SpyBara
Go Premium

Documentation 2026-05-08 22:00 UTC to 2026-05-09 04:57 UTC

20 files changed +384 โˆ’41. View all changes and history on the product overview
2026
Sun 31 06:39 Sat 30 06:23 Fri 29 06:38 Thu 28 06:37 Wed 27 06:42 Tue 26 06:33 Sun 24 06:25 Sat 23 06:18 Fri 22 06:33 Thu 21 06:36 Wed 20 06:35 Tue 19 06:34 Mon 18 23:59 Sun 17 01:01 Fri 15 22:58 Thu 14 17:02 Wed 13 23:01 Tue 12 22:57 Mon 11 23:00 Sun 10 23:03 Sat 9 04:57 Fri 8 22:00 Thu 7 22:59 Tue 5 23:00 Mon 4 22:58 Sat 2 18:14 Fri 1 18:19

agent-sdk/mcp.md +1 โˆ’1

Details

309 </Tab>309 </Tab>

310</Tabs>310</Tabs>

311 311 

312For HTTP (non-streaming), use `"type": "http"` instead.312For the streamable HTTP transport, use `"type": "http"` instead. In `.mcp.json` and other JSON config files, `"streamable-http"` is accepted as an alias for `"http"`. The programmatic `mcpServers` option accepts only `"http"`.

313 313 

314### SDK MCP servers314### SDK MCP servers

315 315 

agent-sdk/python.md +3 โˆ’1

Details

2334 "multiSelect": bool, # Set to true to allow multiple selections2334 "multiSelect": bool, # Set to true to allow multiple selections

2335 }2335 }

2336 ],2336 ],

2337 "answers": dict | None, # User answers populated by the permission system2337 "answers": dict[str, str | list[str]] | None,

2338 # User answers populated by the permission system. Multi-select

2339 # answers may be a list of labels or a comma-joined string

2338}2340}

2339```2341```

2340 2342 

Details

308| `tag` | `string \| null` | required | Tag string, or `null` to clear |308| `tag` | `string \| null` | required | Tag string, or `null` to clear |

309| `options.dir` | `string` | `undefined` | Project directory path. When omitted, searches all project directories |309| `options.dir` | `string` | `undefined` | Project directory path. When omitted, searches all project directories |

310 310 

311### `resolveSettings()`

312 

313Resolves the effective Claude Code settings for a given directory using the same merge engine as the CLI, without spawning the Claude CLI. Use it to inspect what configuration a `query()` call would see before invoking one.

314 

315<Note>

316 This function is alpha and its API may change before stabilization. It reads MDM sources, including macOS plist and Windows HKLM/HKCU, for parity with CLI startup, but does not execute the admin-configured `policyHelper` subprocess. The `permissions.defaultMode` field is returned as-is from all tiers including project settings. The trust filter the CLI applies before honoring escalating permission modes is not applied.

317</Note>

318 

319```typescript theme={null}

320function resolveSettings(

321 options?: ResolveSettingsOptions

322): Promise<ResolvedSettings>;

323```

324 

325#### Parameters

326 

327`resolveSettings()` accepts a single options object. All fields are optional.

328 

329| Parameter | Type | Default | Description |

330| :------------------------------ | :------------------------------------ | :-------------- | :---------------------------------------------------------------------------------------------------------------------------------------- |

331| `options.cwd` | `string` | `process.cwd()` | Directory to resolve project and local settings relative to |

332| `options.settingSources` | [`SettingSource`](#settingsource)`[]` | All sources | Which filesystem sources to load. Pass `[]` to skip user, project, and local settings. Managed policy settings load in all cases |

333| `options.managedSettings` | `Settings` | `undefined` | Restrictive policy-tier settings merged at the managed-policy precedence level. Non-restrictive keys such as `model` are silently dropped |

334| `options.serverManagedSettings` | `Settings` | `undefined` | Server-managed settings payload from `/api/claude_code/settings`. Non-restrictive keys pass through unfiltered |

335 

336#### Return type: `ResolvedSettings`

337 

338`resolveSettings()` returns an object describing the merged settings and the source that contributed each key.

339 

340| Property | Type | Description |

341| :----------- | :-------------------------------------------------- | :--------------------------------------------------------------------- |

342| `effective` | `Settings` | Merged settings after applying all enabled sources in precedence order |

343| `provenance` | `Partial<Record<keyof Settings, ProvenanceEntry>>` | For each top-level key in `effective`, which source supplied the value |

344| `sources` | `Array<{ source, settings, path?, policyOrigin? }>` | Per-source raw settings, ordered from lowest to highest precedence |

345 

346#### Example

347 

348The example below resolves settings for a project directory and prints the source that controls the cleanup period.

349 

350```typescript theme={null}

351import { resolveSettings } from "@anthropic-ai/claude-agent-sdk";

352 

353const { effective, provenance } = await resolveSettings({

354 cwd: "/path/to/project",

355 settingSources: ["user", "project", "local"],

356});

357 

358console.log(`Cleanup period: ${effective.cleanupPeriodDays} days`);

359console.log(`Set by: ${provenance.cleanupPeriodDays?.source}`);

360```

361 

311## Types362## Types

312 363 

313### `Options`364### `Options`


864 | SDKFilesPersistedEvent915 | SDKFilesPersistedEvent

865 | SDKToolUseSummaryMessage916 | SDKToolUseSummaryMessage

866 | SDKRateLimitEvent917 | SDKRateLimitEvent

918 | SDKPermissionDeniedMessage

867 | SDKPromptSuggestionMessage;919 | SDKPromptSuggestionMessage;

868```920```

869 921 


1052};1104};

1053```1105```

1054 1106 

1107### `SDKPermissionDeniedMessage`

1108 

1109Stream event emitted when the permission system auto-denies a tool call without an interactive prompt. Use it to render the denial in your UI as it happens, rather than only observing the `is_error` tool result that follows. The interactive ask path reaches your application separately through the [`canUseTool`](#canusetool) callback. Denials issued by a `PreToolUse` hook are not reported through this event.

1110 

1111This event requires Claude Code v2.1.136 or later.

1112 

1113```typescript theme={null}

1114type SDKPermissionDeniedMessage = {

1115 type: "system";

1116 subtype: "permission_denied";

1117 tool_name: string;

1118 tool_use_id: string;

1119 agent_id?: string;

1120 decision_reason_type?: string;

1121 decision_reason?: string;

1122 message: string;

1123 uuid: UUID;

1124 session_id: string;

1125};

1126```

1127 

1128| Field | Type | Description |

1129| ---------------------- | -------- | ------------------------------------------------------------------------------------------------------------------------ |

1130| `tool_name` | `string` | Name of the tool that was denied |

1131| `tool_use_id` | `string` | ID of the `tool_use` block this denial answers |

1132| `agent_id` | `string` | Subagent ID when the denied call originated inside a subagent. Mirrors the field on `can_use_tool` for host-side routing |

1133| `decision_reason_type` | `string` | Discriminator for the component that decided, such as `"rule"`, `"mode"`, `"classifier"`, or `"asyncAgent"` |

1134| `decision_reason` | `string` | Human-readable reason from the deciding component, when available |

1135| `message` | `string` | Rejection message returned to the model in the `tool_result` |

1136 

1055### `SDKPermissionDenial`1137### `SDKPermissionDenial`

1056 1138 

1057Information about a denied tool use.1139Information about a denied tool use.

Details

474 | `question` field (e.g., `"How should I format the output?"`) | Key |474 | `question` field (e.g., `"How should I format the output?"`) | Key |

475 | Selected option's `label` field (e.g., `"Summary"`) | Value |475 | Selected option's `label` field (e.g., `"Summary"`) | Value |

476 476 

477 For multi-select questions, join multiple labels with `", "`. If you [support free-text input](#support-free-text-input), use the user's custom text as the value.477 For multi-select questions, pass an array of labels or join them with `", "`. If you [support free-text input](#support-free-text-input), use the user's custom text as the value.

478 478 

479 <CodeGroup>479 <CodeGroup>

480 ```python Python theme={null}480 ```python Python theme={null}


483 "questions": input_data.get("questions", []),483 "questions": input_data.get("questions", []),

484 "answers": {484 "answers": {

485 "How should I format the output?": "Summary",485 "How should I format the output?": "Summary",

486 "Which sections should I include?": "Introduction, Conclusion",486 "Which sections should I include?": ["Introduction", "Conclusion"],

487 },487 },

488 }488 }

489 )489 )


584| `questions` | Pass through the original questions array (required for tool processing) |584| `questions` | Pass through the original questions array (required for tool processing) |

585| `answers` | Object where keys are question text and values are selected labels |585| `answers` | Object where keys are question text and values are selected labels |

586 586 

587For multi-select questions, join multiple labels with `", "`. For free-text input, use the user's custom text directly.587For multi-select questions, pass an array of labels or join them with `", "`. For free-text input, use the user's custom text directly.

588 588 

589```json theme={null}589```json theme={null}

590{590{


593 ],593 ],

594 "answers": {594 "answers": {

595 "How should I format the output?": "Summary",595 "How should I format the output?": "Summary",

596 "Which sections should I include?": "Introduction, Conclusion"596 "Which sections should I include?": ["Introduction", "Conclusion"]

597 }597 }

598}598}

599```599```

auto-mode-config.md +16 โˆ’11

Details

39 39 

40The classifier does not read `autoMode` from shared project settings in `.claude/settings.json`, so a checked-in repo cannot inject its own allow rules.40The classifier does not read `autoMode` from shared project settings in `.claude/settings.json`, so a checked-in repo cannot inject its own allow rules.

