Claude Code adds sandbox.credentials setting and model restrictions
TL;DR
Claude Code adds a sandbox.credentials setting to block sandboxed commands from reading secrets and integrates org-configured model restrictions. Mouse click support is added in fullscreen menus.
What changed
Claude Code added a sandbox.credentials setting to stop sandboxed commands from reading secrets along with org-configured model restrictions. Mouse click support was also added to fullscreen menus. Developers, Vibe Builders, and Basic Users now see these controls in their daily sessions.
Why it matters
Vibe Builders can keep creative projects secure without exposing keys during sandbox runs while Developers apply org model limits similar to how GitHub Copilot teams restrict options in shared workspaces. Basic Users gain simpler menu navigation that reduces friction on repeated tasks.
What to watch for
Compare the new sandbox setting against Cursor when testing command isolation and verify by running a sample command with the credentials flag enabled to confirm secret blocking.
Who this matters for
- Vibe Builders: Enable sandbox.credentials to prevent your creative scripts from accessing sensitive API keys.
Harsh’s take
Claude Code is maturing from a raw terminal experiment into a governed enterprise tool. The addition of sandbox credential blocking is a direct response to the security risks of letting an agentic CLI run arbitrary commands. It mirrors the permission structures we see in mature IDEs like Cursor or VS Code.
For operators, this update signals that Anthropic is prioritizing the safety of agentic workflows over pure speed. By integrating organizational model restrictions, they are making it easier for teams to manage costs and compliance without manual oversight. The mouse support in fullscreen menus is a small but necessary UX fix that makes the tool accessible to those who are not terminal purists.
by Harsh Desai
About Claude Code
View the full Claude Code page →All Claude Code updatesGo deeper
More AI news
- Daily RoundupAI SDK 7 agent platform, Google Gemini education tools, and Replicate model drops
Vercel shipped AI SDK 7 for production agents while Google released Gemini updates for parents, students, and educators; Replicate and Hugging Face added new models and Product Hunt surfaced agent tools.
- FeaturePatronus AI raises $50M to build digital worlds for AI agent testing
Patronus AI, founded by former Meta AI researchers, raises $50M to develop digital worlds that stress-test AI agents.
- FeatureWhich tokens does a hybrid model predict better?
Token analyses of Olmo 3 and Olmo Hybrid show hybrids predict meaning-bearing tokens better than transformers. Transformers retain an edge on verbatim copying.