Claude Code v2.1.210 introduces several bug fixes and improvements, including hardened security against indirect prompt injection and updated permission classifiers for auto mode.
- Hardened the Agent tool against indirect prompt injection via content read by subagents.
- Improved auto mode by defaulting the permission classifier to Sonnet 5 for external sessions.
- Fixed session crashes caused by tool result renderers returning numeric bigint values or plain text.
- Resolved issues with killed background sessions leaving permanent git worktree locks behind.
- Added a live elapsed-time counter to the collapsed tool summary line for long-running calls.
- Fixed the ultracode keyword opt-in firing on non-human-originated input such as webhook payloads.
These changes enhance stability, security, and usability by preventing crashes, securing against injection attacks, and improving session management.