TLDR;
A week of accountability, scale, and security tension. Anthropic published a full postmortem on the Claude Code quality regression, reset subscriber usage limits, and announced a 5 GW compute expansion with Amazon. Claude Code shipped versions 2.1.118 through 2.1.121, plus disclosure of CVE-2026-39861 — a HIGH-severity sandbox-escape RCE patched in v2.1.64. Anthropic is also investigating unauthorized Claude Mythos access via a third-party vendor. Managed Agents memory entered public beta, and OpenAI shipped GPT-5.5 across Codex and the API.
API & Model Updates
Admins can now programmatically query rate limits configured for their org and workspaces — first time this has been queryable without manual Console inspection. Useful for building dashboards or automated alerting against quota thresholds.
Two separate elevated-error windows hit Opus 4.7 on April 25 (01:24–01:59 UTC and 07:48–11:58 UTC). Both resolved. Ensure your Opus 4.7 production code has retry/backoff logic in place.
Claude Code & CLI
Anthropic identified three separate product-layer changes behind the widely-reported quality regression: (1) default reasoning effort silently downgraded from high to medium on March 4, reverted April 7; (2) a caching bug introduced March 26 that caused Claude to lose thinking context every turn instead of just once per idle session, fixed April 10; (3) a verbosity-reduction system prompt added April 16 that hurt coding quality, reverted April 20. All three are resolved as of v2.1.116. Usage limits have been reset for all subscribers as of April 23. See also VentureBeat's writeup and Simon Willison's Pro-plan incident notes.
HIGH severity (CVSS 7.7) RCE in all Claude Code versions before v2.1.64. Sandboxed processes could create symlinks pointing outside the workspace; the unsandboxed parent process would then follow them during legitimate writes, allowing arbitrary file writes to ~/.bashrc, /etc/cron.d/, or other persistence locations. Combined with prompt injection from a malicious repo, file, or web content, this gives a full sandbox escape with persistent code execution. Patched in v2.1.64 — auto-update users are already covered, but anyone running with DISABLE_UPDATES or pinned to a legacy version should update immediately. Full analysis: SentinelOne writeup.
/config settings (theme, editor mode, verbose) now persist to ~/.claude/settings.json and participate in the full override precedence chain. --from-pr now accepts GitLab MRs, Bitbucket PRs, and GitHub Enterprise URLs. PostToolUse hooks now include duration_ms. OpenTelemetry tool_result and tool_decision events now include tool_use_id.
Vim visual mode (v/V) with full selection and operators. /cost and /stats merged into /usage. Hooks can now invoke MCP tools directly via type: "mcp_tool". New DISABLE_UPDATES env var blocks all update paths including manual claude update. WSL on Windows can now inherit Windows-side managed settings via wslInheritsWindowsSettings.
v2.1.120 (shipped April 24) caused a crash when resuming prior sessions via --resume or --continue, with a sandbox required but unavailable error even when sandbox.enabled = false. Anthropic triggered an auto-update rollback to v2.1.119; manual rollback via claude install 2.1.119 was also available. Fresh sessions and --print were not affected.
This week's follow-up release adds a rate_limits field to statusline scripts for displaying 5-hour and 7-day window usage, effort frontmatter for skills and slash commands, and the --channels research preview for MCP servers to push messages into a session. The non-streaming fallback token cap was raised from 21k to 64k and timeout from 120s to 300s. /status now works while Claude is responding.
Skills can now call other skills — one line in a SKILL.md file lets you chain multiple skills into a single command. The skills documentation covers the full spec including context: fork, subagent execution, dynamic context injection via !`command`, and $N argument shorthand.
Agent SDK & Managed Agents
Five Python SDK versions shipped this week (Apr 20–25). Highlights: full SessionStore support at parity with TypeScript — append, load, list_sessions, delete, list_subkeys, plus an InMemorySessionStore reference implementation and S3/Redis/Postgres adapters in examples/session_stores/. OpenTelemetry distributed tracing added (pip install claude-agent-sdk[otel]). Critical bug fix: setting_sources=[] was silently dropped (treated as falsy), causing the CLI to load default settings rather than disabling all filesystem settings — update if you rely on this.
Adds managedSettings option for embedders to pass policy-tier settings to the spawned CLI in-memory, honored below IT-controlled managed sources. Useful for SaaS products embedding Claude Code that need to enforce org-level defaults without filesystem policy files.
The Agent Client Protocol — used by editors like Zed to embed Claude Code as a backend — renamed the model identifier "opus" to "default" in v0.29. If your wrapper stored the user's saved model preference as the literal string "opus" in localstorage, it now silently falls back to the new default with no warning. One-function migration: map the stored string to "default" before passing to the SDK. Affects anyone shipping @agentclientprotocol/claude-agent-acp — see Fazm's writeup for the patch.
Memory for Claude Managed Agents entered public beta on April 23 under the standard managed-agents-2026-04-01 header. See the Using agent memory guide for integration details.
MCP Ecosystem
Claude Code now supports overriding MCP tool result size limits up to 500K chars via _meta["anthropic/maxResultSizeChars"] in ToolAnnotations. Useful for MCP servers returning large payloads like DB schemas that were previously silently truncated at 50K chars.
