings and the auto-updater overwriting custom launcher scripts at ~/.local/bin/claude, fixes a crash loop in agent teams from malformed mailbox messages, and fixes Deep Research mislabeling Fetch-phase agents as "unknown."

Claude Code v2.1.205

Ships Jul 8: adds an auto-mode rule blocking tampering with session transcript files, fixes --json-schema silently producing unstructured output on invalid schemas, fixes a Windows worktree-removal bug that could delete files outside the worktree via NTFS junctions, fixes background agents staying mislabeled as "failed"/"completed" after being resumed, and streams binary auto-update downloads to disk to cut updater peak memory by roughly 400MB.

Claude Agent SDK Python v0.2.116, v0.2.114 and v0.2.113

v0.2.116 (Jul 11) updates the bundled CLI to v2.1.207 and fixes CI workspace trust so project-scoped permission grants are honored in checkout directories; v0.2.114 and v0.2.113 (both Jul 8) track the CLI's v2.1.205 and v2.1.204 bumps respectively.

Claude Agent SDK TypeScript v0.3.207, v0.3.205 and v0.3.204

v0.3.207 (Jul 11) fixes canUseTool returning {behavior: 'allow'} without updatedInput being wrongly rejected as a deny with a raw ZodError, and adds the published SDK type AgentToolCompletedOutput; v0.3.205 (Jul 8) adds still_queued UUIDs to interrupt responses, a typed receipt from Query.interrupt(), and an interrupt_receipt_v1 capability flag; v0.3.204 (Jul 8) tracks CLI parity with v2.1.204.

Anthropic SDK TypeScript sdk-v0.111.0

Ships Jul 10: adds API support for "dreaming," a memory-store reorganization feature for Claude Managed Agents, and gates session tool calls on evaluated_permission with server-stop_reason-bounded idle detection.

API release notes — Access Transparency expansion

Updates Jul 10: expands Access Transparency documentation for cmek_preserve events, adding a filter example, a sample event payload, and two new preservation reason codes (policy_violation_investigation, csae_report); clarifies a preservation event logs regardless of whether it's triggered by a human reviewer or an automated safety pipeline.

🔌 Claude Code Plugins

Plugin install-rank cache is unavailable this cycle — dedicated top-10 tracking is skipped per this run's instructions. The only hand-authored change found in anthropics/claude-plugins-official this window was a marketplace redirect fix (see Quick Mentions); all other repo activity was routine automated SHA-pin bumps in marketplace.json, not substantive plugin news.

🛠️ Skills

Piebald-AI/claude-code-system-prompts

Logs the v2.1.207 system-prompt diff (Jul 11, +6,150 tokens), continuing its per-release token-diff tracking in step with today's Claude Code release.

agentskillexchange/skills

Regenerates all repo files from live registry data and lands install-formatter fixes (Jul 11) preserving "require" prose and narrowing artifact filtering during skill installs.

JSONbored/awesome-claude

Merges four analytics-instrumentation PRs (#4873-#4876, Jul 11) adding usage tracking to site navigation elements (sticky meta bar, back-to-top).

Unchanged in window: kpab/claude-fable-5-skills, alirezarezvani/claude-skills, glebis/claude-skills, anthropics/skills, ComposioHQ/awesome-claude-skills.

🤖 Agents & Subagents

anthropics/claude-agent-sdk-typescript

Ships v0.3.207 (Jul 11), the same release covered under Anthropic Official above, fixing a canUseTool deny-misclassification bug and adding the AgentToolCompletedOutput type.

Unchanged in window: nicobailon/pi-subagents (latest commit Jul 10, before this window's cutoff), 0xmmo/crew (latest commit Jul 4).

🔗 MCPs & Integrations

shlokkhemani/rabbithole

Pushes roughly 50 commits on Jul 11 covering Phase 8 Slice 1 (schema v2, giving every node a versioned extension bag) and Phase 7 closure work (export/projection reconciliation, gauge rebaselining, an MCP live-page snapshot download fix).

DeusData/codebase-memory-mcp

Merges five PRs on Jul 11 — TOON compact tool output (#1013), a fix for empty MCP discovery lists (#1015), stale WAL sidecar fix (#1016), surfaced SQLite corruption errors (#1018), a torn artifact-export fix (#1019) — plus a Windows install fix.

awslabs/mcp

Ships a Redshift MCP server feature using SHOW commands for metadata discovery (Jul 10 evening), alongside secret-manager hardening for the mssql/oracle servers and new AWS MCP migration-guide docs.

Unchanged in window: ChromeDevTools/chrome-devtools-mcp (latest commit Jul 10, before this window's cutoff), modelcontextprotocol/typescript-sdk (latest release 2.0.0-beta.3, Jul 9), iiTzSenn/Sens (latest v0.9.0, Jul 9), modelcontextprotocol/python-sdk (still v2.0.0b1, Jun 30).

💡 Community — Workflows & Ideas

MCP Census

Publishes Jul 11: a health-check audit of 15,382 registered MCP servers finding roughly 16% have verified problems (deleted repos, deprecated packages, inactive maintenance), with popularity sharply concentrated in a handful of dominant servers.

mcp-customs

Ships Jul 11: an offline, regex-based "npm audit for MCP" scanner that flags shell-injection risk, missing path-traversal guards, hardcoded credentials, and prompt-injection strings hidden in MCP tool descriptions before install.

Code Airlock

Publishes Jul 11: a Docker Sandboxes wrapper running Claude Code, Codex, or OpenCode inside disposable microVMs with the host repo mounted read-only, auto-committing the agent's work inside the sandbox as fetchable git branches for review before merging.

Makoto

Publishes Jul 10: a Claude Code hook plugin that cross-checks the agent's claimed actions ("I ran the tests," "I committed") against a tamper-evident ledger of its actual tool calls and file diffs, blocking further tool use on mismatch.

Skillgrade

Publishes Jul 10: a YAML-based testing framework defining skill-evaluation tasks run against agents (Claude, Gemini) to check whether they correctly discover and use a custom skill, graded via deterministic checks or LLM rubrics.

📰 Quick Mentions

  • claude-plugins-official marketplace fix — adds a wordpress.com → build-with-wordpress redirect (Jul 10) so existing plugin installs auto-migrate to the renamed slug.
  • agentpeek — new Jul 11, self-hosted control panel exposing persistent tmux-backed Claude Code sessions over Tailscale, reachable via SSH or web UI.
  • Hasharot — new Jul 11, a self-hosted Telegram bot bridging to a local Claude Agent SDK instance for remote file/shell/code control.
  • subagentmaxxing — new Jul 9, a CLI normalizing Codex and Cursor into a single interface so a Claude orchestrator can dispatch cheaper-model subagent runs.
  • Brick (SR1) — new Jul 10, a Mixture-of-Models routing gateway using "sticky routing" to cut cost without invalidating Claude's prompt cache.
  • Claude Status Light — new Jul 9, a macOS menu-bar stoplight showing Claude Code session state (waiting/running/idle) via shell hooks.
  • claude-codex-battery — v1.3.3 (Jul 11) switches its Codex usage widget to ChatGPT's account-level usage API for cross-Mac sync.
  • ditto — new commits Jul 10 sharpen its generated profile-card tone and add an FAQ addressing privacy pushback.
  • Danus — fix Jul 11 resolves a tarball-install bug that made /verify return HTTP 500 despite a healthy /health check.
  • UiPath/coder_eval — new Jul 9, an official UiPath sandboxed evaluation harness for benchmarking AI coding agents and skills.
← back to archiveend of edition № 089