DEV Community

Zira
Zira

Posted on

Claude Code v2.1.211: Subagent Streaming, MCP Recovery, and Permission Fixes

Claude Code v2.1.211 is a practical update for people running background agents, plugin MCP servers, and multi-agent workflows. It does not introduce a new model or a new agent framework. Instead, it adds observability for subagents and fixes a long list of failure modes that can make an agent workflow confusing, stuck, or unsafe.

The update was published July 15. Read the full v2.1.211 release notes.

The headline change: forward subagent output in stream-json

The release adds the --forward-subagent-text flag and the CLAUDE_CODE_FORWARD_SUBAGENT_TEXT environment variable. They include subagent text and thinking in stream-json output.

That matters when Claude Code is part of another system: a dashboard, CI job, orchestrator, or custom terminal UI. Without visibility into delegated work, a parent task can look idle while a subagent is actually progressing, blocked, or producing an important finding.

Use the additional stream only where it is useful. It can increase log volume, expose more task detail to downstream systems, and make parsers more complex. For production integrations, decide whether you need full subagent text, only lifecycle status, or a filtered event feed.

Background agents: less false completion, fewer stale tasks

Several fixes target background and multi-session use:

  • Claude Code now reports the status of still-running background agents and waits for real completion rather than fabricating results.
  • It fixes background agents that users killed but which then auto-respawned and re-ran stale prompts.
  • It fixes parallel sessions all logging out after wake-from-sleep when they share one credential store.
  • It fixes jobs using LLM gateway authentication that could return “Not logged in” after a daemon respawn.
  • It explains why a claude agents job cannot be deleted when Git no longer recognizes its worktree, rather than silently showing the row again.

These are the sort of failures that waste debugging time because the visible symptom is often vague: an agent looks done, a session appears broken, or an old task seems to come back from nowhere.

For a deeper guide to deciding when teams should share context versus delegate, see Claude Code Agent Teams: When Shared Context Beats More Subagents.

MCP and model-selection reliability

v2.1.211 also fixes plugin MCP servers not reconnecting after an idle web session wakes. Previously, MCP calls could fail until the next message. If you depend on external tools through a plugin server, test an idle-and-resume path after upgrading.

The release also fixes two model-selection problems:

  1. Claude Code on Vertex AI and Bedrock could attempt the default Opus model at startup and show a misleading fallback notice even when a model was configured explicitly.
  2. Subagents with an explicit model override could revert to the parent model after resuming or receiving a follow-up message.

The second fix is especially relevant for cost and routing policies. If you intentionally assign a cheaper or specialized model to a subagent, confirm that assignment survives a resume. A model-routing policy is only useful if it persists through the actual lifecycle of the task.

Permissions, uploads, and worktrees

The release also includes security and workflow fixes worth noting:

  • Permission previews relayed to chat channels now neutralize bidirectional-override, zero-width, and look-alike quote characters, so tool inputs cannot visually alter the approval message.
  • A PreToolUse hook’s ask decision for unsandboxed Bash can no longer be overridden by auto mode. The decision now stays at a prompt.
  • “Always allow” permission rules now save at the repository root, allowing approvals granted in a Git worktree to persist across sessions and worktrees.
  • File upload validation accepts filenames ending in a DOS device suffix or trailing dot, while refusing files with multiple hard links.
  • Claude in Chrome hardens file-upload path validation.

For the practical security implications of the permission-preview fix, see Your Coding Agent’s Approval Prompt Is a Security Boundary.

Other developer-experience fixes

A few changes will matter if you use the CLI heavily:

Area What changed
Cost tracking /clear now resets the status-line cost counter to $0
Context settings Integer environment variables accept 1e6 and 64_000 styles
Remote work Claude in Chrome setup pages now open correctly on Windows
Updates Nested .claude/rules/*.md files no longer load when project settings are excluded
Credentials Shared credential sessions are less likely to all sign out after sleep

What to do now

  1. Upgrade to Claude Code v2.1.211 and read the official release notes for the full list.
  2. If you consume stream-json, evaluate whether subagent text should be forwarded, filtered, or omitted from your logs.
  3. Run one idle-and-resume test for each plugin MCP server you use.
  4. Resume a subagent with an explicit model override and confirm the assigned model is retained.
  5. Test a stopped background agent to ensure it does not re-run its old prompt.
  6. Review your worktree permission behavior if your team relies on “always allow” rules.

This update is most useful for teams operating Claude Code as an agent system, not just a single interactive terminal. If you only use it for short local edits, the changes may be less visible. But for background tasks, tool integrations, model routing, and shared worktrees, the fixes remove several sharp edges.

If you are building regression coverage for these kinds of agent failures, turn production traces into repeatable evaluation cases instead of relying on manual re-tests after every upgrade.

Sources

Which v2.1.211 change will matter most in your workflow: subagent streaming, MCP recovery, model overrides, or background-agent reliability?

Top comments (0)