41 41 

42Entries from each scope are combined. A developer can extend `environment`, `allow`, and `soft_deny` with personal entries but cannot remove entries that managed settings provide. Because allow rules act as exceptions to block rules inside the classifier, a developer-added `allow` entry can override an organization `soft_deny` entry: the combination is additive, not a hard policy boundary.42Entries from each scope are combined. A developer can extend `environment`, `allow`, `soft_deny`, and `hard_deny` with personal entries but cannot remove entries that managed settings provide. Because allow rules act as exceptions to soft block rules inside the classifier, a developer-added `allow` entry can override an organization `soft_deny` entry: the combination is additive, not a hard policy boundary.

43 43 

44<Note>44<Note>

45 The classifier is a second gate that runs after the [permissions system](/en/permissions). For actions that must never run regardless of user intent or classifier configuration, use `permissions.deny` in managed settings, which blocks the action before the classifier is consulted and cannot be overridden.45 The classifier is a second gate that runs after the [permissions system](/en/permissions). For actions that must never run regardless of user intent or classifier configuration, use `permissions.deny` in managed settings, which blocks the action before the classifier is consulted and cannot be overridden.


99 99 

100## Override the block and allow rules100## Override the block and allow rules

101 101 

102Two additional fields let you replace the classifier's built-in rule lists: `autoMode.soft_deny` controls what gets blocked, and `autoMode.allow` controls which exceptions apply. Each is an array of prose descriptions, read as natural-language rules. There is no `autoMode.deny` field; to hard-block an action regardless of intent, use [`permissions.deny`](/en/permissions), which runs before the classifier.102Three additional fields let you replace the classifier's built-in rule lists: `autoMode.hard_deny` for unconditional security boundaries, `autoMode.soft_deny` for destructive actions that user intent can clear, and `autoMode.allow` for exceptions. Each is an array of prose descriptions, read as natural-language rules. For tool-pattern-based hard blocks that run before the classifier, use [`permissions.deny`](/en/permissions).

103 103 

104Inside the classifier, precedence works in three tiers:104Inside the classifier, precedence works in four tiers:

105 105 

106* `soft_deny` rules block first106* `hard_deny` rules block unconditionally. User intent and `allow` exceptions do not apply.

107* `allow` rules then override matching blocks as exceptions107* `soft_deny` rules block next. User intent and `allow` exceptions can override these.

108* Explicit user intent overrides both: if the user's message directly and specifically describes the exact action Claude is about to take, the classifier allows it even when a `soft_deny` rule matches108* `allow` rules then override matching `soft_deny` rules as exceptions.

109* Explicit user intent overrides the remaining soft blocks: if the user's message directly and specifically describes the exact action Claude is about to take, the classifier allows it even when a `soft_deny` rule matches.

109 110 

110General requests don't count as explicit intent. Asking Claude to "clean up the repo" does not authorize force-pushing, but asking Claude to "force-push this branch" does.111General requests don't count as explicit intent. Asking Claude to "clean up the repo" does not authorize force-pushing, but asking Claude to "force-push this branch" does.

111 112 

112To loosen, add to `allow` when the classifier repeatedly flags a routine pattern the default exceptions don't cover. To tighten, add to `soft_deny` for risks specific to your environment that the defaults miss. To keep the built-in rules while adding your own, include the literal string `"$defaults"` in the array. The default rules are spliced in at that position, so your custom rules can go before or after them, and you continue to inherit updates as the built-in list changes across releases.113To loosen, add to `allow` when the classifier repeatedly flags a routine pattern the default exceptions don't cover. To tighten, add to `soft_deny` for destructive risks specific to your environment that the defaults miss, or to `hard_deny` for security boundaries that must never be crossed. To keep the built-in rules while adding your own, include the literal string `"$defaults"` in the array. The default rules are spliced in at that position, so your custom rules can go before or after them, and you continue to inherit updates as the built-in list changes across releases.

113 114 

114```json theme={null}115```json theme={null}

115{116{


127 "$defaults",128 "$defaults",

128 "Never run database migrations outside the migrations CLI, even against dev databases",129 "Never run database migrations outside the migrations CLI, even against dev databases",

129 "Never modify files under infra/terraform/prod/: production infrastructure changes go through the review workflow"130 "Never modify files under infra/terraform/prod/: production infrastructure changes go through the review workflow"

131 ],

132 "hard_deny": [

133 "$defaults",

134 "Never send repository contents to third-party code-review APIs"

130 ]135 ]

131 }136 }

132}137}

133```138```

134 139 

135<Danger>140<Danger>

136 Setting any of `environment`, `allow`, or `soft_deny` without `"$defaults"` replaces the entire default list for that section. If you set `soft_deny` with a single entry and omit `"$defaults"`, every built-in block rule is discarded: force push, data exfiltration, `curl | bash`, production deploys, and all other default block rules become allowed. Only omit `"$defaults"` when you intend to take full ownership of the list. In that case, run `claude auto-mode defaults` to print the built-in rules, copy them into your settings file, then review each rule against your own pipeline and risk tolerance.141 Setting any of `environment`, `allow`, `soft_deny`, or `hard_deny` without `"$defaults"` replaces the entire default list for that section. A `soft_deny` array without `"$defaults"` discards every built-in soft block rule, including force push, `curl | bash`, and production deploys. A `hard_deny` array without `"$defaults"` discards the built-in data exfiltration and safety-check bypass rules.

137</Danger>142</Danger>

138 143 

139Each section is evaluated independently, so setting `environment` alone leaves the default `allow` and `soft_deny` lists intact.144Each section is evaluated independently, so setting `environment` alone leaves the default `allow`, `soft_deny`, and `hard_deny` lists intact. Only omit `"$defaults"` when you intend to take full ownership of the list. To do that safely, run `claude auto-mode defaults` to print the built-in rules, copy them into your settings file, then review each rule against your own pipeline and risk tolerance.

140 145 

141## Inspect the defaults and your effective config146## Inspect the defaults and your effective config

142 147 

143Three CLI subcommands help you inspect and validate your configuration.148Three CLI subcommands help you inspect and validate your configuration.

144 149 

145Print the built-in `environment`, `allow`, and `soft_deny` rules as JSON:150Print the built-in `environment`, `allow`, `soft_deny`, and `hard_deny` rules as JSON:

146 151 

147```bash theme={null}152```bash theme={null}

148claude auto-mode defaults153claude auto-mode defaults


154claude auto-mode config159claude auto-mode config

155```160```

156 161 

157Get AI feedback on your custom `allow` and `soft_deny` rules:162Get AI feedback on your custom `allow`, `soft_deny`, and `hard_deny` rules:

158 163 

159```bash theme={null}164```bash theme={null}

160claude auto-mode critique165claude auto-mode critique

commands.md +3 โˆ’2

Details

46| `/btw <question>` | Ask a quick [side question](/en/interactive-mode#side-questions-with-%2Fbtw) without adding to the conversation |46| `/btw <question>` | Ask a quick [side question](/en/interactive-mode#side-questions-with-%2Fbtw) without adding to the conversation |

47| `/chrome` | Configure [Claude in Chrome](/en/chrome) settings |47| `/chrome` | Configure [Claude in Chrome](/en/chrome) settings |

48| `/claude-api [migrate\|managed-agents-onboard]` | **[Skill](/en/skills#bundled-skills).** Load Claude API reference material for your project's language (Python, TypeScript, Java, Go, Ruby, C#, PHP, or cURL) and Managed Agents reference. Covers tool use, streaming, batches, structured outputs, and common pitfalls. Also activates automatically when your code imports `anthropic` or `@anthropic-ai/sdk`. Run `/claude-api migrate` to upgrade existing Claude API code to a newer model: Claude asks which files to scan and which model to target, then updates model IDs, thinking configuration, and other parameters that changed between versions. Run `/claude-api managed-agents-onboard` for an interactive walkthrough that creates a new Managed Agent from scratch |48| `/claude-api [migrate\|managed-agents-onboard]` | **[Skill](/en/skills#bundled-skills).** Load Claude API reference material for your project's language (Python, TypeScript, Java, Go, Ruby, C#, PHP, or cURL) and Managed Agents reference. Covers tool use, streaming, batches, structured outputs, and common pitfalls. Also activates automatically when your code imports `anthropic` or `@anthropic-ai/sdk`. Run `/claude-api migrate` to upgrade existing Claude API code to a newer model: Claude asks which files to scan and which model to target, then updates model IDs, thinking configuration, and other parameters that changed between versions. Run `/claude-api managed-agents-onboard` for an interactive walkthrough that creates a new Managed Agent from scratch |

49| `/clear` | Start a new conversation with empty context. The previous conversation stays available in `/resume`. To free up context while continuing the same conversation, use `/compact` instead. Aliases: `/reset`, `/new` |49| `/clear [name]` | Start a new conversation with empty context. The previous conversation stays available in `/resume`. Pass a name to label the previous conversation in the `/resume` picker. To free up context while continuing the same conversation, use `/compact` instead. Aliases: `/reset`, `/new` |

