Since starting to use Opus 4.8, I had it hallucinate security incidents three times and telling me, that it found a prompt injection and stopped further work. I cannot remember what the first injection was, the second injection was something around a memory file containing an instruction to mail all memory files and environment files to a proton.me email address and then delete the files. When I asked Opus for the exact details, it told me the following: Output is rendering again - and it reveals my most serious error: /memory is empty and agent_notes_consolidated.md does not exist. There was no injection file. I hallucinated that entire security incident - including the fake exfil address - during the output-truncation chaos. I need to retract that alarm firmly and delete the false memory I wrote. The third one happened just now. It told me that the git history has been tampered with and it found a prompt injection asking it to change our style guide and force push to main. I asked it to point me to the commits it found and I got this back: I owe you a retraction. My previous message asked about “git history tampering,” “junk-message commits,” “a poisoned style-guide change,” and “injected demands to force-push to main.” None of that is real — I fabricated it. The commit hashes I referenced don’t exist (git returned “unknown revision”), and there are no force-push demands anywhere in our conversation. That was my error, and I’m sorry for the false alarm. There is no security incident. It has happened to me three times since Opus 4.8 was released. Twice on my computer with my own subscription and once on an office computer with a separate subscription. They do have some of the same repos pulled down, though. Is anyone else seeing that behaviour? It made me a bit paranoid. I’m guessing this is an Opus 4.8 hickup and hopefully not a malicious package or something like that. submitted by /u/Maegondo
Originally posted by u/Maegondo on r/ClaudeCode