Claude Code's Leak:
Every Hardcoded Vendor and Tool

Claude Code's full TypeScript source leaked on GitHub in March 2026. We searched it for vendor names to see if any companies receive special handling. They do. We found hardcoded vendor references in seven different parts of the codebase:

Why does this matter?

Each system gives included providers a concrete advantage. Your MCP output renders cleanly while competitors dump raw JSON. Your docs are readable by the agent without user intervention. Your platform shows up by name in Anthropic's analytics. None of these change which tools Claude recommends. But they change how your product is treated in the terminal millions of developers use daily.

1. MCP UI allowlist: 489 unique tool names across 40 grouped labels

This is the most explicit UI-specific integration layer in the leaked client. classifyForCollapse.ts contains two hardcoded Set objects, SEARCH_TOOLS and READ_TOOLS. There are 495 typed entries across those two literals, but because a few names repeat, the runtime allowlist resolves to 489 unique normalized tool names. When Claude Code calls a listed tool, the output collapses into a compact summary. When it calls an unlisted tool, you get the generic MCP renderer.

// classifyForCollapse.ts
function classifyMcpToolForCollapse(
  _serverName: string,   // ignored — tool names are stable
  toolName: string,
): { isSearch: boolean; isRead: boolean } {
  const normalized = normalize(toolName)  // camelCase → snake_case
  return {
    isSearch: SEARCH_TOOLS.has(normalized),
    isRead: READ_TOOLS.has(normalized),
  }
}
// Unknown tools don't collapse (conservative default)

The function keys on tool name alone, not server name. The source comment: “Tool names are stable across installs (even when the server name varies, e.g., ‘slack’ vs ‘claude_ai_Slack’).” Unknown tools do not collapse. The allowlist is opt-in, not opt-out.

The file comments group those tool names into 40 label blocks. That is not a clean vendor census: some labels explicitly combine multiple implementations, such as hosted + SDK Slack or hosted + community PubMed. The badge counts below are typed entries within each comment block, not globally unique tools.

Explicitly tagged claude.ai-hosted labels

These six labels are explicitly annotated as claude.ai-hosted inside classifyForCollapse.ts. The transport path itself goes through mcp-proxy.anthropic.com. Users connect through OAuth on claude.ai rather than local MCP configuration. More on the transport in section 2.

PubMed

24 entries

search_articlesfind_related_articleslookup_article_by_citationsearch_paperssearch_pubmedsearch_pubmed_key_wordssearch_pubmed_advancedpubmed_searchpubmed_mesh_lookupget_article_metadataget_full_text_articleconvert_article_idsget_copyright_statusdownload_paperlist_papersread_paperget_paper_fulltextget_pubmed_article_metadatadownload_pubmed_pdfpubmed_fetchpubmed_pmc_fetchpubmed_spellpubmed_citepubmed_related

Slack

13 entries · hosted + SDK label

slack_search_publicslack_search_public_and_privateslack_search_channelsslack_search_usersslack_read_channelslack_read_threadslack_read_canvasslack_read_user_profileslack_list_channelsslack_get_channel_historyslack_get_thread_repliesslack_get_usersslack_get_user_profile

Gmail

6 tools

gmail_search_messagesgmail_get_profilegmail_read_messagegmail_read_threadgmail_list_draftsgmail_list_labels

Google Calendar

6 tools

gcal_find_my_free_timegcal_find_meeting_timesgcal_find_user_emailsgcal_list_calendarsgcal_list_eventsgcal_get_event

BigQuery

6 tools

bigquery_querybigquery_schemalist_dataset_idslist_table_idsget_dataset_infoget_table_info

Google Drive

3 tools

google_drive_searchgoogle_drive_fetchgoogle_drive_export

A separate comment in main.tsxalso lists Datadog among “claude.ai proxy servers.” Because classifyForCollapse.ts does not tag Datadog that way, we treat Datadog as an explicit source conflict rather than a confirmed hosted label.

Vendor-operated or vendor-associated labels

These are the larger vendor-operated or vendor-associated comment blocks in the file, sorted roughly by typed entry count.

