[BUG] VS Code extension injects node_modules into system context, ignoring .claudeignore and files.exclude

Resolved 💬 4 comments Opened Apr 16, 2026 by con-cis Closed May 27, 2026

Preflight Checklist

  • [x] I have searched existing issues and this hasn't been reported yet
  • [x] This is a single bug report (please file separate reports for different bugs)
  • [x] I am using the latest version of Claude Code

What's Wrong?

When Claude Code is started from a workspace root containing subdirectories with
node_modules installed, the VS Code extension scans and injects those files as
system tool context. "System tools" in /context shows 3.2m+ tokens (1600%+ of
the 200k context window), making the session unusable from the start.

This happens even though node_modules is excluded via .claudeignore,
files.exclude in .vscode/settings.json, and denyRead in .claude/settings.json.

What Should Happen?

node_modules directories should be excluded from workspace context scanning,
consistent with the exclusions defined in .claudeignore, files.exclude, and
permission settings.

Error Messages/Logs

⚠ Context is 1621% full
        Autocompact will trigger soon, which discards older messages. Use /compact
        now to control what gets kept.

Steps to Reproduce

  1. Open a workspace root in VS Code that contains subdirectories

(e.g. a multi-repo workspace — the root itself is not a git repo)

  1. Run pnpm install (or npm install) in one of the subdirectories
  2. Start a new Claude Code session from the workspace root
  3. Run /context

Result: "System tools" shows 3.2m tokens (1616%)
Expected: System tools shows a few thousand tokens

Workaround: deleting node_modules before starting Claude Code brings
"System tools" back to a normal size. Starting Claude Code from inside
the subdirectory instead of the workspace root also avoids the issue.

Claude Model

None

Is this a regression?

No, this never worked

Last Working Version

_No response_

Claude Code Version

2.1.92 (Claude Code)

Platform

Anthropic API

Operating System

Windows

Terminal/Shell

WSL (Windows Subsystem for Linux)

Additional Information

.claudeignore at workspace root contains /node_modules/
.vscode/settings.json contains files.exclude: { "
/node_modules": true }
.claude/settings.json contains denyRead: ["/node_modules/"]

None of these prevent the injection. The issue appears to be that the VS Code
extension performs its own workspace scan independently of these exclusion
mechanisms.

On MacOS in same Project I don't have this behavior also with node_modules installed and run from project root.

View original on GitHub ↗

This issue has 4 comments on GitHub. Read the full discussion on GitHub ↗