ExitPlanMode terminates the current SDK turn — no tool execution possible after exiting plan mode

[jeremy-newhouse]

Issue Description

When using ClaudeSDKClient with permission_mode="bypassPermissions", calling ExitPlanMode terminates the current query/turn immediately. No further tool calls execute after ExitPlanMode within the same turn — the ResultMessage is emitted and receive_messages() completes.

This means any workflow that enters plan mode, gets user approval, exits plan mode, and then executes actions (Agent dispatch, Bash, Write, etc.) requires a separate follow-up turn after ExitPlanMode. The model cannot complete a plan-then-execute workflow in a single turn.

Reproduction

from claude_agent_sdk import ClaudeSDKClient, ClaudeAgentOptions, HookMatcher

options = ClaudeAgentOptions(
    cwd="/some/project",
    permission_mode="bypassPermissions",
    hooks={
        "PreToolUse": [
            HookMatcher(
                matcher="AskUserQuestion",
                hooks=[ask_hook],  # hook that denies + injects answer
            ),
        ],
    },
)

client = ClaudeSDKClient(options=options)
await client.connect()
await client.query("""Do these steps in order:
1. Call EnterPlanMode
2. Read a file
3. Ask user for approval via AskUserQuestion
4. Call ExitPlanMode
5. Run: echo HELLO via Bash
""")

# Collect all tool calls
tools = []
async for msg in client.receive_messages():
    # ... collect tool names from AssistantMessage blocks

Observed tool sequence:

['ToolSearch', 'EnterPlanMode', 'Read', 'AskUserQuestion', 'ToolSearch', 'ExitPlanMode']

Step 5 (Bash) never executes. The turn completes immediately after ExitPlanMode.

Expected tool sequence:

['ToolSearch', 'EnterPlanMode', 'Read', 'AskUserQuestion', 'ToolSearch', 'ExitPlanMode', 'Bash']

All 5 steps should complete in a single turn.

Workaround

Send a follow-up query() after the turn completes to continue execution post-plan-mode. This works but requires the caller to detect the plan mode exit and re-prompt.

Environment

• claude-agent-sdk==0.1.52
• Claude CLI 2.1.86
• permission_mode="bypassPermissions"
• Python 3.12, Linux (Docker)

Impact

This affects any SDK-based automation that uses plan mode as part of a multi-step workflow (e.g., design orchestrators that plan architecture then dispatch implementation agents). The plan-then-execute pattern is broken in a single turn.

[jeremy-newhouse]

Cross-filed on the Claude Code CLI repo: anthropics/claude-code#40671 — the turn-termination behavior is in the CLI binary, not the Python SDK wrapper.