GitHub

56 tools · github/github-mcp-server

search_codesearch_repositoriessearch_issuessearch_pull_requestssearch_orgssearch_usersget_meget_team_membersget_teamsget_commitget_file_contentsget_repository_treelist_brancheslist_commitslist_releaseslist_tagsget_latest_releaseget_release_by_tagget_taglist_issuesissue_readlist_issue_typesget_labellist_labelpull_request_readget_gistlist_gistslist_notificationsget_notification_detailsprojects_listprojects_getactions_getactions_listget_job_logsget_code_scanning_alertlist_code_scanning_alertsget_dependabot_alertlist_dependabot_alertsget_secret_scanning_alertlist_secret_scanning_alertsget_global_security_advisorylist_global_security_advisorieslist_org_repository_security_advisorieslist_repository_security_advisoriesget_discussionget_discussion_commentslist_discussion_categorieslist_discussionslist_starred_repositoriesget_issueget_pull_requestlist_pull_requestsget_pull_request_filesget_pull_request_statusget_pull_request_commentsget_pull_request_reviews

Grafana

38 entries · grafana/mcp-grafana

search_dashboardssearch_folderslist_teamslist_users_by_orgget_dashboard_by_uidget_dashboard_summaryget_dashboard_propertyget_dashboard_panel_queriesrun_panel_querylist_datasourcesget_datasourceget_query_examplesquery_prometheusquery_prometheus_histogramlist_prometheus_metric_metadatalist_prometheus_metric_nameslist_prometheus_label_nameslist_prometheus_label_valuesquery_loki_logsquery_loki_statsquery_loki_patternslist_loki_label_nameslist_loki_label_valueslist_incidentsget_incidentlist_sift_investigationsget_sift_investigationget_sift_analysislist_oncall_schedulesget_oncall_shiftget_current_oncall_userslist_oncall_teamslist_oncall_userslist_alert_groupsget_alert_groupget_annotationsget_annotation_tagsget_panel_image

Datadog

30 tools · mcp.datadoghq.com

search_logssearch_spanssearch_rum_eventssearch_audit_logssearch_monitorssearch_monitor_groupsfind_slow_spansfind_monitors_matching_patternaggregate_logslist_spansaggregate_spansanalyze_tracetrace_critical_pathquery_metricsaggregate_rum_eventslist_rum_metricsget_rum_metriclist_monitorsget_monitorcheck_can_delete_monitorvalidate_monitorvalidate_existing_monitorlist_dashboardsget_dashboardquery_dashboard_widgetlist_notebooksget_notebookquery_notebook_cellget_profiling_metricscompare_profiling_metrics

Asana

29 tools · mcp.asana.com

asana_search_tasksasana_typeahead_searchasana_get_attachmentasana_get_attachments_for_objectasana_get_goalasana_get_goalsasana_get_parent_goals_for_goalasana_get_portfolioasana_get_portfoliosasana_get_items_for_portfolioasana_get_projectasana_get_projectsasana_get_project_sectionsasana_get_project_statusasana_get_project_statusesasana_get_project_task_countsasana_get_projects_for_teamasana_get_projects_for_workspaceasana_get_taskasana_get_tasksasana_get_stories_for_taskasana_get_teams_for_workspaceasana_get_teams_for_userasana_get_team_usersasana_get_time_periodasana_get_time_periodsasana_get_userasana_get_workspace_usersasana_list_workspaces

PagerDuty

28 entries · PagerDuty/pagerduty-mcp-server

list_incidentsget_incidentget_outlier_incidentget_past_incidentsget_related_incidentslist_incident_noteslist_incident_workflowsget_incident_workflowlist_servicesget_servicelist_team_membersget_user_datalist_schedulesget_schedulelist_schedule_userslist_oncallslist_log_entriesget_log_entrylist_escalation_policiesget_escalation_policylist_event_orchestrationsget_event_orchestrationlist_status_pagesget_status_page_postlist_alerts_from_incidentget_alert_from_incidentlist_change_eventsget_change_event

Community Atlassian

20 entries · sooperset/mcp-atlassian

confluence_searchjira_searchjira_search_fieldsconfluence_get_pageconfluence_get_page_childrenconfluence_get_commentsconfluence_get_labelsjira_get_issuejira_get_transitionsjira_get_worklogjira_get_agile_boardsjira_get_board_issuesjira_get_sprints_from_boardjira_get_sprint_issuesjira_get_link_typesjira_download_attachmentsjira_batch_get_changelogsjira_get_user_profilejira_get_project_issuesjira_get_project_versions

