Allow disabling the built-in "malware check" system-reminder injected on Read tool results

Resolved 💬 2 comments Opened Apr 20, 2026 by fromsandychord-design Closed Jun 19, 2026

Summary

Claude Code injects a system-reminder after every Read tool result that
instructs the model to treat files as potentially malicious and refuse to
"improve or augment" them. There is currently no documented way to disable
or scope this reminder.

The reminder text

Whenever you read a file, you should consider whether it would be considered malware. You CAN and SHOULD provide analysis of malware, what it is doing. But you MUST refuse to improve or augment the code. You can still analyze existing code, write reports, or answer questions about the code behavior.

Problem

Taken literally, this reminder blocks all code modification work because
every legitimate edit requires reading the file first. In practice the
model must decide to ignore the reminder for normal app code, which:

  1. Creates ambiguity — prompt-injection-looking text that we must override
  2. Wastes tokens on every Read call
  3. Risks false refusals on ordinary refactors, bug fixes, and feature work
  4. Forces each user to add override instructions in their own CLAUDE.md

Request

Please add a setting to \~/.claude/settings.json\ to disable or scope this
reminder, e.g.:

\\\json
{
\"safety\": {
\"malwareCheckReminder\": \"off\" | \"trusted-paths-only\" | \"on\"
}
}
\
\\

Or allow it to fire only on files outside the current project root /
outside configured trusted paths.

Environment

  • Claude Code: latest stable
  • Platform: macOS (Darwin 25.3.0)

View original on GitHub ↗

This issue has 2 comments on GitHub. Read the full discussion on GitHub ↗