v2.1.160

Source: Anthropic Claude Code Date: 2026-06-02 URL: https://github.com/anthropics/claude-code/releases/tag/v2.1.160

Summary

Claude Code v2.1.160 (2026-06-02) is primarily a security-hardening and background-agent stability release. It adds prompts before writing to shell startup files and build-tool config files (.npmrc, bunfig.toml, .bazelrc, etc.) in acceptEdits mode — surfaces that can execute code silently. Background agent lifecycle bugs are fixed across the board: cold-start socket failures, overnight idle retirement losing conversation history, auto-updater freezing the agent list, and Windows directory-lock issues after claude rm.

Implications

• Coding agents / security. The shell-startup and build-config write guards are a direct response to prompt-injection attack surface — these files are execution vectors that a compromised or misbehaving agent could use to persist code. Adding confirmation prompts here is a meaningful security posture improvement for anyone running Claude Code in acceptEdits mode against untrusted repos.
• Background agent maturity. The volume of background-session bug fixes (socket failures, history loss, Windows cleanup, CJK IME, ARM scroll) suggests the claude agents infrastructure is still in active stabilization. It’s functional but not yet at the reliability level that would let teams run it unattended at scale.
• ultracode keyword rename. The workflow → ultracode trigger rename and the removal of CLAUDE_CODE_OPUS_4_6_FAST_MODE_OVERRIDE are small but visible API surface cleanups — sign that the dynamic-workflow feature is moving toward a stable interface after the experimental phase.