Hacker News
Claude Code 2.1.187 Adds Sandbox Credential Blocking and Org-Enforced Model Restrictions
The June 24 Claude Code 2.1.187 release introduces a sandbox.credentials setting that prevents sandboxed commands from reading credential files and secret environment variables, plus organization-level model restrictions enforceable through the model picker, CLI flags, and env vars. This is a direct hardening response to the credential-exfiltration and prompt-injection attack class hitting agentic coding tools. The prior 2.1.186 (June 23) added CLI-based MCP login/logout with SSH support and a skills section in the plugin interface.
↳ Follow the thread