What's Up Claude Code: Week of May 18th

TL;DR

This week was mostly about visibility and breakage. Anthropic shipped v2.1.149 with per-category usage breakdowns, better /diff navigation, GFM checkbox rendering, and four real security/correctness fixes. The London Code with Claude item is important too, but the KB is clear that it was a recap on May 19, not a new launch; the real product signal was managed agents with self-hosted sandboxes and MCP tunnels. Then the week got noisy: a mass AUP false-positive wave hit benign work across platforms, v2.1.149 on Windows can panic on claude --resume, and v2.1.150 landed as a quiet infra-only follow-up.

If you want the blunt version: watch your version, watch your platform, and don’t ignore the managed-agents announcement.

---

1. The release that matters: v2.1.149

v2.1.149 is the useful release of the week. It finally gives /usage a per-category breakdown, including skills, subagents, plugins, and per-MCP-server usage. That’s the first time the UI makes individual MCP cost visible instead of hiding it inside a blob.

Other useful bits:

• /diff got keyboard navigation.
• Markdown views now render GFM checkboxes properly.
• allowAllClaudeAiMcps can unlock claude.ai-hosted MCPs without per-server allowlists in enterprise setups.
• /feedback now carries pre-compaction conversation context.

The security/correctness fixes are the bigger deal if you care about guardrails:

• the PowerShell cd.. / cd\ / cd~ / drive-letter bypass is closed;
• the git-worktree sandbox write allowlist no longer over-covers the main repo root;
• stale PWD / OLDPWD / DIRSTACK tracking is fixed;
• PowerShell prefix/wildcard allow rules now pre-approve native-exe subcommands.

That’s the sort of boring release that saves you pain later.

Sources: release notes · security issue roundup

---

2. The week immediately got ugly

The biggest operational story this week was not a feature. It was the classifier.

Issue #61655 tracks a mass wave of false Usage Policy refusals on benign work: SwiftUI animation, FPGA waveform analysis, TTRPG content, scientific manuscript editing, conlang work, medical-education content, markdown tables, biomedical research, game dev. It hit macOS, Windows, Linux, WSL, and VS Code. That’s not a niche glitch — it’s a platform-wide trust problem.

If you hit it, the only practical advice right now is simple: start a fresh session and rephrase. The issue is server-side, not something you can fix locally.

Right next to that is a separate Windows regression: v2.1.149 can panic on claude --resume. The reported workaround is to pin Windows users to v2.1.148 until a fixed build lands. The next release, v2.1.150, was infra-only and did not advertise a fix.

If you’re on Windows and living in Claude Code all day, this is the part to care about first.

---

3. The product signal hiding under the noise

There were two product signals worth calling out here.

First: the London Code with Claude session did not ship a new feature, but it did tee up the managed-agents announcement that matters: New in Claude Managed Agents: self-hosted sandboxes and MCP tunnels. In plain English, Claude Managed Agents can now run in a sandbox you control and connect to private MCP servers through tunneling. That’s a much more concrete step toward real third-party hosting than the recap itself made obvious.

Second: the new Workflow tool looks gated by a server-side GrowthBook flag.

That matters because it means CLAUDE_CODE_WORKFLOWS=1 is not enough by itself. The feature is still in limited beta, and availability depends on Anthropic’s flagging, not just local env config.

My read: Anthropic is still testing deterministic multi-agent workflows carefully. Good. They should. This is the kind of thing that breaks in annoying ways if it ships too early.

---

4. Community project worth looking at

The one fresh community project I’d actually point people to this week is cc-doc-tracker.

It diffs the official Claude Code docs and emits a changelog of documentation changes. That sounds small, but it solves a real problem: Anthropic quietly updates docs between releases, and those changes often matter just as much as the release notes.

If you care about env vars, hook events, or frontmatter keys, this is the sort of project worth watching.

---

5. What I’m watching

1. Whether the AUP false-positive wave gets an official rollback or explanation.
2. Whether Windows users get a clean fix for the v2.1.149 resume panic.
3. Whether v2.1.150 turns out to be a silent hotfix or just release-train plumbing.
4. Whether the Workflow tool graduates from gated beta to something people can actually rely on.
5. Whether usage visibility finally becomes good enough to catch cost spikes before they bite.

---

6. Community events

The community graph keeps growing. The latest sync still shows a busy calendar.

Coming next week (May 25–31):

• 🇬🇧 London — Claude Code for Everyone (May 26)
• 🇩🇰 København — Claude Code Explainable Brains Hackathon (May 26)
• 🇳🇴 Oslo — Claude Code for Everyone (May 27)

Coming later:

• 🇩🇪 Nürnberg — Claude for Everyone (Jul 1)

Host your own on Luma →