50| `/color [color\|default]` | Set the prompt bar color for the current session. Available colors: `red`, `blue`, `green`, `yellow`, `purple`, `orange`, `pink`, `cyan`. Use `default` to reset, or run with no argument to pick a random color. When [Remote Control](/en/remote-control) is connected, the color syncs to claude.ai/code |50| `/color [color\|default]` | Set the prompt bar color for the current session. Available colors: `red`, `blue`, `green`, `yellow`, `purple`, `orange`, `pink`, `cyan`. Use `default` to reset, or run with no argument to pick a random color. When [Remote Control](/en/remote-control) is connected, the color syncs to claude.ai/code |

51| `/compact [instructions]` | Free up context by summarizing the conversation so far. Optionally pass focus instructions for the summary. See [how compaction handles rules, skills, and memory files](/en/context-window#what-survives-compaction) |51| `/compact [instructions]` | Free up context by summarizing the conversation so far. Optionally pass focus instructions for the summary. See [how compaction handles rules, skills, and memory files](/en/context-window#what-survives-compaction) |

52| `/config` | Open the [Settings](/en/settings) interface to adjust theme, model, [output style](/en/output-styles), and other preferences. Alias: `/settings` |52| `/config` | Open the [Settings](/en/settings) interface to adjust theme, model, [output style](/en/output-styles), and other preferences. Alias: `/settings` |

53| `/context` | Visualize current context usage as a colored grid. Shows optimization suggestions for context-heavy tools, memory bloat, and capacity warnings |53| `/context [all]` | Visualize current context usage as a colored grid. Shows optimization suggestions for context-heavy tools, memory bloat, and capacity warnings. In [fullscreen mode](/en/fullscreen) the per-item breakdown is collapsed to keep the grid visible. Pass `all` to expand it |

54| `/copy [N]` | Copy the last assistant response to clipboard. Pass a number `N` to copy the Nth-latest response: `/copy 2` copies the second-to-last. When code blocks are present, shows an interactive picker to select individual blocks or the full response. Press `w` in the picker to write the selection to a file instead of the clipboard, which is useful over SSH |54| `/copy [N]` | Copy the last assistant response to clipboard. Pass a number `N` to copy the Nth-latest response: `/copy 2` copies the second-to-last. When code blocks are present, shows an interactive picker to select individual blocks or the full response. Press `w` in the picker to write the selection to a file instead of the clipboard, which is useful over SSH |

55| `/cost` | Alias for `/usage` |55| `/cost` | Alias for `/usage` |

56| `/debug [description]` | **[Skill](/en/skills#bundled-skills).** Enable debug logging for the current session and troubleshoot issues by reading the session debug log. Debug logging is off by default unless you started with `claude --debug`, so running `/debug` mid-session starts capturing logs from that point forward. Optionally describe the issue to focus the analysis |56| `/debug [description]` | **[Skill](/en/skills#bundled-skills).** Enable debug logging for the current session and troubleshoot issues by reading the session debug log. Debug logging is off by default unless you started with `claude --debug`, so running `/debug` mid-session starts capturing logs from that point forward. Optionally describe the issue to focus the analysis |


88| `/powerup` | Discover Claude Code features through quick interactive lessons with animated demos |88| `/powerup` | Discover Claude Code features through quick interactive lessons with animated demos |

89| `/pr-comments [PR]` | {/* max-version: 2.1.90 */}Removed in v2.1.91. Ask Claude directly to view pull request comments instead. On earlier versions, fetches and displays comments from a GitHub pull request; automatically detects the PR for the current branch, or pass a PR URL or number. Requires the `gh` CLI |89| `/pr-comments [PR]` | {/* max-version: 2.1.90 */}Removed in v2.1.91. Ask Claude directly to view pull request comments instead. On earlier versions, fetches and displays comments from a GitHub pull request; automatically detects the PR for the current branch, or pass a PR URL or number. Requires the `gh` CLI |

90| `/privacy-settings` | View and update your privacy settings. Only available for Pro and Max plan subscribers |90| `/privacy-settings` | View and update your privacy settings. Only available for Pro and Max plan subscribers |

91| `/radio` | Open Claude FM lo-fi radio in your browser. Prints the stream URL when no browser is available. Not available on Bedrock, Vertex, or Foundry |

91| `/recap` | Generate a one-line summary of the current session on demand. See [Session recap](/en/interactive-mode#session-recap) for the automatic recap that appears after you've been away |92| `/recap` | Generate a one-line summary of the current session on demand. See [Session recap](/en/interactive-mode#session-recap) for the automatic recap that appears after you've been away |

92| `/release-notes` | View the changelog in an interactive version picker. Select a specific version to see its release notes, or choose to show all versions |93| `/release-notes` | View the changelog in an interactive version picker. Select a specific version to see its release notes, or choose to show all versions |

93| `/reload-plugins` | Reload all active [plugins](/en/plugins) to apply pending changes without restarting. Reports counts for each reloaded component and flags any load errors |94| `/reload-plugins` | Reload all active [plugins](/en/plugins) to apply pending changes without restarting. Reports counts for each reloaded component and flags any load errors |

env-vars.md +2 โˆ’0

Details

116| `CLAUDE_CODE_MAX_RETRIES` | Override the number of times to retry failed API requests (default: 10) |116| `CLAUDE_CODE_MAX_RETRIES` | Override the number of times to retry failed API requests (default: 10) |

117| `CLAUDE_CODE_MAX_TOOL_USE_CONCURRENCY` | Maximum number of read-only tools and subagents that can execute in parallel (default: 10). Higher values increase parallelism but consume more resources |117| `CLAUDE_CODE_MAX_TOOL_USE_CONCURRENCY` | Maximum number of read-only tools and subagents that can execute in parallel (default: 10). Higher values increase parallelism but consume more resources |

118| `CLAUDE_CODE_MCP_ALLOWLIST_ENV` | Set to `1` to spawn stdio MCP servers with only a safe baseline environment plus the server's configured `env`, instead of inheriting your shell environment |118| `CLAUDE_CODE_MCP_ALLOWLIST_ENV` | Set to `1` to spawn stdio MCP servers with only a safe baseline environment plus the server's configured `env`, instead of inheriting your shell environment |

119| `CLAUDE_CODE_NATIVE_CURSOR` | Set to `1` to show the terminal's own cursor at the input caret instead of a drawn block. The cursor respects the terminal's blink, shape, and focus settings |

119| `CLAUDE_CODE_NEW_INIT` | Set to `1` to make `/init` run an interactive setup flow. The flow asks which files to generate, including CLAUDE.md, skills, and hooks, before exploring the codebase and writing them. Without this variable, `/init` generates a CLAUDE.md automatically without prompting. |120| `CLAUDE_CODE_NEW_INIT` | Set to `1` to make `/init` run an interactive setup flow. The flow asks which files to generate, including CLAUDE.md, skills, and hooks, before exploring the codebase and writing them. Without this variable, `/init` generates a CLAUDE.md automatically without prompting. |

120| `CLAUDE_CODE_NO_FLICKER` | Set to `1` to enable [fullscreen rendering](/en/fullscreen), a research preview that reduces flicker and keeps memory flat in long conversations. Equivalent to the [`tui`](/en/settings#available-settings) setting; you can also switch with `/tui fullscreen` |121| `CLAUDE_CODE_NO_FLICKER` | Set to `1` to enable [fullscreen rendering](/en/fullscreen), a research preview that reduces flicker and keeps memory flat in long conversations. Equivalent to the [`tui`](/en/settings#available-settings) setting; you can also switch with `/tui fullscreen` |

121| `CLAUDE_CODE_OAUTH_REFRESH_TOKEN` | OAuth refresh token for Claude.ai authentication. When set, `claude auth login` exchanges this token directly instead of opening a browser. Requires `CLAUDE_CODE_OAUTH_SCOPES`. Useful for provisioning authentication in automated environments |122| `CLAUDE_CODE_OAUTH_REFRESH_TOKEN` | OAuth refresh token for Claude.ai authentication. When set, `claude auth login` exchanges this token directly instead of opening a browser. Requires `CLAUDE_CODE_OAUTH_SCOPES`. Useful for provisioning authentication in automated environments |


191| `DISABLE_TELEMETRY` | Set to `1` to opt out of telemetry. Telemetry events do not include user data like code, file paths, or bash commands |192| `DISABLE_TELEMETRY` | Set to `1` to opt out of telemetry. Telemetry events do not include user data like code, file paths, or bash commands |

192| `DISABLE_UPDATES` | Set to `1` to block all updates including manual `claude update` and `claude install`. Stricter than `DISABLE_AUTOUPDATER`. Use when distributing Claude Code through your own channels and users should not self-update |193| `DISABLE_UPDATES` | Set to `1` to block all updates including manual `claude update` and `claude install`. Stricter than `DISABLE_AUTOUPDATER`. Use when distributing Claude Code through your own channels and users should not self-update |

193| `DISABLE_UPGRADE_COMMAND` | Set to `1` to hide the `/upgrade` command |194| `DISABLE_UPGRADE_COMMAND` | Set to `1` to hide the `/upgrade` command |

195| `DO_NOT_TRACK` | Set to `1` to opt out of telemetry. Equivalent to setting `DISABLE_TELEMETRY`. Honored as the [standard cross-tool convention](https://consoledonottrack.com/) |

