Claude Code Daily Briefing - 2026-03-05

Release Summary

Full Release Notes

New Features & Practical Usage

1. Opus 4.6 Now Defaults to Medium Effort — Use “ultrathink” for Deep Reasoning (v2.1.68)

Opus 4.6 now runs at medium effort by default for Max and Team subscribers. Previously, it always operated at maximum reasoning depth, causing unnecessary latency even for simple tasks. Routine coding operations are now noticeably faster.

When you need deep reasoning for complex architecture decisions or tricky debugging, include the “ultrathink” keyword in your prompt to activate high effort for that turn. This gives you the best of both worlds: fast iterations by default, maximum reasoning power on demand.

# Regular tasks → medium effort (default, faster)
"Add error handling to this function"

# Complex tasks → high effort (use ultrathink keyword)
"ultrathink Propose an optimal design for completely refactoring this module's state management"

Note: Opus 4 and Opus 4.1 have been removed from the first-party API. Existing users are automatically migrated to Opus 4.6.

GitHub Releases

2. Check Point Research Discovers RCE & API Key Exfiltration in Claude Code — Fully Patched (2/26–3/3)

Security firm Check Point Research disclosed a critical vulnerability chain in Claude Code that allowed remote code execution and API credential theft through malicious project configuration files. If a developer cloned a repository containing a crafted .claude/settings.json, arbitrary code would execute the moment Claude Code launched — before any user interaction.

Three attack vectors discovered:

1. Hooks exploitation (CVE-2025-59536): Injecting malicious shell commands via project-level Hook definitions to achieve RCE
2. MCP auto-approval bypass: Using enableAllProjectMcpServers to auto-approve MCP servers, executing malicious commands before the trust dialog appeared
3. API key exfiltration (CVE-2026-21852): Redirecting API communications to an attacker-controlled server, capturing API keys before users could even see a warning

Anthropic’s security team worked with Check Point to fully remediate all vulnerabilities before public disclosure. Key takeaway: always inspect the .claude/ directory after cloning untrusted repositories.

Check Point Research | The Hacker News | Dark Reading | The Register

Developer Workflow Tips

PR-Linked Sessions with --from-pr — Streamlined Code Review Workflow (v2.1.68)

v2.1.68 introduces significantly improved PR-based session management. The --from-pr flag lets you start or resume a session linked to a specific GitHub PR, and creating PRs via gh pr create automatically links your current session to that PR.

# Start/resume a session linked to a specific PR
claude --from-pr 123
claude --from-pr https://github.com/org/repo/pull/123

# Sessions auto-link when creating PRs (no extra config needed)
gh pr create  # → current Claude Code session automatically links to this PR

When you receive code review feedback, --from-pr instantly restores the full context of that PR’s session so you can continue making changes seamlessly. Combined with the 68% memory reduction for /resume (via lightweight stat-based session loading), managing multiple PRs in parallel becomes highly efficient.

GitHub Releases

Defending Against Malicious Repositories — Make .claude/ Inspection a Habit

Following Check Point’s vulnerability disclosure, inspecting the .claude/ directory before running Claude Code on cloned repositories is now essential practice.

Post-clone checklist:

1. Check .claude/settings.json for unexpected hooks, enableAllProjectMcpServers, or mcpServers entries
2. Verify no settings redirect API URLs to third-party servers
3. Delete any suspicious settings before launching Claude Code

# Quick .claude directory check after cloning
git clone <repo-url> && cd <repo>
cat .claude/settings.json 2>/dev/null || echo "No settings file"

Check Point Research | Penligent AI

Security & Limitations

Anthropic Drops Flagship RSP Safety Pledge — Will Only Pause Training With “Significant Lead” (2/25)

Anthropic announced RSP 3.0, fundamentally altering its Responsible Scaling Policy. The original RSP, introduced in 2023, was the industry’s strongest commitment: “We will not train an AI model unless we can guarantee beforehand that our safety measures are adequate.” If capabilities outpaced controls, training would halt unconditionally.

Before: Halt training if safety measures cannot be guaranteed in advance (unconditional) After: Only halt training if Anthropic has a “significant lead” over competitors

Anthropic cited three factors: (1) a “zone of ambiguity” making it difficult to publicly argue for risk from capability thresholds, (2) an increasingly anti-regulatory political climate, and (3) high-level RSP requirements being impossible to meet without industry-wide coordination. While Anthropic stated the change was unrelated to Pentagon pressure, the timing — announced during the peak of the Pentagon dispute — has drawn significant criticism.

