The configuration layer arrives: customizable agents and unified management
June 15–21, 2026
Cursor unified plugins, skills, and MCPs into a single Customize page, while OpenAI's Codex added per-host personality settings and a first-party Record & Replay skill creator, and Claude Code shipped new blocking rules for destructive git commands.
A new layer of agent configuration
The biggest theme this week is how coding agents are maturing their configuration layers. Cursor's new Customize page centralizes plugins, skills, MCPs, subagents, rules, commands, and hooks into one place — user, team, or workspace level — with a marketplace leaderboard and one-click add-ons. This is a significant step: until now, most of these knobs were scattered across settings panels, YAML files, and third-party docs. Cursor also shipped prebuilt plugin canvases for Hex data viz and Atlassian realtime issues, plus GitLab/BitBucket/Azure DevOps marketplace import support.
OpenAI's Codex added per-host personality settings for ChatGPT for iOS with Friendly and Pragmatic options, goal editing directly in the composer, and improved side-chat visibility. More notably, Codex introduced Record & Replay, which lets macOS users demonstrate a workflow and turn it into a reusable skill — bridging the gap between ad-hoc agents and repeatable automation.
Over at xAI, Grok Build shipped configurable goal mode toggles in config.toml, giving users declarative control over what had previously been prompt-level hacks. Claude Code added wildcard parameter matching for tool permission rules (Agent(model:opus) to block Opus subagents, for example) and a new /config key=value syntax to set any setting from the prompt.
Safety rails and agent boundaries
Claude Code's v2.1.183 is a standout safety release: destructive git commands (reset --hard, checkout -- ., clean -fd, stash drop) are now blocked unless you explicitly asked to discard local work, and commit --amend is blocked when the commit wasn't made by the current agent session. Terraform/Pulumi/CDK destroy commands get similar treatment. This is the kind of guardrail that makes agentic workflows production-ready for teams that can't afford surprises.
Grok Build closed a stability gap by resuming long responses after network blips instead of failing the turn — a small change with outsized impact on remote sessions. Codex CLI added configurable rollout token budgets that abort turns when exhausted and an indexed web-search mode restricting direct page access to server-approved URLs.
Automations and knowledge management
Cursor's automations update introduced the /automate skill that creates automations from plain-language descriptions inside an agent session, plus Slack emoji triggers and five new GitHub triggers. A computer use tool generates demos and artifacts, and automations can now be saved incomplete and open PRs by default.
Devin shipped 48+ new MCP connectors (Miro, Mixpanel, Honeycomb, Postman, monday.com, LaunchDarkly with hosted OAuth) with 42 beta MCPs graduating to GA, a dedicated MCP management page for enterprise admins, and GitLab MR review with security findings that respect SECURITY.md. Devin's June 17 release also added an official Axiom MCP server for querying logs, command palette org switching, and enterprise knowledge limits raised to 300.
Reliability and platform coverage
Codex encrypted remote executors with authenticated Noise relay channels and pinned SQLite to fix WAL-reset corruption. The same release brought cross-platform remote execution preserving native working directories and shells. Codex app features including Computer Use, Chrome extension, Memories, and Chronicle rolled out in the EEA, UK, and Switzerland (with Memories off by default).
Cursor launched cloud environment setup in under 10 minutes with reusable snapshots, and cloud subagents via /in-cloud that run in their own VM and branch — including remote PR babysitting and local-to-cloud session handoff.
Claude Code upgraded its bundled Bun runtime to 1.4 and preserved partial responses on connection drops instead of showing raw errors. Grok Build fixed the hunk tracker fully disabled option, rewind across conversation and file state, and Mermaid diagram rendering.
Ecosystem-wide Git and MCP work
Across the collection, Git workflows got attention: Claude Code blocked dangerous commands, Grok Build fixed branch icon rendering without Nerd Fonts, and Devin added GitLab MR review. MCP infrastructure also tightened — Grok Build fixed HTTP MCP servers recovering from drops and noisy stdout disconnections, while Cursor and Devin both expanded their MCP marketplaces significantly. The direction is clear: MCP is no longer experimental plumbing; it's the standard interface for agent extensibility across vendors.
Releases covered
- Claude Code v2.1.178 fixes OAuth credential races and stale FD crashes
- Claude Code v2.1.183 blocks destructive git commands and fixes terminal corruption
- Claude Code v2.1.181 fixes prompt caching on custom base URLs and upgrades Bun runtime
- Claude Code v2.1.179 preserves partial responses on connection drops
- Codex adds per-host personality settings for ChatGPT for iOS
- Codex adds Record & Replay to turn workflows into reusable skills
- Codex CLI 0.142.0 adds token budgets, web search, and restores TUI after Ctrl+Z
- Codex 0.141.0 encrypts remote executors, adds plugin MCP servers, fixes SQLite WAL corruption
- Codex app features roll out in the EEA, UK, and Switzerland