Claude Code Digest — 2026-04-04 20:10:00
What the docs reveal
Enterprise Governance Meets Full Autonomy
Anthropic released --enable-auto-mode to grant Claude Code full permission to act without user prompts. This feature requires the new 4.6 generation of models (Sonnet or Opus) and a Team, Enterprise, or API plan. Anthropic clearly trusts the 4.6 models to execute long-running tasks without human supervision. We are watching the tool transition from an interactive copilot to an independent agent.
To balance this new autonomy, Anthropic introduced two heavy-handed security settings. The first is forceRemoteSettingsRefresh. When enabled, the CLI blocks startup until it successfully fetches remote configuration. If the network drops or the server fails, Claude Code refuses to run. This "fail-closed" behavior proves that enterprise security teams demanded strict policy enforcement over developer convenience.
The second security measure is disableSkillShellExecution. This setting globally blocks inline shell execution within custom skills. Shared skills present obvious supply-chain risks. By locking down shell execution, administrators close a major prompt-injection vector. Custom skills must now rely on explicit API layers rather than arbitrary script execution.
MCP Payload Limits Scale Up
Model Context Protocol (MCP) servers can now bypass default result size limits. Developers add _meta["anthropic/maxResultSizeChars"] to their tools/list response to push up to 500,000 characters directly into the chat.
Previously, heavy outputs like comprehensive ASTs, database schemas, or deep file trees automatically spilled to disk to save memory. Now, tools inject this data straight into the active session. This eliminates the friction of opening temp files to read tool outputs. However, the global MAX_MCP_OUTPUT_TOKENS setting still enforces a hard ceiling. You must increase this global cap to utilize the 500k-character allowance. You trade context window longevity for an unbroken developer workflow.
Interface Cleanup and Paradigm Shifts
Anthropic killed the /pr-comments command. The documentation instructs you to simply ask Claude to review pull request comments instead. This represents a broader design shift. Hardcoded slash commands exist for tasks models fail to understand natively. As model comprehension improves, rigid CLI shortcuts become obsolete.
Similarly, the /vim slash command is dead. Vim navigation graduated from a hacky command to a persistent system setting. You now toggle "vim" via the editorMode key in /config. Custom keybindings and Vim mode now operate entirely independently, resolving a long-standing key-collision headache for power users.
Configuration management received two major quality-of-life updates. First, you can define environment variables directly inside settings.json. Centralized configuration eliminates the need to pollute your shell dotfiles. Second, Anthropic added a new /setup-bedrock wizard. You no longer need to wipe your configuration files to rotate AWS credentials, update regions, or pin new models.
The Limits of WSL Sandboxing
Custom skills finally support powershell on Windows via the CLAUDE_CODE_USE_POWERSHELL_TOOL environment variable. But Windows interoperability comes with a rigid constraint for WSL users.
Sandboxed commands in WSL cannot execute Windows binaries (like cmd.exe or files in /mnt/c/). The isolation environment intentionally blocks the host-handoff mechanism. To execute Windows-native tools, you must add the specific command to the excludedCommands list. Sandboxing forces a strict boundary; cross-system execution fails by design.