今日已更新 339 条资讯 | 累计 19899 条内容
关于我们

标签:#claudecode

找到 45 篇相关文章

AI 资讯

Opus 4.8 ships Dynamic Workflows — hundreds of parallel subagents per session. Read this before you wire it into prod.

Opus 4.8 ships Dynamic Workflows — hundreds of parallel subagents per session. Read this before you wire it into prod. Anthropic's Opus 4.8 announcement on May 28 spent most of its word count on benchmarks. CursorBench up. Terminal-Bench 2.1 beats GPT-5.5. OSWorld-Verified at 82.3%. Online-Mind2Web at 84%. The legal-agent benchmark broke 10% on all-pass for the first time. Those are the numbers the headline writers grabbed. Buried under the benchmark table is the line that actually changes how you ship agents: Dynamic Workflows. Run hundreds of parallel subagents. Handle codebase-scale migrations spanning hundreds of thousands of lines. That is not a benchmark. That is a new programming model. And it is shipping as a preview, which means the defaults are not what they will be in 90 days. If you are running agents in production and you do not pin your config before the next minor release, your bill is going to surprise you. Here is what the preview actually does. Three tasks it eats alive. One class of work where it loses you money. And the exact config to pin before the dynamic-workflow defaults move under you. What Dynamic Workflows actually changed Before 4.8, parallel subagents on the Anthropic stack meant one of two things. Either you called the Agent tool from inside Claude Code and got a fixed number of side-task subagents — usually capped somewhere around four or eight concurrent. Or you wrote your own orchestrator in TypeScript or Python, called the Messages API in a Promise.all , and handled the queueing yourself. The Agent path was ergonomic but capped. The DIY path was uncapped but the orchestration was your problem — retries, structured output validation, cache invalidation, all of it. Dynamic Workflows in 4.8 collapses both. You write a script — JavaScript, not a separate orchestrator binary — that calls agent() , parallel() , pipeline() , and phase() as primitives. The runtime handles concurrency, structured output validation against JSON Schema, retri

2026-05-31 原文 →
AI 资讯

Claude Code's workflow docs are a menu.

Here is what a real solo founder orders. $ git worktree list ~/app a1b2c3d [ main] ~/app-review e4f5g6h [ review-branch] ~/app-content i7j8k9l [ draft-post] Three checkouts. One machine. Each one runs its own Claude Code session that cannot touch the others. That is a normal workday for me. I run a one person shop. Content and code, same desk, same hour. Anthropic's common workflows page lists about a dozen recipes for everyday work, and the docs are strong. What they do not tell you is which recipes survive contact with a real workday and which ones stay theory. After running Claude Code as my whole operation, five workflows carry the load. Here is the honest split. https://code.claude.com/docs/en/common-workflows 1. Worktrees changed how I work The problem worktrees solve is collision. You ask Claude to fix a bug. While it edits, you want to keep building a feature. Same repo, two streams of edits, and now your working tree is a fight nobody wins. A git worktree is a second checkout of the same repo on its own branch. Claude runs inside it and never sees the other windows. claude --worktree feature-auth Real scenario from this week. The post you are reading was drafted in one worktree while a separate Claude session reviewed an open pull request in another. Neither touched the other's files. When the review finished I merged, came back to the draft, and never lost my place. If you take one workflow from the docs, take this one. The setup cost is close to nothing and parallel agents stop stepping on each other. 2. Subagents protect the one resource you cannot buy more of The model's working memory is your budget. Every file Claude reads to answer a question spends it. Ask "how does our auth refresh work" in a large repo and Claude reads a pile of files to answer. Those files now sit in the window for the rest of the session, crowding out the work you care about. Delegate that to a subagent. use a subagent to investigate how our auth system handles token refresh The

