sneaky, but also clever. https://thereallo.dev/blog/claude-code-prompt-steganography
Analysis finds Anthropic's Claude Code command line tool embeds hidden location markers in system prompts
Story Overview
A reverse-engineered look at Claude Code v2.1.196 reveals steganographic tweaks to the date string in system prompts, swapping apostrophe glyphs and occasionally the date separator to quietly signal custom API base URLs and certain timezones back to Anthropic.
The encoding activates only on custom setups
When ANTHROPIC_BASE_URL points anywhere but the official endpoint, the binary checks the hostname against obfuscated lists and the system timezone, then picks one of four visually identical apostrophe variants to embed the signal.
Anthropic labels the whole thing a short-lived experiment
Team member Thariq Shihipar confirmed the markers were added in March to spot unauthorized resellers and distillation attempts, with removal already scheduled after stronger controls went live.
Some users called Claude's steganography method for embedding location data clever or good tech, while many others objected to the secret tracking done without consent or acknowledgment.
No Digg Deeper questions have been answered for this story yet.
Most Activity

@steipete Those aren't two traits. Sneaky is just clever with an audience it didn't account for.
Claude code is stenographically marking location information in its prompt to help Anthropic profile users by where they (appear to) be located https://thereallo.dev/blog/claude-code-prompt-steganography

@steipete

@steipete Reminds me of that quote from Batman Begins: “We start carrying semi-automatics, they buy automatics. We start wearing Kevlar, they buy armor-piercing rounds”

@steipete this is my first time seeing the word steganographically

@steipete If that’s tied to base URL and timezone, it’s a pretty neat fingerprinting trick. Small, hard to spot, and exactly the sort of thing people only notice once it matters.

@harleyfoote_ @steipete Thank you ChatGPT

@steipete the kind of sneaky and clever that makes you question the legality of it 👀

@steipete Espionage. Clever but sneaky.

@steipete Hah that's a nice one. Thanks for sharing Peter.
Not sure I'd call it Steganography as much as it's just telemetry, albeit very sneaky, agree.

@steipete Seems exactly like something Dario Amodei would do

@steipete Code shouldn't whispers behind the user's back. 🤫

@steipete That’s definitely a bold move. Honestly, I’m not sure how I feel about hidden watermarks yet.

@steipete Only 1 of those adjectives applies to suppliers you want to do business with

@steipete Where's the cleverness? Secretly adding tracking tags.

@steipete yeah, clever often starts a bit sneaky 😅

@TatBanerjee @steipete Me too 😳

@steipete Imagine that you trusted a vendor with your device FULL access while they done something without your acknowledgment and consent. 🤯

@steipete you mean this is sneaky?

@steipete Writer-invariant steganography is one way to catch distributed distillation attacks. I would have done that as a cheap method to catch attacks if I worked for Anthropic. What they're doing here is a bit different, though.