194| `ENABLE_CLAUDEAI_MCP_SERVERS` | Set to `false` to disable [claude.ai MCP servers](/en/mcp#use-mcp-servers-from-claude-ai) in Claude Code. Enabled by default for logged-in users |196| `ENABLE_CLAUDEAI_MCP_SERVERS` | Set to `false` to disable [claude.ai MCP servers](/en/mcp#use-mcp-servers-from-claude-ai) in Claude Code. Enabled by default for logged-in users |

195| `ENABLE_PROMPT_CACHING_1H` | Set to `1` to request a 1-hour prompt cache TTL instead of the default 5 minutes. Intended for API key, [Bedrock](/en/amazon-bedrock), [Vertex](/en/google-vertex-ai), and [Foundry](/en/microsoft-foundry) users. Subscription users receive 1-hour TTL automatically. 1-hour cache writes are billed at a higher rate |197| `ENABLE_PROMPT_CACHING_1H` | Set to `1` to request a 1-hour prompt cache TTL instead of the default 5 minutes. Intended for API key, [Bedrock](/en/amazon-bedrock), [Vertex](/en/google-vertex-ai), and [Foundry](/en/microsoft-foundry) users. Subscription users receive 1-hour TTL automatically. 1-hour cache writes are billed at a higher rate |

196| `ENABLE_PROMPT_CACHING_1H_BEDROCK` | Deprecated. Use `ENABLE_PROMPT_CACHING_1H` instead |198| `ENABLE_PROMPT_CACHING_1H_BEDROCK` | Deprecated. Use `ENABLE_PROMPT_CACHING_1H` instead |

errors.md +16 โˆ’0

Details

31| `Not logged in ยท Please run /login` | [Authentication](#not-logged-in) |31| `Not logged in ยท Please run /login` | [Authentication](#not-logged-in) |

32| `Invalid API key` | [Authentication](#invalid-api-key) |32| `Invalid API key` | [Authentication](#invalid-api-key) |

33| `This organization has been disabled` | [Authentication](#this-organization-has-been-disabled) |33| `This organization has been disabled` | [Authentication](#this-organization-has-been-disabled) |

34| `Routines are disabled by your organization's policy` | [Authentication](#routines-are-disabled-by-your-organizations-policy) |

34| `OAuth token revoked` / `OAuth token has expired` | [Authentication](#oauth-token-revoked-or-expired) |35| `OAuth token revoked` / `OAuth token has expired` | [Authentication](#oauth-token-revoked-or-expired) |

35| `does not meet scope requirement user:profile` | [Authentication](#oauth-scope-requirement) |36| `does not meet scope requirement user:profile` | [Authentication](#oauth-scope-requirement) |

36| `Unable to connect to API` | [Network](#unable-to-connect-to-api) |37| `Unable to connect to API` | [Network](#unable-to-connect-to-api) |


252* Run `/status` afterward to confirm the active credential is your subscription253* Run `/status` afterward to confirm the active credential is your subscription

253* If no environment variable is set and the error persists, the disabled organization is the one tied to your `/login`. Contact support or sign in with a different account.254* If no environment variable is set and the error persists, the disabled organization is the one tied to your `/login`. Contact support or sign in with a different account.

254 255 

256### Routines are disabled by your organization's policy

257 

258Your Team or Enterprise admin has turned off routines at the organization level. The error appears when you try to create or run a routine, including from `/schedule` and the [Routines](/en/routines) UI on claude.ai/code.

259 

260```text theme={null}

261Routines are disabled by your organization's policy.

262```

263 

264This is a server-side setting, so it cannot be overridden from local settings, environment variables, or CLI flags.

265 

266**What to do:**

267 

268* Ask your admin to enable the **Routines** toggle at [claude.ai/admin-settings/claude-code](https://claude.ai/admin-settings/claude-code)

269* For one-off scheduled work that does not require organization-level routines, see [scheduled tasks](/en/scheduled-tasks)

270 

255### OAuth token revoked or expired271### OAuth token revoked or expired

256 272 

257Your saved login is no longer valid. A revoked token means you signed out everywhere or an admin removed access; an expired token means the automatic refresh failed mid-session.273Your saved login is no longer valid. A revoked token means you signed out everywhere or an admin removed access; an expired token means the automatic refresh failed mid-session.

interactive-mode.md +1 โˆ’1

Details

289 289 

290After Claude responds, suggestions continue to appear based on your conversation history, such as a follow-up step from a multi-part request or a natural continuation of your workflow.290After Claude responds, suggestions continue to appear based on your conversation history, such as a follow-up step from a multi-part request or a natural continuation of your workflow.

291 291 

292* Press **Tab** or **Right arrow** to accept the suggestion, or press **Enter** to accept and submit292* Press **Tab** or **Right arrow** to place the suggestion in the prompt input, then **Enter** to submit

293* Start typing to dismiss it293* Start typing to dismiss it

294 294 

295The suggestion runs as a background request that reuses the parent conversation's prompt cache, so the additional cost is minimal. Claude Code skips suggestion generation when the cache is cold to avoid unnecessary cost.295The suggestion runs as a background request that reuses the parent conversation's prompt cache, so the additional cost is minimal. Claude Code skips suggestion generation when the cache is cold to avoid unnecessary cost.

mcp.md +2 โˆ’0

Details

265 --header "Authorization: Bearer your-token"265 --header "Authorization: Bearer your-token"

266```266```

267 267 

268When configuring MCP servers via JSON in `.mcp.json`, `~/.claude.json`, or `claude mcp add-json`, the `type` field accepts `streamable-http` as an alias for `http`. The MCP specification uses the name `streamable-http` for this transport, so configurations copied from server documentation work without modification.

269 

268### Option 2: Add a remote SSE server270### Option 2: Add a remote SSE server

269 271 

270<Warning>272<Warning>

permissions.md +7 โˆ’0

Details

210* `Edit(//tmp/scratch.txt)`: edits the absolute path `/tmp/scratch.txt`210* `Edit(//tmp/scratch.txt)`: edits the absolute path `/tmp/scratch.txt`

211* `Read(src/**)`: reads from `<current-directory>/src/`211* `Read(src/**)`: reads from `<current-directory>/src/`

212 212 

213A rule only matches files under its anchor, so the anchor determines how far a deny rule reaches. Bare filenames follow gitignore semantics and match at any depth, so `Read(.env)` and `Read(**/.env)` are equivalent:

214 

215| Deny rule | Blocks | Does not block |

216| ------------------------------- | -------------------------------------------- | ---------------------------------------------------- |

217| `Read(.env)` or `Read(**/.env)` | any `.env` at or under the current directory | `.env` in a parent directory or another project |

218| `Read(//**/.env)` | any `.env` anywhere on the filesystem | nothing; the rule is anchored at the filesystem root |

219 

213<Note>220<Note>

214 In gitignore patterns, `*` matches files in a single directory while `**` matches recursively across directories. To allow all file access, use just the tool name without parentheses: `Read`, `Edit`, or `Write`.221 In gitignore patterns, `*` matches files in a single directory while `**` matches recursively across directories. To allow all file access, use just the tool name without parentheses: `Read`, `Edit`, or `Write`.

215</Note>222</Note>

plugins-reference.md +8 โˆ’3

Details

425 425 

426| Field | Type | Description | Example |426| Field | Type | Description | Example |

427| :---------------------- | :-------------------- | :-------------------------------------------------------------------------------------------------------------------------------------------------------- | :--------------------------------------------------- |427| :---------------------- | :-------------------- | :-------------------------------------------------------------------------------------------------------------------------------------------------------- | :--------------------------------------------------- |

428| `skills` | string\|array | Custom skill directories containing `<name>/SKILL.md` (replaces default `skills/`) | `"./custom/skills/"` |428| `skills` | string\|array | Custom skill directories containing `<name>/SKILL.md` (in addition to default `skills/`) | `"./custom/skills/"` |

429| `commands` | string\|array | Custom flat `.md` skill files or directories (replaces default `commands/`) | `"./custom/cmd.md"` or `["./cmd1.md"]` |429| `commands` | string\|array | Custom flat `.md` skill files or directories (replaces default `commands/`) | `"./custom/cmd.md"` or `["./cmd1.md"]` |

430| `agents` | string\|array | Custom agent files (replaces default `agents/`) | `"./custom/agents/reviewer.md"` |430| `agents` | string\|array | Custom agent files (replaces default `agents/`) | `"./custom/agents/reviewer.md"` |

431| `hooks` | string\|array\|object | Hook config paths or inline config | `"./my-extra-hooks.json"` |431| `hooks` | string\|array\|object | Hook config paths or inline config | `"./my-extra-hooks.json"` |


512 512 

513### Path behavior rules513### Path behavior rules

514 514 

515For `skills`, `commands`, `agents`, `outputStyles`, `experimental.themes`, and `experimental.monitors`, a custom path replaces the default. If the manifest specifies `skills`, the default `skills/` directory is not scanned; if it specifies `experimental.monitors`, the default `monitors/monitors.json` is not loaded. [Hooks](#hooks), [MCP servers](#mcp-servers), and [LSP servers](#lsp-servers) have different semantics for handling multiple sources.515Whether a custom path replaces or extends the plugin's default directory depends on the field:

