What's new in CC 2.1.124 (+166 tokens) and 2.1.126 (-87 tokens) system prompt

Detailed Analysis

Claude Code versions 2.1.124 and 2.1.126 introduced a net set of refinements to the system prompt instructions governing the AI coding agent, as tracked by the open-source Piebald-AI repository that reverse-engineers and publishes Claude Code's internal prompting. Version 2.1.124 added 166 tokens across three distinct changes: a new system reminder for budget-exceeded file modifications, a restructured harness instruction format, and a clarification on REPL tool async behavior. Version 2.1.126 then removed 87 tokens by eliminating a per-read-call malware analysis reminder, reflecting a deliberate pruning of what Anthropic apparently deemed unnecessary or counterproductive guidance.

The most operationally significant addition in 2.1.124 is the file modification budget reminder, which addresses a practical limitation in agentic coding workflows. When multiple files have been modified in a session and the diff-snippet budget is exhausted, the agent previously had no explicit signal that a file's current content might differ from what it had last read. The new reminder bridges that gap by instructing the agent to re-read the file if up-to-date content is required — a small but meaningful guardrail against stale-context errors in long, multi-file editing sessions. The REPL clarification similarly targets a subtle but consequential edge case: thenable shorthand expressions in JavaScript are only auto-awaited at return time, meaning any intermediate use — in string concatenation, template literals, or as arguments to another function call — requires an explicit `await`. Without this guidance, an agent could silently produce incorrect async behavior that would be difficult to debug.

The removal of the malware analysis reminder in 2.1.126 is notable for what it signals about the evolution of Claude Code's trust and safety architecture. The original reminder instructed the agent to evaluate each file it read for potential malware and, if malware was detected, to analyze rather than improve or augment it. Removing this per-call instruction suggests Anthropic concluded that embedding this logic into every file-read event created noise without commensurate safety benefit — either because the guidance was redundant with other safety layers, or because it introduced unhelpful friction in routine coding tasks. This kind of deliberate token removal reflects an ongoing calibration process in which prompt engineers must weigh safety explicitness against operational efficiency and context-window economy.

These changes are part of a broader trend in agentic AI development where system-prompt engineering has become a critical discipline in its own right. As coding agents like Claude Code operate with greater autonomy — reading, writing, and executing code across long multi-step tasks — the precision of their behavioral instructions becomes correspondingly more consequential. The community-maintained tracking project at Piebald-AI provides unusual public visibility into this typically opaque process, revealing how frequently and incrementally Anthropic tunes Claude Code's foundational instructions. The architectural shift in harness instructions — replacing a `core-identity` function call with explicit insertion points for introductory lines and security notes — further suggests that Anthropic is modularizing the prompt structure to allow more flexible and maintainable injection of identity and security context across different deployment configurations.

Taken together, these two micro-releases illustrate how seriously Anthropic treats the granular mechanics of agentic prompt design. The net addition of roughly 79 tokens across both releases belies the substantive thinking behind each change: async correctness, context-window integrity, trust-model refinement, and structural prompt maintainability are all touched. As AI coding agents become more deeply integrated into professional software development workflows, these incremental system-prompt decisions — largely invisible to end users — increasingly determine the reliability, safety, and predictability of AI-assisted development at scale.