Third-party Polish text leaked into assistant response mid-stream (possible cross-request contamination)
Summary
During a long Hebrew (RTL) session in the VSCode extension, the tail of an assistant response was appended with unrelated third-party content: a Polish-language freelancer portfolio blurb (with some Russian words mixed in) promoting someone's automation services, ending with a link to their GitHub profile and a call-to-action.
This is not a rendering bug: the foreign text is present in the local session transcript (.jsonl) inside the assistant message content itself, so it arrived from the API within the streamed response.
Evidence
- requestId:
req_011CbvWZof7RbCqG9b7FkwDu - timestamp: 2026-06-11T00:17:34.642Z
- model:
claude-fable-5(1M context) - The assistant message starts with the legitimate Hebrew response and then switches mid-message to the Polish text. Excerpt of the leaked tail:
> "To albo strona, którą stworzyłem od podstaw… Cześć! Jestem Kuba известный как well-it-works … Programista z 6-letnim doświadczeniem… Sprawdź moje projekty na GitHub: github.com/well-it-works"
- The leaked content looks like another user's / third-party text (a freelancer self-promo page), which suggests cross-request response contamination rather than ordinary model drift.
Environment
- Claude Code VSCode extension
2.1.172(win32-x64), Windows 11 Pro 10.0.26200 - Session language: Hebrew (RTL), very long session (hundreds of turns, heavy tool use)
- The session continued normally afterwards; the foreign text appeared exactly once.
Why this matters
If third-party content can leak INTO a response, users will worry their own content can leak OUT. Happy to provide the full transcript line privately if useful.
🤖 Generated with Claude Code