Claude Code 2.1.101

💡

/team-onboarding, OS cert store auto-trust, memory-leak fix, command-injection patch, and 40+ other fixes.

#Claude Code#Update
🔗 Official announcement →

This article is a summary based on official documentation.

What changed

Claude Code 2.1.101 (April 10, 2026) — onboarding automation for teams, better compatibility with corporate networks, and a large stability + security sweep with 40+ fixes.

New features

  • /team-onboarding — analyzes how you actually use Claude Code (commands, workflows, settings) and generates a team onboarding doc so new members can see real usage patterns instead of relying on CLAUDE.md alone.

  • OS certificate store auto-trust — Claude Code now trusts the OS certificate store by default. Works out of the box behind corporate TLS proxies (Zscaler, Netskope, etc.). Set CLAUDE_CODE_CERT_STORE=bundled to opt back into the bundled CA only.

  • Auto-created cloud environment — remote-session features (/ultraplan etc.) no longer require pre-creating a cloud environment on claude.ai. Default environment is auto-provisioned.

Improvements

  • Brief mode stability — retries automatically when Claude drops structured output.
  • Focus mode summaries — Claude now knows the user only sees the final message and writes self-contained summaries.
  • Rate limit messages — show which limit (tokens, requests) and when it resets.
  • Tool-unavailable guidance — explains why a tool can’t run and how to fix it, not just an error.
  • Resume by session nameclaude -p --resume <name> works after naming a session with /rename or --name.

Notable fixes

Security

  • Command injection in the POSIX which fallback used for LSP binary detection — patched.

Performance and stability

  • Memory leak in the virtual scroller (long sessions now stay lean).
  • Hard-coded 5-minute API timeout removed; API_TIMEOUT_MS is now respected — fixes local-LLM and slow-gateway setups.

Session resume

  • Large sessions no longer lose conversation context on --resume/--continue.
  • Unrelated subagent conversations no longer bleed into the resumed session.

Agents and worktrees

  • Subagents now inherit tools from dynamically-added MCP servers.
  • Worktree-isolated subagents can read/edit files inside their own worktree.

Auth and config

  • Bedrock SigV4 auth — 403s when used with ANTHROPIC_AUTH_TOKEN or custom Authorization headers are fixed.
  • Settings file resiliencesettings.json is no longer ignored entirely when it contains an unrecognized hook event name.

UI and rendering

  • Multiple non-fullscreen rendering fixes: screen flicker, terminal scrollback reset, and mouse-scroll escape sequence leakage.

Notes

  • This is a large stability release with 40+ fixes — especially around long-running sessions, session resume, and subagents.
  • Enterprise users (TLS proxies, Bedrock, Vertex AI) benefit most from the cert-trust and auth fixes.
  • Several plugin fixes: duplicate slash commands, cache issues, and installed plugins still appearing in Discover.