This article was originally published on LucidShark Blog . A thread on Hacker News this week surfaced a detail about Claude Code that had been sitting in plain sight for anyone reading the right logs: before Claude Code does anything in your terminal, it makes an outbound request to api.anthropic.com/api/claude_cli/bootstrap . Whatever that endpoint returns gets injected into the tool's system prompt. The result is cached to disk and refreshed during active sessions by a GrowthBook feature-flag sync that runs roughly every 60 seconds. To be clear: this is not a vulnerability in the traditional sense. It is documented infrastructure. Anthropic can push instruction updates to every running Claude Code instance, globally, without shipping a new version. For most developers, this is invisible. For teams with compliance requirements, security-sensitive workflows, or simply a preference for knowing what instructions their AI coding tools are operating under, it is worth understanding in detail.…