Anthropic: Claude Code v2.1.147 introduces Workflow tool for deterministic multi-agent orchestration

Anthropic released Claude Code v2.1.147 on 21 May 2026 at 20:39 UTC — a significant release that formalises deterministic multi-agent orchestration through the new Workflow tool. This is the second version released on the same day (the first being v2.1.146 in the morning), confirming the accelerated pace of development in the Anthropic CLI tooling stack.

What makes the Workflow tool different from existing agent mechanisms?

The existing Claude Code subagent system (Agent tool) is non-deterministic — the Claude opus model dynamically decides which agents to spawn, how to instruct them, and how to combine their outputs. This is flexible, but makes reproducibility and debugging difficult in production pipeline scenarios.

The Workflow tool introduces an explicit graph of agents with defined inputs, outputs, and dependencies — more akin to the LangGraph or Temporal model. Development teams can define a workflow in YAML/JSON and repeat the same workflow with an identical graph structure for every run. This enables CI/CD integration, automatic scaling, and measurable performance benchmarks.

The tool is initially disabled by default and activated via the environment variable CLAUDE_CODE_WORKFLOWS=1. Anthropic explicitly marks the feature as preview, suggesting the API shape may change before stabilisation.

What additional changes does v2.1.147 bring?

The existing /simplify command has been renamed to /code-review, with three effort levels — high, medium, and low. The lower level gives faster feedback and covers only the biggest issues; the high level goes through the code line by line and looks for everything from style to logical bugs. The command now natively integrates GitHub PR comments, meaning review results can be published directly to an open PR without manual copying.

The sandbox layer — which Claude Code uses to execute user code in an isolated context — received hardening against prototype-pollution attacks and thenable-based escape vectors. Both issues are classic JavaScript runtime vulnerabilities where an attacker can escape the sandbox through carefully crafted objects. Anthropic likely detected these vectors through an internal red-teaming process.

What does this mean for development teams using Claude Code?

The Workflow tool is a strategic step towards an enterprise tooling paradigm — Anthropic is clearly not content with individual developer use cases alone, but is building infrastructure for team-scale and production-scale agentic workflows. The competition (Cursor, OpenAI Codex) is moving in a similar direction, but the Workflow tool as the first deterministic component in the CLI layer gives Anthropic an advantage in reproducibility-aware use cases.

For teams already using Claude Code in a CI/CD pipeline, this release opens up the possibility of replacing custom bash scripts and ad-hoc Agent calls with explicit workflow definitions. The sandbox fixes are important for anyone executing untrusted code through Claude Code (e.g. CTF challenges, code review on external PRs).