claudekit / updates / claude-code-2-1-169
[ PATCH · ]

Claude Code 2.1.169

The new `--safe-mode` flag (and `CLAUDE_CODE_SAFE_MODE` env) starts Claude Code with all customizations (CLAUDE.md, plugins, skills, hooks, MCP servers) disabled for troubleshooting, and `/cd` moves a session to a new working directory without breaking the prompt cache. `disableBundledSkills` (and `CLAUDE_CODE_DISABLE_BUNDLED_SKILLS`) hides bundled skills, workflows, and built-in slash commands from the model. Fixes for enterprise managed MCP policies (`allowedMcpServers`/`deniedMcpServers`) not being enforced on reconnect or IDE-typed configs, Up/Down arrows jumping past wrapped rows of a long input, a 30-50ms per-turn UI stall on macOS with claude.ai credentials, and `claude -p` being slow on Windows (regression in 2.1.161) also land.

Claude Code
Official announcement →

This article is a summary based on official documentation.

What changed

Claude Code 2.1.169 shipped on June 8, 2026. Three new troubleshooting and operations tools (--safe-mode, /cd, disableBundledSkills) land alongside fixes for enterprise managed MCP policy enforcement and a long list of background-session and remote-session regressions.

New features

  • --safe-mode flag and CLAUDE_CODE_SAFE_MODE env

    Isolating which customization was causing trouble meant disabling them one by one. The new --safe-mode flag (or CLAUDE_CODE_SAFE_MODE env) starts Claude Code with all customizations — CLAUDE.md, plugins, skills, hooks, MCP servers — disabled, so you can compare against the baseline.

  • /cd to move a session’s working directory

    Moving to a different directory mid-session meant starting a new session and breaking the prompt cache. The new /cd <path> command moves the current session to a new working directory without breaking the cache.

  • disableBundledSkills setting and CLAUDE_CODE_DISABLE_BUNDLED_SKILLS env

    There was no way to hide Claude Code’s bundled skills, workflows, and built-in slash commands from the model. The new disableBundledSkills setting (or the matching env var) removes the entire bundle from the model’s view.

Key improvements

  • /workflows opens immediately even during a turn

    /workflows was blocked while Claude was generating a response. It now opens immediately even while a turn is in progress.

  • TaskCreate reliability

    Malformed inputs failed outright, making debugging hard. Malformed inputs are now repaired automatically, and validation errors for unloaded tools include the schema so the cause is immediate.

  • Default idle timeout restored on Vertex/Foundry

    A stalled stream could hang indefinitely. A default 5-minute idle timeout was restored on Vertex and Foundry so a stalled stream aborts. Opt out with API_FORCE_IDLE_TIMEOUT=0.

  • Remote-managed settings apply remaining valid policies

    A single invalid entry silently dropped the whole payload, so intended policies were not enforced. Remaining valid policies now apply, and the validation error is surfaced.

  • Background sessions preserve flags across retire→wake

    --ide, --chrome, --bare, --remote-control, and other flags were lost across retire→wake, so behavior changed on resume. These flags are now preserved for the session’s lifetime, and respawn state validation has been hardened.

  • Lower CPU usage during streaming and spinner animations

    CPU usage was higher than necessary while responses streamed and during spinner rendering. Both paths now use less CPU.

  • CLAUDE.md is too long threshold scales with the model’s context window

    The warning fired at a fixed threshold regardless of context window. It now scales with the model’s context window.

Bug fixes

Permissions & managed settings

  • Enterprise managed MCP policies (allowedMcpServers/deniedMcpServers) not being enforced on reconnect, IDE-typed configs, --mcp-config servers during the first session after install, or before remote settings loaded — fixed. Slow cold starts for orgs without remote settings were also improved.
  • Untrusted project settings being able to set OTEL client-certificate paths without trust confirmation — fixed.

Background agents & sessions

  • claude agents --json omitting blocked and just-dispatched background sessions — fixed. A new --all option includes completed sessions, plus new id and state fields.
  • Stale permission and dialog prompts reappearing every time you reattached to a remote session whose worker had died while waiting on them — fixed.
  • Background agents ignoring project-level settings env values (e.g. ANTHROPIC_MODEL) when dispatched onto a pre-warmed worker — fixed.
  • Background sessions attempting shared-checkout edits before entering a worktree and being rejected — now told upfront so the wasted edit is avoided before EnterWorktree.
  • Agents view leaving a stale/garbled frame after navigating back from an agent on WSL in Windows Terminal — fixed.
  • MCPB plugin cache being spuriously invalidated on Windows, causing unnecessary re-extraction — fixed.
  • Plugin .in_use PID lock files accumulating without bound — stale markers from crashed sessions are now swept once per day.

Terminal & UI

  • Up/Down arrows jumping to command history past the wrapped rows of a long input line — fixed; they now move through each visual row first, and history recall enters at the near edge.
  • ~30-50ms UI stall at the start of each turn for macOS users logged in with claude.ai credentials — fixed.
  • claude -p slow or appearing to hang on Windows while waiting for the slash-command/skill scan — fixed (regression in 2.1.161).
  • Footer hints (e.g. “esc to interrupt”) not showing for users with a custom statusline — fixed.
  • Color contrast for skill tags in the slash-command menu — improved.

Platform & infrastructure

  • Remote Control getting stuck on “reconnecting” after resuming a session when an OAuth token refresh happened at the same time — fixed.
  • Git Credential Manager’s “Connect to GitHub” popup appearing on Windows at startup when background git commands ran without cached credentials — fixed.
  • Auto-updater on Windows retrying within a session when claude.exe was held by another process — now stops retrying once the binary is detected to be held.

Notes

  • 2.1.167 and 2.1.168 were one-line reliability patches — both versions’ changelogs were just “Bug fixes and reliability improvements,” so neither is covered as a standalone post.
  • --safe-mode is for problem isolation — compare against a baseline with all customizations off to narrow down the cause. Do not run it in normal operation.
  • /cd stays in the same session — the working directory changes while the prompt cache is preserved. Use a new session if you also need a fresh project context.
  • disableBundledSkills controls model visibility — bundled skills, workflows, and built-in slash commands are hidden from the model. Useful when an organization wants only its own skills exposed.
  • Enterprise MCP policy enforcement — policies were previously not enforced on reconnect, IDE-typed configs, --mcp-config, or before remote settings loaded. Environments where managed enforcement quietly stopped applying should re-verify the policies take effect after upgrading.
  • OTEL client-certificate paths security fix — untrusted project settings could set OTEL client-certificate paths without trust confirmation. Upgrade is recommended for affected environments.
  • claude agents --json schema change — the new id and state fields and the --all option land in the JSON output. Automation that parses it should pick up the new fields.