Sentry

18 entries · getsentry/sentry-mcp

search_docssearch_eventssearch_issue_eventsfind_organizationsfind_teamsfind_projectsfind_releasesfind_dsnswhoamiget_issue_detailsget_issue_tag_valuesget_trace_detailsget_event_attachmentget_docget_sentry_resourcelist_eventslist_issue_eventsget_sentry_issue

Atlassian / Jira

17 entries · mcp.atlassian.com

search_jira_issues_using_jqlsearch_confluence_using_cqllookup_jira_account_idatlassian_user_infoget_accessible_atlassian_resourcesget_visible_jira_projectsget_jira_project_issue_types_metadataget_jira_issueget_transitions_for_jira_issueget_jira_issue_remote_issue_linksget_confluence_spacesget_confluence_pageget_pages_in_confluence_spaceget_confluence_page_ancestorsget_confluence_page_descendantsget_confluence_page_footer_commentsget_confluence_page_inline_comments

Kubernetes

16 tools

kubectl_getkubectl_describekubectl_logskubectl_contextexplain_resourcelist_api_resourcesnamespaces_listnodes_lognodes_toppods_getpods_listpods_list_in_namespacepods_logpods_topresources_getresources_list

Supabase

15 tools · supabase-community

search_docslist_organizationsget_organizationget_costlist_extensionslist_migrationsget_logsget_advisorsget_project_urlget_publishable_keysgenerate_typescript_typeslist_edge_functionsget_edge_functionlist_storage_bucketsget_storage_config

Linear

16 entries · mcp.linear.app

search_documentationlist_commentslist_cyclesget_documentlist_documentslist_issue_statusesget_issue_statuslist_my_issueslist_issue_labelslist_projectsget_projectlist_project_labelslist_teamsget_teamlist_usersget_user

Todoist

16 entries · Doist

find_tasksfind_tasks_by_datefind_completed_tasksfind_projectsfind_sectionsfind_commentsfind_project_collaboratorsfind_activityfind_labelsfind_filtersget_productivity_statsget_overviewfetch_objectuser_infolist_workspacesview_attachment

MongoDB

13 entries

findsearch_knowledgelist_databaseslist_collectionscollection_indexescollection_schemacollection_storage_sizedb_statsexplainmongodb_logsaggregatecountexport

AWS

13 entries · awslabs/mcp

search_documentationsearch_catalogget_available_servicesread_documentationread_sectionsrecommendanalyze_log_groupanalyze_metricdescribe_log_groupsget_active_alarmsget_alarm_historyget_metric_dataget_metric_metadata

Stripe

13 entries · stripe/agent-toolkit

search_stripe_resourcessearch_stripe_documentationget_stripe_account_inforetrieve_balancelist_customerslist_productslist_priceslist_invoiceslist_payment_intentslist_subscriptionslist_couponslist_disputesfetch_stripe_resources

Playwright

13 tools · microsoft

browser_console_messagesbrowser_network_requestsbrowser_take_screenshotbrowser_snapshotbrowser_get_configbrowser_route_listbrowser_cookie_listbrowser_cookie_getbrowser_localstorage_listbrowser_localstorage_getbrowser_sessionstorage_listbrowser_sessionstorage_getbrowser_storage_state

Notion

5 tools · mcp.notion.com

searchfetchget_commentsget_usersget_self

Elasticsearch

4 tools · elastic

list_indicesget_mappingsesqlget_shards

MCP SDK reference labels

These ship under the @modelcontextprotocol namespace. Slack and Google Drive already appear above because the source comments join their hosted and SDK variants under one tool family.

