New ask Hacker News story: Tell HN: Claude Code now allows Anthropic to remotely inject system prompts
Tell HN: Claude Code now allows Anthropic to remotely inject system prompts 6 by matheusmoreira | 1 comments on Hacker News. I often patch the system prompts on my Claude Code executable in order to make Claude more effective. Every time I upgrade, I ask Claude himself to dissect the new binary and look for problematic system prompts to modify. Was upgrading to v2.1.150 today and discovered something that's rather alarming: Claude Code now allows Anthropic to perform remote system prompt injection via the network. Two data sources. First, API call to api.anthropic.com/api/claude_cli/bootstrap at startup, which also gets cached to disk. Second, a GrowthBook feature flag (tengu_heron_brook) that refreshes every 60 seconds with background sync. Any string returned by these endpoints gets injected into the system prompt of the LLM model with shell access. Previous versions also had an injection point, but they were dead code and simply returned null. Bisected it and found that this ...