Claude Code v2.1.210 introduces several bug fixes and improvements, including hardened security against indirect prompt injection and updated permission classifiers for auto mode.

  • Hardened the Agent tool against indirect prompt injection via content read by subagents.
  • Improved auto mode by defaulting the permission classifier to Sonnet 5 for external sessions.
  • Fixed session crashes caused by tool result renderers returning numeric bigint values or plain text.
  • Resolved issues with killed background sessions leaving permanent git worktree locks behind.
  • Added a live elapsed-time counter to the collapsed tool summary line for long-running calls.
  • Fixed the ultracode keyword opt-in firing on non-human-originated input such as webhook payloads.

These changes enhance stability, security, and usability by preventing crashes, securing against injection attacks, and improving session management.