Claude Code Marks Requests With Hidden Date Format Changes
The hidden marking raises questions about transparency in a tool that deeply integrates into developers' local environments, especially since the detection targets legitimate users through special connection paths while being easily bypassed by determined abusers.
Reporting from 1 sources: GIGAZINE.
A developer known as Thereallo has published research showing that Anthropic's AI coding tool Claude Code embeds subtle character differences in date strings within system prompts to mark requests based on API connection destinations and time zones. The mechanism, described as prompt steganography, changes date separators and apostrophe types depending on system time zone, hostname, and keywords. The standard Anthropic API is not affected.
Anthropic's Claude Code, an AI coding tool that reads codebases and executes commands, has been found to embed hidden markers in the date strings it sends with system prompts. Developer Thereallo documented the mechanism after investigating Claude Code version 2.1.196. The tool changes the date separator from hyphens to slashes based on the system time zone, and swaps the apostrophe in 'Today's' for visually similar Unicode characters when the hostname matches certain domains or contains AI-related keywords like DeepSeek, Moonshot, or Zhipu. The standard Anthropic API connection is not affected; the marking only applies to requests routed through internal gateways, proxies, model routers, or resale services. Thereallo noted that the domain list was obfuscated with Base64 and XOR, and the judgment results were hidden in the system prompt rather than sent as explicit telemetry. Bypassing the marking is straightforward by changing the hostname or time zone, meaning the feature is most likely to affect developers using legitimate special connection paths.
Synthesized by Yomimono from the 1 cited source below, including Japanese-language reporting where cited, then editorially reviewed before publishing.