Added plugin dependency enforcement: claude plugin disable now refuses when another enabled plugin depends on the target (with a copy-pasteable disable-chain hint), and claude plugin enable force-enables transitive dependencies
Added projected context cost (per-turn and per-invocation token estimates) to the /plugin marketplace browse pane
Added worktree.bgIsolation: "none" setting to let background sessions edit the working copy directly without EnterWorktree, for repos where worktrees are impractical
PowerShell tool now passes -ExecutionPolicy Bypass. Opt out with CLAUDE_CODE_POWERSHELL_RESPECT_EXECUTION_POLICY=1
Background sessions now preserve the model and effort level you set after waking from idle
Shift+Tab in attached agent sessions now includes auto mode in the cycle
Fixed a corrupt .credentials.json with a non-array scopes value hanging the CLI on startup or silently aborting OAuth token refresh
Fixed right-click paste in claude agents on Windows Terminal and WSL
Fixed stop hooks that block repeatedly looping forever — the turn now ends with a warning after 8 consecutive blocks (override via CLAUDE_CODE_STOP_HOOK_BLOCK_CAP)
Fixed Esc/Ctrl+C not cancelling a pending /loop wakeup while Claude is idle between iterations
Fixed /goal evaluator firing while background shells or delegated subagents are still running
Fixed NO_COLOR/FORCE_COLOR in settings.json env stripping Claude Code’s own UI colors — they now apply to subprocesses only
Fixed agent view spawning repeated PowerShell processes on Windows when listing sessions
Fixed /bg without a prompt sending „continue“ to the forked session — the fork now waits for input
Fixed --agent <name> not finding plugin-contributed agents without the plugin: prefix
Fixed deleting a session from agent view not removing its transcript file
Fixed stale-fragment rendering when scrolling in attached background sessions on Windows Terminal
Fixed background agents false-positive worker-stall detection storm after host sleep or macOS App Nap
Fixed 5xx error messages pointing at status.claude.com instead of naming the configured gateway or cloud provider
The PowerShell tool is now enabled by default on Windows for Bedrock, Vertex, and Foundry users. Opt out with CLAUDE_CODE_USE_POWERSHELL_TOOL=0.
claude agents now accepts --add-dir, --settings, --mcp-config, and --plugin-dir and applies them to the dashboard and to background sessions dispatched from it
claude agents accepts --permission-mode, --model, --effort, and --dangerously-skip-permissions to set defaults for sessions dispatched from the view
claude --bg --dangerously-skip-permissions now persists across retire→wake
Fixed background sessions silently capturing IDE file references into the warm spare’s input, which caused the reference to be prepended to the next prompt dispatched from claude agents
Worktree cleanup no longer falls back to rm -rf when git worktree remove fails, preventing loss of gitignored or in-progress files
Fixed background-job sessions on macOS getting „Operation not permitted“ errors when reading files under ~/Documents, ~/Desktop, or ~/Downloads, even with Full Disk Access granted.
/bg now preserves --mcp-config, --settings, --add-dir, --plugin-dir, and --strict-mcp-config, so backgrounded sessions keep their MCP servers and settings across respawn.
Background sessions launched from claude agents now honor permissions.defaultMode from settings.json (was previously overridden to auto mode)
Fixed: on Windows, pressing ← in claude agents while a response was streaming could leave the agents list unresponsive to all input
/bg and ←-detach now preserve --fallback-model, so backgrounded workers degrade to the fallback model on overload instead of hard-failing.
/bg and ←-detach now preserve --allow-dangerously-skip-permissions, so the forked worker keeps bypass-permissions available in its Shift+Tab cycle.
Fixed: background daemon spawn now falls back to the running binary when the ~/.local/bin/claude launcher is missing or non-executable
Fixed claude agents --allow-dangerously-skip-permissions defaulting dispatched sessions to bypass mode instead of making it available in the permission cycle