Claude Discovery

← All discoveries

tool

Claude Code v2.1.211: forwarded subagent text and hardened permission-preview rendering

2026-07-16 ยท source: anthropics/claude-code release

Claude Code v2.1.211 adds a flag to forward subagent text and thinking into stream-json output and strips hidden characters attackers could use to spoof permission-approval prompts.

What it is

A patch release of Anthropic's Claude Code CLI, the terminal-based agentic coding tool.

What it does

Adds a `--forward-subagent-text` flag and matching env var so subagent text and thinking appear in stream-json output, neutralizes bidirectional-override, zero-width, and look-alike quote characters in permission previews relayed to chat channels, makes a hook's `ask` decision on unsandboxed Bash take priority over auto mode, and fixes parallel sessions logging out together after a wake-from-sleep.

Why it matters

The permission-preview fix closes a real spoofing vector where a tool input could visually alter what a reviewer sees in an approval message before granting access, and the hook priority fix keeps auto mode from silently bypassing a safety gate a team explicitly configured.

How to use it

Update Claude Code to v2.1.211 or later, then set `CLAUDE_CODE_FORWARD_SUBAGENT_TEXT=1` or pass `--forward-subagent-text` to surface subagent thinking in stream-json output.

Go to source →
claude-codesecurityclirelease-notes