radar

DEEP_DIVE_STORY.LNK

howtonotcode.com // protocol_active
arrow_back_ios RETURN_TO_FEED
READ_TIME 0:38_MIN
LIVE_REDACTION
ANTHROPIC PUB_DATE: 2026.03.27

CLAUDE CODE V2.1.85 SHIPS ENTERPRISE-FRIENDLY MCP OAUTH, STRICTER PLUGIN POLICY, HEADLESS HOOKS, AND SAFER TELEMETRY

Anthropic released Claude Code v2.1.85 with concrete upgrades for OAuth/MCP, governance, headless integrations, and OpenTelemetry controls. The new release add...

Anthropic released Claude Code v2.1.85 with concrete upgrades for OAuth/MCP, governance, headless integrations, and OpenTelemetry controls.

The new release adds MCP helper env vars for multi-server routing, conditional hook filters to cut process spawning, and deeper link support, all documented in the v2.1.85 notes. It now discovers OAuth authorization servers via RFC 9728 resource metadata, hard-blocks org-disallowed plugins from install and marketplace views, and logs timestamp markers when scheduled tasks (/loop, CronCreate) fire.

PreToolUse hooks can now answer AskUserQuestion by returning updatedInput with an allow decision, enabling truly headless flows. Tool parameter payloads are gated behind OTEL_LOG_TOOL_DETAILS=1 to reduce telemetry spill risk, and step-up auth plus several stability issues are fixed, per the release. For a real-world security workflow, see SpecterOps’ code review approach with Claude Code here.

[ WHY_IT_MATTERS ]
01.

Tighter OAuth/MCP alignment and enforced plugin policies make Claude Code easier to roll out in regulated environments.

02.

Headless AskUserQuestion and OTel gating enable safer automation without leaking sensitive tool inputs.

[ WHAT_TO_TEST ]
  • terminal

    Validate MCP OAuth discovery with your IdP and confirm step-up flows work when servers return 403 insufficient_scope.

  • terminal

    Confirm tool_result events exclude tool_parameters unless OTEL_LOG_TOOL_DETAILS=1, and that exporters set to none no longer crash.

[ BROWNFIELD_PERSPECTIVE ]

Legacy codebase integration strategies...

  • 01.

    Lock down disallowed plugins via managed-settings.json and verify they’re hidden from marketplace and cannot be enabled.

  • 02.

    Use hook if conditions (e.g., Bash(git *)) to curb process churn on CI agents and long-running shells.

[ GREENFIELD_PERSPECTIVE ]

Fresh architecture paradigms...

  • 01.

    Design headless flows where PreToolUse hooks collect user input in your own UI via updatedInput alongside permissionDecision: "allow".

  • 02.

    Configure one MCP headersHelper to serve multiple backends using CLAUDE_CODE_MCP_SERVER_NAME and CLAUDE_CODE_MCP_SERVER_URL.

arrow_back
PREVIOUS_DATA_LOG
Continue IDE updates: wider model support, prompt caching, cost routing, and stability hardening
Initialize_Return_to_Core
LINK_STATUS: 127.0.0.1 (SECURE)
NEXT_DATA_LOG
Anthropic leak exposes unannounced "Claude Mythos"/"Capybara" model under early access
arrow_forward
SUBSCRIBE_FEED
Get the digest delivered. No spam.
Terminate_subscription anytime.