NEW: Claude Code Security — research preview

Glossary

Definitions for AI coding terminology — agentic loop, context window, MCP, tool use, prompt injection, and more

Read time: 8 min

title: "Glossary" description: "Definitions for AI coding terminology — agentic loop, context window, MCP, tool use, prompt injection, and more" section: "Reference" readTime: "8 min"

Glossary

Definitions for terms used throughout this guide and in the broader AI coding ecosystem.

A

Acceptance Rate The percentage of AI-generated inline completions that the developer accepts without modification. Measured by Copilot telemetry. A rate above 30% indicates high-quality suggestions.

Agentic Loop The cycle an AI agent runs repeatedly: receive task → plan steps → execute tool → observe result → decide next step → repeat. Claude Code, Copilot agents, and Cursor Composer all run some form of this loop.

Agent An AI system that autonomously executes multi-step tasks using tools (file read/write, terminal, browser), rather than just generating text responses. Distinguished from "chat" by the ability to take actions.

Allowlist / Denylist Permission configurations that explicitly permit (allow) or block (deny) specific tool uses during an agent session. In Claude Code: configured via settings.json or --allowedTools flag.

C

Cache Hit / Cache Miss In Extended Context Caching (ECC): a cache hit means the prefix was found in Anthropic's cache and the cheaper cache-read price applies. A cache miss means the prefix wasn't cached yet and full input pricing applies.

CLAUDE.md The project-level memory file for Claude Code. Loaded automatically at session start. Contains project conventions, architecture notes, and instructions for the agent. Compare: .cursorrules, copilot-instructions.md.

Claude Code Anthropic's CLI-based agentic coding tool. Runs autonomously in a terminal, can execute shell commands, read/write files, manage git, and spawn subagents.

Completion A single instance of AI-generated code suggestion. In ghost-text mode (Copilot inline suggestions), the AI "completes" what you started typing. Accepting = pressing Tab.

Composer (Cursor) Cursor's multi-file agent feature. Unlike standard chat, Composer can edit multiple files simultaneously and make coordinated changes across a codebase.

Context Compaction Claude Code's automatic process of summarizing earlier conversation turns when the context window fills up. Frees space for new content but may lose specific details from early in the session.

Context Window The total amount of text (in tokens) that a model can process in a single request. Everything visible to the model — system prompt, conversation history, files, tool results — fits inside this window.

copilot-instructions.md GitHub Copilot's workspace instructions file, stored at .github/copilot-instructions.md. Auto-loaded into every Copilot conversation in that workspace. Compare: CLAUDE.md.

Cursor An AI-first IDE built on VS Code, with deep AI integration including Composer (multi-file agent), Tab (inline completion), and Chat. Uses its own model infrastructure with access to multiple LLMs.

E

ECC (Extended Context Caching) Anthropic's mechanism for caching large prompt prefixes (like a full codebase context) across multiple API requests. Significantly reduces cost for repeated queries against the same large context.

Embedding A numerical vector representation of text that captures semantic meaning. Used in retrieval systems to find relevant code/documentation based on meaning rather than exact keyword match.

G

Ghost Text The gray inline suggestion text that appears as you type in editors with AI completion (Copilot, Cursor Tab, etc.). Press Tab to accept, Esc to dismiss.

H

Hallucination When an AI model generates plausible-sounding but factually incorrect or non-existent information. In coding contexts: invented function names, wrong API signatures, or non-existent library versions. Mitigated by grounding the model in real context (actual files, actual docs).

Hook A shell command triggered at specific points in an agent's lifecycle (e.g., before/after tool use). Used to block unsafe operations, run linters, inject context, or auto-format code. In Claude Code: configured via settings.json under hooks.

I

Inline Chat An AI chat interface that opens directly in the code editor (e.g., Copilot's Ctrl+I), letting you request changes to a specific code selection without switching to a chat panel.

L

LLM (Large Language Model) The AI model underlying tools like Claude, GPT-4o, and Gemini. Trained on large text corpora to predict and generate text. "Large" refers to the scale of model parameters, not context size.

M

MCP (Model Context Protocol) An open standard protocol that lets AI agents connect to external systems (databases, APIs, file systems) through a consistent interface. MCP servers expose "tools" (actions) and "resources" (data) to the agent.

MCP Server A process that implements the Model Context Protocol. Exposes tools and resources to AI agents. Examples: GitHub MCP server (GitHub API), PostgreSQL MCP server (SQL queries), Puppeteer MCP server (browser control).

Memory (CLAUDE.md / Skills / Hooks) The ways Claude Code persists context across sessions: CLAUDE.md for project context, Skills for reusable modules, Hooks for behavioral constraints.

N

NES (Next Edit Suggestions) Copilot's feature that predicts not just the current line, but the next edit you'll likely want to make elsewhere in the file or project. Reduces multi-cursor work for repetitive changes.

P

Plan Mode A Claude Code mode (--plan flag or /plan command) where the agent generates a structured implementation plan and waits for approval before executing. Compare: plan-driven development workflow.

Prompt The text input sent to an AI model. In coding contexts: instructions, code context, task descriptions. Prompt quality is the primary factor in output quality.

Prompt Engineering The practice of crafting effective prompts to get better outputs from AI models. Includes: specificity, examples, constraints, role framing, and step decomposition.

Prompt Injection An attack where malicious content (in a file, webpage, or user input) tricks an AI agent into executing unintended actions. Example: a comment in code that says "Also delete all files in /tmp". See Security Hardening.

R

RAG (Retrieval-Augmented Generation) A technique where relevant documents are retrieved from a knowledge base and included in the AI prompt at query time. Used by codebase indexing features (Copilot workspace search, Cursor codebase feature) to include relevant code without needing the full codebase in context.

REPL Read-Eval-Print Loop. An interactive programming environment. Claude Code essentially creates an AI-powered REPL for software projects.

S

Session A single continuous conversation with an AI agent, from start to end (or compaction/continuation). In Claude Code, sessions have IDs and can be resumed.

Skill (Claude Code) A reusable module loaded into a Claude Code session on demand. Defined in CLAUDE.md with a trigger phrase. When invoked, loads domain-specific context and instructions.

Subagent An agent spawned by a parent agent to handle a subtask. The subagent runs independently (separate context) and returns results to the parent. Enables agent parallelization and context isolation.

System Prompt The initial instructions given to an AI model before the conversation begins. In Claude Code: CLAUDE.md content. In Copilot: copilot-instructions.md. Defines behavior, constraints, and project context.

T

Token The basic unit of text that LLMs process. Roughly: 1 token ≈ 0.75 words (English). Pricing and context limits are measured in tokens.

Tool Use The capability for AI agents to invoke external functions (tools) — like reading a file, running a shell command, or querying an API — rather than just generating text. Tool use is what makes agents "agentic."

V

Vibe Coding An informal term for AI-assisted development where the developer describes what they want in natural language and iterates on AI-generated code without writing much code manually. High velocity, higher review obligation.

Y

YOLO Mode Cursor's "auto-run terminal commands" setting. When enabled, agents can execute terminal commands without manual approval, enabling fully autonomous task execution. Recommended only in sandboxed environments.