TIME | Engadget | CNN

Ecosystem & Plugins

v2.1.69: Voice STT Expands to 20 Languages (3/5)

Claude Code’s Voice Mode speech-to-text now supports 10 additional languages, bringing the total to 20. Newly added: Russian, Polish, Turkish, Dutch, Ukrainian, Greek, Czech, Danish, Swedish, and Norwegian.

While Korean and Japanese are not yet included, the significant expansion of European language support makes Voice Mode far more practical for global teams.

v2.1.69: /claude-api Skill & Improved MCP Binary Handling (3/5)

A new bundled skill /claude-api helps developers build applications using the Claude API and Anthropic SDK. Additionally, MCP binary content handling has been improved for PDFs, Office documents, and audio files, enabling more reliable processing through MCP servers.

GitHub Releases

Community News

• Defense Tech Companies Dropping Claude After Pentagon Blacklist: According to CNBC, 10 portfolio companies of defense venture firm J2 Ventures are actively transitioning away from Claude for defense use cases. Major contractors like Lockheed Martin are also expected to remove Anthropic technology from their supply chains. Anthropic argues the blacklist only applies to defense contracts and “cannot affect how contractors use Claude to serve other customers.” CNBC | CNBC Business Risk

• Anthropic Nears $20 Billion Revenue Run Rate Despite Pentagon Feud: Bloomberg reports Anthropic’s run-rate revenue has surpassed $19 billion — up from $9 billion at end of 2025 and $14 billion just weeks ago. Claude Code and enterprise adoption are the primary growth drivers. Paradoxically, the Pentagon dispute has accelerated brand awareness and consumer acquisition. Bloomberg | The Decoder

• Claude Memory Goes Free & ChatGPT Import Tool Launches: Anthropic has opened its previously paid-only memory feature to free users and launched an import tool for migrating conversation history and preferences from ChatGPT/Gemini. The strategy targets retention of users who surged after the Pentagon dispute — free users are up 60% since January, and paid subscribers have doubled. MacRumors | Bloomberg

Minor Changes

• Opus 4/4.1 removed from first-party API: Existing users auto-migrated to Opus 4.6. No action required.
• v2.1.68 PDF pages parameter: The Read tool now supports a pages parameter for reading specific page ranges from large PDFs. PDFs over 10 pages show a lightweight reference when @-mentioned instead of being fully inlined.
• v2.1.68 /resume memory 68% reduction: Stat-based lightweight session loading dramatically reduces memory usage when resuming sessions.
• v2.1.69 effort level display: The logo and spinner now show the current effort level (e.g., “with low effort”).
• v2.1.69 Ctrl+U to exit bash mode: Press Ctrl+U on an empty bash prompt to quickly exit bash mode.
• v2.1.69 symlink security fix: A symlink bypass vulnerability in acceptEdits mode has been patched.

Recommended Reads

• Product Design Is Changing: As AI tools generate UI directly, designer roles are shifting from visual execution to strategy and coordination. The key insight: “Designers aren’t becoming unnecessary — what’s expected of them is changing.” GeekNews

• Git-Memento: Auto-Recording AI Sessions in Git: A tool that automatically records AI code generation conversations in git notes. It solves the transparency problem of AI-generated code by preserving the reasoning behind “why this code was written this way.” GeekNews

• llmfit — Auto-Optimize LLMs for Your Hardware: A terminal tool that automatically finds and optimizes LLM models compatible with your system’s hardware. Dramatically lowers the barrier to entry for local LLM execution by handling model selection and quantization configuration. GeekNews

Interesting Projects & Tools

• microGPT Web Visualization (50 points, 9 comments): An interactive website visualizing Andrej Karpathy’s 200-line GPT implementation. Highly praised for making transformer mechanics intuitively understandable, especially for educational purposes. GeekNews

• frouter — CLI Tool for Finding Free AI APIs (42 points, 8 comments): A CLI tool that automatically discovers and routes to free AI APIs for budget-conscious developers. Enables experimenting with various models during development and prototyping without API cost burden. GeekNews