What happened
Anthropic's Claude Code npm package, version @anthropic-<a href="/news/2026/5/6/15/ai-designs-next-generation-disinfectants" class="text-primary hover:underline">ai</a>/<a href="/news/2026/4/9/3/claude-launches-managed-agents" class="text-primary hover:underline">claude</a>-code@2.1.87, contains numerous undocumented configuration options and hook capabilities discoverable within its source code. These include the internal "YOLO Classifier" for environment-aware auto-approvals, updatedInput to modify tool commands mid-flight, and permissionDecision for programmatic action approvals. Additionally, hook modifiers like once and async enable single-execution or background processing for automation, expanding customisation beyond official documentation.
Why it matters
Developers gain granular control over Claude Code's behaviour, enabling custom automation and security policies directly within their projects. This mechanism allows engineering teams to enforce operational safeguards, such as automatically appending --dry-run to git push commands or programmatically approving read-only shell commands. This expands the scope for fine-grained risk mitigation and custom workflow integration, building on Anthropic's recent efforts to automate Claude Code tasks.
