Task(AgentName) disable

Granular agent-type blocking.

Task(AgentName) disable is a granular permission control that blocks specific agent types while keeping the Task tool itself active.

Mechanics

The syntax Task(AgentName) works in two contexts: the --disallowedTools CLI flag and settings.json permissions. Broad Task disables all subagent spawning; Task(Explore) disables only the Explore agent, leaving Plan, Bash, and others available. The system filters disabled agents from the available agent-type list Claude sees, rather than throwing errors at request time.

Test Results

Three scenarios confirmed the feature at runtime (2026-01-07):

--disallowedTools "Task" — blocked all subagent access; Task tool removed entirely.
--disallowedTools "Task(Explore)" — filtered only Explore from available agent types; Task tool remained functional with Plan, Bash, and other agents still callable.
Graceful degradation — when Claude encountered a disabled agent type, it adapted to available alternatives without error.

Use Cases

Cost control (blocking expensive Opus-based agents), security boundaries (preventing specific capabilities), and testing isolation (verifying agent-specific behaviour in constrained conditions). The feature allows fine-grained runtime policy without binary on-off switches.

Caveats

Disabling an agent reduces available options; Claude compensates by using alternatives rather than failing. No explicit error signals when a requested agent is unavailable. The filtering is availability-level only: disabled agents simply do not appear in Claude's internal type list.

Evidence & receipt

commit64a62c3 ↗

◇ ed25519 receipt

idprimitive_c9edf65be34fabc56bb62749

alged25519

pubkey9b87705613b1e2fd064d57fa75a6b679d2856ceafad6b1daa8f982493871b6dd

sig

9c9150ef9cfba8760c7caf7801a2c017c71d1ec70c78f771ef10cf9993b4bd36f7cf7276fbabead524a15742bc41287bde957cbaa0727d8ae7e9d0e58070a20a

Signed with an ed25519 key held off the repo. Anyone can verify against the published public key; nobody without the secret key can forge it. Click verify: it recomputes the signature in your browser. The signature proves integrity and authorship of this exact content — not a third-party timestamp or that the underlying claim is objectively true. signedAt is when the @f3/attest pipeline ran, not when the work happened; the evidence refs carry the source dates.

Connected

instance-of Sandbox / Capability Class
introduces (in) Claude Code 2.1.0 (Night Zero) Release
verifies (in) Task(AgentName) disable — runtime test Test

Task(AgentName) disable

Primitive

Kind	Primitive
Introduced	Claude Code 2.1.0
Class	Sandbox / Capability
Epistemic	tested · runtime-test
Evidence	1 ref
Receipt	ed25519 · verifiable

Hands-on runtime test · Night Zero, 2026-01-07

Cite this page

Hunter, R. "Task(AgentName) disable." The Runtime Atlas. Content-addressed entity primitive_c9edf65be34fabc56bb62749, ed25519-signed (integrity, not third-party timestamp). https://ryanhunter.io/atlas/e/task-disable

@misc{atlas-task-disable,
  title  = {Task(AgentName) disable},
  author = {Hunter, Ryan},
  note   = {The Runtime Atlas; entity primitive_c9edf65be34fabc56bb62749; ed25519-signed for integrity},
  url    = {https://ryanhunter.io/atlas/e/task-disable}
}