516 

517* **Replaces the default**: `commands`, `agents`, `outputStyles`, `experimental.themes`, `experimental.monitors`. For example, when the manifest specifies `commands`, the default `commands/` directory is not scanned. To keep the default and add more, list it explicitly: `"commands": ["./commands/", "./extras/"]`

518* **Adds to the default**: `skills`. The default `skills/` directory is always scanned, and directories listed in `skills` are loaded alongside it

519* **Own merge rules**: [hooks](#hooks), [MCP servers](#mcp-servers), and [LSP servers](#lsp-servers). See each section for how multiple sources combine

520 

521For all path fields:

516 522 

517* All paths must be relative to the plugin root and start with `./`523* All paths must be relative to the plugin root and start with `./`

518* Components from custom paths use the same naming and namespacing rules524* Components from custom paths use the same naming and namespacing rules

519* Multiple paths can be specified as arrays525* Multiple paths can be specified as arrays

520* To keep the default directory and add more paths for skills, commands, agents, or output styles, include the default in your array: `"skills": ["./skills/", "./extras/"]`

521* When a skill path points to a directory that contains a `SKILL.md` directly, for example `"skills": ["./"]` pointing to the plugin root, the frontmatter `name` field in `SKILL.md` determines the skill's invocation name. This gives a stable name regardless of the install directory. If `name` is not set in the frontmatter, the directory basename is used as a fallback.526* When a skill path points to a directory that contains a `SKILL.md` directly, for example `"skills": ["./"]` pointing to the plugin root, the frontmatter `name` field in `SKILL.md` determines the skill's invocation name. This gives a stable name regardless of the install directory. If `name` is not set in the frontmatter, the directory basename is used as a fallback.

522 527 

523**Path examples**:528**Path examples**:

routines.md +6 โˆ’0

Details

362 362 

363One-off runs do not count against the daily routine cap. They draw down your regular subscription usage like any other session, but they are exempt from the per-account daily routine run allowance.363One-off runs do not count against the daily routine cap. They draw down your regular subscription usage like any other session, but they are exempt from the per-account daily routine run allowance.

364 364 

365## Troubleshooting

366 

367### "Routines are disabled by your organization's policy"

368 

369Your Team or Enterprise admin has likely turned off the **Routines** toggle at [claude.ai/admin-settings/claude-code](https://claude.ai/admin-settings/claude-code). This is a server-side organization setting, so it cannot be overridden from your local configuration. Contact your admin to request that routines be enabled for your organization.

370 

365## Related resources371## Related resources

366 372 

367* [`/loop` and in-session scheduling](/en/scheduled-tasks): schedule local tasks within an open CLI session373* [`/loop` and in-session scheduling](/en/scheduled-tasks): schedule local tasks within an open CLI session

security.md +1 โˆ’1

Details

59* **Network request approval**: Tools that make network requests require user approval by default59* **Network request approval**: Tools that make network requests require user approval by default

60* **Isolated context windows**: Web fetch uses a separate context window to avoid injecting potentially malicious prompts60* **Isolated context windows**: Web fetch uses a separate context window to avoid injecting potentially malicious prompts

61* **Trust verification**: First-time codebase runs and new MCP servers require trust verification61* **Trust verification**: First-time codebase runs and new MCP servers require trust verification

62 * Note: Trust verification is disabled when running non-interactively with the `-p` flag62 * Note: Trust verification is disabled when running non-interactively with the `-p` flag. The exception is [`--worktree`](/en/worktrees), which still requires that trust has been accepted for the directory

63* **Command injection detection**: Suspicious bash commands require manual approval even if previously allowlisted63* **Command injection detection**: Suspicious bash commands require manual approval even if previously allowlisted

64* **Fail-closed matching**: Unmatched commands default to requiring manual approval64* **Fail-closed matching**: Unmatched commands default to requiring manual approval

65* **Natural language descriptions**: Complex bash commands include explanations for user understanding65* **Natural language descriptions**: Complex bash commands include explanations for user understanding

Details

41 </Step>41 </Step>

42 42 

43 <Step title="Define your settings">43 <Step title="Define your settings">

44 Add your configuration as JSON. All [settings available in `settings.json`](/en/settings#available-settings) are supported, including [hooks](/en/hooks), [environment variables](/en/env-vars), and [managed-only settings](/en/permissions#managed-only-settings) like `allowManagedPermissionRulesOnly`.44 Add your configuration as JSON. All [settings available in `settings.json`](/en/settings#available-settings) are supported except those restricted to OS-level policy delivery; see [Current limitations](#current-limitations) for that short list. This includes [hooks](/en/hooks), [environment variables](/en/env-vars), and [managed-only settings](/en/permissions#managed-only-settings) like `allowManagedPermissionRulesOnly`.

45 45 

46 This example enforces a permission deny list, prevents users from bypassing permissions, and restricts permission rules to those defined in managed settings:46 This example enforces a permission deny list, prevents users from bypassing permissions, and restricts permission rules to those defined in managed settings:

47 47 


93 }93 }

94 ```94 ```

95 95 

96 Because hooks execute shell commands, users see a [security approval dialog](#security-approval-dialogs) before they're applied. See [Configure auto mode](/en/auto-mode-config) for how the `autoMode` entries affect what the classifier blocks and important warnings about the `allow` and `soft_deny` fields.96 Because hooks execute shell commands, users see a [security approval dialog](#security-approval-dialogs) before they're applied. See [Configure auto mode](/en/auto-mode-config) for how the `autoMode` entries affect what the classifier blocks and important warnings about the `environment`, `allow`, `soft_deny`, and `hard_deny` fields.

97 </Step>97 </Step>

98 98 

99 <Step title="Save and deploy">99 <Step title="Save and deploy">


124 124 

125* Settings apply uniformly to all users in the organization. Per-group configurations are not yet supported.125* Settings apply uniformly to all users in the organization. Per-group configurations are not yet supported.

126* [MCP server configurations](/en/mcp#managed-mcp-configuration) cannot be distributed through server-managed settings.126* [MCP server configurations](/en/mcp#managed-mcp-configuration) cannot be distributed through server-managed settings.

127* Settings restricted to OS-level policy sources, such as `policyHelper` and `wslInheritsWindowsSettings`, are not honored. Deploy them through MDM or a system `managed-settings.json` file instead.

127 128 

128## Settings delivery129## Settings delivery

129 130 

settings.md +28 โˆ’1

Details

172| `attribution` | Customize attribution for git commits and pull requests. See [Attribution settings](#attribution-settings) | `{"commit": "๐Ÿค– Generated with Claude Code", "pr": ""}` |172| `attribution` | Customize attribution for git commits and pull requests. See [Attribution settings](#attribution-settings) | `{"commit": "๐Ÿค– Generated with Claude Code", "pr": ""}` |

173| `autoMemoryDirectory` | Custom directory for [auto memory](/en/memory#storage-location) storage. Accepts an absolute path or a `~/`-prefixed path. Accepted from policy and user settings, and from the `--settings` flag. Not accepted from project or local settings, since a cloned repository could supply either file to redirect memory writes to sensitive locations | `"~/my-memory-dir"` |173| `autoMemoryDirectory` | Custom directory for [auto memory](/en/memory#storage-location) storage. Accepts an absolute path or a `~/`-prefixed path. Accepted from policy and user settings, and from the `--settings` flag. Not accepted from project or local settings, since a cloned repository could supply either file to redirect memory writes to sensitive locations | `"~/my-memory-dir"` |

174| `autoMemoryEnabled` | Enable [auto memory](/en/memory#enable-or-disable-auto-memory). When `false`, Claude does not read from or write to the auto memory directory. Default: `true`. You can also toggle this with `/memory` during a session. To disable via environment variable, set [`CLAUDE_CODE_DISABLE_AUTO_MEMORY`](/en/env-vars) in `env` | `false` |174| `autoMemoryEnabled` | Enable [auto memory](/en/memory#enable-or-disable-auto-memory). When `false`, Claude does not read from or write to the auto memory directory. Default: `true`. You can also toggle this with `/memory` during a session. To disable via environment variable, set [`CLAUDE_CODE_DISABLE_AUTO_MEMORY`](/en/env-vars) in `env` | `false` |

175| `autoMode` | Customize what the [auto mode](/en/permission-modes#eliminate-prompts-with-auto-mode) classifier blocks and allows. Contains `environment`, `allow`, and `soft_deny` arrays of prose rules. Include the literal string `"$defaults"` in an array to inherit the built-in rules at that position. See [Configure auto mode](/en/auto-mode-config). Not read from shared project settings | `{"soft_deny": ["$defaults", "Never run terraform apply"]}` |175| `autoMode` | Customize what the [auto mode](/en/permission-modes#eliminate-prompts-with-auto-mode) classifier blocks and allows. Contains `environment`, `allow`, `soft_deny`, and `hard_deny` arrays of prose rules. Include the literal string `"$defaults"` in an array to inherit the built-in rules at that position. See [Configure auto mode](/en/auto-mode-config). Not read from shared project settings | `{"soft_deny": ["$defaults", "Never run terraform apply"]}` |

176| `autoScrollEnabled` | In [fullscreen rendering](/en/fullscreen), follow new output to the bottom of the conversation. Default: `true`. Appears in `/config` as **Auto-scroll**. Permission prompts still scroll into view when this is off | `false` |176| `autoScrollEnabled` | In [fullscreen rendering](/en/fullscreen), follow new output to the bottom of the conversation. Default: `true`. Appears in `/config` as **Auto-scroll**. Permission prompts still scroll into view when this is off | `false` |

