OCDevel Claude Code Podcast

OCDevel Claude Code Podcast
  • 0,0 (0)
  • Giáo dục
  • Hằng tuần

The podcast for developers who live in Claude Code. A fast news segment on the latest Claude Code releases with a hands-on tutorial that levels up your agentic coding. The news covers what actually shipped across Claude Code and the wider Anthropic stack - new versions, models, pricing, plus the MCP servers, skills, and hooks worth your time. Then the tutorial climbs a single ladder across the series: from driving one Claude session by hand in your terminal, to power-user tooling (custom slash commands, subagents, MCP), to multi-agent fleets, to autonomous review-and-fix loops, to a full pipeline where you file a GitHub issue from your phone and Claude implements the feature, opens the PR, runs the tests, and ships to production while you're on the beach. Claude as the senior engineer on your one-person team. One copyable workflow and one real pitfall per episode - every command, flag, and setting named exactly as it appears in the tool. For working developers who want to stop typing every keystroke and start directing. AI-generated podcast by OCDevel.

  1. 16 giờ trước

    Blast-Radius Engineering in Claude Code: Bounding What an Unattended Run Can Touch with IAM, OIDC, and Branch Protection

    Prevention sometimes fails, so engineer the blast radius: layer scope limits on permissions, credentials, network, accounts, spend, and merge rights so one bad turn stays cheap. The trap is assuming "it only opens a PR" is safe, because a PR triggers CI that can hold your secrets. Episode page & show notes Try a walking desk - stay healthy & sharp while you learn & code A two-part episode for people running Claude Code unattended. News. Anthropic shelved the planned Agent SDK and claude -p billing split on June 15, the day it was due to land, telling customers "nothing changes for now" and promising a reworked plan with advance notice (The New Stack, digitalapplied, the-decoder). Headless and SDK usage keep drawing from your subscription pool, so don't migrate automation to API keys for this reason. v2.1.178 adds Tool(param:value) permission rules (e.g. Agent(model:opus)), nested .claude/skills auto-load, and runs subagent spawns through the auto-mode classifier (changelog, release). v2.1.179 is fixes only: mid-stream drop recovery, WSL2 scroll restore, and a sandbox glob fix on Linux. Backdrop: short outages and elevated Opus 4.8 errors (StatusGator, TechTimes). Tutorial: blast-radius engineering. The prior episode built layers that prevent a bad action. This one assumes prevention fails and bounds the damage. Defense in depth across five layers: Claude-side: permission deny/ask/allow ordering, defaultMode dontAsk, the sandbox (failIfUnavailable, allowUnsandboxedCommands false, denyRead on credentials), PreToolUse hooks, --bare, --max-turns. Plus CVE-2026-25725 (SecurityWeek): why you bound damage outside the tool. AWS: least-privilege IAM, permissions boundaries, Access Analyzer policy generation, STS short-lived creds, SCPs, egress control, and Budgets actions. GitHub: scoped GITHUB_TOKEN, OIDC to AWS, branch protection, and environment reviewers. The pitfall: "it only opens a PR" ignores pull_request_target, which runs fork code with base-repo secrets (2i2c, OpenSSF). See the spotipy and openlit advisories.

  2. 4 ngày trước

    Autonomous-Run Safety in Claude Code: Sandboxing, Prompt-Injection Defense, and Audit Logs

