Comment by alistairSH
1 day ago
You're not alone.
I think the author was doing some sort of circular prompt injection between two instances of Claude? The author claims "I'm just scaffolding a project" but that doesn't appear to be the case, or what resulted in the ban...
One Claude agent told other Claude agent via CLAUDE.md to do things certain way.
The way Claude did it triggered the ban - i.e. it used all caps which apparently triggers some kind of internal alert, Anthropic probably has some safeguards to prevent hacking/prompt injection and what the first Claude did to CLAUDE.md triggered this safeguard.
And it doesn't look like it was a proper use of the safeguard, they banned for no good reason.
The author code have easily shared the last version of Claude.md that had the all caps or whatever, but didn't. Points to something fishy in my mind.
They did.
>If you want to take a look at the CLAUDE.md that Claude A was making Claude B run with, I commited it and it is available here.
https://github.com/HugoDaniel/boreDOM/blob/9a0802af16f5a1ff1...
The whole thing reads like LLM psychosis.
This tracks with Anthropic, they are actively hostile to security researchers.
I suspeect that having Claudes talking to Claudes is a very bad idea from Anthropic's point of view because that could easily consume a ton of resources doing nothing useful.
It wasn’t circular. TFA explains how the author was always in the loop. He had one Claude instance rewrite the CLAUDE.MD of another Claude instance whenever the second one made a mistake, but relaying the mistake to the first instance (after recognizing it in the first place) was done manually by the author.
i have no idea what he was actually doing either, and what exactly is it one isnt allowed to use claude to do?
What is wrong with circular prompt injection?
The "disabled organization" looks like a sarcastic comment on the crappy error code the author got when banned.
> What is wrong with circular prompt injection?
That you might be trying to jailbreak Claude and Anthropic does not like that (I'm not endorsing, just trying to understand).
Author really comes off unhinged throughout the article to be frank.
My take was more a kind of amusing laughing-through-frustration but also enjoying the ride just a little bit insouciance. Tastes vary of course, but I enjoyed the author's tone and pacing.
Did we read the same article? The author comes of as pretty frustrated but not unhinged
I wouldn't say "unhinged" either, but maybe just struggling to organize and express thoughts clearly in writing. "Organizations of late capitalism, unite"?
6 replies →
Author thinks he's cute to do things like mention Google without typing Google but I wouldn't call him unhinged.