Slack

13 entries · shared hosted + SDK label

slack_search_publicslack_search_public_and_privateslack_search_channelsslack_search_usersslack_read_channelslack_read_threadslack_read_canvasslack_read_user_profileslack_list_channelsslack_get_channel_historyslack_get_thread_repliesslack_get_usersslack_get_user_profile

Filesystem

10 tools · @mcp/server-filesystem

search_filesread_fileread_text_fileread_media_fileread_multiple_fileslist_directorylist_directory_with_sizesdirectory_treeget_file_infolist_allowed_directories

Git

7 tools · mcp-server-git

git_statusgit_diffgit_diff_unstagedgit_diff_stagedgit_loggit_showgit_branch

Memory

3 tools · @mcp/server-memory

search_nodesread_graphopen_nodes

Google Drive

3 tools · @mcp/server-gdrive

google_drive_searchgoogle_drive_fetchgoogle_drive_export

SQLite

3 tools · @mcp/server-sqlite

read_querylist_tablesdescribe_table

Postgres

1 tool · @mcp/server-postgres

query

Puppeteer

1 tool · @mcp/server-puppeteer

puppeteer_screenshot

Search & crawl labels

In the leaked build, the hardcoded search-provider labels are Exa, Firecrawl, Perplexity, Tavily, and Brave Search.

Exa

9 tools

web_search_exaweb_search_advanced_exapeople_search_exalinkedin_search_exadeep_search_exaget_code_context_exacompany_research_exacrawling_exadeep_researcher_check

Firecrawl

6 tools

firecrawl_searchfirecrawl_scrapefirecrawl_mapfirecrawl_crawlfirecrawl_check_crawl_statusfirecrawl_extract

Perplexity

5 tools

perplexity_searchperplexity_search_webperplexity_askperplexity_researchperplexity_reason

Tavily

5 tools

tavily_searchtavily_extracttavily_crawltavily_maptavily_research

Brave Search

2 tools

brave_web_searchbrave_local_search

Other / community labels

Obsidian

9 tools · MarkusPfundstein

obsidian_simple_searchobsidian_complex_searchobsidian_list_files_in_vaultobsidian_list_files_in_dirobsidian_get_file_contentsobsidian_batch_get_file_contentsobsidian_get_periodic_noteobsidian_get_recent_periodic_notesobsidian_get_recent_changes

Neo4j

5 tools

search_memoriesfind_memories_by_namelist_instancesget_instance_detailsget_instance_by_name

Airtable

4 tools

search_recordslist_recordslist_basesget_record

Terraform

3 tools

search_modulessearch_providerssearch_policies

Figma

2 tools · GLips/Figma-Context-MCP

get_figma_datadownload_figma_images

Figma's entry is a community server, not an official Figma product. Atlassian is split into two distinct comment blocks (official and community), not one merged total. GitHub's 56 typed entries make it the largest single block in the file.

2. claude.ai proxy connectors: 6 explicit labels, Datadog ambiguous

The leaked source directly shows a claude.ai-managed MCP path. It fetches org-configured connectors, converts them to transport type claudeai-proxy, and routes calls through a dedicated proxy at mcp-proxy.anthropic.com, rather than a user-managed local MCP process.

The architecture, visible across three source files:

// oauth.ts — proxy infrastructure
MCP_PROXY_URL: 'https://mcp-proxy.anthropic.com'
MCP_PROXY_PATH: '/v1/mcp/{server_id}'

// claudeai.ts — fetches org-configured servers
const url = `${baseUrl}/v1/mcp_servers?limit=1000`
// requires OAuth scope: 'user:mcp_servers'

// Each server becomes:
configs[name] = {
  type: 'claudeai-proxy',
  url: server.url,
  id: server.id,
  scope: 'claudeai',
}

When a Claude.ai subscriber connects a claude.ai MCP connector, the flow is:

1. User authenticates via OAuth on claude.ai with the scope user:mcp_servers
2. Claude Code fetches the org's server list from api.anthropic.com/v1/mcp_servers
3. Tool calls route through mcp-proxy.anthropic.com/v1/mcp/{server_id}

What the code proves: six label blocks in classifyForCollapse.ts are explicitly marked claude.ai-hosted: Slack, Gmail, Google Drive, Google Calendar, PubMed, and BigQuery. A separate main.tsx comment about skipping claude.ai proxy servers also lists Datadog. Because those two sources disagree, Datadog is ambiguous in the leaked build rather than counted as confirmed hosted.

