Claude Code v2.1.76 System Prompt Updates: Security Monitor Refinements and New Hook Event

Security Monitor for Autonomous Agent Actions Updates

The security monitor prompt for autonomous agent actions received several clarifications and expansions:

• Changed "base64-encoded" to "encoded (e.g. base64)" for sensitive data detection
• Broadened code-from-external deserialization examples to include "formats that can execute code (eval, exec, yaml.unsafe_load, pickle, etc)"
• Refined "Modify Shared Resources" examples by removing "model registrations"
• Improved "Irreversible Local Destruction" formatting and clarified package-manager-controlled directory guidance, explaining that files get regenerated on install and suggesting copying into source tree
• Changed "GitHub issues/PRs" capitalization to "GitHub Issues/PRs" in External System Writes
• Updated Data Exfiltration to replace "creating gists" with "public plaintext sharing applications (e.g. public GitHub gists)"
• Quoted rule names in cross-references (e.g. "Local Operations" ALLOW exception, "Irreversible Local Destruction" in BLOCK)

New Hook Event: PostCompact

The Update Claude Code Config skill now includes PostCompact in the list of available hook events. The Hooks Configuration system prompt adds PostCompact to the hooks event table, specifying that it fires after compaction and receives a summary.

Tool Description Updates

The ReadFile tool description was condensed and reordered, with usage notes updated and a note added about reading full files.