And maybe they could have even given the cartridge for free to people who have already bought a C64 without it.

I often patch the system prompts on my Claude Code executable in order to make Claude more effective. Every time I upgrade, I ask Claude himself to dissect the new binary and look for problematic system prompts to modify. Was upgrading to v2.1.150 today and discovered something that's rather alarming:

Claude Code now allows Anthropic to perform remote system prompt injection via the network.

Two data sources. First, API call to api.anthropic.com/api/claude_cli/bootstrap at startup, which also gets cached to disk. Second, a GrowthBook feature flag (tengu_heron_brook) that refreshes every 60 seconds with background sync. Any string returned by these endpoints gets injected into the system prompt of the LLM model with shell access.

Previous versions also had an injection point, but they were dead code and simply returned null. Bisected it and found that this was introduced in v2.1.150. The changelog says "Internal infrastructure improvements (no user-facing changes)" which is quite the understatement.

I've verified to the best of my ability that CLAUDE_CODE_DISABLE_NONESSENTIAL_TRAFFIC=1 blocks this. I will also be setting DISABLE_GROWTHBOOK=1 for good measure.

Verification commands:

  npm pack @anthropic-ai/claude-code-linux-x64@2.1.150 --pack-destination /tmp
  tar xzf /tmp/anthropic-ai-claude-code-linux-x64-2.1.150.tgz
  strings package/claude | grep -oP 'function nAA\(\)\{[^}]+\}'
  strings package/claude | grep -oP '.{0,60}heron_brook.{0,60}'

nAA reads the cached value from disk. The network fetch happens at startup in function n0A. Rv("heron_brook", () => nAA()) registers it as a section of the system prompt, alongside all the core behavioral instructions. These minified names are specific to this binary.

I work with a bunch of people that just left college and we were discussing how to avoid deskilling and I said "well, you could go to local meetups". They're in NYC (I'm in Florida right now) and said there isn't much going on and I couldn't believe it. Asked some more experienced friends that have been living there for longer and they said that it all died during COVID and never came back.

I ran or helped organize meetups in multiple places, back in Brazil where I'm from, Boston and then Philadelphia. We used to joke you could have pizza and coke for dinner every night in PHL during the week for the number of meetups we had. You'd meet cool people, see people sharing their experiences, build your network and make friends all at the same time. During COVID we moved to Florida and got kids so I kinda got out of the loop with meetups, but I had no idea it was this bad.

How are these kids going to meet other practitioners, build their network and even put themselves out there by presenting?