2026-05-31 原文 →
AI 资讯

Are Claude skills safe in 2026? What the Snyk ToxicSkills audit actually found

{/* JSON-LD schema is generated server-side in app/blog/[slug]/page.tsx , do not re-add an inline block here, it crashes<br> MDX&#39;s Acorn parser on the leading <code>{</code>. */}</p> <h2> <a name="tldr" href="#tldr" class="anchor"> </a> TL;DR </h2> <p>In February 2026, Snyk published the <a href="https://snyk.io/blog/toxicskills-malicious-ai-agent-skills-clawhub/">ToxicSkills audit</a>, the first large-scale security review of the public Claude Code skills ecosystem. It scanned 3,984 skills from ClawHub and skills.sh. Findings:</p> <ul> <li><strong>13.4%</strong> contained critical-level issues</li> <li><strong>36%</strong> carried prompt-injection payloads</li> <li><strong>1,467</strong> distinct malicious payloads</li> <li><strong>91%</strong> of confirmed malware combined natural-language jailbreaks with executable shell payloads</li> </ul> <p>If you install a Claude Code skill today without reading its source, the probability that it can read your env vars, exfiltrate <code>~/.ssh/</code>, or chain a bash pipeline that bypasses your deny rules is real and measurable. This post is the cheat sheet for evaluating a skill before you install it. The CTA at the bottom is <a href="https://dev.to/skillvault">SkillVault</a>, the bundle we ship for teams who want this work already done.</p> <h2> <a name="why-the-question-is-suddenly-loadbearing" href="#why-the-question-is-suddenly-loadbearing" class="anchor"> </a> Why the question is suddenly load-bearing </h2> <p>Claude Code skills shipped as an open spec in December 2025. By March 2026, MCP downloads were tracking at 97 million per month, and the most-installed marketplace skill had passed 564,000 installs. <a href="https://venturebeat.com/security/claude-code-512000-line-source-leak-attack-paths-audit-security-leaders">Anthropic&#39;s source leak</a> on March 31, 2026 made the abstract attack surface visceral: the <code>bashSecurity.ts</code> module has 23 numbered security checks, suggesting each was a real incide

2026-05-30 原文 →
AI 资讯

I built a 9-agent AI dev team in a Claude Code plugin — here's what happened

The moment I realized AI coding assistants were broken I was building a side project — a simple task manager app. I opened Claude Code, typed: "Add user authentication with email and password login" …and hit enter. Twenty minutes later, I had code. A lot of code. Authentication logic, routes, middleware, even some basic tests. But there was a problem. The frontend (me, on a different day) had assumed a different API shape. The tests only covered the happy path. There was no architecture decision to reference — I just picked JWT because it felt right. And the docker-compose.yml ? It didn't exist yet. I had AI-generated code, but no real software development workflow. What was actually missing Good software isn't just code. Before you write a single line, you need: A spec that everyone (including future-you) agrees on An architecture decision that explains the why Backend and frontend designed to talk to each other Tests that prove things actually work A code review that catches security holes before they ship A deployment config that someone can actually run Normally, a team handles all of this. A PM writes the spec. An architect proposes options. Engineers implement and review each other's work. A DevOps person sets up CI/CD. What if AI could fill all those roles? Building the pipeline I built claude-dev-pipeline — a Claude Code plugin that orchestrates a team of specialized AI agents, each with a specific job. airwaves778899 / claude-dev-pipeline 7-agent full-stack development pipeline plugin for Claude Code — PM → Architect → Backend → Frontend → QA → Reviewer → DevOps claude-dev-pipeline A Claude Code plugin that orchestrates 7 specialized AI agents to take your feature request all the way from requirements analysis to production deployment — with a human-in-the-loop checkpoint at every phase. 中文說明 Why? Writing a feature involves more than just code. You need: A clear spec that everyone agrees on An architecture decision before you write a single line Backend and

2026-05-29 原文 →
AI 资讯

Put your Coding Agents in Drive w/ Superpowers (aka How Superpowers is the Automatic Transmission of Agentic Coding)

The most downloaded and widely used methodology in the Claude Code ecosystem is Superpowers , with over 208k stars⭐️ and 18.5k forks🍴 on GitHub (and counting!) Going from raw Claude Code to using Superpowers is as revolutionary as going from a manual transmission to an automatic. Here's why this analogy holds: Planning Mode vs. Coding Mode When we build with Claude (or Codex, or Gemini...), we're usually in one of two states: planning mode coding mode Like shifting gears in a car🚘, moving between these modes effectively is what makes it all work. Skip the shift, and you're just revving your engine (aka burning context and going nowhere.) Superpowers lets Claude automatically detect and shift between these modes. It picks up on ambiguity in your prompt and ensures it fully understands the task before entering coding mode. No manual shifting required! Slower, but for Good Reason Superpowers can feel slower and less satisfying than raw Claude Code, like how driving an automatic can feel less engaging than a manual. But both serve the same critical purpose: they stop you from blowing up your engine! That said, there's still a time and place for raw Claude. Sometimes you want direct, fast, unmediated output. But that minor gain in speed often isn't worth the added complexity, the ambiguity risk, and the tradeoffs that come with it. The Layer Underneath Entire is building the foundation beneath all of this — capturing every session and decision, and linking it to the commit it produced. It's the full record of how the code was written, not just the code itself. So the question is this: how will you put your agent in drive🚘?

2026-05-29 原文 →