177| `autoUpdatesChannel` | Release channel to follow for updates. Use `"stable"` for a version that is typically about one week old and skips versions with major regressions, or `"latest"` (default) for the most recent release. To disable auto-updates entirely, set [`DISABLE_AUTOUPDATER`](/en/setup#disable-auto-updates) in `env` | `"stable"` |177| `autoUpdatesChannel` | Release channel to follow for updates. Use `"stable"` for a version that is typically about one week old and skips versions with major regressions, or `"latest"` (default) for the most recent release. To disable auto-updates entirely, set [`DISABLE_AUTOUPDATER`](/en/setup#disable-auto-updates) in `env` | `"stable"` |

178| `availableModels` | Restrict which models users can select via `/model`, `--model`, or `ANTHROPIC_MODEL`. Does not affect the Default option. See [Restrict model selection](/en/model-config#restrict-model-selection) | `["sonnet", "haiku"]` |178| `availableModels` | Restrict which models users can select via `/model`, `--model`, or `ANTHROPIC_MODEL`. Does not affect the Default option. See [Restrict model selection](/en/model-config#restrict-model-selection) | `["sonnet", "haiku"]` |


218| `permissions` | See table below for structure of permissions. | |218| `permissions` | See table below for structure of permissions. | |

219| `plansDirectory` | Customize where plan files are stored. Path is relative to project root. Default: `~/.claude/plans` | `"./plans"` |219| `plansDirectory` | Customize where plan files are stored. Path is relative to project root. Default: `~/.claude/plans` | `"./plans"` |

220| `pluginTrustMessage` | (Managed settings only) Custom message appended to the plugin trust warning shown before installation. Use this to add organization-specific context, for example to confirm that plugins from your internal marketplace are vetted. | `"All plugins from our marketplace are approved by IT"` |220| `pluginTrustMessage` | (Managed settings only) Custom message appended to the plugin trust warning shown before installation. Use this to add organization-specific context, for example to confirm that plugins from your internal marketplace are vetted. | `"All plugins from our marketplace are approved by IT"` |

221| `policyHelper` | {/* min-version: 2.1.136 */}Admin-deployed executable that computes managed settings dynamically at startup. Only honored from MDM or a system `managed-settings.json` file. See [Compute managed settings with a policy helper](#compute-managed-settings-with-a-policy-helper). Requires Claude Code v2.1.136 or later | `{"path": "/usr/local/bin/claude-policy"}` |

221| `preferredNotifChannel` | Method for task-complete and permission-prompt notifications: `"auto"`, `"terminal_bell"`, `"iterm2"`, `"iterm2_with_bell"`, `"kitty"`, `"ghostty"`, or `"notifications_disabled"`. Default: `"auto"`, which sends a desktop notification in iTerm2, Ghostty, and Kitty and does nothing in other terminals. Set `"terminal_bell"` to ring the bell character in any terminal. Appears in `/config` as **Notifications**. See [Get a terminal bell or notification](/en/terminal-config#get-a-terminal-bell-or-notification) | `"terminal_bell"` |222| `preferredNotifChannel` | Method for task-complete and permission-prompt notifications: `"auto"`, `"terminal_bell"`, `"iterm2"`, `"iterm2_with_bell"`, `"kitty"`, `"ghostty"`, or `"notifications_disabled"`. Default: `"auto"`, which sends a desktop notification in iTerm2, Ghostty, and Kitty and does nothing in other terminals. Set `"terminal_bell"` to ring the bell character in any terminal. Appears in `/config` as **Notifications**. See [Get a terminal bell or notification](/en/terminal-config#get-a-terminal-bell-or-notification) | `"terminal_bell"` |

222| `prefersReducedMotion` | Reduce or disable UI animations (spinners, shimmer, flash effects) for accessibility | `true` |223| `prefersReducedMotion` | Reduce or disable UI animations (spinners, shimmer, flash effects) for accessibility | `true` |

223| `prUrlTemplate` | URL template for the PR badge shown in the footer and in tool-result summaries. Substitutes `{host}`, `{owner}`, `{repo}`, `{number}`, and `{url}` from the `gh`-reported PR URL. Use to point PR links at an internal code-review tool instead of `github.com`. Does not affect `#123` autolinks in Claude's prose | `"https://reviews.example.com/{owner}/{repo}/pull/{number}"` |224| `prUrlTemplate` | URL template for the PR badge shown in the footer and in tool-result summaries. Substitutes `{host}`, `{owner}`, `{repo}`, `{number}`, and `{url}` from the `gh`-reported PR URL. Use to point PR links at an internal code-review tool instead of `github.com`. Does not affect `#123` autolinks in Claude's prose | `"https://reviews.example.com/{owner}/{repo}/pull/{number}"` |


473}474}

474```475```

475 476 

477### Compute managed settings with a policy helper

478 

479The `policyHelper` setting points at an executable that computes managed settings at startup, so admins can derive policy from device posture, identity, or a remote service instead of a static file. Configure it from MDM or a system `managed-settings.json` file. Claude Code ignores `policyHelper` when it appears in any other scope, including user settings, project settings, the HKCU registry hive, and [server-managed settings](/en/server-managed-settings).

480 

481The setting accepts these keys:

482 

483| Key | Type | Description |

484| ------------------- | ------ | ------------------------------------------------------------------------------------------------------- |

485| `path` | string | Absolute path to the helper executable |

486| `timeoutMs` | number | How long to wait for the helper before treating the run as failed |

487| `refreshIntervalMs` | number | How often to re-run the helper in the background. Set to `0` to disable refresh, or to at least `60000` |

488 

489The helper writes a JSON envelope to stdout. Put the settings under a `managedSettings` key rather than at the top level, since a bare settings object parses with `managedSettings` undefined and applies nothing:

490 

491```json theme={null}

492{

493 "managedSettings": {

494 "permissions": { "deny": ["Read(//etc/secrets/**)"] }

495 },

496 "claudeMd": "# Organization context\n...",

497 "appendSystemPrompt": "Always cite the internal style guide."

498}

499```

500 

501When the helper emits `managedSettings`, that object replaces the file-based managed settings for the run. When the helper exits non-zero at startup, Claude Code prints the error and refuses to start, so a helper that needs outage resilience should serve from its own cache and exit `0`.

502 

476### Settings precedence503### Settings precedence

477 504 

478Settings apply in order of precedence. From highest to lowest:505Settings apply in order of precedence. From highest to lowest:

whats-new.md +17 โˆ’1

Details

8 8 

9The weekly dev digest highlights the features most likely to change how you work. Each entry includes runnable code, a short demo, and a link to the full docs. For every bug fix and minor improvement, see the [changelog](/en/changelog).9The weekly dev digest highlights the features most likely to change how you work. Each entry includes runnable code, a short demo, and a link to the full docs. For every bug fix and minor improvement, see the [changelog](/en/changelog).

10 10 

11<Update label="Week 19" description="May 4โ€“8, 2026" tags={["v2.1.128โ€“v2.1.136"]}>

12 **Plugins load from `.zip` archives and URLs**: `--plugin-dir` now accepts `.zip` files, and `--plugin-url` fetches a plugin archive for the current session.

13 

14 Also this week: **`worktree.baseRef`** chooses whether new worktrees branch from the remote default or local `HEAD`; **auto mode hard deny rules** block actions unconditionally regardless of allow exceptions; and **hooks see the active effort level** via `effort.level` and `$CLAUDE_EFFORT`.

15 

16 [Read the Week 19 digest โ†’](/en/whats-new/2026-w19)

17</Update>

18 

19<Update label="Week 18" description="April 27 โ€“ May 1, 2026" tags={["v2.1.120โ€“v2.1.126"]}>

20 **Windows without Git Bash**: Git for Windows is no longer required, and Claude Code uses PowerShell as the shell tool when Bash is absent.

21 

22 Also this week: **`claude ultrareview`** brings cloud code review to CI and scripts; **`claude project purge`** cleans up local state for a project; and pasting a **PR URL into `/resume`** finds the session that created it.

23 

24 [Read the Week 18 digest โ†’](/en/whats-new/2026-w18)

25</Update>

26 

11<Update label="Week 17" description="April 20โ€“24, 2026" tags={["v2.1.114โ€“v2.1.119"]}>27<Update label="Week 17" description="April 20โ€“24, 2026" tags={["v2.1.114โ€“v2.1.119"]}>

12 **`/ultrareview`** opens as a public research preview: a fleet of bug-hunting agents runs in the cloud and findings land back in your CLI or Desktop automatically.28 **`/ultrareview`** opens as a public research preview: a fleet of bug-hunting agents runs in the cloud and findings land back in your CLI or Desktop automatically.

13 29 


19<Update label="Week 16" description="April 13โ€“17, 2026" tags={["v2.1.105โ€“v2.1.113"]}>35<Update label="Week 16" description="April 13โ€“17, 2026" tags={["v2.1.105โ€“v2.1.113"]}>

20 **Claude Opus 4.7** lands as the new default on Max and Team Premium, with a new `xhigh` effort level that's the recommended setting for most coding work and an interactive `/effort` slider to dial it in.36 **Claude Opus 4.7** lands as the new default on Max and Team Premium, with a new `xhigh` effort level that's the recommended setting for most coding work and an interactive `/effort` slider to dial it in.

