We launched mcp.hosting and open-sourced tailscale-mcp. Claude Code got parallel sessions and Routines. MCP had its first by-design security fight.

MCP stopped being a protocol experiment this week and started behaving like infrastructure. Three things happened at once.

We shipped mcp.hosting - one config, every MCP server, synced to every client. Free for up to three servers. It exists because managing MCP servers across Claude Code, Claude Desktop, Cursor, and VS Code separately is the kind of friction a protocol only hits once it's past the experiment phase.

We also open-sourced tailscale-mcp: 99 tools, 4 resources, 727 unit tests, full Tailscale v2 API coverage. Agents can compose multi-endpoint tailnet workflows in one turn - no script, no glue code.

Meanwhile, Anthropic redesigned Claude Code around parallel sessions, shipped Routines (scheduled jobs that run on their infra, not your laptop), and added an xhigh effort level for Opus 4.7. OpenAI shipped a Codex that clicks and types on your desktop - clearly chasing Claude's computer-use playbook.

And MCP got its first "by design" security fight: Ox Security published a supply-chain flaw report, Anthropic declined to change the protocol, sanitization is the developer's problem. That fight is going to repeat - and probably soon - because the attack surface lives in the hosting and client layers, not in the protocol itself.

From us

• mcp.hosting - One config for every MCP server, cloud-synced to every client. Free tier up to three servers.
• YawLabs/tailscale-mcp - Open source, 99 tools covering the full Tailscale v2 API. Plus the Reddit discussion.

From the Yaw blog

• Manage Your Tailscale Tailnet from Claude Code - The companion post to the MCP server above.
• Tailscale on AWS: A Practical Guide to the Gotchas Nobody Warns You About - MagicDNS failures, subnet routing surprises, ACL lockouts.
• Your CLAUDE.md Is Lying to Your Agent - Introducing ctxlint. Why most CLAUDE.md files drift silently out of sync with the code they describe.

Claude Code this week

• Anthropic rebuilds Claude Code desktop around parallel sessions - New sidebar, drag-drop layout, integrated terminal, rebuilt diff viewer for large changesets.
• Claude Code adds Routines - Scheduled, repeatable automations running on Anthropic's infra. Your laptop doesn't need to be online.

The broader week

• OpenAI's beefed-up Codex gets desktop control - Runs in the background, opens apps, clicks and types. The parallels with computer-use are obvious.
• "By design" flaw in MCP could enable supply-chain attacks - Ox Security's report. Anthropic's response: sanitization is on developers.
• Anthropic faces backlash over Claude performance - Developer complaints tied to reduced default "effort" - which is exactly why the new xhigh and /effort controls matter.

That's the week. See you Sunday.