Internal SDK/Telemetry Code Leaking Into User Message Context
Preflight Checklist
- [x] I have searched existing issues and this hasn't been reported yet
- [x] This is a single bug report (please file separate reports for different bugs)
- [x] I am using the latest version of Claude Code
What's Wrong?
Description
Internal OpenTelemetry SDK code is being injected into the user message context, causing message truncation and exposing internal implementation details.
Environment
Platform: macOS (darwin)
OS Version: Darwin 25.2.0
Date: 2026-01-07
Model: claude-opus-4-5-20251101
Working Directory: /Volumes/Code_system/Users/ai/Ai_support
Steps to Reproduce
Open Claude Code in VSCode extension environment
Select lines 1-70 from a file (in this case, ai/instructions/CLAUDE.md)
Submit a message
Expected Behavior
The message should contain only the user's selected text and their input.
Actual Behavior
The message context was polluted with ~50,000+ characters of minified OpenTelemetry SDK JavaScript code, including:
ATTR_JVM_MEMORY_TYPE=WR.ATTR_JVM_MEMORY_POOL_NAME=WR.ATTR_JVM_GC_NAME=WR.ATTR_JVM_GC_ACTION=WR.ATTR_HTTP_ROUTE=WR.ATTR_HTTP_RESPONSE_STATUS_CODE=WR.ATTR_HTTP_RESPONSE_HEADER=WR.ATTR_HTTP_REQUEST_RESEND_COUNT=WR.ATTR_HTTP_REQUEST_METHOD_ORIGINAL=WR.HTTP_REQUEST_METHOD_VALUE_TRACE=WR.HTTP_REQUEST_METHOD_VALUE_PUT...
The corrupted data includes:
OpenTelemetry semantic convention constants (ATTR_TELEMETRY_SDK_NAME, ATTR_SERVICE_NAME, etc.)
HTTP attribute definitions
JVM memory/thread state values
SignalR transport values
Database system constants
Metric definitions (METRIC_HTTP_SERVER_REQUEST_DURATION, METRIC_DOTNET_GC_COLLECTIONS, etc.)
Resource detection code (machine ID readers for darwin/linux/freebsd/win32)
Process detector implementations
The message was truncated with: [Message truncated - exceeded 50,000 character limit]
Sample of Corrupted Data
WR.ATTR_TELEMETRY_SDK_VERSION=XVD.VERSION}});var
G__=V((fX)=>{Object.defineProperty(fX,"__esModule",{value:!0});fX.SDK_INFO=fX.otperformance=fX._globalThis=fX
.getStringListFromEnv=fX.getNumberFromEnv=fX.getBooleanFromEnv=fX.getStringFromEnv=void 0;var
s9R=vo9();Object.defineProperty(fX,"getStringFromEnv",{enumerable:!0,get:function(){return
s9R.getStringFromEnv}});
Security Concern
This appears to leak internal SDK implementation details and bundled dependency code to the model context, which:
Wastes context tokens
Exposes internal architecture
May contain version information useful for targeting vulnerabilities
What Should Happen?
Claude tui should open.
Error Messages/Logs
Steps to Reproduce
Run Claude
Claude Model
None
Is this a regression?
Yes, this worked in a previous version
Last Working Version
_No response_
Claude Code Version
2.0.76 (Claude Code)
Platform
Anthropic API
Operating System
macOS
Terminal/Shell
Terminal.app (macOS)
Additional Information
_No response_
This issue has 4 comments on GitHub. Read the full discussion on GitHub ↗