21 37 

22 Also this week: **Routines** on Claude Code on the web fire templated cloud agents from a schedule, GitHub event, or API call; `/ultrareview` runs parallel multi-agent code review in the cloud; `/usage` shows what's driving your limits; and the CLI moves to native binaries.38 Also this week: **Routines** on Claude Code on the web fire templated cloud agents from a schedule, GitHub event, or API call; **mobile push notifications** ping your phone when a long task finishes or Claude needs you; `/usage` shows what's driving your limits; and the CLI moves to native binaries.

23 39 

24 [Read the Week 16 digest โ†’](/en/whats-new/2026-w16)40 [Read the Week 16 digest โ†’](/en/whats-new/2026-w16)

25</Update>41</Update>

whats-new/2026-w16.md +11 โˆ’13

Details

4 4 

5# Week 16 ยท April 13โ€“17, 20265# Week 16 ยท April 13โ€“17, 2026

6 6 

7> Claude Opus 4.7 with the new xhigh effort level, Routines on Claude Code on the web, /ultrareview cloud code review, a /usage breakdown that shows what's driving your limits, and native binaries replacing the bundled JavaScript.7> Claude Opus 4.7 with the new xhigh effort level, Routines on Claude Code on the web, mobile push notifications that ping your phone when Claude needs you, a /usage breakdown that shows what's driving your limits, and native binaries replacing the bundled JavaScript.

8 8 

9<div className="digest-meta">9<div className="digest-meta">

10 <span>Releases <a href="/docs/en/changelog#2-1-105">v2.1.105 โ†’ v2.1.113</a></span>10 <span>Releases <a href="/docs/en/changelog#2-1-105">v2.1.105 โ†’ v2.1.113</a></span>


73 73 

74<div className="digest-feature">74<div className="digest-feature">

75 <div className="digest-feature-header">75 <div className="digest-feature-header">

76 <span className="digest-feature-title">/ultrareview</span>76 <span className="digest-feature-title">Mobile push notifications</span>

77 <span className="digest-feature-pill">v2.1.111</span>77 <span className="digest-feature-pill">mobile</span>

78 </div>78 </div>

79 79 

80 <p className="digest-feature-lede">Comprehensive code review in the cloud. Ultrareview fans your branch out across parallel reviewers on Claude Code on the web, runs an adversarial critique pass over each finding, and returns a verified findings report while your terminal stays free. Call it with no arguments to review your current branch, or pass a PR number to fetch and review that PR. The launch dialog now shows a diffstat so you know what's going up before you confirm.</p>80 <p className="digest-feature-lede">With <a href="/docs/en/remote-control">Remote Control</a> connected, Claude can send a push notification to your phone when a long task finishes or it needs a decision to keep going. Turn it on with "Push when Claude decides" in <code>/config</code>, or ask for one in your prompt. Useful when you kick off a long agent run and want to step away from the terminal.</p>

81 81 

82 <p className="digest-feature-try">Review the branch you're on:</p>82 <Frame>

83 83 <video autoPlay muted loop playsInline className="w-full" src="https://mintcdn.com/claude-code/uII1TETOZxBUZ3lB/images/whats-new/push-notifications.mp4?fit=max&auto=format&n=uII1TETOZxBUZ3lB&q=85&s=c91a967139596500cbdb581a53822ac1" data-path="images/whats-new/push-notifications.mp4" />

84 ```text Claude Code theme={null}84 </Frame>

85 > /ultrareview

86 ```

87 85 

88 <p className="digest-feature-try">Or point it at a PR:</p>86 <p className="digest-feature-try">Ask Claude to ping you when it's done:</p>

89 87 

90 ```text Claude Code theme={null}88 ```text Claude Code theme={null}

91 > /ultrareview 123489 > notify me when the tests pass

92 ```90 ```

93 91 

94 <a className="digest-feature-link" href="/docs/en/ultrareview">Ultrareview guide</a>92 <a className="digest-feature-link" href="/docs/en/remote-control#mobile-push-notifications">Remote Control: mobile push notifications</a>

95</div>93</div>

96 94 

97<div className="digest-feature">95<div className="digest-feature">


116 <p className="digest-wins-title">Other wins</p>114 <p className="digest-wins-title">Other wins</p>

117 115 

118 <div className="digest-wins-grid">116 <div className="digest-wins-grid">

117 <div>New <a href="/docs/en/ultrareview"><code>/ultrareview</code></a>: comprehensive code review in the cloud using parallel multi-agent analysis and an adversarial critique pass. Run it bare to review your current branch, or <code>/ultrareview \<PR#></code> for a specific PR</div>

119 <div><a href="/docs/en/permission-modes#eliminate-prompts-with-auto-mode">Auto mode</a> is now available for Max subscribers on Opus 4.7, and the <code>--enable-auto-mode</code> flag is no longer required</div>118 <div><a href="/docs/en/permission-modes#eliminate-prompts-with-auto-mode">Auto mode</a> is now available for Max subscribers on Opus 4.7, and the <code>--enable-auto-mode</code> flag is no longer required</div>

120 <div><a href="/docs/en/interactive-mode#session-recap">Session recap</a> shows a one-line summary of what happened while you were away; run <code>/recap</code> on demand or turn it off from <code>/config</code></div>119 <div><a href="/docs/en/interactive-mode#session-recap">Session recap</a> shows a one-line summary of what happened while you were away; run <code>/recap</code> on demand or turn it off from <code>/config</code></div>

121 <div>New <code>/tui</code> command and <code>tui</code> setting switch between classic and flicker-free rendering mid-conversation; focus view moved from <code>Ctrl+O</code> to its own <code>/focus</code> command</div>120 <div>New <code>/tui</code> command and <code>tui</code> setting switch between classic and flicker-free rendering mid-conversation; focus view moved from <code>Ctrl+O</code> to its own <code>/focus</code> command</div>

122 <div>Push notification tool: with <a href="/docs/en/remote-control">Remote Control</a> connected and "Push when Claude decides" enabled, Claude can ping your phone when it needs you</div>

123 <div>Plugins can ship background watchers via a top-level <code>monitors</code> manifest key that auto-arms at session start or on skill invoke</div>121 <div>Plugins can ship background watchers via a top-level <code>monitors</code> manifest key that auto-arms at session start or on skill invoke</div>

124 <div>"Auto (match terminal)" option in <code>/theme</code> follows your terminal's dark/light mode</div>122 <div>"Auto (match terminal)" option in <code>/theme</code> follows your terminal's dark/light mode</div>

125 <div><code>/fewer-permission-prompts</code> scans your transcripts for common read-only Bash and MCP calls and proposes an allowlist for <code>.claude/settings.json</code></div>123 <div><code>/fewer-permission-prompts</code> scans your transcripts for common read-only Bash and MCP calls and proposes an allowlist for <code>.claude/settings.json</code></div>

whats-new/2026-w18.md +113 โˆ’0 created

Details

1> ## Documentation Index

2> Fetch the complete documentation index at: https://code.claude.com/docs/llms.txt

3> Use this file to discover all available pages before exploring further.

4 

5# Week 18 ยท April 27 โ€“ May 1, 2026

6 

7> Claude Code on Windows runs without Git Bash, claude auth login accepts a pasted OAuth code when the browser callback can't reach localhost, claude project purge cleans up local state per project, and pasting a PR URL into /resume finds the session that created it.

8 

9<div className="digest-meta">

10 <span>Releases <a href="/docs/en/changelog#2-1-120">v2.1.120 โ†’ v2.1.126</a></span>

11 <span>4 features ยท April 27 โ€“ May 1</span>

12</div>

13 

14<div className="digest-feature">

15 <div className="digest-feature-header">

16 <span className="digest-feature-title">Sign in without a browser callback</span>

17 <span className="digest-feature-pill">v2.1.126</span>

18 </div>

19 

20 <p className="digest-feature-lede"><code>claude auth login</code> now accepts the OAuth code pasted directly into the terminal when the browser callback can't reach localhost. That covers WSL2, SSH sessions, and containers, where the redirect to a local port doesn't work. The same release also fixes login timeouts on slow or proxied connections and in IPv6-only devcontainers.</p>

21 

22 <p className="digest-feature-try">Sign in, then paste the code from the browser:</p>

23 

24 ```bash theme={null}

25 claude auth login

26 ```

27 

28 <a className="digest-feature-link" href="/docs/en/cli-reference#cli-commands">CLI reference</a>

29</div>

30 

31<div className="digest-feature">

32 <div className="digest-feature-header">

33 <span className="digest-feature-title">claude project purge</span>

34 <span className="digest-feature-pill">v2.1.126</span>

35 </div>

36 

37 <p className="digest-feature-lede">Delete all Claude Code state for a project: transcripts, tasks, file history, and the project's config entry. Supports `--dry-run` to preview, `-y`/`--yes` to skip confirmation, `-i`/`--interactive` to choose, and `--all` to clear every project.</p>

