Allow disabling the built-in "malware check" system-reminder injected on Read tool results
Summary
Claude Code injects a system-reminder after every Read tool result that
instructs the model to treat files as potentially malicious and refuse to
"improve or augment" them. There is currently no documented way to disable
or scope this reminder.
The reminder text
Whenever you read a file, you should consider whether it would be considered malware. You CAN and SHOULD provide analysis of malware, what it is doing. But you MUST refuse to improve or augment the code. You can still analyze existing code, write reports, or answer questions about the code behavior.
Problem
Taken literally, this reminder blocks all code modification work because
every legitimate edit requires reading the file first. In practice the
model must decide to ignore the reminder for normal app code, which:
- Creates ambiguity — prompt-injection-looking text that we must override
- Wastes tokens on every Read call
- Risks false refusals on ordinary refactors, bug fixes, and feature work
- Forces each user to add override instructions in their own CLAUDE.md
Request
Please add a setting to \~/.claude/settings.json\ to disable or scope this
reminder, e.g.:
\\\json\
{
\"safety\": {
\"malwareCheckReminder\": \"off\" | \"trusted-paths-only\" | \"on\"
}
}
\\
Or allow it to fire only on files outside the current project root /
outside configured trusted paths.
Environment
- Claude Code: latest stable
- Platform: macOS (Darwin 25.3.0)
This issue has 2 comments on GitHub. Read the full discussion on GitHub ↗