Apache 2.0 MCP server with 28 tools and background consolidation, bringing platform-level memory (like Claude.ai's) to any agent — local, cloud, or custom. Useful if you're building multi-agent systems that need persistent memory outside of a single provider's ecosystem.
Open-source tool for building a Markdown+Git knowledge base that agents automatically maintain and update. High community interest (229 HN score) for teams wanting persistent, version-controlled agent memory.
Developer Tools & Community
Community repo that extracts and commits the actual system prompt shipped in every Claude Code release (v2.0.14 onward), with token counts and per-release diffs. Updated within minutes of each release. Especially relevant this week: the verbosity-reduction prompt Anthropic added April 16 and reverted April 20 (per the postmortem) is in here — git-diff the relevant commits to see the exact text.
Local-first desktop app (Electron) that turns prompts into prototypes, slides, and PDFs using Claude, GPT, Gemini, Ollama, or any OpenAI-compatible endpoint. BYOK, one-click import of existing Claude Code API key. v0.1.3 shipped April 21 with Gemini model fixes and SSE-truncation improvements.
GUI for managing Claude Code settings, MCP servers, and session analytics. v3.5.1 raised test coverage from 16% to 61% (1,527 tests). v3.5.0 added full i18n support with Traditional Chinese as the first additional locale.
Competitor Dev Tools
OpenAI launched GPT-5.5 on April 23, with GPT-5.5 Pro joining the API the next day at $5/$30 per M tokens with a 1M context window. Available in Codex (CLI, IDE extension, app) via the model picker after a CLI/extension update. OpenAI is positioning it as "a new class of intelligence for real work" with strong gains in agentic coding (Terminal-Bench 2.0: 82.7%), computer use (OSWorld-Verified: 78.7%), and long-horizon coding (Expert-SWE: 73.1% on 20-hour median tasks). Worth A/B testing against Opus 4.7 — Opus still leads on SWE-Bench Pro (64.3% vs 58.6%), and Artificial Analysis flagged GPT-5.5 with an 86% hallucination rate on AA-Omniscience vs Opus 4.7's 36%.
/multitask runs async subagents to parallelize requests and breaks larger tasks into parallel chunks. Multi-root workspace support also added. Relevant to Claude Code builders evaluating multi-agent parallelism patterns.
Released April 21. Two new deep-research-preview-04-2026 variants (speed and max comprehensiveness) with MCP server integration and file search. gemini-embedding-2 also went GA on April 22.
Enterprise & Business
Secures up to 5 GW of capacity including nearly 1 GW of Trainium2/3 online by end of 2026. Run-rate revenue disclosed at $30B+. The Claude Platform on AWS (full Claude Platform features inside AWS with existing billing/governance) is coming soon — contact your account team for early access. Amazon is investing an additional $5B today.
NEC becomes Anthropic's first Japan-based global partner, deploying Claude to ~30,000 NEC Group employees globally with a focus on Claude Code and Claude Cowork for financial, manufacturing, and government sectors. Relevant for builders targeting Japanese enterprise customers. NEC press release.
Anthropic ran a live experiment where Claude bought, sold, and negotiated on behalf of SF office employees in a real marketplace. Published as a research artifact showing Claude's agentic negotiation capabilities in constrained real-world settings — useful reference for builders designing negotiation or commerce agents.
Anthropic is launching an ongoing survey to track AI's economic impact. The first wave covered 81,000 participants — see What 81,000 people told us about the economics of AI for findings on how people actually use AI in their work today.
Research & Safety
Bloomberg reported on April 21 that a small group of users in a private forum gained access to Claude Mythos Preview through a compromised third-party vendor environment. Anthropic confirmed it is investigating; no evidence of system breach, and the group is reportedly using the model deliberately not for hacking — "to avoid detection." Significant enterprise-trust story given Mythos's offensive cybersecurity capabilities and Anthropic's deliberate non-public release. Builders evaluating enterprise access controls for high-capability models should track the resolution.
Anthropic published updated election-related behavioral guardrails for Claude. Review if your product touches civic, political, or electoral content — these guardrails are active on all Claude models.
Action Items
Immediate:
- If on Claude Code v2.1.120, update forward to v2.1.121 (
claude update) — v2.1.120 crashes on --resume/--continue; v2.1.121 has the fix plus the new rate-limit statusline field and effort frontmatter
- If running Claude Code with
DISABLE_UPDATES set or pinned to a version <v2.1.64, update now — CVE-2026-39861 is a HIGH-severity (CVSS 7.7) sandbox escape patched in v2.1.64
- If using
claude-agent-sdk (Python) with setting_sources=[], update to v0.1.65+ — prior versions silently ignored the parameter and loaded default settings
- If shipping
@agentclientprotocol/claude-agent-acp, ACP v0.29 silently renamed model id "opus" → "default". Map any stored model preferences before passing to the SDK
By April 30, 2026:
- Remove
context-1m-2025-08-07 beta header from all API calls; requests over 200k tokens without it will error on Sonnet 4.5 / Sonnet 4
By June 15, 2026:
- Migrate off
claude-sonnet-4-20250514 and claude-opus-4-20250514 — both retire on June 15
All Resources
You're getting this because you subscribed to the Claude Marketplaces weekly digest at claudemarketplaces.com. Reply if anything looks off.