Claude Code v2.1.178 Major Updates

This is Ishikawa from the Cloud Business Division. Claude Code v2.1.178 (released June 15, 2026) has been released. This version includes new features such as a new syntax for permission rules and improved support for nested .claude directories, along with numerous bug fixes related to sub-agents and authentication. There has been little movement since access to Claude Fable 5 was suspended for all users, making this the first update since June 13.

Update Summary

v2.1.178 includes 22 changes. New features include the Tool(param:value) syntax for permission rules and support for nested .claude directories. A loophole in permission evaluation for auto mode has been closed, and bug fixes are centered on sub-agents, authentication, compaction, and other issues that affect day-to-day use. There are no breaking changes or deprecations.

Notable Updates

• New Feature (Permission Syntax): A Tool(param:value) syntax has been added for matching tool input parameters in permission rules. For example, you can specify Agent(model:opus) to block the launch of sub-agents using a specific model.
• New Feature (Nested .claude): Skills under nested .claude/skills directories are now loaded when operating on files within those directories, and the definition closest to the working directory takes priority for agents, workflows, and output styles.
• Bug Fixes: Multiple bugs have been fixed, including sub-agent transcript display, message discarding, and ctrl+b restart issues; authentication errors persisting after credential refresh outside of a session; crashes due to out-of-memory errors; and compaction not respecting --fallback-model.
• Security: In auto mode, sub-agent launches are now evaluated by the classifier before launch, closing a loophole that allowed requests for blocked actions without review.

Update Details

New Features

• Tool(param:value) Permission Syntax: A new syntax has been added for matching tool input parameters in permission rules (with * wildcard support). For example, specifying Agent(model:opus) allows you to block the launch of sub-agents using Opus. This enables allow/deny control not just at the tool level but at the parameter level.
• Skill Loading from Nested .claude/skills: Skills in nested .claude/skills directories are now loaded when operating on files within those directories. When names conflict, nested skills are displayed as <dir>:<name>, keeping both available. Use cases include monorepo/sub-project skill isolation and monorepo/sub-project skill isolation.

Security

• Pre-launch Classifier Evaluation in Auto Mode: In auto mode, sub-agent launches are now evaluated by the classifier before launch. This closes a loophole that allowed sub-agents to request blocked actions without review.
• MCP Specification in Sub-agent disallowedTools Now Works: An issue where MCP server-level specifications in sub-agent disallowedTools (mcp__server, mcp__server__*, mcp__*) were silently ignored has been fixed, allowing intended tool restrictions to take effect.

Improvements

• Priority Resolution for Nested .claude/: When names conflict for agents, workflows, and output styles, the one closest to the working directory now takes priority. Project-scoped workflow save locations also target the nearest existing .claude/workflows/.
• Workflow Trigger Keyword Behavior Change: Workflow trigger keywords now display as a purple shimmer highlight and are only triggered by explicit phrases such as "run a workflow" or "workflow:" (not simply by the appearance of a word).
• /doctor Display Improvements: A consistent flat tree layout is now used across all sections, section status icons are easier to read, and command names are highlighted.
• Skill List Truncation Warning: The skill list truncation warning now shows the number of affected skill descriptions.
• Remote Control Error Messages: A persistent red "/rc failed" indicator is now shown in the footer on connection failure, and "not yet enabled" errors now explain whether the cause is a gate failure, check failure, outdated entitlement, or organization policy.
• /bug Input Requirement: A description is now required before submission, and model refusal text is no longer used as the GitHub issue title.

Fixes

A selection of fixes focused on stability and usability:

• Multiple Sub-agent Bug Fixes: Tool results and live progress are now displayed in transcript views, messages sent during turn completion are no longer discarded, and backgrounding a running sub-agent with ctrl+b no longer causes it to restart from the beginning.
• Out-of-Memory Crash Fix: Fixed a crash (out-of-memory) that occurred when inheriting stale websocket/OAuth file descriptor environment variables from a parent process.
• Fix for Nested Skill Blocking in Non-interactive Execution: Fixed an issue where directory-qualified skills from nested .claude/skills were being blocked by permission prompts during non-interactive execution.
• Authentication Error Fix for Custom Gateway Usage: Fixed an issue where claude agents workers were failing with 401 Invalid bearer token when the daemon was launched from a shell configured with a custom API gateway using ANTHROPIC_BASE_URL and ANTHROPIC_AUTH_TOKEN.
• Compaction Fallback Model Fix: Fixed an issue where compaction did not respect --fallback-model and failed to switch to the fallback model chain when encountering overload or model unavailability errors.
• Post-credential Refresh Error Fix: Fixed an issue where model requests continued to fail with authentication errors after credentials were refreshed outside of a session, due to stale cached request configurations.
• VSCode CJK IME Operation Fix: Fixed an issue where pressing Esc to close the CJK IME candidate window would cancel a running Claude task.
• Additionally, numerous minor bugs have been fixed, including connection failures on account mismatch in Claude in Chrome, persistent "Working" display in background sessions, new marketplace installations, undo granularity in vim mode, and custom URI scheme links in claude agents.

Closing

v2.1.178 is a release focused on new features — the Tool(param:value) syntax for permission rules and support for nested .claude directories — along with improved stability for day-to-day features such as sub-agents, authentication, and compaction. The closure of the permission evaluation loophole in auto mode is also worth noting for those who make heavy use of sub-agents. If any of these changes catch your attention, try updating and checking them out.

References

https://github.com/anthropics/claude-code/blob/main/CHANGELOG.md

https://code.claude.com/docs/en/changelog