Slack receives unusually specific treatment in the leaked build. Beyond the proxy transport, Claude Code has three Slack-specific code paths:

PubMed is the outlier in the explicit hosted set. Its label covers 24 typed entries across hosted and community implementations. That does not prove Anthropic's selection criteria, but it does show the proxy path is not limited to workplace chat and calendar tools.

3. WebFetch preapproval: 89 host entries, 88 unique scopes

Claude Code's WebFetch tool normally requires the user to provide a URL. But tools/WebFetchTool/preapproved.ts lists 89 preapproved host entries Claude Code can fetch on its own. That resolves to 88 unique host/path scopes because learn.microsoft.com appears twice, and some entries are path-scoped rather than whole-domain allowlists (for example github.com/anthropics and vercel.com/docs). This is a security allowlist for GET requests only. the source warns that it is deliberately not inherited by the sandbox system because some domains allow file uploads.

The list is broad and organized by category. The badges below normalize a few www. prefixes for readability, but the exact allowlist entries come from preapproved.ts.

Anthropic

Claude Platform

platform.claude.com

platform.claude.com

Claude Code

code.claude.com

code.claude.com

MCP Protocol

modelcontextprotocol.io

modelcontextprotocol.io

Agent Skills

agentskills.io

agentskills.io

Anthropic GitHub

github.com/anthropics

github.com/anthropics

Programming languages

Python

docs.python.org

C/C++

Java

docs.oracle.com

C# / .NET

MDN

developer.mozilla.org

Go

go.dev

Go Packages

pkg.go.dev

PHP

php.net

Swift

docs.swift.org

Kotlin

kotlinlang.org

Ruby

ruby-doc.org

Rust

doc.rust-lang.org

TypeScript

typescriptlang.org

Web frameworks & libraries

React

react.dev

Angular

angular.io

Vue.js

vuejs.org

Next.js

nextjs.org

Express

expressjs.com

Node.js

nodejs.org

Bun

bun.sh

jQuery

jquery.com

Bootstrap

getbootstrap.com

Tailwind

tailwindcss.com

D3.js

d3js.org

Three.js

threejs.org

Redux

redux.js.org

Webpack

webpack.js.org

Jest

jestjs.io

React Router

reactrouter.com

Python ecosystem

Django

docs.djangoproject.com

Flask

flask.palletsprojects.com

FastAPI

fastapi.tiangolo.com

Pandas

pandas.pydata.org

NumPy

numpy.org

TensorFlow

tensorflow.org

PyTorch

pytorch.org

scikit-learn

scikit-learn.org

Matplotlib

matplotlib.org

Requests

requests.readthedocs.io

Jupyter

jupyter.org

PHP, Java, .NET

Laravel

laravel.com

Symfony

symfony.com

WordPress

wordpress.org

Spring

docs.spring.io

Hibernate

hibernate.org

Tomcat

tomcat.apache.org

Gradle

gradle.org

Maven

maven.apache.org

ASP.NET

asp.net

.NET

dotnet.microsoft.com

NuGet

nuget.org

Blazor

blazor.net

Mobile

React Native

reactnative.dev

Flutter

docs.flutter.dev

Apple Dev

developer.apple.com

Android Dev

developer.android.com

ML & data science

Keras

keras.io

Spark

spark.apache.org

Hugging Face

huggingface.co

Kaggle

kaggle.com

Databases

MongoDB

mongodb.com

Redis

redis.io

PostgreSQL

postgresql.org

MySQL

dev.mysql.com

SQLite

sqlite.org

GraphQL

graphql.org

Prisma

prisma.io

Cloud & DevOps

AWS

docs.aws.amazon.com

Google Cloud

cloud.google.com

Azure

learn.microsoft.com

Kubernetes

kubernetes.io

Docker

docker.com

Terraform

terraform.io

Ansible

ansible.com

Vercel

vercel.com

Netlify

docs.netlify.com

Heroku

devcenter.heroku.com

Testing, game dev, and other tools

Cypress

cypress.io

Selenium

selenium.dev

Unity

docs.unity.com

Unreal

docs.unrealengine.com

Git

git-scm.com

Nginx

nginx.org

Apache

httpd.apache.org

4. Deployment environment detection: 29 explicit labels

utils/env.ts returns 29 explicit deployment labels before falling back to unknown-darwin, unknown-linux, unknown-win32, or unknown. This is telemetry, not a user-facing feature.

