Hey Everyone π,
John Lindquist here with the 40th issue of AI Dev Essentials!
Anthropic dropped Claude Opus 4.8 this morning, headlining a week that was already heavy on infrastructure announcements. Opus 4.8 lands at the same price as 4.7, ships a faster and significantly cheaper Fast Mode, adds Effort Control in the Claude app, and introduces Dynamic Workflows in Claude Code for running hundreds of parallel subagents.
Beyond the new model, Anthropic published a blunt engineering post about how they actually contain Claude (and how often users approve prompts without reading them). OpenAI shipped Secure MCP Tunnel and Workload Identity Federation. Antigravity filled in the features gap from its I/O launch. And Claude Code got a batch of reliability and workflow fixes that I've been wanting for months.
The pattern is clear. The model race hasn't slowed down, but the infrastructure race just started catching up. Private networks, identity management, sandboxing, and agent containment are now getting the same attention that benchmarks used to. For developers building on these tools, that's the layer that actually determines whether your agent system survives contact with a production environment.
There are also whispers of more big announcements landing later today, so apologies in advance if we missed something major between sending this and your inbox. I'll catch anything that slips through in next week's issue.
β‘ Codex Power User Workshop β π Tomorrow, Fri May 29 at 9am PT β π¨ LAST DAY Reserve your spot β
Speaking of agent systems you can trust on real projects: π¨ TODAY IS THE LAST DAY TO BUY WORKSHOP TICKETS! The Codex Power User Workshop is tomorrow. I've been storing up tricks from months of daily Codex use and I'm excited to share them. This is the first cohort, and if you want to go from "I've tried Codex a few times" to "I have a repeatable system that works on real projects," this is the session.
π Major Announcements
Model Update Anthropic Releases Claude Opus 4.8
Anthropic released Claude Opus 4.8 on May 28, 2026, positioning it as a sharper, more honest, longer-running successor to Opus 4.7 at the same price. The launch also bundles a faster and cheaper Fast Mode, Effort Control in the Claude app, and Dynamic Workflows for orchestrating hundreds of parallel subagents in Claude Code.
What's New:
- Sharper judgment and more honesty about its own limits compared to Opus 4.7
- Works independently for longer stretches without prompting
- Effort Control in the Claude app to dial reasoning depth up or down
- Dynamic Workflows in Claude Code for running hundreds of parallel subagents on large engineering tasks
- Fast Mode at roughly 2.5x speed and 3x cheaper than the prior Fast tier
Benchmarks Reported by Anthropic:
- OSWorld-Verified (computer use): 82.3% with updated methodology
- SWE-Bench Pro (agentic coding): Anthropic reports outperforming Opus 4.7 without publishing an exact number
Pricing:
- Standard: $5 per 1M input tokens, $25 per 1M output (unchanged from Opus 4.7)
- Fast Mode: $10 per 1M input tokens, $50 per 1M output (down from $30/$150)
(Anthropic β Claude Opus 4.8, Claude Opus)
π¬ 4.8 at the same price as 4.7 is the headline. I haven't had a chance to test it out yet since I'm such a Codex fan-boy, but definitely looking forward to trying out the all the new "workflow" features next week. I love seeing features like "Dyanmic Workflows" cannonized into the harnesses. They're the kind of things I've built in the past, but it was always difficult to bundle up and share them.
Security Anthropic Publishes "How We Contain Claude"
Anthropic published a detailed engineering blog post on May 25, 2026, explaining how they sandbox Claude across claude.ai, Claude Code, and Claude Cowork. The post is unusually direct about the limits of human approval prompts and model-layer defenses.
Key Findings:
- Users approved 93% of permission prompts without reading them, effectively bypassing the human-in-the-loop safety model
- In a controlled February 2026 red-team exercise, a phished employee scenario led Claude to complete AWS credential exfiltration 24 out of 25 retries; Anthropic's point was that egress controls and filesystem boundaries are what stop this failure mode
- Deterministic environment controls are the real security boundary: filesystem limits, sandboxing, VM isolation, and egress controls, not permission dialogs
- Three containment patterns: ephemeral containers for claude.ai, a human-in-loop sandbox for Claude Code, and sealed VMs for Claude Cowork
(Anthropic Engineering: How We Contain Claude)
π¬ I love seeing honest posts like this. I definitely lean towards the danger side of "yolo" and I've never had any issues, but I usually have a very specific end goal in mind where I know exactly the steps it will take. I can only imagine what some people new to programming might be prompting for and how dangerous it truly is out there for them.
API OpenAI Ships Secure MCP Tunnel and Workload Identity Federation
OpenAI added two enterprise infrastructure pieces this month: Secure MCP Tunnel for private and on-prem MCP servers, and Workload Identity Federation for short-lived OpenAI access tokens tied to trusted workloads.
Private MCP Servers:
- Keep MCP servers inside your company network
- ChatGPT, Codex, the Responses API, and other OpenAI products connect through a customer-hosted
tunnel-clientover outbound HTTPS without exposing the MCP server publicly - No need to expose internal tools to the public internet
Workload Identity Federation:
- Manage OpenAI API access through external identity tokens, service account mappings, and short-lived OpenAI access tokens instead of distributing permanent API keys
- Uses short-lived OIDC tokens from external identity providers
- Reduces key sprawl across teams and services
(OpenAI: Secure MCP Tunnel, OpenAI: Workload Identity Federation)
π¬ Internal tooling is my jam. I think everyone loves building features for optimize internal workflows. Glad that see see MCP levelling-up features and security to make them much more viable.