    Before you let Claude run unattended, you need three independent enforcement layers, because a prompt injection can change what the agent wants to do but never what the harness allows. This episode wires up the sandbox, the deny rules, and the audit trail into one locked-down headless run. Episode page & show notes Try a walking desk - stay healthy & sharp while you learn & code Act II continues. This is the gate you put up before you let Claude Code run unattended. We build three independent enforcement layers, because they fail differently, and you need all three. The three pillars Sandboxing. The native Bash sandbox (docs) enforced by the OS: Seatbelt on macOS, bubblewrap + socat on Linux/WSL2 (sudo apt-get install bubblewrap socat). Default write is the working dir only; default read is the whole computer except denied dirs, which still includes ~/.aws/credentials and ~/.ssh unless you add denyRead. Network has no domains pre-allowed; the proxy does not inspect TLS, so broad domains like github.com are exfil paths. Key knobs: failIfUnavailable, allowUnsandboxedCommands, excludedCommands, CLAUDE_CODE_SUBPROCESS_ENV_SCRUB. Permissions & modes. Evaluation is deny then ask then allow, first match wins (Permissions). dontAsk is the unattended gem (fully non-interactive). --dangerously-skip-permissions is the anti-pattern: it replaces the prompt with nothing and offers no injection protection (Permission modes). Watch the gitignore-anchor footgun: /Users/alice/file is project-relative, not absolute. Prompt-injection defense. The lethal trifecta (private data + untrusted content + exfil channel). The patched Claude Code GitHub Action attack (Microsoft, oddguan, GMO Flatt): the Read tool bypassed the Bash sandbox and leaked /proc/self/environ. Fixed in claude-code-action v1.0.94. Plus auto mode, Security, and PreToolUse hooks. Audit logs. On-disk JSONL transcripts (.claude directory, unencrypted at rest), headless --output-format json with total_cost_usd (headless), and OpenTelemetry emitting claude_code.tool_decision and claude_code.tool_result out of the box. We close with one copyable locked-down headless workflow and the primary pitfall: the silent success of --dangerously-skip-permissions. Forward pointer: blast-radius engineering, next episode. News: Fable 5 and Mythos 5 pulled under a US export-control directive; Claude Code falls back to Opus 4.8 (switch with /model). Plus the v2.1.172–2.1.176 changelog hardening: enforceAvailableModels, nested sub-agents to 5 levels, and fixed permission-path matching.

  3. 10 thg 6

    Review-and-Fix Loops: The Cold Critic, the Fixer, and the Gate Before Full Autonomy

    A code reviewer who wrote the code is the worst possible reviewer, so wire a cold-context critic against an Edit-capable fixer and an objective test gate. The one pitfall that breaks it: a fixer that games the gate by rewriting the tests instead of the bug. Episode page & show notes Try a walking desk - stay healthy & sharp while you learn & code Act II of the agentic coding ladder: the trust rung. We build a review-and-fix loop where one agent critiques a diff while another repairs it, with a human still approving the result. This is wired entirely out of primitives from earlier episodes: subagents, skills, slash commands, hooks, the orchestrator pattern, headless mode, the Agent SDK, git worktrees, and the @claude GitHub Action. The core idea: a reviewer who wrote the code is the worst reviewer. You want a generator, then a critic in a fresh cold context, then a fixer, then an objective gate. Concepts and sources: Building Effective Agents (evaluator-optimizer, iteration caps) Reflexion and Self-Refine LLMs Cannot Self-Correct Reasoning Yet (intrinsic self-correction degrades without an external anchor) Multi-agent research system (verify high-stakes outputs with a separate pass) Building it in Claude Code today: Custom subagents in the agents folder under dot-claude Code Review and security-review ultrareview cloud fleet Headless mode with json-schema findings Agent SDK for the multi-round loop GitHub Actions for the hosted version The pitfall: the fixer reward-hacks the test gate, documented in ImpossibleBench and EvilGenie. Bound it with tool separation, immutable tests, and a PreToolUse hook. News: Claude Fable 5 lands in Claude Code via v2.1.170, plus v2.1.169 safe mode and the /cd command.

  4. 7 thg 6

    The Claude Code GitHub Action: @claude on Issues and PRs (Setup, Auth, Triggers, Pitfalls)