Cloud dev environments

Codespaces

CODESPACES

CODESPACES

Gitpod

GITPOD_WORKSPACE_ID

GITPOD_WORKSPACE_ID

Replit

REPL_ID

REPL_IDREPL_SLUG

Glitch

PROJECT_DOMAIN

PROJECT_DOMAIN

Cloud platforms

Vercel

VERCEL

VERCEL

Railway

RAILWAY_ENVIRONMENT_NAME

RAILWAY_ENVIRONMENT_NAMERAILWAY_SERVICE_NAME

Render

RENDER

RENDER

Netlify

NETLIFY

NETLIFY

Heroku

DYNO

DYNO

Fly.io

FLY_APP_NAME

FLY_APP_NAMEFLY_MACHINE_ID

Cloudflare Pages

CF_PAGES

CF_PAGES

Deno Deploy

DENO_DEPLOYMENT_ID

DENO_DEPLOYMENT_ID

AWS Lambda

AWS_LAMBDA_FUNCTION_NAME

AWS_LAMBDA_FUNCTION_NAME

AWS Fargate

AWS_ECS_FARGATE

AWS_EXECUTION_ENV=AWS_ECS_FARGATE

AWS ECS

AWS_ECS_EC2

AWS_EXECUTION_ENV=AWS_ECS_EC2

AWS EC2

/sys/hypervisor/uuid

/sys/hypervisor/uuid → ec2*

GCP Cloud Run

K_SERVICE

K_SERVICE

GCP

GOOGLE_CLOUD_PROJECT

GOOGLE_CLOUD_PROJECT

Azure App Service

WEBSITE_SITE_NAME

WEBSITE_SITE_NAMEWEBSITE_SKU

Azure Functions

AZURE_FUNCTIONS_ENVIRONMENT

AZURE_FUNCTIONS_ENVIRONMENT

DigitalOcean

ondigitalocean.app

APP_URL contains ondigitalocean.app

Hugging Face Spaces

SPACE_CREATOR_USER_ID

SPACE_CREATOR_USER_ID

CI/CD

GitHub Actions

GITHUB_ACTIONS

GITHUB_ACTIONS

GitLab CI

GITLAB_CI

GITLAB_CI

CircleCI

CIRCLECI

CIRCLECI

Buildkite

BUILDKITE

BUILDKITE

Generic CI

CI

Container / orchestration

Kubernetes

KUBERNETES_SERVICE_HOST

KUBERNETES_SERVICE_HOST

Docker

/.dockerenv

/.dockerenv file exists

5. Secret scanner: 36 rules across 23 credential families

services/teamMemorySync/secretScanner.ts scans content client-side before upload to keep secrets out of team memory. The file says it uses a curated subset of high-confidence Gitleaks rules. In the leaked build that is 36 explicit rules, including multi-rule vendors and a private-key catchall.

The badges below show representative credential families covered by the rules. They are not a one-rule-per-vendor list.

AWS

AKIA / aws_secret

aws-access-token

GCP

service account JSON

gcp-api-key

Azure

client secret

azure-ad-client-secret

Anthropic

sk-ant-*

anthropic-api-keyanthropic-admin-api-key

OpenAI

sk-* key

openai-api-key

Hugging Face

hf_* token

huggingface-access-token

GitHub

ghp_ / gho_ / ghs_

github-patgithub-fine-grained-patgithub-app-tokengithub-oauthgithub-refresh-token

GitLab

glpat-* / deploy token

gitlab-patgitlab-deploy-token

Slack

xoxb- / xoxp-

slack-bot-tokenslack-user-tokenslack-app-token

Twilio

auth token

twilio-api-key

SendGrid

SG.* key

sendgrid-api-token

Stripe

sk_live / sk_test

stripe-access-token

Shopify

shpat_ / shpca_

shopify-access-tokenshopify-shared-secret

NPM

npm_* token

npm-access-token

PyPI

pypi-* token

pypi-upload-token

Databricks

dapi* token

databricks-api-token

Terraform

atlasv1.* token

hashicorp-tf-api-token

Pulumi

pul-* token

pulumi-api-token

Postman

PMAK-* key

postman-api-token

Grafana

glsa_ / glc_ token

grafana-api-keygrafana-cloud-api-tokengrafana-service-account-token

Sentry

sntrys_ DSN

sentry-user-tokensentry-org-token

DigitalOcean

dop_v1_ / doo_v1_

digitalocean-patdigitalocean-access-token

HashiCorp TF

atlasv1.* token

hashicorp-tf-api-token

Private Key

BEGIN PRIVATE KEY

private-key

6. API gateway detection: 7 gateways

services/api/logging.ts detects third-party AI API gateways via response headers or hostnames. Purely observational for analytics. no behavior change.

