TL;DR: Anthropic pushed three rapid-fire Claude Code releases this week (2.1.90, 2.1.91, 2.1.92), delivering enterprise-grade controls and a 500K character MCP output buffer that changes how agents handle large codebases and DB schemas. But v2.1.91 shipped with severe performance regressions — 3.6k tokens per minute with tool calls hanging — making it temporarily near-unusable for agentic workflows. v2.1.92 is the build to be on. Don't skip straight to cutting-edge; let this one stabilize first.

This is the headline feature. MCP (Model Context Protocol) tool result persistence now supports up to 500,000 characters via `_meta["an...` override — roughly the size of a substantial database schema, a large API surface, or a multi-file codebase snapshot. Why it matters: agentic coding workflows have been bottlenecked by context window management. When Claude Code calls a tool — a DB introspection script, a file indexer, a test runner — the output had to fit in tight windows or get truncated. At 500K characters, that constraint largely disappears for most real-world enterprise use cases. You can now pipe a full schema into an agent session and have it reason across the entire surface in one pass. This is the kind of infrastructure change that doesn't generate headlines but rewires what's actually possible. Teams doing autonomous DB migrations, large-scale refactors, or codebase archaeology should immediately test whether this resolves the truncation failures they've been papering over with custom chunking logic.

The new `disableSkillShellExecution` setting lets operators disable inline shell execution inside Claude Code's skill/plugin layer. Paired with `forceRemoteSettingsRefresh`, which forces policy reload from remote configuration, this is the beginning of a real enterprise governance story for AI coding agents. Here's the practical translation: if you're running Claude Code in a CI/CD pipeline, a shared dev environment, or anywhere near production systems, the previous model asked you to trust that the agent wouldn't do something destructive via shell access. That's not how enterprise security works. `disableSkillShellExecution` gives you a hard off-switch, enforced at the platform level.

This is exactly the kind of fail-closed design philosophy Amodei is describing. Anthropic is signaling that Claude Code is positioning for serious enterprise deployment — not just developer toys — and safety controls are table stakes for that market. The `forceRemoteSettingsRefresh` policy is equally important for teams managing Claude Code at scale across many engineers. Instead of hoping everyone is on the right config, you can push policy from a central source and force compliance. For engineering orgs with 50+ developers using Claude Code, this changes the management overhead significantly.

Multi-line prompt support in the `claude-cli://open` URI scheme is a smaller but genuinely useful quality-of-life improvement. If you're building integrations — IDE plugins, internal tooling, workflow automation — that invoke Claude Code via URI, you previously had to mangle prompts into single-line strings. That produced ugly, error-prone code. This one's squarely for teams building on top of Claude Code's integration layer rather than using it directly. If that's you, it simplifies your prompt construction logic and reduces encoding bugs.

Don't bury the lead here: v2.1.91 shipped with token generation degraded to ~3.6k tokens per minute, with tool calls hanging and timing out. For context, normal Claude Code throughput is significantly higher — this represents roughly a 20x slowdown in affected configurations. Additionally, degraded agent quality patterns were reported across multiple sessions during the week of March 31 — not just slow, but producing worse outputs. That's a more concerning signal than pure performance regression because it's harder to detect in automated workflows. The honest read: Anthropic is shipping at a pace that's outrunning their QA. Three releases in a week with a regression this severe in the middle one suggests the competitive pressure to move fast is creating real instability risk. v2.1.92 addresses the performance issues, but if you're running Claude Code in anything close to a production workflow, pin your version and upgrade deliberately.

No major competing updates from Cursor, GitHub Copilot, or Replit this week — which is notable in itself. Anthropic is currently setting the pace on feature velocity for agentic coding tools.

The takeaway: Claude Code is winning on enterprise controls and raw capability ceiling. Cursor still holds an edge on day-to-day stability and IDE integration polish. For teams that need agentic autonomy and enterprise governance, Claude Code 2.1.92 is the leading option — but Cursor remains a rational choice if your workflow doesn't yet push the edges of what the new MCP output sizes enable.

What this week's releases actually reveal is Anthropic's enterprise thesis coming into focus. The 500K output persistence, the shell execution controls, the remote policy enforcement — these aren't features for individual developers. They're the building blocks of AI coding infrastructure that an engineering organization can actually govern and deploy at scale.

The instability in v2.1.91 is a real concern, but read it in context: Anthropic is iterating at a pace that would have been considered reckless for enterprise software two years ago. The bet is that rapid iteration plus a strong feedback loop (the GitHub issues board is genuinely responsive) beats slower, more conservative release cycles. For most enterprise software, that bet loses. For AI tooling in 2026, where the competitive advantage of being six weeks ahead is measurable in developer productivity, it might win.

The engineering leaders who will get the most out of Claude Code aren't the ones waiting for it to be perfectly stable. They're the ones building staging environments, pinning versions deliberately, and systematically absorbing these new capabilities into their team's workflows — while their competitors are still reading the changelog.