    Install the claude-code-action via /install-github-app, then @-mention Claude on any issue or PR to get a committed branch and a ready-to-click PR link. The biggest gotcha: fork PRs on public repos can't read your ANTHROPIC_API_KEY, so the workflow silently does nothing unless you use pull_request_target on the base branch or Workload Identity Federation. Episode page & show notes Try a walking desk - stay healthy & sharp while you learn & code This episode kicks off Act II: moving from power-user-at-the-keyboard toward supervised automation. A human still approves everything here. We set up the Claude Code GitHub Action so you can write @claude on an issue or pull request and have Claude read the repo, make changes, commit to a branch, and hand you a pre-filled PR link. Setup. Fastest path: run /install-github-app from inside the Claude Code CLI. It installs the Claude GitHub App, writes the workflow YAML under .github/workflows/, and creates the repo secrets. Needs repo admin, and works for direct Anthropic API users (cloud providers need manual config). Manual setup: install the App, add ANTHROPIC_API_KEY (or CLAUDE_CODE_OAUTH_TOKEN from claude setup-token for Pro/Max), and copy examples/claude.yml into your workflows folder. Triggers. Default phrase is @claude (word-boundary matched, so not @claude-bot). Default events: issue_comment, pull_request_review_comment, pull_request_review, and issues. Adding a prompt: input flips it into automation mode (runs without a mention). Permissions. Minimal block: contents: write, pull-requests: write, issues: write, id-token: write. Add actions: read for CI log access. Arbitrary Bash is off by default; enable specific commands via --allowedTools. Pitfalls. Fork PRs can't read secrets on public repos (prompt-injection defense). Fix with pull_request_target + checkout of the base branch, Workload Identity Federation, or a same-repo if: guard. Claude's own github-actions[bot] comments can't trigger another run (loop protection). Use a PAT/App token or workflow_run. Branch protection can reject direct pushes; allow claude[bot] to bypass or accept the create-branch-then-PR flow. Every mention is a full agent run on your key. Batch requests, cap with --max-turns. As of 2026-06-06, latest release is v1.0.140. v1.0 replaced v0.x's mode/direct_prompt/max_turns with prompt + claude_args. Builds on the prior Headless Claude Code episode: the Action is essentially headless Claude triggered by a GitHub event.

  5. 6 thg 6

    Headless Claude Code: drive claude -p and the Agent SDK from your scripts

    Take Claude Code out of the terminal and into your scripts. Print mode and structured JSON, the Claude Agent SDK in TypeScript and Python, chaining sessions, and the permission-and-cost discipline that keeps an unattended run from deleting your repo or running up an API bill once the June 15 billing change lands. Episode page & show notes Try a walking desk - stay healthy & sharp while you learn & code The Act II pivot from driving one Claude Code session by hand to calling it from a script: same agent, same loop, but you pre-decide what's allowed in code before the run ever starts. The tutorial. Print mode (claude -p) as a Unix citizen — piping stdin (and the 10MB cap), the --bare flag for deterministic CI runs, and structured output via --output-format json (the result, session_id, total_cost_usd, and subtype fields), stream-json with the init and api_retry events, and --json-schema for typed data instead of prose. The run-bounding flags — --max-turns, --max-budget-usd, --model/--fallback-model, --allowedTools/--permission-mode — and chaining turns with --resume/--session-id/--fork-session. Why a model refusal can't be caught from the exit code. Copyable patterns: a commit-message generator (and the space-before-* permission footgun), a stdin-fed typo linter that needs no Bash permission, and a locked-down CI run. Then the Claude Agent SDK (renamed from the Claude Code SDK in September 2025): query() and the options that mirror the CLI flags, custom in-process tools, the Python ClaudeSDKClient, hooks and subagents in code, and the can_use_tool permission callback. Full reference in the headless docs and the migration guide. The pitfalls. --dangerously-skip-permissions in an unattended run — how to recognize the silent-success failure, and the least-privilege allowlist that replaces it — and the June 15, 2026 billing change that moves Agent SDK and claude -p usage to a separate metered credit pool, plus how to watch total_cost_usd and bound it. News. Claude Code 2.1.166 (June 6): a fallbackModel setting (up to three), thinking-off controls, a "*" deny-all glob, and a cross-session permission-escalation fix; latest is 2.1.167 (changelog). 2.1.163 added additionalContext from Stop hooks, /plugin list, and version-pinning settings. And Claude Opus 4.1 is deprecated, retiring on the API August 5, 2026 (release notes). Earlier episodes referenced: CLAUDE.md and --resume, permissions and plan mode, custom slash commands and hooks, skills, subagents and the orchestrator pattern, MCP servers, cost and rate-limit engineering and evals, ultraplan/ultrareview, and parallel sessions with git worktrees.