LiteLLM

x-litellm-* headerslitellm_* hostname

Helicone

helicone-* headers

Portkey

x-portkey-* headers

Cloudflare AI

cf-aig-* headers

cf-aig-* headers

Kong

x-kong-* headersvia: kong/* header

Braintrust

x-bt-* headers

Databricks

*.databricks.com hostname

7. Plugin tips and special integrations

tipRegistry.ts contains two plugin tips. contextual suggestions to install official plugins from claude-plugins-official:

Vercel

triggered by vercel.json / vercel CLI

Frontend Design

triggered by .html / .css files

Vercel is the only third-party vendor with a dedicated plugin tip. When Claude Code detects a vercel.json or the vercel CLI, it suggests /plugin install vercel@claude-plugins-official. The other tip is Anthropic's own frontend-design plugin, triggered by HTML and CSS files.

Anthropic also maintains a commercial MCP registry at api.anthropic.com/mcp-registry/v0/servers. Servers on this registry have their tool names logged for analytics (rather than being redacted as PII). In practice,inclusion on this registry likely acts as a trust or approval signal.

And Claude Code supports two MCP extension metadata fields any server can use: anthropic/alwaysLoad (tool appears in prompt without deferred loading) and anthropic/searchHint (custom description for tool discovery). These are available to everyone; In practice,servers that populate them are easier for Claude Code to surface and describe cleanly.

8. The complete vendor map

Vendors that appear in at least two systems. The Hosted column marks only explicitly tagged claude.ai-hosted labels; Datadog's hosting ambiguity is noted below instead of encoded as a yes/no.

Vendor	MCP UIMCP	HostedHost	FetchFtch	Env	SecretsSec	OtherOth
AWS	•	–	•	•	•
GitHub	•	–	–	•	•
Slack	•	•	–	–	•
Google	•	•	•	•	•
Grafana	•	–	–	–	•
Sentry	•	–	–	–	•
Stripe	•	–	–	–	•
Terraform	•	–	•	–	•
Kubernetes	•	–	•	•	–
MongoDB	•	–	•	–	–
Databricks	–	–	–	–	•	gateway
Vercel	–	–	•	•	–	plugin
Netlify	–	–	•	•	–
Docker	–	–	•	•	–
Heroku	–	–	•	•	–
GitLab	–	–	–	•	•
DigitalOcean	–	–	–	•	•
Cloudflare	–	–	–	•	–	gateway
Hugging Face	–	–	•	•	•
OpenAI	–	–	–	–	•
Shopify	–	–	–	–	•
Twilio	–	–	–	–	•
SendGrid	–	–	–	–	•
Postman	–	–	–	–	•
Pulumi	–	–	–	–	•

Showing vendors that appear in 2+ systems. Datadog is omitted here because the leaked build contains a hosted-connector conflict rather than a clean second confirmed system.

9. Conclusion

AI coding agents are becoming real distribution infrastructure. The vendors hardcoded in Claude Code today have a head start that compounds with every session: cleaner output, easier onboarding, docs the agent can read on its own, visibility in telemetry. These advantages are small individually but they stack.

The MCP allowlist is entirely manual. Someone typed each tool name into a Set object by hand. That does not scale. Either Anthropic moves to convention-based classification, or the current list hardens into a de facto ranking of which integrations they consider worth maintaining. For vendors not yet on it, the window to get added narrows as the file grows.

Vercel shows there is more than one path in. It has no MCP UI support but it has a plugin tip, preapproved docs, and environment detection. Different distribution channel, same destination: being recognized by name inside the product.

If you ship developer tools, the question is no longer whether your product works with Claude Code. It is whether Claude Code knows your product exists.