🟡 🏥 In Practice Published: · 2 min read ·

Anthropic: Claude Code v2.1.212 brings a redesigned /fork, new /resume picker, and security fixes

Terminal window with program code and an abstract AI assistant icon

Anthropic released Claude Code v2.1.212 with a security fix that prevents Bash commands from running automatically in plan mode without user approval. The /fork command now copies conversations into new background sessions, while /subtask takes over its former role. A limit of 200 calls per session was also introduced.

🤖

This article was generated using artificial intelligence from primary sources.

What’s changing in the /fork command?

In Claude Code v2.1.212, the /fork command no longer launches an in-session subagent; instead, it copies the entire conversation into a new background session. The old role of /fork is now taken over by the /subtask command, which still runs within the same session as a subagent.

Technical background

Claude Code is Anthropic’s CLI (command-line interface) coding agent that lets users run the AI assistant directly from the terminal. MCP (Model Context Protocol) is a protocol that connects external tools to AI agents such as Claude Code.

Version v2.1.212, released on July 17, 2026, also introduces a new /resume picker for choosing past sessions from a list instead of manually entering a session ID. In addition, MCP tools whose execution takes longer than two minutes now automatically switch to background mode instead of blocking the main session.

New session limits

Anthropic has introduced hard limits: a maximum of 200 WebSearch tool calls per session, configurable via the CLAUDE_CODE_MAX_WEB_SEARCHES_PER_SESSION environment variable, and a maximum of 200 subagents launched per session. Earlier versions had no explicit cap on the number of calls.

Security fixes

The most important fix in v2.1.212 concerns plan mode, a mode in which Claude Code should only propose a plan without executing changes. Before the fix, plan mode in certain cases automatically ran Bash commands that modified files, without asking for user approval. A symlink (symbolic link) vulnerability in the .claude/worktrees directory was also fixed, which could have allowed unauthorized access to files outside the intended workspace.

What this means for the market

Unlike previous minor releases that mostly brought cosmetic changes, v2.1.212 changes the fundamental behavior of the /fork command that developers had used for months, while simultaneously closing two security holes related to unauthorized code execution.

Frequently Asked Questions

What happens to the old /fork behavior in Claude Code?
The old role of the in-session subagent is now taken over by the new /subtask command. The /fork command now instead copies the conversation into a separate background session.
How many WebSearch calls does Claude Code allow per session?
The default limit is 200 calls per session, and the number is configurable via the CLAUDE_CODE_MAX_WEB_SEARCHES_PER_SESSION environment variable.

📬 AI news in your inbox

A daily digest built your way — pick topics, sources and cadence. One-click unsubscribe.