AI-powered developer tools continue to ship at a relentless pace. In the last two weeks alone, Cursor, Claude Code, and Codex CLI have all pushed significant updates that change how developers interact with their coding agents — from unified customization pages and GitHub-triggered automations to smarter shell command handling and improved MCP tool discovery. Here’s what you need to know.
Cursor 3.9: The Customize Page and Plugin Canvases
Cursor 3.9, released on June 22, introduces the Customize page — a single unified interface for managing all of your extensions. Previously, plugins, skills, MCP servers, subagents, rules, commands, and hooks were scattered across different settings panels. Now they live in one place, scoped at the user, team, or workspace level.
The release also adds a marketplace leaderboard showing the most popular plugins, skills, and MCPs across your team, making it easy to discover and adopt tools your teammates already use. You can install any entry with a single click.
A more interesting addition is plugin canvases — prebuilt UI templates that plugins can provide. Two ship with 3.9: the Hex Canvas for data visualizations and the Atlassian Canvas that surfaces a real-time view of issues, projects, and documents. These canvases turn plugins from invisible background tools into first-class UI surfaces you can share with your team.
For teams using GitLab, Bitbucket, or Azure DevOps, team marketplaces now support importing plugin repositories from those platforms, not just GitHub. This makes it practical for organizations that aren’t all-in on GitHub to still distribute internal tools through the Cursor marketplace.
Cursor 3.8: Automations Get Real Triggers
Cursor 3.8, released June 18, expands the Automations system (always-on agents that run in response to events) with new triggers that connect to the tools teams actually use daily.
The standout feature is the /automate skill. Instead of manually configuring triggers, instructions, and tool permissions through a settings UI, you can now describe the automation you want in plain language inside an agent session. Cursor configures everything — the trigger type, the instructions, the allowed tools — from your natural language description.
Five new GitHub triggers expand what automations can respond to:
- Issue comment — fires when someone comments on a non-PR issue
- PR review comment — fires on inline comments left on a pull request diff
- PR review submitted — fires when a code review is formally submitted
- Review thread updated — fires when a review thread is marked resolved or unresolved
- Workflow run completed — fires when a GitHub Actions run finishes on a branch or PR
Two new marketplace templates ship alongside these triggers: one for triaging failed GitHub Actions and another for auto-fixing PR review comments. Both are practical starting points that demonstrate how the new triggers work together.
On the Slack side, automations now support an emoji trigger — react to any Slack message with a designated emoji to kick off an automation. For teams that live in Slack, this is a low-friction way to invoke coding agents without switching contexts.
Cloud agents launched by automations can now use computer use to produce artifacts like screenshots or demos as part of their work. The tool is enabled by default — just include “include a demo of your work” in the automation’s instructions.
Claude Code 2.1.193: Smarter Shell Handling and Better MCP Auth
Claude Code has shipped six releases since mid-June, but the most impactful changes for daily use come in versions 2.1.186 through 2.1.193.
The biggest quality-of-life change: auto-response to bash output. In version 2.1.186, running a ! bash command now triggers Claude to automatically respond to the output, rather than just injecting it into context silently. If you run !go test ./..., Claude will read the test results and react — suggesting fixes for failures, summarizing pass rates, or noting flaky tests. You can revert to context-only behavior by setting "respondToBashCommands": false in your settings.
Version 2.1.186 also adds claude mcp login <name> and claude mcp logout <name> for authenticating MCP servers from the CLI without opening the interactive /mcp menu. This matters for headless environments and automated setups where you can’t rely on interactive prompts — SSH sessions, CI runners, and scripted configurations.
Version 2.1.193 introduces autoMode.classifyAllShell, which routes all Bash and PowerShell commands through the auto-mode classifier (not just patterns that look like arbitrary code execution). This gives the auto-approve system a more nuanced view of shell commands, reducing unnecessary permission prompts for read-only operations while still gating destructive ones. Denial reasons now surface in the transcript, the toast notification, and the /permissions recent denials view — so you can actually understand why something was blocked.
Other notable additions across the release train:
sandbox.credentialssetting blocks sandboxed commands from reading credential files and secret environment variables (2.1.187)- Org-configured model restrictions now propagate to the model picker,
--modelflag, and/modelcommand (2.1.187) - Live file path autocomplete in bash mode — paths autocomplete as you type (2.1.193)
- Memory-pressure reaping for idle background shell commands, reducing resource usage for long-running sessions (2.1.193)
- MCP headersHelper auth auto-reconnects on 401/403 responses (2.1.193)
Codex CLI 0.142.2: MCP Tool Search by Default
OpenAI’s Codex CLI reached version 0.142.2 this week with a change that affects how MCP tools interact with the model. Previously, MCP tools were only routed through the tool_search flow when a feature flag was enabled or when you had at least 100 tools installed. This made the model’s tool behavior inconsistent depending on rollout configuration.
Now, tool search is the default flow for all MCP tools when the model and provider support it. Instead of receiving every MCP tool in the initial request, the model first sees a lightweight tool index, searches for the right tool, receives the full tool definition, and then calls it. This scales better for setups with many MCP servers and makes the behavior predictable regardless of how many tools you have installed.
The release also adds a macOS system proxy resolver (behind the respect_system_proxy feature flag) that reads system proxy settings from SCDynamicStore and resolves PAC/WPAD URLs through CFNetwork. This matters for developers behind corporate proxies who previously had to configure proxy settings manually for Codex CLI.
What This Means for Developer Workflows
The common thread across these updates is a shift from “agents that you invoke manually” to “agents that participate in your existing workflows.” Cursor’s GitHub and Slack triggers, Claude Code’s auto-response to bash output, and Codex CLI’s automatic tool search all reduce the friction between the developer’s intent and the agent’s action.
The other pattern is scoping. Cursor’s user/team/workspace levels for customization, Claude Code’s org-configured model restrictions, and the new sandbox.credentials setting all reflect a maturing of these tools for team and enterprise use. Individual developers get more power, but organizations get more control — and that balance is what determines whether these tools get adopted beyond early adopters.