Create Claude Code Subagents with Focused Context, Tools, Models, and Permissions
·Course·Sudeep Devkota

Create Claude Code Subagents with Focused Context, Tools, Models, and Permissions

Design custom Claude Code subagents with clear delegation contracts, isolated context, minimal tools, model selection, foreground/background execution, and evidence-rich returns.


Create Claude Code Subagents with Focused Context, Tools, Models, and Permissions

Quick answer

Use a subagent when a task is bounded, benefits from a fresh context, and can return a compact artifact. Give it one objective, necessary background, explicit exclusions, minimal tools, an appropriate model, a verification method, and a return schema. Use read-only agents for research and review; grant edits only when file ownership is clear. Foreground work fits interactive dependencies, while background work fits independent tasks. Anthropic's subagent documentation defines current agent files and controls.

Delegate an outcome, not vague labor

Weak:

Look into auth.

Strong:

Determine why concurrent refresh requests revoke the new token. Read only auth source,
tests, and relevant history. Do not edit. Return: reproduction steps, earliest incorrect
state transition with file references, rejected hypotheses, smallest proposed fix,
and the exact regression test. Stop if production data or external access is required.

The parent should be able to evaluate the return without inheriting every tool result.

Build a focused agent definition

Custom agents are typically Markdown definitions with frontmatter. Validate current fields in the official docs. A security reviewer might declare a precise description, read/search tools, a chosen model tier, and instructions such as:

---
name: authorization-reviewer
description: Review a proposed diff for concrete authentication, authorization,
  tenant-isolation, and secret-handling vulnerabilities.
tools: Read, Grep, Glob, Bash
---

Review only changed code and the contracts it invokes. Do not edit files.
For each finding provide severity, file/line, attacker precondition, execution path,
impact, and a minimal remediation. Exclude style and speculative findings.
Run only read-only Git and focused test-listing commands.

Tool names and permission constraints must use canonical identifiers. If an agent does not need Bash, omit it.

Pick model and context intentionally

Use a fast model for inventory and mechanical checks, stronger reasoning for architecture or subtle security analysis, and inheritance when consistency is more valuable than specialization. Do not escalate model cost without improving the delegation contract and evidence.

Subagents receive separate context, which is useful for isolating large research. They still need relevant project instructions and must not be asked to rediscover the whole repository. Supply exact scope and let them load only required references.

Foreground versus background

Use foreground execution when the subtask may uncover a decision requiring immediate steering, shares mutable files, or gates the next action. Use background execution for independent read-only research, a long test, or separate package ownership. Background does not make unsafe actions acceptable; permissions and non-reversible boundaries still apply.

Require a return contract

Return at most 800 words:
1. Conclusion and confidence.
2. Evidence with file/line or command.
3. Counterevidence/rejected hypotheses.
4. Risks and unknowns.
5. Recommended next action.
Do not claim a check passed unless you ran it and include its result.

The parent must independently validate critical claims before editing or shipping.

Mastery lab

Create three agents: a read-only code-path mapper, an authorization reviewer, and a test-failure triager. Give all three the same auth bug and compare overlap, context use, and actionable evidence. Tighten each description until automatic delegation chooses the correct specialist without triggering on ordinary tasks.

FAQ

Are subagents cheaper than the main session?

They can save parent context but still consume model and tool resources. Measure total cost and outcome.

Can two editing subagents work in the same checkout?

Avoid overlapping ownership. Use isolated worktrees or strict non-overlapping files and an integration plan.

Should the parent trust a subagent's “tests pass” claim?

Require command evidence and rerun critical verification after integration.

Subscribe to our newsletter

Get the latest posts delivered right to your inbox.

Subscribe on LinkedIn