feat: add Computer Use, Remote Control, Auto Mode, and Cowork integration

Major update based on Anthropic's March 24, 2026 releases:

- feature-map.md: expanded from 20 to 22 capabilities, gaps reduced
  from 2 to 1 (only Canvas/A2UI remains)
- examples/11-computer-use: desktop control via screenshots and clicks
- examples/12-remote-control: /rc and Dispatch for phone control
- examples/13-auto-mode: AI safety classifier for autonomous execution
- cowork-integration/: how Code + Cowork + Dispatch together replicate
  OpenClaw's full feature set
- security/auto-mode-explained.md: deep-dive on the new permission mode
- Updated README with broader ecosystem table and revised scores

Score: 12 full match (55%), 9 different approach (41%), 1 gap (4%)

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

security/README.md

@@ -10,6 +10,7 @@ agent behavior.
 
 | File | What it covers |
 |------|---------------|
-| `permission-modes-explained.md` | The three permission modes and when to use each |
+| `permission-modes-explained.md` | The four permission modes and when to use each |
+| `auto-mode-explained.md` | Auto Mode: AI safety classifier for autonomous execution |
 | `hook-based-guardrails.md` | Building custom security with PreToolUse hooks |
 | `nemoclaw-comparison.md` | Honest comparison with NemoClaw's enterprise security |

security/auto-mode-explained.md

@@ -0,0 +1,78 @@
+# Auto Mode
+
+Auto Mode (v2.1.86, March 24, 2026) is a new permission mode where
+an AI safety classifier reviews every tool call before execution.
+No manual approvals. Claude runs autonomously, with a safety net.
+
+## How to enable
+
+```bash
+# From CLI launch:
+claude --enable-auto-mode
+
+# In active session:
+# Press Shift+Tab to cycle through permission modes
+```
+
+## How the classifier works
+
+Before each tool call, a classifier (running on Sonnet 4.6)
+evaluates whether the action is safe:
+
+1. **Fast filter:** Quick binary decision on the action category
+2. **Chain-of-thought:** Detailed reasoning for borderline cases
+
+Safe actions proceed automatically. Risky actions (mass deletion,
+data exfiltration, malicious code) are blocked, and Claude is
+redirected to an alternative approach.
+
+## Performance numbers (Anthropic's internal testing)
+
+| Metric | Value |
+|--------|-------|
+| False positive rate | 0.4% (safe actions incorrectly blocked) |
+| False negative rate | 5.7% (risky actions not caught) |
+
+The classifier runs on Sonnet 4.6 regardless of your session model.
+This means even Opus sessions get fast, consistent safety screening.
+
+## When to use Auto Mode
+
+**Good for:**
+- Code refactoring across many files
+- Test-fix-test loops
+- Research and summarization tasks
+- Any workflow where constant approvals break your flow
+
+**Not recommended for:**
+- First time using Claude Code (learn default mode first)
+- Sensitive environments with production data
+- Multi-agent workflows where you want explicit control
+
+## Comparison to OpenClaw security
+
+| Aspect | OpenClaw | Auto Mode |
+|--------|----------|-----------|
+| Default behavior | Autonomous | Autonomous |
+| Safety mechanism | Docker sandbox (containment) | AI classifier (prevention) |
+| Unknown threats | Contained by sandbox | May slip through (5.7% FN) |
+| Known threats | Depend on config | Caught by classifier |
+| User intervention | /approve for flagged actions | Automatic redirect |
+| Infrastructure | Requires Docker | No infrastructure |
+
+## All four permission modes
+
+| Mode | Behavior | Safety | OpenClaw equivalent |
+|------|----------|--------|-------------------|
+| Default | Ask for every action | Maximum control | DM pairing + exec approvals |
+| Auto-edit | Pre-approved patterns | Selective | Tool allowlists |
+| Auto Mode | AI classifier reviews | AI-enforced | Autonomous + sandbox |
+| Bypass | No checks | Minimal | Elevated mode |
+
+Auto Mode sits between auto-edit and bypass. It gives you the
+autonomy of bypass with most of the safety of auto-edit.
+
+## Availability
+
+Research preview on Team plan (March 2026). Enterprise and API
+coming soon.

security/permission-modes-explained.md

@@ -1,6 +1,6 @@
 # Permission Modes
 
-Claude Code has three permission modes that control how much
+Claude Code has four permission modes that control how much
 autonomy the agent has. This is the first line of defense.
 
 ## The three modes
@@ -39,7 +39,31 @@ Configured in `.claude/settings.json`:
 
 **OpenClaw equivalent:** Tool allowlists per agent/session.
 
-### 3. Bypass mode (`--dangerously-skip-permissions`)
+### 3. Auto Mode (`--enable-auto-mode`)
+
+An AI safety classifier (Sonnet 4.6) reviews every tool call
+before execution. Safe actions proceed automatically. Risky
+actions are blocked and Claude is redirected.
+
+```bash
+claude --enable-auto-mode
+# Or press Shift+Tab in a session to cycle to Auto Mode
+```
+
+Performance: 0.4% false positive rate, 5.7% false negative rate.
+
+**Best for:**
+- Autonomous coding workflows
+- Test-fix-test loops
+- Any task where constant approvals break flow
+
+**OpenClaw equivalent:** Default autonomous mode with Docker sandbox.
+Different philosophy: Auto Mode prevents dangerous actions before
+execution. OpenClaw's sandbox contains damage after execution.
+
+See `auto-mode-explained.md` for the full deep-dive.
+
+### 4. Bypass mode (`--dangerously-skip-permissions`)
 
 No permission checks at all. Claude Code executes everything.
 
@@ -69,6 +93,7 @@ Settings deny list: decides WHICH tools exist at all
 
 ## Recommendation
 
-Start with default mode. Move to auto-edit mode once you
-understand which operations you trust. Never use bypass mode
+Start with default mode. Move to auto-edit once you understand
+which operations you trust. Graduate to Auto Mode when you want
+autonomous execution with AI safety. Never use bypass mode
 outside of sandboxes.