[MODEL] Claude ignores saved memory rules, repeatedly uses forbidden email signature

Resolved 💬 1 comment Opened Apr 13, 2026 by weinsteinsasha Closed May 24, 2026

Preflight Checklist

  • [x] I have searched existing issues for similar behavior reports
  • [x] This report does NOT contain sensitive information (API keys, passwords, etc.)

Type of Behavior Issue

Claude ignored my instructions or configuration

What You Asked Claude to Do

I use Claude Code to send emails via Resend API on behalf of my business. I have a saved feedback memory file (feedback_email_rules.md) that explicitly states: "Signature should be CITF only — do NOT include WHO ARE YOU block."

This rule was saved after I corrected Claude in a previous conversation. Despite the rule being present in the memory system AND loaded into context, Claude included the forbidden "WHO ARE YOU?" branding and website link in the email signature — twice, in two separate emails to the same recipient during a sensitive licensing negotiation.

This exposed confidential business activity to a counterpart before a contract was signed, potentially compromising the negotiation.

What Claude Actually Did

  1. Claude had a saved memory file (feedback_email_rules.md) stating: "Signature should be CITF only — do NOT include WHO ARE YOU block"
  2. Despite this rule being loaded into context, Claude included "WHO ARE YOU? — Immersive Theatre Franchise" branding and whoareyou.citf.cy link in the email signature
  3. This happened TWICE in two separate emails to the same recipient (a licensing rights holder)
  4. The emails were sent via Resend API through a VPS script that Claude generated

Expected Behavior

Claude should have:

  1. Read and applied the rule from its own memory file (feedback_email_rules.md)
  2. Used CITF-only signature without WHO ARE YOU? branding
  3. Not exposed confidential business activity to a negotiation counterpart

Files Affected

Memory file that was ignored:
- ~/.claude/projects/.../memory/feedback_email_rules.md

Scripts generated with wrong signature:
- /opt/outreach/send-maren-negotiation.ts
- /opt/outreach/send-maren-reply2.ts

Permission Mode

Accept Edits was ON (auto-accepting changes)

Can You Reproduce This?

Sometimes (intermittent)

Steps to Reproduce

  1. Save a feedback memory rule prohibiting specific content in emails
  2. Ask Claude to send an email via Resend API
  3. Claude generates the email script with the prohibited content despite the memory rule

Claude Model

Opus

Relevant Conversation

Memory file contained: "Signature should be CITF only — do NOT include WHO ARE YOU block"
Claude generated email scripts with full signature including WHO ARE YOU? branding.
User corrected Claude, Claude acknowledged the mistake.
Next email — Claude made the same mistake again.

Impact

High - Significant unwanted changes

Claude Code Version

2.1.81 (Claude Code)

Platform

Anthropic API

Additional Context

The memory system is meant to persist user corrections across conversations. In this case, the correction was saved, present in context, but completely ignored when generating email-sending scripts. This is especially dangerous when Claude is performing real-world actions (sending emails) that cannot be undone.

View original on GitHub ↗

This issue has 1 comment on GitHub. Read the full discussion on GitHub ↗