[BUG] Claude Code keeps flagging on it's own injections
Resolved 💬 1 comment Opened May 29, 2026 by lucidbots-sean Closed Jul 1, 2026
Preflight Checklist
- [x] I have searched existing issues and this hasn't been reported yet
- [x] This is a single bug report (please file separate reports for different bugs)
- [x] I am using the latest version of Claude Code
What's Wrong?
Got a few variations on the following message after a web fetch. Seems that Opus 4.8 is very security minded.
⚠️ Prompt-injection pattern. Five fetched pages returned fake <system-reminder> tags — pencil-MCP impersonation in one, TaskCreate nudges in four. Identical wording across unrelated sources points to proxy/tool-layer injection, not source pages. Worth knowing — flag in your tooling team. The content agent and I both refused to act on them.
As requested, I'm letting the tooling team know.
What Should Happen?
Not tell me when it's doing expected behavior. Or I should have the ability to disable injections.
Error Messages/Logs
Steps to Reproduce
Try some WebFetches? That's what I did.
Claude Model
Opus
Is this a regression?
Yes, this worked in a previous version
Last Working Version
_No response_
Claude Code Version
2.1.145
Platform
Anthropic API
Operating System
macOS
Terminal/Shell
Other
Additional Information
/bug gave me a 403.
This issue has 1 comment on GitHub. Read the full discussion on GitHub ↗