38 

39 <p className="digest-feature-try">Preview what would be removed:</p>

40 

41 ```bash theme={null}

42 claude project purge --dry-run

43 ```

44 

45 <p className="digest-feature-try">Then run it for real:</p>

46 

47 ```bash theme={null}

48 claude project purge

49 ```

50 

51 <a className="digest-feature-link" href="/docs/en/cli-reference">CLI reference</a>

52</div>

53 

54<div className="digest-feature">

55 <div className="digest-feature-header">

56 <span className="digest-feature-title">Resume by PR URL</span>

57 <span className="digest-feature-pill">v2.1.122</span>

58 </div>

59 

60 <p className="digest-feature-lede">When you create a pull request with <code>gh pr create</code>, Claude Code links it to the session that produced it. Now you can get back to that session from the PR URL alone, without remembering its name.</p>

61 

62 <p className="digest-feature-try">Open the session picker:</p>

63 

64 ```text Claude Code theme={null}

65 > /resume

66 ```

67 

68 <p className="digest-feature-try">Paste the PR URL into the picker. The first character of the paste drops you into search mode, and the list filters to the session that created that PR. Press Enter to resume it. GitHub, GitHub Enterprise, GitLab, and Bitbucket pull and merge request URLs all work.</p>

69 

70 ```text Claude Code theme={null}

71 https://github.com/your-org/your-repo/pull/1234

72 ```

73 

74 <p className="digest-feature-try">To skip the picker, pass the PR number on the command line instead:</p>

75 

76 ```bash theme={null}

77 claude --from-pr 1234

78 ```

79 

80 <a className="digest-feature-link" href="/docs/en/sessions#use-the-session-picker">Sessions: use the session picker</a>

81</div>

82 

83<div className="digest-feature">

84 <div className="digest-feature-header">

85 <span className="digest-feature-title">Windows without Git Bash</span>

86 <span className="digest-feature-pill">Windows</span>

87 </div>

88 

89 <p className="digest-feature-lede">Git for Windows is no longer required. When Bash is absent, Claude Code uses PowerShell as the shell tool, and when the PowerShell tool is enabled it is treated as the primary shell. PowerShell 7 installed via the Microsoft Store, MSI without PATH, or a <code>.NET</code> global tool is now detected automatically.</p>

90 

91 <a className="digest-feature-link" href="/docs/en/setup">Setup guide</a>

92</div>

93 

94<div className="digest-wins">

95 <p className="digest-wins-title">Other wins</p>

96 

97 <div className="digest-wins-grid">

98 <div>MCP servers can opt out of tool-search deferral with <code>alwaysLoad: true</code> in their config so all of that server's tools are always available</div>

99 <div>New <code>claude plugin prune</code> removes orphaned auto-installed plugin dependencies, and <code>plugin uninstall --prune</code> cascades</div>

100 <div><code>/skills</code> now has a type-to-filter search box so you can find a skill in a long list without scrolling</div>

101 <div><code>PostToolUse</code> hooks can replace tool output for any tool via <code>hookSpecificOutput.updatedToolOutput</code>, not only MCP tools</div>

102 <div>New <a href="/docs/en/ultrareview"><code>claude ultrareview</code></a> subcommand runs <code>/ultrareview</code> non-interactively from CI or scripts: prints findings to stdout (<code>--json</code> for raw output) and exits 0 on completion or 1 on failure</div>

103 <div><code>--dangerously-skip-permissions</code> now bypasses prompts for writes to <code>.claude/</code>, <code>.git/</code>, <code>.vscode/</code>, shell config files, and other previously protected paths, while catastrophic removal commands still prompt as a safety net</div>

104 <div>The <code>/model</code> picker can list models from your gateway's <code>/v1/models</code> endpoint when <code>ANTHROPIC\_BASE\_URL</code> points at an Anthropic-compatible gateway; opt in with <code>CLAUDE\_CODE\_ENABLE\_GATEWAY\_MODEL\_DISCOVERY=1</code> since v2.1.129</div>

105 <div>MCP servers that hit a transient error during startup now auto-retry up to 3 times instead of staying disconnected</div>

106 <div><code>ANTHROPIC\_BEDROCK\_SERVICE\_TIER</code> selects a Bedrock service tier: <code>default</code>, <code>flex</code>, or <code>priority</code></div>

107 <div><code>/terminal-setup</code> enables iTerm2's clipboard access setting so <code>/copy</code> works, including from tmux</div>

108 <div>Vertex AI now supports X.509 certificate-based Workload Identity Federation (mTLS ADC)</div>

109 <div>Significant memory leak fixes: image-heavy sessions, <code>/usage</code> on large transcript histories, and long-running tools without progress events</div>

110 </div>

111</div>

112 

113[Full changelog for v2.1.120โ€“v2.1.126 โ†’](/en/changelog#2-1-120)

whats-new/2026-w19.md +60 โˆ’0 created

Details

1> ## Documentation Index

2> Fetch the complete documentation index at: https://code.claude.com/docs/llms.txt

3> Use this file to discover all available pages before exploring further.

4 

5# Week 19 ยท May 4โ€“8, 2026

6 

7> Load plugins from .zip archives and URLs, search command history across every project with Ctrl+R, branch new worktrees from local HEAD or the remote default, and block actions unconditionally with auto mode hard deny rules.

8 

9<div className="digest-meta">

10 <span>Releases <a href="/en/changelog#2-1-128">v2.1.128 โ†’ v2.1.136</a></span>

11 <span>2 features ยท May 4โ€“8</span>

12</div>

13 

14<div className="digest-feature">

15 <div className="digest-feature-header">

16 <span className="digest-feature-title">Plugins from .zip archives and URLs</span>

17 </div>

18 

19 <p className="digest-feature-lede">`--plugin-dir` now accepts a <code>.zip</code> plugin archive in addition to a directory, and the new `--plugin-url` flag fetches a plugin archive from a URL for the current session. Useful for trying a plugin before adding it to a marketplace, or for shipping internal plugins from an artifact store.</p>

20 

21 <p className="digest-feature-try">Load a plugin straight from a URL:</p>

22 

23 ```bash terminal theme={null}

24 claude --plugin-url https://example.com/my-plugin.zip

25 ```

26 

27 <a className="digest-feature-link" href="/en/plugins">Plugins guide</a>

28</div>

29 

30<div className="digest-feature">

31 <div className="digest-feature-header">

32 <span className="digest-feature-title">History search across all your projects</span>

33 <span className="digest-feature-pill">v2.1.129</span>

34 </div>

35 

36 <p className="digest-feature-lede"><code>Ctrl+R</code> reverse-search now defaults to all prompts across every project, restoring the behavior from before v2.1.124. Press <code>Ctrl+S</code> while searching to narrow back to the current project or session. Handy when you remember a command you ran in another repo last week and don't want to go digging for it.</p>

37 

38 <a className="digest-feature-link" href="/en/interactive-mode#command-history">Interactive mode: command history</a>

39</div>

40 

41<div className="digest-wins">

42 <p className="digest-wins-title">Other wins</p>

43 

44 <div className="digest-wins-grid">

45 <div>New <code>worktree.baseRef</code> setting (<code>fresh</code> | <code>head</code>) controls whether <code>--worktree</code>, the <code>EnterWorktree</code> tool, and agent-isolation worktrees branch from the remote default branch or local <code>HEAD</code>; the default <code>fresh</code> keeps unpushed commits out of new worktrees</div>

46 <div>New <code>settings.autoMode.hard\_deny</code> rules block matching actions unconditionally in auto mode, regardless of allow exceptions, for actions that should never run automatically even when broader allow rules apply</div>

47 <div>Hooks now receive the active effort level via the `effort.level` JSON input field and the `$CLAUDE_EFFORT` environment variable, and Bash tool commands can read <code>\$CLAUDE\_EFFORT</code></div>

48 <div><code>CLAUDE\_CODE\_DISABLE\_ALTERNATE\_SCREEN=1</code> opts out of the fullscreen alternate-screen renderer and keeps the conversation in the terminal's native scrollback</div>

49 <div><code>CLAUDE\_CODE\_PACKAGE\_MANAGER\_AUTO\_UPDATE</code> lets Homebrew or WinGet installations run the upgrade in the background and prompt to restart</div>

50 <div><code>CLAUDE\_CODE\_SESSION\_ID</code> is now in the Bash tool subprocess environment, matching the <code>session\_id</code> passed to hooks</div>

51 <div><code>/mcp</code> now shows the tool count for connected servers and flags servers that connected with 0 tools</div>

52 <div><code>--channels</code> now works with console (API key) authentication</div>

53 <div>Subprocesses such as Bash, hooks, MCP, and LSP no longer inherit <code>OTEL\_\*</code> environment variables, so OTEL-instrumented apps run via the Bash tool no longer pick up the CLI's own OTLP endpoint</div>

54 <div>Sub-agent progress summaries now hit the prompt cache, cutting <code>cache\_creation</code> token cost by roughly 3x</div>

55 <div>Several OAuth and credential reliability fixes: parallel sessions no longer dead-end at 401 after a refresh-token race, MCP OAuth refresh tokens are no longer lost when multiple servers refresh concurrently, and a rare login loop from a concurrent credential write is fixed</div>

56 <div>New <code>parentSettingsBehavior</code> admin key lets admins opt SDK <code>managedSettings</code> into the policy merge</div>

57 </div>

58</div>

59 

60[Full changelog for v2.1.128โ€“v2.1.136 โ†’](/en/changelog#2-1-128)