🧭 Advisor Tool: Near-Advisor-Quality Output at Executor-Model Prices

Anthropic has shipped the Advisor Tool in public beta — a new primitive that lets you pair two models in a single inference call. A fast, inexpensive "executor" model handles the bulk of token generation while a higher-intelligence "advisor" model is invoked at strategic decision points to provide guidance mid-generation. The result is task quality close to running the advisor model solo, but at a cost profile much closer to the executor model alone.

Access requires the beta header anthropic-beta: advisor-tool-2026-03-01; the Python and TypeScript SDKs set it automatically when you pass the advisor parameter.

When the advisor kicks in

The executor decides autonomously when to pause and consult the advisor — similar to how a junior engineer knows when to ask a senior colleague for a review rather than guessing. You can also configure an explicit advisor_triggers list (tool names or event types) to force a consultation at known high-stakes moments, such as before irreversible tool calls like file writes or API mutations.

Practical configuration

import anthropic

client = anthropic.Anthropic()

response = client.messages.create(
    model="claude-haiku-4-5",          # executor: fast + cheap
    advisor={
        "model": "claude-opus-4-6",    # advisor: strategic guidance
        "advisor_triggers": [
            {"type": "tool_use", "tool_name": "bash"},
            {"type": "tool_use", "tool_name": "write_file"},
        ]
    },
    max_tokens=4096,
    tools=[...],
    messages=[{"role": "user", "content": "..."}],
    betas=["advisor-tool-2026-03-01"],
)

Three limitations to be aware of in the current beta: the advisor cannot initiate tool calls directly (it can only provide textual guidance to the executor); the advisor's tokens count toward a separate token budget and are billed at the advisor model's rate; and the feature is not yet available on Amazon Bedrock or Google Vertex AI.

🧭 Claude Code v2.1.97–v2.1.98: Focus View, Subprocess Sandboxing & a Security Patch

Two Claude Code releases landed in quick succession. v2.1.97 introduced a Focus View toggle (Ctrl+O) that collapses the terminal UI down to three elements: the prompt, a single-line tool summary with diff stats, and the final model response. Developers working on long-running refactors report that hiding the verbose tool trace cuts visual noise enough to maintain context across hours of autonomous edits.

v2.1.98 is the more security-significant release. It addresses a Bash tool permission bypass where a backslash-escaped flag in a command string could be auto-classified as read-only and granted execution without a separate approval prompt — allowing arbitrary code to run under the guise of a read-only filesystem operation. If you are running Claude Code with a custom allowlist that auto-approves read-only Bash operations, update immediately.

Other v2.1.98 additions

• Subprocess sandboxing (Linux) — PID namespace isolation for spawned subprocesses, preventing a compromised child process from enumerating or signalling its siblings.
• Google Vertex AI setup wizard — an interactive claude setup vertex flow that handles ADC authentication, region selection, and model pinning in one command.
• Monitor tool — streams stdout/stderr from long-running background scripts directly into the conversation context, so Claude can react to build failures or test output in real time without polling.
• W3C TRACEPARENT support — passes trace context headers through the MCP transport layer, enabling end-to-end OpenTelemetry spans across Claude Code, your MCP servers, and your backend services.

🧭 Claude's Messages API Comes to Amazon Bedrock — Same Shape, Zero Operator Access

Anthropic has launched the Messages API on Amazon Bedrock as a research preview, available initially in us-east-1. Unlike the existing Bedrock Converse endpoint (which wraps a normalised AWS request shape), the new /anthropic/v1/messages endpoint accepts the identical JSON request format as the first-party Claude API — no adapter layer, no field mapping, no request translation. Code written against api.anthropic.com can be pointed at the Bedrock endpoint by swapping a single base URL and replacing the x-api-key header with AWS Signature V4.

Why this matters for enterprise teams

• Zero-operator-access guarantee — the endpoint runs on AWS-managed infrastructure with a contractual commitment that Anthropic cannot access your prompts, responses, or fine-tuning data. This satisfies data residency requirements that block use of api.anthropic.com in regulated industries.
• Unified codebase — teams can maintain a single inference client that targets either endpoint, with environment variables selecting the deployment target. No separate Bedrock SDK required.
• VPC PrivateLink support — traffic never traverses the public internet when PrivateLink is configured, a hard requirement for several financial and healthcare compliance frameworks.

Migration snippet

import anthropic
import boto3
from botocore.auth import SigV4Auth

# Point the standard client at Bedrock
client = anthropic.Anthropic(
    base_url="https://bedrock.us-east-1.amazonaws.com/anthropic/v1",
    auth=SigV4Auth(boto3.Session().get_credentials(), "bedrock", "us-east-1"),
)

# From here, use exactly as you would with api.anthropic.com
response = client.messages.create(
    model="claude-sonnet-4-6",
    max_tokens=1024,
    messages=[{"role": "user", "content": "Hello from Bedrock!"}],
)

The research preview is available by contacting an Anthropic account executive; general availability is planned for Q2 2026. Not all beta features (e.g. the Advisor Tool, Managed Agents) are accessible on the Bedrock endpoint during the preview period.