Claude Code Digest — 2026-03-25 20:16:04
What the docs reveal
Anthropic is locking down the execution environment. Previous versions prioritized developer agility over strict sandboxing. Now, the sandbox.failIfUnavailable setting creates a hard gate, crashing the agent if isolation fails. Coupled with CLAUDE_CODE_SUBPROCESS_ENV_SCRUB, which strips Anthropic and cloud credentials from child processes, the engineering team is actively mitigating credential exfiltration from prompt injection. Unapproved marketplace channels now block execution unless overridden by the explicit --dangerously-load-development-channels flag. Team administrators gain command over these overrides via allowedChannelPlugins and can deploy configurations using new modular managed-settings.d/ directories. This signals a clear product push to make Claude Code safe for zero-trust corporate networks.
Developers previously struggled with Claude treating subprocesses as isolated vacuums, breaking workflows tied to virtualenv or direnv. The new CLAUDE_ENV_FILE solves this by forcing Bash to source a dedicated script before executing commands. Furthermore, Anthropic introduced CwdChanged and FileChanged lifecycle hooks. You can now wire Claude Code to swap Node versions or Python environments automatically when the working directory changes. This eliminates the persistent friction of Claude executing commands in the wrong software context.
Plugin configurations also received a security overhaul. The new userConfig field routes sensitive developer inputs directly into the macOS keychain or Windows protected storage. This change keeps access tokens safe from plaintext settings.json files and accidental repository commits. You can safely deploy the newly introduced channels field, which maps messaging integrations like Slack and Telegram directly into active sessions.
Anthropic exposed finer controls over model latency and reasoning. Opus 4.6 users receive a max effort level for intense logical tasks. Because developers rarely want to pay the latency and token costs of maximum effort for every query, Anthropic added a clever UX hack: the "ultrathink" keyword. Including this word in a prompt triggers maximum effort for that single query, bypassing the need to alter global session state. For standard interactions, developers gain simple fast mode (Meta+O) and extended thinking (Meta+T) keyboard shortcuts.
Corporate networks gain a crucial bug fix regarding network proxies. The new CLAUDE_CODE_DISABLE_NONSTREAMING_FALLBACK environment variable addresses a known edge case where streaming interruptions forced Claude to retry in non-streaming mode. This fallback logic often caused duplicate, sometimes destructive, tool executions. Disabling the fallback forces a clean failure.
Observability scales up for enterprise deployments. The OTEL_LOG_TOOL_DETAILS variable pushes tool inputs and MCP server names to telemetry backends, though it relies on external systems to redact sensitive payload data. Finally, Anthropic deprecated the dedicated TaskOutput tool. Background task results now map directly through the standard Read tool, standardizing how context enters the workspace.