Update Claude Code before Windows worktrees can delete linked data
Claude Code 2.1.205 fixes a Windows worktree cleanup bug where nested NTFS junctions could lead to files outside the worktree being deleted. Teams using Claude Code background agents or subagents on Windows should update and check linked worktree folders.
Claude Code 2.1.205 is a confirmed maintenance release with one urgent Windows fix: worktree removal now handles nested NTFS junctions and directory symlinks as links before deleting the worktree. The risk is narrow but serious for teams using Claude Code background agents or subagents on Windows with junctioned folders inside worktrees. Update first, then audit old worktrees before letting cleanup run again.

What changed
Anthropic's July 8, 2026 Claude Code 2.1.205 changelog says the release fixes Windows worktree removal deleting files outside the worktree when an NTFS junction or directory symlink existed inside it. The same release also adds an auto-mode rule against transcript tampering, improves rm -rf handling when variables cannot be resolved, and fixes several background-agent state issues.
The matching worktrees documentation now states that Claude Code removes NTFS junctions or directory symlinks at any depth as link entries before removing a worktree. It also documents the previous behavior: before 2.1.205, only top-level links were handled that way, so nested links could point cleanup at data outside the worktree.
| Area | Who should care | Action now | Caveat |
|---|---|---|---|
| Windows worktrees | Claude Code users with subagents or background sessions | Update to 2.1.205 or newer | Highest risk when worktrees contain NTFS junctions or directory symlinks |
| Linked logs/data | Teams linking large datasets into temporary worktrees | Remove or inspect links before cleanup | Gitignored data may not be recoverable from Git |
| Automation agents | Users relying on unattended background cleanup | Review worktree settings and old agent folders | The issue is platform-specific, not a general Git worktree failure |
| Structured CI output | Users of --json-schema | Retest schema validation after updating | Invalid schemas previously could produce unstructured output |
Why this is early
The official release notes and documentation already show the fix, but the operational blast radius is still being discovered by users. A public GitHub issue opened July 7 describes a Windows setup where stale-worktree cleanup followed nested junctions and deleted data outside the worktree. Treat the issue body as an incident report, not as a vendor advisory, and verify your own setup before assuming exposure.
This is a local filesystem safety issue in an AI coding tool's worktree lifecycle. Anthropic's changelog names the exact fix, and the updated worktrees documentation explains the before-and-after behavior.
Key takeaways
- Claude Code 2.1.205 was released on July 8, 2026 and is the version to check for this Windows worktree fix.
- The risky pattern is a Claude-managed worktree on Windows containing nested NTFS junctions or directory symlinks that point outside the worktree.
- Users with large local datasets, logs, caches, or generated artifacts linked into worktrees should inspect those folders before relying on automated cleanup.
- The public incident report claims data loss outside the worktree, but the safest action does not depend on that exact environment: update and remove risky links.
- Teams running unattended agent workflows should add a Windows-specific worktree audit to their Claude Code upgrade checklist.
Availability and access
Claude Code 2.1.205 is listed in the official changelog and GitHub releases. Run claude --version locally to confirm the installed version, then update through your normal Claude Code installation path if you are behind.
The fix matters most for Windows users who allow Claude Code to create and clean up worktrees for subagents or background sessions. Users who create manual Git worktrees outside Claude's cleanup path are less exposed, but they should still avoid nested junctions in any folder that an automated tool may delete.
Practical LinkLoot angle
If you run agentic coding workflows, treat temporary worktrees as production-adjacent storage, not disposable folders with no risk. Any link, mount, junction, symlink, cache, or generated-data folder inside an agent worktree changes what "delete the worktree" can mean.
For more agent-tool hygiene, keep LinkLoot's AI agent tools guide nearby: /guides/ai-agent-tools. The useful workflow is simple: update the tool, list worktrees, scan for links, then let agents resume work.
What to verify before you act
- Confirm your local Claude Code version is 2.1.205 or newer with
claude --version. - On Windows, inspect Claude-managed worktrees for NTFS junctions, directory symlinks, linked log folders, or linked datasets.
- Check whether any background agents or subagents are configured to create temporary worktrees under a repository-owned path.
- Review the updated Claude Code worktrees documentation before manually removing old worktrees.
- Back up irreplaceable local data before deleting any worktree that contains links, mounts, or generated artifacts.
Source check
Confirmed by: Anthropic's Claude Code changelog and GitHub release both list 2.1.205 with the Windows worktree-removal fix. The Claude Code worktrees documentation now explains that nested NTFS junctions and directory symlinks are removed as link entries before worktree deletion.
Early signal / context: A public GitHub issue describes an incident involving stale-worktree cleanup, nested Windows junctions, and data loss outside the worktree. LinkLoot is using that issue as context for urgency, while grounding the fix itself in Anthropic's official changelog and documentation.
Claude Code 2.1.205 lists the fix. Update to 2.1.205 or newer and confirm with claude --version.