Tool Antigravity 2.0 Feature Details Drop
Google's Antigravity team shared a feature breakdown for the 2.0 release, filling in capabilities that weren't highlighted during the I/O keynote.
Features:
- Subagents for parallel task execution
- Asynchronous task management for background work
- Scheduled tasks for recurring agent workflows
- JSON hooks for custom automation triggers
- Voice integration
(Antigravity Feature Deep Dive)
π¬ Really curious to see if Antigravity can put even a minor dent in Cursor's IDE dominance. Composer 2.5 is such a good model and Cursor also supports all the models Antigravity supports. I have a really, really difficult time even justifying installing it.
π οΈ Developer Tooling Updates
Tool Claude Code Deprecates /simplify in Favor of /code-review --fix
Claude Code 2.1.152 deprecated /simplify and pointed users at /code-review --fix, which applies review findings directly to your working tree after the review. It surfaces reuse, simplification, and efficiency suggestions.
Tool Claude Code Ships Back-to-Back Reliability Releases
Claude Code 2.1.152 and 2.1.153 landed in late May 2026 with a stack of reliability fixes. 2.1.152 fixed excessive memory usage when resuming sessions and a custom API gateway OAuth credential regression. 2.1.153, dated May 28, added fixes across background sessions, subagent MCP servers, and Windows rendering.
π¬ Claude Code had a rough stretch earlier this year, and the April postmortem mattered. This is the kind of release that earns trust back quietly: fewer background-session surprises, clearer recovery paths, and fewer sharp edges in long-running workflows.
Tool NotebookLM Auto-Syncs with Google Drive
Google is rolling out automatic Google Drive syncing for NotebookLM starting May 26, 2026, with gradual rollout over up to 15 days. Changes to uploaded Docs, Sheets, or Slides now update automatically in notebooks, while file permissions and deletions are still respected.
π¬ I love NotebookLM and this is a notable ahem update. But Notebooks need an MCP or API! I need to be able to interact with them from my personal agents, not just the Gemini app. Grumble. Grumble.
Open Source Screendrop: Open Source Screenshot and Video Tool
Screendrop launched in beta as an open source native macOS screenshot and screen recording tool. It includes annotation, recording trim and compression, local history, and optional self-hosted sharing through Cloudflare R2, D1, and a Hono-based Worker.
π¬ The self-hosted cloud piece is what sets this apart from the dozen other screenshot tools. If you're feeding screenshots into agent workflows and don't want them going through a third-party service, this is worth a look.
π€ AI Ecosystem Updates
Ecosystem Repo Prompt Founder Joins OpenAI
Eric Provencher, creator of Repo Prompt, announced on May 27, 2026 that he is joining OpenAI's developer experience team under Romain Huet. Repo Prompt licensing restrictions have been removed, subscriptions have been cancelled, and a Community Edition is planned.
π¬ Repo Prompt was one of the first tools I used for context packaging before packx and the built-in bundling in Codex and Claude Code. The founder joining OpenAI's DevEx team suggests they're taking the "how does context get into the model" problem seriously at a platform level. Good hire. Good signal, especially if it shows up in Codex context workflows.
Ecosystem Claude Cowork Positioning Clarifies
Anthropic is positioning Claude Cowork around enterprise workflows, plugins, and connectors rather than coding alone. Recent Cowork updates include connectors for Google Workspace, Docusign, FactSet, and other business tools, plus private plugin marketplaces for teams.
π¬ For dev teams, the practical question is whether Cowork plugins and connectors transfer cleanly into Claude Code or SDK-based agent setups. Anthropic says plugins work across Cowork and anything built on the Claude Agent SDK, which makes the boundary worth testing instead of guessing.
β‘ Quick Updates
Tool Portless Adds Configurable Startup Services
- Release: 0.13.1
portless service installnow persists proxy options for LAN mode, wildcard routing, custom ports, custom TLDs, TLS settings, certificates, keys, and state directories across launchd, systemd, and Task Scheduler.
Hardware Google Coral Board Demos On-Device AI Workflows
- Source: Demo surfaced May 27, 2026; the Synaptics Coral Dev Board itself was announced March 10, 2026
- Limited-edition Synaptics Coral Dev Board with Google Research's Coral NPU and Gemma 3 270M demo stack. The demos include on-board speech translation, natural language hardware control, and vision-to-music workflows.
β¨ Workshop Spotlight
Codex Power User Workshop
Happening tomorrow
Hosted by John Lindquist, founder of egghead.io, with hundreds of developers trained across dozens of Cursor and Claude Code workshops.
Friday, May 29 @ 9:00 AM to 2:00 PM Pacific
- Context Packaging: Bundle files, logs, screenshots, and traces so Codex understands the real problem
- Terminal Workflows: Run parallel research, planner, builder, and validator sessions without losing the thread
- Agent Profiles: Compare broad defaults vs. narrow prompts, focused skills, and limited tool access
- Tools & Sandboxing: Separate read-only from mutation tools and map agents to repeatable tool profiles
- Skills, Hooks & Memory: Build reusable expertise, enforce guardrails, and capture durable decisions
- Codex SDK: Embed Codex into CI, dashboards, and internal tools when terminal sessions aren't enough
Did you enjoy this issue? Share it with a friend.
Β© 2026 John Lindquist β’ egghead.io