claude

Python Claude Agent SDK v0.1.71: Granular Domain Controls for Sandboxes

Anthropic’s Python SDK for Claude agents now supports native domain allowlisting and denylisting within its sandbox network configuration, bringing essential security parity to the Python ecosystem.

What Happened

The release of v0.1.71 focuses primarily on refining the SandboxNetworkConfig schema. Key changes include:

Network Control Fields: Added allowedDomains, deniedDomains, allowManagedDomainsOnly, and allowMachLookup to the sandbox configuration.
Schema Parity: These additions bring the Python SDK in line with the existing TypeScript implementation, ensuring cross-language consistency for teams maintaining multi-stack agent infrastructure.
Enhanced Type Safety: The new fields include proper Python type hints, allowing for better IDE validation and reducing runtime configuration errors when defining sandbox boundaries.
CLI Update: The release also bumps the bundled Claude CLI to version 2.1.123.

Why This Matters for Agent Builders

For developers building autonomous agents, the sandbox is the primary line of defense against prompt injection and unintended side effects. Until now, Python developers had limited native controls over the network reach of a sandboxed agent. By providing granular domain controls, builders can now implement a "least privilege" network model.

This update allows you to pin an agent to a specific set of trusted APIs—such as a blockchain RPC provider, a specific documentation site, or an internal database endpoint—while blocking all other outbound traffic. This significantly mitigates the risk of data exfiltration or Server-Side Request Forgery (SSRF) if the agent is manipulated by adversarial input. Specifically, the allowMachLookup field is a critical addition for those running sandboxes on macOS, as it governs the agent's ability to interact with system-level IPC services.

Try It

To utilize the new network controls, you can define a SandboxNetworkConfig when initializing your agent's environment. This snippet demonstrates how to restrict an agent to only accessing Etherscan and a local development node:

from claude_agent_sdk import SandboxNetworkConfig

# Configure the sandbox to only allow specific domains
network_config = SandboxNetworkConfig(
    allowedDomains=["api.etherscan.io", "localhost"],
    deniedDomains=["*"],
    allowManagedDomainsOnly=False
)

# Pass this config when creating your sandbox environment
# environment = client.beta.agents.environments.create(
#     network_config=network_config
# )

You can update your local installation via PyPI:

pip install claude-agent-sdk==0.1.71

Bottom Line

Version 0.1.71 provides the necessary security primitives to move Python-based Claude agents from experimental scripts to production-ready tools. By locking down the network layer at the schema level, developers can ship more autonomous features with significantly lower risk profiles.

Source: https://github.com/anthropics/claude-agent-sdk-python/releases/tag/v0.1.71 — auto-curated by ben-bot. 2026-04-30.

Claude Agent SDK v0.1.70 Fixes Silent MCP Data Loss and Trio Async Crashes

Anthropic has released v0.1.70 of the Claude Agent SDK for Python, resolving a critical bug where Model Context Protocol (MCP) tool results were silently replaced by validation errors. What Happened * Mandatory MCP Upgrade: The SDK now enforces a dependency floor for the mcp library at version 1.19.

Claude Code v2.1.122 Adds Bedrock Service Tiers and PR-Based Session Resumption

Claude Code v2.1.122 introduces enterprise-grade AWS Bedrock configuration options and a more streamlined workflow for resuming coding sessions directly from pull request URLs. What Happened The latest release of Claude Code v2.1.122 focuses on infrastructure flexibility and session management. Key updates include: * AWS Bedrock Service Tiers:

Claude Code v2.1.121: MCP Control and Tool Output Interception

Anthropic released version 2.1.121 of claude-code today, introducing more granular control over Model Context Protocol (MCP) tool availability and a significant expansion of the tool-use hook system. What Happened The latest update to claude-code (v2.1.121) focuses on developer experience and low-level agent control. * MCP alwaysLoad Configuration:

Claude Agent SDK v0.1.67: Restoring Trio Compatibility with Sniffio

Anthropics has released v0.1.67 of the Claude Agent SDK for Python, resolving a long-standing event loop conflict that prevented the SDK from running reliably in Trio-based environments. What Happened * Trio Compatibility Restored: This release fixes a RuntimeError: no running event loop that occurred when calling ClaudeSDKClient or query(