RepoJournal
Anthropic

@anthropics

Claude SDKs and developer tooling

Pick a date

Topics: AI / ML Full archive →

The Wire · Showcase

SLACK NOTIFICATION INJECTION PATCHED ACROSS SDK STACK

By RepoJournal · Filed · About Anthropic

A JSON injection vulnerability in the Slack issue notification workflow has been fixed, and all three SDK implementations now carry the security patch plus critical bug fixes for false-positive CI success states.

The Python SDK shipped v0.2.117 [2] with an escape of untrusted issue fields in the Slack notification workflow, preventing attackers from injecting malformed JSON or mrkdwn code through specially crafted issue titles or usernames [1]. The TypeScript SDK and Code Action both follow with updates that fix a separate but equally important issue: builds now fail correctly when the Agent SDK returns `is_error: true` despite a success subtype, preventing misleading green checks on code review runs that never actually executed [3]. v0.2.118 for Python and v0.3.209 for TypeScript [5] bump the bundled Claude CLI to 2.1.209 [4], which unblocks the /model dialog in background agent sessions. The TypeScript SDK v0.3.208 [6] also patches two resource leaks and fixes a timeout handler that was killing queries instead of gracefully blocking prompts.

Action items

References

  1. [1] Escape untrusted issue fields in the Slack notification workflow (#1116) anthropics/claude-agent-sdk-python
  2. [2] v0.2.117 ↗ anthropics/claude-agent-sdk-python
  3. [3] fix(sdk): fail step when result has is_error:true despite success subtype ↗ anthropics/claude-code-action
  4. [4] v2.1.209 ↗ anthropics/claude-code
  5. [5] v0.3.209 ↗ anthropics/claude-agent-sdk-typescript
  6. [6] v0.3.208 ↗ anthropics/claude-agent-sdk-typescript

Quick answers

What shipped in Anthropic on July 14, 2026?
A JSON injection vulnerability in the Slack issue notification workflow has been fixed, and all three SDK implementations now carry the security patch plus critical bug fixes for false-positive CI success states. In total, 15 commits, 2 pull requests, and 8 releases landed.
Who contributed to Anthropic on July 14, 2026?
5 developers shipped this update, including Qing Wang, github-actions[bot], syf2211, GitHub Actions, and ashwin-ant.
What were the notable Anthropic updates?
Escape untrusted issue fields in the Slack notification workflow (#1116), v0.2.117, and fix(sdk): fail step when result has is_error:true despite success subtype.

More from @anthropics

Daily updates, in your inbox

Follow Anthropic

Claude SDKs and developer tooling We'll email you a link to confirm first.

Free. Confirm via email. Unsubscribe in one click.

— or follow the whole beat:

Elsewhere on the wire