
Claude Code v2.1.178 Major Updates
This page has been translated by machine translation. View original
This is Ishikawa from the Cloud Business Division. Claude Code v2.1.178 (released June 15, 2026) has been released. This version includes new features such as a new syntax for permission rules and enhanced support for nested .claude directories, along with numerous bug fixes related to sub-agents and authentication. There has been little movement since access to Claude Fable 5 was suspended for all users, making this the first update since June 13.
Update Summary
v2.1.178 includes 22 changes. New features include the Tool(param:value) syntax for permission rules and support for nested .claude directories. A loophole in permission evaluation in auto mode has been closed, and bug fixes are centered on issues with practical impact, including sub-agents, authentication, and compaction. There are no breaking changes or deprecations.
Highlighted Updates
- New Feature (Permission Syntax): A
Tool(param:value)syntax has been added to permission rules for matching tool input parameters. For example, you can specifyAgent(model:opus)to block the launch of sub-agents using a specific model. - New Feature (Nested
.claude): Skills under nested.claude/skillsare now loaded when operating on files within that directory, and the definition closest to the working directory now takes precedence for agents, workflows, and output styles. - Bug Fixes: Multiple bugs have been fixed, including issues with sub-agent transcript display, message discarding, and restarts via ctrl+b; a bug where authentication errors persisted after credential refresh outside of a session; crashes due to out-of-memory errors; and a bug where compaction did not respect
--fallback-model. - Security: In auto mode, sub-agent launches are now evaluated by the classifier before launch, closing a loophole that allowed sub-agents to request blocked actions without review.
Update Details
New Features
Tool(param:value)Permission Syntax: A new syntax has been added to permission rules for matching tool input parameters (with*wildcard support). For example, specifyingAgent(model:opus)allows you to block the launch of sub-agents using Opus. This enables allow/deny control not just at the tool level but at the parameter level.- Skill Loading from Nested
.claude/skills: Skills in nested.claude/skillsdirectories are now loaded when operating on files within that directory. In case of name conflicts, nested skills are displayed with the name<dir>:<name>, keeping both available. Possible applications include per-monorepo/subproject skill isolation and per-monorepo/subproject skill isolation.
Security
- Pre-launch Classifier Evaluation in Auto Mode: In auto mode, sub-agent launches are now evaluated by the classifier before launch. This closes a loophole that allowed sub-agents to request blocked actions without review.
- Sub-agent
disallowedToolsMCP Specification Now Works: Fixed an issue where MCP server-level specifications in sub-agentdisallowedTools(mcp__server,mcp__server__*,mcp__*) were silently ignored, so that intended tool restrictions now take effect.
Improvements
- Priority Resolution for Nested
.claude/: When agent, workflow, or output style names conflict, the one closest to the working directory now takes precedence. The save location for project-scope workflows also targets the nearest existing.claude/workflows/. - Change in Workflow Trigger Keyword Behavior: Workflow trigger keywords are now displayed with a purple shimmer highlight and are only triggered by explicit phrases such as "run a workflow" or "workflow:" (not simply by the appearance of the word).
/doctorDisplay Improvements: A consistent flat tree layout is now used across all sections, section status icons are easier to read, and command names are highlighted.- Skill List Truncation Warning: The skill list truncation warning now displays the number of affected skill descriptions.
- Remote Control Error Messages: A persistent red "/rc failed" indicator is now shown in the footer when a connection fails, and for "not yet enabled" errors, the reason is explained—whether it is a gate failure, check failure, outdated entitlement, or organization policy.
/bugInput Requirement: A description is now required before submission, and model refusal text is no longer used as the GitHub issue title.
Fixes
The following is a selection of fixes related to stability and usability.
- Multiple Sub-agent Bug Fixes: Tool results and live progress are now displayed in transcript view, messages sent during turn completion are no longer discarded, and backgrounding a running sub-agent with ctrl+b no longer causes it to restart from the beginning.
- Out-of-Memory Crash Fix: Fixed a crash (out-of-memory) that occurred when inheriting stale websocket/OAuth file descriptor environment variables from the parent process.
- Fix for Nested Skill Blocking in Non-interactive Execution: Fixed an issue where directory-qualified skills from nested
.claude/skillswere being blocked by permission prompts in non-interactive execution. - Authentication Error Fix When Using Custom Gateway: Fixed an issue where
claude agentsworkers were failing with401 Invalid bearer tokenwhen a daemon was launched from a shell configured withANTHROPIC_BASE_URLandANTHROPIC_AUTH_TOKENfor a custom API gateway. - Compaction Fallback Model Fix: Fixed an issue where compaction did not respect
--fallback-modeland did not switch to the fallback model chain on overload or model unavailability errors. - Fix for Error After Credential Refresh: Fixed an issue where model requests continued to fail with authentication errors due to stale cached request settings after credentials were refreshed outside of a session.
- Fix for VSCode CJK IME Operation Bug: Fixed an issue where pressing Esc to close a CJK IME candidate window would cancel a running Claude task.
- In addition, numerous other minor bugs have been fixed, including connection failures due to account mismatches in Claude in Chrome, "Working" display getting stuck in background sessions, new marketplace installations, undo units in vim mode, and custom URI scheme links in
claude agents.
Closing
v2.1.178 is a release centered on the new Tool(param:value) permission rule syntax, enhanced support for nested .claude directories, and improved stability for practical features such as sub-agents, authentication, and compaction. The closure of the permission evaluation loophole in auto mode is also worth noting for those who make heavy use of sub-agents. If any of the changes catch your attention, please update and check them out.
References