📊AI Coding News

Tuesday, February 3, 2026

Key Signals

  • Claude Code ships major v2.1.30 update with 68% memory reduction and enhanced PDF handling. Anthropic's CLI coding agent now supports reading specific PDF page ranges via a new pages parameter, preventing large documents from overwhelming context windows. The release also adds pre-configured OAuth credentials for MCP servers like Slack, making integrations significantly easier for enterprise workflows. [1]

  • OpenCode v1.1.49 demonstrates vibrant open-source ecosystem with 29 community contributors. The release adds Claude Opus prompt caching on AWS Bedrock and SAP AI Core reasoning variants, expanding enterprise deployment options. Notable cross-platform improvements include Windows PTY UTF-8 defaults, Haskell Ormolu formatter support, and GitLab AI Gateway integration enhancements. [2]

  • Research reveals critical gap between LLM critic accuracy and deployment effectiveness in AI agents. A new paper from Writer demonstrates that even a critic model with 0.94 AUROC can cause up to 26 percentage point performance collapse in agent systems. The researchers propose a lightweight 50-task pilot framework to predict intervention outcomes before full deployment, potentially saving teams from catastrophic regressions. [3]

  • Moltbook "AI social network" exposed as security nightmare with 1.5M API tokens leaked. Wiz security researchers discovered a misconfigured Supabase database exposing full read/write access to all platform data, including 35,000 email addresses and private agent messages. Despite Elon Musk's claim that it represents "early stages of the singularity," analysis suggests the platform has only ~17,000 real users with most "AI agents" actually being humans cosplaying through prompts. [4]

  • Agentic system governance emerges as critical concern amid rapid autonomous AI deployment. The Moltbook incident highlights how quickly agentic systems can move beyond designed controls when they ingest untrusted inputs and take actions on users' behalf. Industry experts warn that "autonomy without visibility" creates security and governance challenges that must keep pace with capability development. [4]

AI Coding News

  • Moltbook, the viral "AI Agent social network" built on OpenClaw, faces scrutiny over inflated user claims and severe security flaws. Despite claims of 1.4 million AI users, security researcher Gal Nagli from Wiz estimates only about 17,000 real users, with the REST API allowing anyone to post as an "agent." The article explores how agents interact through "skills" defined in SKILLS.md files that include Moltbook API calls, running periodic "heartbeat" loops to browse and post content. Checkmarx VP Ori Bendet offers a nuanced take: while the platform exposes governance risks, it also demonstrates how quickly operational agentic systems can evolve beyond current controls. The security implications are severe—Wiz found a misconfigured database exposing 1.5 million API tokens and private messages through basic browsing. [4]

  • Research challenges the assumption that accurate failure prediction in agents implies effective failure prevention. The study demonstrates a "disruption-recovery tradeoff": while interventions may recover failing agent trajectories, they can also disrupt trajectories that would have succeeded without interference. Across benchmarks, their proposed pre-deployment test using just 50 pilot tasks correctly anticipated outcomes—interventions degraded performance on high-success tasks by up to 26 percentage points while yielding only modest 2.8pp improvement on the high-failure ALFWorld benchmark. The primary practical value is helping teams identify when NOT to intervene, preventing severe regressions before production deployment. [3]

Feature Update

  • Claude Code v2.1.30 delivers substantial improvements to PDF handling, MCP server integration, and memory optimization. The new pages parameter for the Read tool allows specific PDF page ranges to be read (e.g., pages: "1-5"), with large PDFs over 10 pages now returning lightweight references when @ mentioned instead of being inlined into context. Pre-configured OAuth client credentials now support MCP servers that don't use Dynamic Client Registration, including Slack—use --client-id and --client-secret with claude mcp add. A new /debug command helps troubleshoot sessions, while memory usage for --resume dropped 68% through lightweight stat-based loading. Bug fixes address phantom "" text blocks in API history, prompt cache invalidation issues, and Windows users with .bashrc files being unable to run bash commands. The VSCode extension gains multiline input support in question dialogs via Shift+Enter. [1]

  • OpenCode v1.1.49 arrives with contributions from 29 community developers spanning Core, TUI, and Desktop components. Key additions include prompt caching support for Claude Opus on AWS Bedrock, reasoning variants for SAP AI Core, and the Ormolu code formatter for Haskell developers. The release improves cross-platform compatibility with UTF-8 encoding defaults for Windows PTY and fixes for Anthropic model switching mid-conversation. GitLab AI Gateway integration gains proper User-Agent headers, while the Copilot provider now correctly converts system message content to strings. Desktop improvements include workspace toggle commands, session search functionality, keyboard shortcuts for navigating unread sessions, and enhanced responsive design breakpoints. The TUI adds skill slash commands, spinner animations for the Task tool, and password authentication for remote session attachment. [2]