  6. 4 thg 6

    The orchestrator pattern: promote one Claude Code session to dispatch waves of subagents

    Stop hand-wiring parallel sessions and let one Claude become the dispatcher: it spins up waves of subagents that work in parallel and report back. Your first session that runs a team instead of a task, plus how to keep the roughly fifteen-times token bill from running away with you. Episode page & show notes Try a walking desk - stay healthy & sharp while you learn & code The first rung of running a fleet instead of a session: promote one Claude Code session to a lead that dispatches waves of subagents, which work in parallel and report back. The tutorial. The orchestrator-worker pattern, drawn from Anthropic's multi-agent research system writeup (Opus lead plus Sonnet workers beat single-agent Opus by ~90%, at roughly 15x the tokens of a chat, with effort scaled to query complexity). How it maps onto Claude Code today: the Agent tool (renamed from Task in v2.1.63) spawns workers in their own context windows that return only a summary; the two-level limit (subagents can't spawn subagents, so "waves" are batches); foreground vs background workers and Ctrl+B. Writing a custom subagent in your project's agents folder, with the frontmatter that turns earlier episodes' cost levers into per-worker dials: model (Sonnet/Haiku workers under an Opus lead), maxTurns, effort, tools, skills, mcpServers, and isolation: worktree (the callback to last episode's worktrees). A worked fan-out migration: Explore to map files, partition by file ownership, complete delegation prompts, structured returns, and a synthesis-and-test stage, plus the packaged /batch skill (5-30 worktree subagents, a PR each). Where it scales next: agent teams and dynamic workflows. The pitfall: token blowup from over-orchestrating, with the blank-context worker, file collisions, and the lead losing the thread underneath it. How to recognize each on /usage and /context, and how to bound it. The rule: orchestrate for breadth and independence, stay single-agent for depth and coupling. News. Claude Code 2.1.162 (June 3): a waitingFor field in the agents JSON, Read deny rules now hide files from Glob/Grep, and Windows path-matching fixes (changelog). API changes June 2: no billing on zero-output refusals and a max_tokens cap on the advisor tool (release notes). Earlier episodes referenced: subagents, skills, CLAUDE.md, context windows, MCP servers, cost and rate-limit engineering, and parallel sessions with git worktrees.

  7. 3 thg 6

    Ultraplan and ultrareview: plan hard before Claude writes code, then review the diff cold

    The two highest-leverage habits in a single Claude Code session: make it interview you and plan the whole change in writing before it touches a file, then make it tear the diff apart, cold, before anything gets committed. Both are free, and they cover each other's blind spots. Episode page & show notes Try a walking desk - stay healthy & sharp while you learn & code The last big habit of driving one Claude Code session by hand well: front-load the thinking, then back-load the review. Two workflows, not commands, built from primitives you already have. Ultraplan. Plan mode as the substrate (shift-tab into the read-only state, the approval gate you can edit and send back), then the moves that turn it into a workflow: let Claude interview you to lock requirements before it guesses, write the plan to a file so it survives a context reset, and have it critique its own riskiest assumptions before you approve. Spend a large thinking budget where being wrong is costly, skip the ceremony on trivial changes, and remember thinking tokens bill as output (callback to the cost episode). Codify the ritual as a custom slash command with read-only allowed-tools. Sources: Claude Code common workflows, best practices, slash commands, and managing cost. Ultrareview. Review the diff, not your memory of watching it happen: git diff against main, automated gates first (typecheck, lint, tests, build), then human-and-model judgment on the logic and security bugs no check sees, the untenanted query and the secret in a log line. Use the built-in /security-review and the claude-code-security-review action (mind the prompt-injection caveat on fork PRs). Wire the mechanical floor into hooks so a failing typecheck can't be committed, and write the "before every commit" list into your CLAUDE.md. The pitfall: review theater. A session that wrote the code rubber-stamps its own work with vague praise and zero findings. Recognize it by the absence of specifics; fix it by reviewing the diff cold, in a cleared context or a subagent that never saw the code written, and by forcing a why-is-this-correct justification per change. That cold-diff reviewer is the doorway to the next episode's review-and-fix loop. News. Opus 4.8 fast mode reportedly got around 2.5x faster at roughly a third the old price (announcement); Claude Code 2.1.161 (June 2) now carries OpenTelemetry resource attributes through as labels and adds a done/total counter to the agents view (changelog); and a Strava MCP connector lands as the connector list keeps filling in. Earlier episodes referenced: permissions and plan mode, custom slash commands and hooks, skills, subagents, MCP servers, context windows and CLAUDE.md, cost and rate-limit engineering, and parallel sessions with git worktrees.

