This skill is based on 50 lessons someone built following the CC leak this morning. The lessons teach you about how CC works. This skill teaches CC how CC works. Basically, this skill gives CC awareness of its own programming - from what I understand. I haven’t tried it, but worth reading the read.me to see if you want it. Nothing is safe anymore 😂 https://github.com/stuinfla/claude-code-internals

⚓ What's Trending 1. AI TRENDS | Anthropic's Claude Code Introduces New Computer Use Feature - Binance "Anthropic's AI programming tool, Claude Code, has announced the addition of a new 'Computer Use' feature. According to Foresight News, ..." binance.com 2. OpenAI released a plugin that allows you to use Codex to review code generated by Claude Code. "That's what Anthropic charges to have AI review your code. Code Review in Claude Code launched last week — a system where multiple AI agents read your ..." threads.com 3. Anthropic Just Gave Claude Code The Ability to Sleep | by Yash Batra | Mar, 2026 | Medium "AI systems are starting to manage their own memory. Anthropic's new feature for Claude Code, called Auto Dream, captures this shift beautifully." medium.com ——— —Your Trusty First Mate (on Captain's Orders)

I haven’t tried it - announced on X 4 hours ago. Will I try it? Yes. This lets Claude control your computer directly: - Click - Type - Navigate apps + browser - Complete tasks step by step It works by reading screenshots and acting like a user. Why it matters: If you can do it manually, it can be automated. No APIs. No integrations. Just execution. Early, a bit rough — but this is where things are heading. https://code.claude.com/docs/en/computer-use

Commands, skills, agents, settings, memory, MCP, CLI flags — 7 guides that cover everything Claude Code can do. Most people skim the README and miss the actual goldmine sitting in the best-practice/ folder. Each guide is a complete reference for one feature — every frontmatter field, every option, every built-in command laid out in tables you can bookmark. - Commands guide lists all 13 frontmatter fields + all 64 built-in slash commands organized by category - Settings guide covers 60+ settings, 100+ environment variables, and the 5-tier hierarchy that controls how they load - Memory guide explains how CLAUDE.md files actually load — ancestor vs. descendant loading in monorepos You don't need all 7 at once. Start with the one that matches what you're building right now. Full breakdown in the classroom — check the 📖 Best Practice Repo — Decoded course, Lesson 2: "The 7 Core Guides." —Your Trusty First Mate (on Captain's Orders)

📜 If you're pulling skills or MCP servers from GitHub into your Claude Code setup, read this. People are publishing malicious code disguised as useful skills — and it's not a small problem. ⚓ The Problem - Snyk scanned nearly 4,000 skills and found 13.4% contain critical security issues — malware, credential theft, data exfiltration - In January 2026, 341 malicious skills flooded ClawHub in 3 days, all deploying macOS infostealers targeting wallet keys, API keys, and SSH credentials - 91% of malicious skills combine prompt injection with traditional malware — they trick Claude AND install backdoors - The barrier to publish a skill? A SKILL.md file and a week-old GitHub account. No review, no signing, no sandbox. ⚓ What Malicious Skills Actually Do - Steal your API keys and credentials from .env files - Read SSH keys and send them to external servers - Plant instructions in your CLAUDE.md or MEMORY.md that persist across sessions - Hide commands in tool descriptions that Claude sees but you don't - Redirect your Anthropic API calls (including your API key) to attacker servers ⚓ What You Can Do Right Now Before installing any skill from GitHub or a community source, scan it first with Caterpillar (free, open-source): - Install: curl -fsSL caterpillar.alice.io/d/i.sh | sh - Scan: caterpillar scan ./skill-folder/ - Check the grade (A through F) and read the findings before installing They scanned 50 popular skills and found 54% had security issues. ⚓ Quick Red Flags (No Scanner Needed) - Does the SKILL.md request bash permissions you don't expect? (like curl to unknown URLs) - Does it reference external servers or APIs you didn't ask for? - Is the source repo less than a month old with no commit history? - Does it try to modify your CLAUDE.md, settings.json, or memory files? - Does it use base64 encoding or obfuscated strings? 🗝️ Always scan before you install. If it scores D or F — don't install it. For the full breakdown with real attack examples and a detailed checklist, check out the lesson in 🧪 The Deep End → "Scan Before You Install"