What happened
Anthropic's Claude Code Week 28 release (covering July 6-10, 2026, published July 11) added a sandboxed, configurable built-in browser for the desktop app that lets Claude browse and interact with external sites, with safety classifiers reviewing actions taken on external pages, plus 'auto mode' transcript protections and agent-view upgrades.
Why it matters
As coding agents gain autonomous web-browsing/interaction capability, sandboxing and real-time safety-classification of agent actions on untrusted external sites is a direct mitigation for the indirect prompt-injection/RCE-via-browsing class of attacks disclosed elsewhere this week (e.g., GhostApproval, Friendly Fire).
Applicability
Claude Code desktop users enabling browser features should review sandboxing/session-persistence configuration; security teams should treat this as a partial mitigation, not a substitute for endpoint monitoring.