  8. 3 thg 6

    Parallel sessions and git worktrees: run several Claude Code agents without collisions

    One repo, several Claudes, zero stepped-on edits. Learn to give each Claude Code session its own git worktree, an isolated working directory on its own branch, plus the port, dependency, and database collisions to dodge, and the rule for when fanning out actually beats one focused session. Episode page & show notes Try a walking desk - stay healthy & sharp while you learn & code The first rung of Act two: stop driving one Claude Code session by hand and start running several in parallel without them colliding. The mechanism is git worktrees, multiple working directories backed by one repository, each on its own branch. The tutorial. What a git worktree actually is (shared history and object store, but isolated working files, HEAD, and index) and the one rule underneath everything: a branch can only be checked out in one worktree at a time, so each parallel session needs its own branch. The small command surface (git worktree add, list, remove, prune) and the nesting trap that pollutes your main checkout. Then Claude Code's built-in worktree support: the --worktree/-w flag, where it puts worktrees and how it names branches, basing each off origin/HEAD, the worktree.baseRef setting, branching straight off a PR number, the workspace-trust gotcha, the .worktreeinclude file for carrying your gitignored .env across, and isolation: worktree for the subagents we built back in Act one. The three collisions you'll actually hit, dependencies, ports (and why PORT in .env.local is silently ignored by the Next.js dev server), and the database, plus integration by pull request and partitioning work by file ownership. Finally, when NOT to fan out: the review bottleneck (roughly four to eight worktrees per developer before you're the constraint), coordination overhead, and the per-session token cost, drawing on Anthropic's best practices and cost guidance. News. Claude Code 2.1.160 and 2.1.161 (June 2): parallel tool calls are now fault-isolated, the Dynamic Workflows trigger keyword changed from "workflow" to "ultracode," and claude mcp stops printing your secrets, per the changelog. And the June 15 billing change: programmatic usage (the Agent SDK, claude -p, Claude Code GitHub Actions) moves to a separate metered credit pool billed at API rates, while interactive Claude Code stays unaffected, via The New Stack. Earlier episodes referenced: subagents, skills, CLAUDE.md, context windows, and cost and rate-limit engineering.

Xem tất cả (17)

Giới Thiệu

The podcast for developers who live in Claude Code. A fast news segment on the latest Claude Code releases with a hands-on tutorial that levels up your agentic coding. The news covers what actually shipped across Claude Code and the wider Anthropic stack - new versions, models, pricing, plus the MCP servers, skills, and hooks worth your time. Then the tutorial climbs a single ladder across the series: from driving one Claude session by hand in your terminal, to power-user tooling (custom slash commands, subagents, MCP), to multi-agent fleets, to autonomous review-and-fix loops, to a full pipeline where you file a GitHub issue from your phone and Claude implements the feature, opens the PR, runs the tests, and ships to production while you're on the beach. Claude as the senior engineer on your one-person team. One copyable workflow and one real pitfall per episode - every command, flag, and setting named exactly as it appears in the tool. For working developers who want to stop typing every keystroke and start directing. AI-generated podcast by OCDevel.

Thông Tin

  • Nhà sáng tạo
    OCDevel Claude Code Podcast
  • Năm hoạt động
    2 N
  • Tập
    17
  • Xếp hạng
    Sạch
  • Bản quyền
    © All rights reserved 2026, OCDevel Claude Code Podcast
  • Trang web chương trình
    OCDevel Claude Code Podcast