Anthropic silently enrolled my Claude Code install in an A/B experiment, overrode my settings, and updated the CLI even with auto-updates disabled
This covers a coding tool or code-capability update — useful for developers assessing workflow changes and reusable value.
A senior developer reported that Anthropic silently enrolled their Claude Code install in an A/B experiment, overriding settings and updating the CLI despite auto-updates being dis…
I'm a senior developer and I was finishing up a rush project for a client this evening. I use a custom launcher that wraps the native Claude launcher and injects several features Anthropic has removed or broken, including thinking summaries (--thinking-display summarized). I use the launcher with both the CLI and VS Code.
My Claude Code setup was working normally, then mid-evening, Opus 4.8 thinking summaries stopped appearing. This was especially odd since I have all auto-update settings turned off for both the CLI and VS Code and any changes to the launcher normally only happen because of updates Anthropic pushes to the binary.
Spent the rest of the night debugging. Discovered that my local install had been silently enrolled in an A/B experiment by Anthropic mid-session. Specifically, an enrollment token was inserted and cached in my local config, then attached by the CLI to every API request as an x-cc-atis header. When Opus 4.8 sees the token, the API strips the thinking text out of the response while still keeping the signed thinking block. Remove the token, and the exact same request returns summaries again. (Notably, out of five models tested, Opus 4.8 was the only one targeted.)
Even worse, I confirmed"autoUpdates": false was set, but that the Claude Code updater ran through the native path, downloaded the latest version, switched the active binary, and logged "outcome":"success" on its own, with no notice, no prompt, and no user action, ignoring the explicit setting.
Nothing like this has happened before with my setup. But if the documented off-switch doesn't switch anything off, I now have to consider every other setting in the product suspect too. It also seems sketchy considering Anthropic's other recent practices and related revelations:
https://github.com/anthropics/claude-code/issues/73125
https://arstechnica.com/tech-policy/2026/07/anthropic-outed-for-claude-tracker-that-secretly-monitored-chinese-users/
Though I know I won't get one, I'd love a straight answer from Anthropic as to which provision of the Terms of Service allows it to stealthily install software and experimental features mid-session, with no opt-in, while auto-updates are explicitly turned off?
And as the links above demonstrate, this appears to be an escalating pattern, not a one-off. The AskUserQuestion 60-second-timeout behavior change shipped the same way: silent, undocumented, discovered by users after-the-fact.
I'm a loyal, paying user (multiple max plans) who has put real effort into the product's ecosystem. Silent behavior changes to a tool that people build workflows on is not a sustainable way to run a developer product. The fact that the field is rapidly changing isn't an excuse.
For technical background, see Github issue: https://github.com/anthropics/claude-code/issues/75607