Claude Code desktop app showing session list and the command input interface Image from Anthropic / claude.com
by VibecodedThis

Claude Code 2.1.160 Guards Shell Startup Files and Build Configs Before Writing

Claude Code's June 2 release adds security prompts before the agent writes to shell startup files or build-tool configs that grant code execution, renames the dynamic workflow trigger to 'ultracode', and clears a stack of Windows and session bugs.

Share

Anthropic shipped Claude Code 2.1.160 on June 2. The release is a mix of targeted security improvements, a rename that will affect anyone using dynamic workflows, and a solid round of bug fixes that have been accumulating for a few weeks.

The full release notes are on GitHub.

Shell Startup Files and Build Configs Now Prompt Before Writes

Two related security changes landed in this version.

First, Claude Code will now prompt before writing to shell startup files, specifically .zshenv, .zlogin, .bash_login, and files under ~/.config/git/. These files run automatically when you open a shell, which means a write to .zshenv can silently introduce code execution on every login. Requiring a prompt before that write gives you a chance to review what is being changed.

Second, if you are using acceptEdits mode (which lets Claude write files without prompting each time), it will now pause and ask before writing to build-tool configuration files that can grant code execution. That covers .npmrc, .yarnrc and its variants, bunfig.toml, .bazelrc, .pre-commit-config.yaml, and files under .devcontainer/.

The pattern is the same in both cases: Claude Code is drawing a distinction between routine code changes and writes that could affect how your machine runs code automatically.

The Workflow Keyword Is Now “Ultracode”

Anyone using the dynamic workflow feature will need to update their prompts. The trigger keyword that tells Claude Code to enter multi-agent workflow mode was renamed from workflow to ultracode.

If you have any saved prompts, Routines, or hooks that use the workflow keyword to invoke dynamic orchestration, they will stop triggering workflow mode after this update. Replace workflow with ultracode to restore the behavior.

grep Now Satisfies the Read-Before-Edit Check

Claude Code requires that a file be read before it can be edited, as a safety check. Previously, running grep on a file did not count as reading it, which forced redundant read operations in common patterns like “grep for a function, then edit it.” As of 2.1.160, single-file grep, egrep, and fgrep commands satisfy the read requirement, so you can search and immediately edit without the extra step.

Bug Fixes

Several session and background agent bugs are cleared in this release:

  • Restoring a completed session from claude agents was dropping the chat history and re-running the original prompt. That is fixed.
  • Background sessions were losing their conversations after sitting idle overnight. Fixed.
  • claude --bg was occasionally failing with a “socket missing” error on first launch on a loaded machine. Fixed.

Windows-specific fixes include correct clipboard behavior on WSL (now uses PowerShell interop instead of OSC 52), fixes for directory deletion blocking after claude rm, and multiple stability improvements for heavy CPU load scenarios.

Voice mode also got a fix for connection failures when the current directory or branch name contains non-ASCII characters.

Removals

The CLAUDE_CODE_OPUS_4_6_FAST_MODE_OVERRIDE environment variable has been removed and is now a no-op. The JetBrains plugin install suggestion no longer appears at startup.

Share