Wednesday, March 25, 2026

Daily picks

articles scored

#1 GOLDReleaseClaude Blog

Auto mode for Claude Code

Claude Code's biggest daily friction — approving every single file write and bash command — now has a middle path between babysitting and full danger mode
Auto mode uses a classifier that checks each tool call before it runs: safe actions proceed automatically, risky ones get blocked and Claude finds a different approach instead
You no longer need --dangerously-skip-permissions to get flow state — auto mode gives you speed without removing all guardrails
Currently research preview on Team plan. Enterprise and API access rolling out in the coming days
Anthropic recommends running it in isolated environments — the classifier reduces risk but doesn't eliminate it

#2 SILVERGuideReddit r/ClaudeAI

When Claude reads files, fetches web pages, or gets output from MCP servers, it can't reliably tell your instructions apart from malicious ones hidden in that content
If you're running --dangerously-skip-permissions and Claude clones a repo with a poisoned README, it might just follow the embedded instructions with full system access
Attack vectors include hidden instructions in code comments, malicious web pages Claude fetches, edited Notion/GitHub/Slack pages through MCP connectors, and Base64/homoglyph-encoded payloads
Lasso Security released an open-source PostToolUse hook that scans tool outputs against 50+ detection patterns — warns rather than hard-blocks, takes ~5 minutes to set up

#3 BRONZEGuideReddit r/ClaudeAI

Claude Code is a black box — you see what it built, not how it decided to build it. Agent Flow is a VS Code extension that makes the agent's decisions visible in real time
See live tool calls with timing and token costs, watch subagents spawn and coordinate, click into any step to inspect the full transcript
File attention heatmaps show which files Claude is reading and writing most — useful for catching unnecessary context reads that drain your usage budget