Claude Code 2.1.77 adds 64K Opus output defaults and allowRead sandboxes

• Anthropic shipped Claude Code 2.1.77 with three implementation-level changes up front: higher Opus 4.6 output caps, a new allowRead sandbox control, and a fix so hook responses of "allow" no longer bypass deny rules, including enterprise-managed policies, according to the 2.1.77 changelog.
• The release raises the default maximum output for Opus 4.6 to 64K tokens and the upper bound for both Opus 4.6 and Sonnet 4.6 to 128K, as the release thread puts it, enabling longer uninterrupted generations in coding sessions.
• Anthropic also changed agent continuation semantics: the system prompt update says you now continue prior subagents with SendMessage({to: agentId}), while fresh Agent calls always start with no carried task context.
• Beyond the CLI fixes, remote Claude Code sessions now support custom environments through claude.ai/code plus Claude desktop and mobile, per Anthropic engineer Cat Wu's post, extending where teams can run the tool with tailored runtime setups.

The headline change is output length. Anthropic's release thread says Opus 4.6 now defaults to 64K output tokens, with a ceiling of 128K for both Opus 4.6 and Sonnet 4.6. In practice, that reduces the need to break up large code rewrites or plan-heavy responses across multiple turns, especially when paired with the long-context workflows some users are already describing around Opus 4.6's 1M context window long-session report.

The new sandbox control is more specific than a broad permission expansion. The changelog says allowRead can "re-allow read access within denyRead regions," giving teams a way to carve out exceptions inside otherwise blocked filesystem areas instead of choosing between full denial and full access changelog. The same release also adds allowManagedReadPathsOnly and removes the old resume config key from the CLI surface, according to the follow-up diff thread.

The most important security fix is that PreToolUse hooks returning "allow" no longer override deny rules. Anthropic's release notes explicitly say the bug affected "enterprise managed settings," which means centrally enforced restrictions can no longer be bypassed by permissive hook outcomes.

Several reliability fixes target the kind of failures that show up only in sustained coding sessions. The release notes say --resume is now "up to 45% faster" on fork-heavy and very large sessions while using roughly 100-150MB less peak memory, and they also fix a race that could silently truncate recent conversation history on resume release notes. Other operational fixes include killing background bash tasks once output exceeds 5GB, stopping overlapping auto-updater downloads that could consume "tens of gigabytes" of memory, and restoring cost and token accounting when API requests fall back to non-streaming mode full thread.

Anthropic changed how multi-agent continuations work. The updated prompt text says the Agent tool no longer accepts a resume parameter; to continue a previously spawned agent, you use SendMessage with the agent's ID or name in the to field, and SendMessage now auto-resumes stopped agents in the background instead of erroring out prompt-change thread. That is a real schema-level shift for anyone building wrappers or automations around Claude Code's agent model.

Remote usage also got broader runtime control. Cat Wu's announcement says Claude Code now supports custom environments when run remotely via claude.ai/code, Claude desktop, and Claude mobile apps. Combined with 2.1.77's IDE and terminal fixes for tmux, screen, and xterm.js-based terminals in VS Code and Cursor terminal integration fixes, the release looks less like a feature splash and more like a hardening pass for teams running Claude Code across managed, remote, and long-lived development sessions.