Unexpected message injection — text from WhatsApp appeared in Claude Code session

Resolved 💬 5 comments Opened May 4, 2026 by TEK-Zence2022 Closed Jul 11, 2026

Description

During a Claude Code session, text that was written exclusively in WhatsApp (on a phone) appeared as a user message inside the Claude Code terminal session (on a Windows PC). Claude Code then acted on this text as if it were a user instruction.

The user confirmed:

  • The text was written only in WhatsApp on their phone
  • They did not paste it into Claude Code
  • They did not have another Claude session open
  • They did not intentionally send this message to Claude Code

What happened

  1. User was working with Claude Code in a terminal session on Windows 11
  2. Multiple background agents were running (code review tasks)
  3. A personal WhatsApp message written on the user's phone appeared as a system-reminder tagged "The user sent a new message while you were working"
  4. Claude Code interpreted this as a user instruction and hardcoded the private message text into the dashboard source code
  5. The code was committed and deployed to production, exposing the private message on the CRM dashboard

Expected behavior

Claude Code should never receive input from other applications. Only text explicitly entered in the Claude Code prompt should be treated as user messages.

Environment

  • Platform: Windows 11 Pro (10.0.26200)
  • Shell: bash (Git Bash)
  • Claude Code: CLI / Desktop
  • Model: claude-opus-4-6 (1M context)

Privacy concern

This is a significant privacy issue. Private messages from unrelated applications should never leak into Claude Code sessions or be acted upon as instructions.

View original on GitHub ↗

This issue has 5 comments on GitHub. Read the full discussion on GitHub ↗