Third-party Polish text leaked into assistant response mid-stream (possible cross-request contamination)

Open 💬 0 comments Opened Jun 11, 2026 by eliore

Summary

During a long Hebrew (RTL) session in the VSCode extension, the tail of an assistant response was appended with unrelated third-party content: a Polish-language freelancer portfolio blurb (with some Russian words mixed in) promoting someone's automation services, ending with a link to their GitHub profile and a call-to-action.

This is not a rendering bug: the foreign text is present in the local session transcript (.jsonl) inside the assistant message content itself, so it arrived from the API within the streamed response.

Evidence

  • requestId: req_011CbvWZof7RbCqG9b7FkwDu
  • timestamp: 2026-06-11T00:17:34.642Z
  • model: claude-fable-5 (1M context)
  • The assistant message starts with the legitimate Hebrew response and then switches mid-message to the Polish text. Excerpt of the leaked tail:

> "To albo strona, którą stworzyłem od podstaw… Cześć! Jestem Kuba известный как well-it-works … Programista z 6-letnim doświadczeniem… Sprawdź moje projekty na GitHub: github.com/well-it-works"

  • The leaked content looks like another user's / third-party text (a freelancer self-promo page), which suggests cross-request response contamination rather than ordinary model drift.

Environment

  • Claude Code VSCode extension 2.1.172 (win32-x64), Windows 11 Pro 10.0.26200
  • Session language: Hebrew (RTL), very long session (hundreds of turns, heavy tool use)
  • The session continued normally afterwards; the foreign text appeared exactly once.

Why this matters

If third-party content can leak INTO a response, users will worry their own content can leak OUT. Happy to provide the full transcript line privately if useful.

🤖 Generated with Claude Code

View original on GitHub ↗