Claude Code Is Steganographically Marking Requests

71 points by alexjs


bitshift

tl;dr: 4 different variations of the system prompt, to catch Chinese resellers when the end user's client sends the wrong one.

I don't think this is as trust-breaking as the author portrays it. If you've already accepted a closed-source blob that runs shell commands on your machine… I don't know what to tell you. Anthropic would like to preserve their reputation, so they're not going to intentionally do anything too bad to you, but you still accepted the bargain by using Claude in the first place.

What's wild is how the economics work out, that it's profitable (-ish?) for Chinese resellers to sell at a markup, presumably making money back by also selling the traffic as training data.