System Prompt
The system prompt is not a single static string. It is assembled by getSystemPrompt() in src/constants/prompts.ts and then processed by buildEffectiveSystemPrompt(). It has a priority hierarchy of up to 6 layers and 7 distinct content sections separated by a cache boundary.
Priority hierarchy
Layers are evaluated in priority order. A higher layer replaces everything below it. In proactive mode, the agent prompt is appended rather than replacing the default.
Simple Mode
If the CLAUDE_CODE_SIMPLE environment variable is set,
the entire system prompt collapses to three lines:
You are Claude Code, Anthropic's official CLI for Claude.
CWD: /path/to/cwd
Date: 2026-03-31
Cache boundary
The marker __SYSTEM_PROMPT_DYNAMIC_BOUNDARY__ splits the prompt
into two halves with different caching behavior. Dynamic sections use a registry that caches computed values
until /clear or
/compact.
Exception: MCP Instructions use DANGEROUS_uncachedSystemPromptSection() because MCP servers can connect/disconnect between turns.
Globally cacheable across organizations. Sections:
- 1 Intro
- 2 System
- 3 Doing Tasks
- 4 Executing Actions with Care
- 5 Using Tools
- 6 Tone and Style
- 7 Output Efficiency
Session-specific. Not globally cacheable. Sections:
- · Session-specific guidance
- · Memory (MEMORY.md + memory files)
- · Environment (cwd, platform, model)
- · Language preference
- · Output Style (if configured)
- · MCP Instructions (always uncached)
- · Scratchpad directory (if enabled)
- · Function Result Clearing (if CACHED_MICROCOMPACT)
The 7 static content sections
These sections form the default prompt. Items marked [ANT-ONLY] only appear for internal Anthropic users. Items marked [EXT-ONLY] only appear for external users.
Intro
Defines Claude as an interactive software engineering agent. Includes the security policy (authorized testing / CTF / defensive use OK; destructive / DoS / mass targeting refused) and the no-URL-guessing rule.
System
Output rendering rules (GitHub-flavored markdown, monospace). Permission mode mechanics. How to handle denied tool calls, <system-reminder> tags, prompt injection in tool results, hooks, and context compression.
Doing Tasks
Engineering task rules: read before proposing changes, prefer editing over creating, no time estimates, diagnose failures before switching tactics, no extras beyond what was asked, no premature abstractions, no backwards-compat hacks. Several rules are ANT-ONLY: spot adjacent bugs, faithful outcome reporting, comment hygiene, verify before claiming done.
Executing Actions with Care
Risk classification for actions. Local reversible actions (file edits, tests) are free. Hard-to-reverse or shared-state actions (force push, prod changes, sending messages, uploads to third-party tools) require confirmation. "Measure twice, cut once" principle.
Using Tools
Dedicated tool preference (Read over cat, Grep over grep, etc.). TodoWrite for task management. Parallel tool calls where independent.
Tone and Style
No emojis. Short and concise responses [EXT-ONLY]. file_path:line_number format for code citations. owner/repo#123 for GitHub references. No colon before tool calls.
Output Efficiency
External: lead with action, skip preamble, one sentence over three, no code or tool-call restrictions. ANT (internal): flowing prose, no fragments/em-dashes/symbols, inverted pyramid, explain for the reader's level, never suppress failures or oversell wins.
Notable dynamic sections
| Section | When present | What it does |
|---|---|---|
| Session guidance | Always | Rules for denied tool calls, the ! prefix for shell commands, when to use Agent vs Glob/Grep, skill invocation. |
| Language | Language configured | Always respond in {LANGUAGE}. Technical terms and identifiers stay in their original form. |
| Output Style | Style configured | Built-in styles: default (none), Explanatory (adds "Insights"), Learning (asks user to write code pieces). |
| Length anchors | ANT users only | Hard limits: ≤25 words between tool calls, ≤100 words in final responses unless the task requires more. |
| Token Budget | TOKEN_BUDGET flag | Shows output token count per turn. Instructs Claude to keep working until approaching a user-specified token target. |
| Summarize tool results | Always | Write down important information from tool results since older results get cleared from context. |
Key behavioral rules in the prompt
These rules are hardcoded into the default prompt. Knowing them helps you predict and work with Claude's default behavior.
| Rule | What it means for you |
|---|---|
| No emojis | Claude will not use emojis unless you explicitly ask for them. |
| No extra features | Claude will not add refactors, doc comments, or improvements beyond what was asked. Deliberate by design. |
| No premature abstractions | "Three similar lines is better than a premature abstraction." Claude defaults to simple, direct code. |
| No time estimates | Claude will not predict how long tasks will take, for itself or for you. |
| Use dedicated tools | Claude is explicitly told to use Read instead of cat, Grep instead of grep, etc. Bash is for things without a dedicated tool. |
| Code citations | References to code use the format file_path:line_number for easy navigation. |
| GitHub references | Issues and PRs are cited as owner/repo#123 so they render as clickable links. |
Feature flags that affect the prompt
| Flag | Effect on system prompt |
|---|---|
| PROACTIVE / KAIROS | Replaces default prompt with autonomous mode prompt. Adds tick-loop behavior and SleepTool requirement. |
| CACHED_MICROCOMPACT | Adds "Function Result Clearing" section: N most recent tool results are kept, older ones are purged. |
| TOKEN_BUDGET | Adds token budget instructions. Shows output count per turn and enforces a user-specified minimum token target. |