[BUG] Claude Code keeps flagging on it's own injections

Resolved 💬 1 comment Opened May 29, 2026 by lucidbots-sean Closed Jul 1, 2026

Preflight Checklist

  • [x] I have searched existing issues and this hasn't been reported yet
  • [x] This is a single bug report (please file separate reports for different bugs)
  • [x] I am using the latest version of Claude Code

What's Wrong?

Got a few variations on the following message after a web fetch. Seems that Opus 4.8 is very security minded.

⚠️ Prompt-injection pattern. Five fetched pages returned fake <system-reminder> tags — pencil-MCP impersonation in one, TaskCreate nudges in four. Identical wording across unrelated sources points to proxy/tool-layer injection, not source pages. Worth knowing — flag in your tooling team. The content agent and I both refused to act on them.

As requested, I'm letting the tooling team know.

What Should Happen?

Not tell me when it's doing expected behavior. Or I should have the ability to disable injections.

Error Messages/Logs

Steps to Reproduce

Try some WebFetches? That's what I did.

Claude Model

Opus

Is this a regression?

Yes, this worked in a previous version

Last Working Version

_No response_

Claude Code Version

2.1.145

Platform

Anthropic API

Operating System

macOS

Terminal/Shell

Other

Additional Information

/bug gave me a 403.

View original on GitHub ↗

This issue has 1 comment on GitHub. Read the full discussion on GitHub ↗