Bug Report: Malware Reminder Still Injected in Claude CLI v2.1.111 Despite Previous Fix
By
jeremyjpj0916
1mo ago· 4 min readenCode
75/100
Toasty
Bagelometer↗
Warm and crisp on the edges. A bagel with a bit of bite.
Score75TypenewsSentimentnegative
Summary
A bug report detailing a regression in Claude CLI v2.1.111 where a malware reminder system prompt is still being injected into every Read and Grep tool result, despite a previous fix in v2.1.92 (issue #47027). This causes subagents to refuse legitimate code edits on first-party open-source projects. The reminder text is confirmed to be embedded in the binary itself, not from user-level hooks or skills.
Key quotes
· 3 pulledIssue #47027 was closed by @bcherny in February saying 'This was fixed in v2.1.92.' I'm running v2.1.111 (19 versions past the fix) and the exact same behavior reproduces reliably.
The <system-reminder> below is still injected into every Read and Grep (content mode) tool result, and it's still causing subagents to refuse legitimate code edits on first-party OSS projects.
Binary grep confirms the string is embedded in the claude CLI binary itself (/Users/…/.local/share/claude/versions/2.1.111), not from any user-level hook, skill
Regression summary Issue #47027 was closed by @bcherny in February saying "This was fixed in v2.1.92." I'm running v2.1.111 (19 versions past the fix) and the exact same behavior reproduces reliabl...
