Claude Code version 2.1.178 overhauls the experimental agent teams feature by removing explicit TeamCreate/TeamDelete tools in favor of an implicit single-team model where subagents are spawned directly via the Agent tool's name parameter. A new Tool(param:value) permission syntax allows matching tool invocations by input parameter values (e.g., blocking Opus subagents specifically). A notable safety fix closes a gap where subagents could request blocked actions without classifier review before launch. The release also includes numerous bug fixes for subagent transcript visibility, auth token handling, compaction fallback, and nested .claude/ directory resolution.
Claude Code version 2.1.186 ships new CLI commands for authenticating MCP servers without the interactive menu (`claude mcp login/logout`), including SSH-compatible stdin redirect support. Agent-team behavior is improved: background subagents now surface permission prompts in the main session rather than auto-denying, teammate spawns inherit the leader's effort level, and subagents looping on schema validation failures now abort after 5 attempts. The release also fixes over 20 bugs spanning streaming reliability, subagent transcript handling, Chrome tab-group isolation, and session cost display for Enterprise/Team subscribers.
Anthropic released Claude Code version 2.1.199, a patch-heavy update addressing roughly 25 bugs across multi-agent orchestration, background agent lifecycle management, SSL/TLS error handling, and streaming response reliability. Key fixes include subagents silently swallowing errors or partial work on rate-limit/server failures, a Linux daemon self-termination bug every ~50 seconds after unclean shutdown, and a macOS SSH cold-start regression from 2.1.196. The release also improves retry behavior for transient 429 errors and raises default retry counts via CLAUDE_CODE_RETRY_WATCHDOG.
Claude Code version 2.1.183 introduces auto-mode safety guardrails that block destructive git and infrastructure commands (git reset --hard, terraform destroy, etc.) unless explicitly requested, and prevents amending commits not made by the agent in the current session. The release also adds a deprecated-model warning on stderr, a new attribution.sessionUrl config option, and fixes a range of bugs including empty WebSearch results in subagents, fullscreen TUI corruption on Windows Terminal, MCP auth-stub tool exposure in headless mode, and scheduled task triggers incorrectly acting as keyboard input.
Anthropic released Claude Code version 2.1.203, a substantial patch addressing over 25 bugs primarily affecting background agent sessions, subagent orchestration, and worktree isolation. Key fixes include automatic recovery when daemon session tokens go stale, correct subagent state carry-over when returning to sessions, and PATH/environment variable inheritance issues on Windows. The release also adds MCP roots/list integration for working directories and improves streaming responsiveness.
Anthropic released Claude Code version 2.1.200 with a notable default behavior change: the permission mode now defaults to 'Manual' across CLI, VS Code, and JetBrains integrations, replacing the previous auto-continue behavior for AskUserQuestion dialogs. The release includes extensive fixes for background agent reliability issues including daemon lock conflicts, session stalls after sleep/wake cycles, rate-limit handling, and MCP server configuration errors. Accessibility improvements for screen readers and terminal rendering fixes under tmux 3.4+ are also included.
Anthropic shipped Claude Code version 2.1.198 with several notable capability additions: Claude in Chrome is now generally available, background agents now automatically commit and open draft PRs on task completion, and AWS (anthropicAws) is added as a gateway upstream provider. The release also includes improved subagent orchestration (extended thinking inheritance, focus mode summaries, failure reporting), a new /dataviz skill, and a large batch of bug fixes covering network resilience, macOS entitlements, session state, and UI rendering.
Anthropic released Claude Code CLI version 2.1.205, a patch addressing roughly 15 bugs and adding several improvements. Notable safety-relevant changes include a new auto-mode rule blocking tampering with session transcript files, explicit notifications that background task approvals require human input (preventing fabricated in-transcript approvals), and a prompt before running unresolvable `rm -rf` commands. Infrastructure improvements include streaming binary downloads that cut updater peak memory usage by ~400 MB, and the `/doctor` command is now a full diagnostic and repair tool.
Anthropic released Claude Code version 2.1.181 with several new features including a /config key=value prompt syntax for setting any configuration option, an opt-in Apple Events sandbox permission on macOS, and a new CLAUDE_CLIENT_PRESENCE_FILE environment variable for suppressing mobile push notifications. The release also includes improvements to subagent panel UX (auto-hide, depth limits, elapsed time fixes), streaming of long paragraphs, and auto-retry on mid-thinking connection drops. Approximately 40 bug fixes address issues ranging from 0-byte file writes on network drives, macOS TUI freezes, startup regressions, and credential refresh loops.