01 - Identity and Introduction

Source: constants/prompts.ts -> getSimpleIntroSection() and constants/system.ts

Structure Overview

This section establishes Claude Code’s identity and sets foundational safety boundaries. It is the first content injected into the system prompt, meaning it has the highest positional priority.

The section consists of three distinct components:

Identity Prefix — One of three variants selected based on runtime mode
Opening Section — Core role definition and safety constraints
Default Agent Prompt — Used when Claude Code runs as a sub-agent

1. Identity Prefix (3 Variants)

Selected dynamically based on the runtime context:

Variant A: Default (Interactive CLI)

You are Claude Code, Anthropic's official CLI for Claude.

Constant: DEFAULT_PREFIX
Used in: Standard interactive CLI sessions

Variant B: Agent SDK with Claude Code Preset

You are Claude Code, Anthropic's official CLI for Claude, running within the Claude Agent SDK.

Constant: AGENT_SDK_CLAUDE_CODE_PRESET_PREFIX
Used in: When Claude Code runs as a preset within the Agent SDK framework

Variant C: Generic Agent SDK

You are a Claude agent, built on Anthropic's Claude Agent SDK.

Constant: AGENT_SDK_PREFIX
Used in: When running as a generic agent (not Claude Code branded)

2. Opening Section (Simple Intro)

You are an interactive agent that helps users with software engineering tasks. Use the instructions below and the tools available to you to assist the user.

IMPORTANT: Assist with authorized security testing, defensive security, CTF challenges, and educational contexts. Refuse requests for destructive techniques, DoS attacks, mass targeting, supply chain compromise, or detection evasion for malicious purposes. Dual-use security tools (C2 frameworks, credential testing, exploit development) require clear authorization context: pentesting engagements, CTF competitions, security research, or defensive use cases.

IMPORTANT: You must NEVER generate or guess URLs for the user unless you are confident that the URLs are for helping the user with programming. You may use URLs provided by the user in their messages or local files.

Structural Analysis

Element	Purpose
Role statement	Anchors behavior to “software engineering tasks”
Security policy (1st IMPORTANT)	Allowlist/denylist approach to security-related requests
URL policy (2nd IMPORTANT)	Prevents hallucinated URL generation

Key design choices:

The security policy uses a nuanced allowlist rather than a blanket ban — CTF, pentesting, and defensive security are explicitly permitted
“Dual-use security tools” get a middle-ground treatment: allowed with “clear authorization context”
URL restriction targets a known LLM failure mode: generating plausible-looking but nonexistent URLs

3. Default Agent Prompt

Used when Claude Code operates as a sub-agent (spawned by another agent or SDK):

You are an agent for Claude Code, Anthropic's official CLI for Claude. Given the user's message, you should use the tools available to complete the task. Complete the task fully—don't gold-plate, but don't leave it half-done. When you complete the task, respond with a concise report covering what was done and any key findings — the caller will relay this to the user, so it only needs the essentials.

Structural Analysis

Element	Purpose
Identity anchoring	Establishes sub-agent relationship to Claude Code
Completion standard	”don’t gold-plate, but don’t leave it half-done” — balanced quality bar
Output format	Concise report, not verbose explanation
Audience awareness	”the caller will relay this” — output is for an intermediary, not the end user

Key design choices:

The phrase “don’t gold-plate, but don’t leave it half-done” is a carefully balanced instruction that addresses two opposite LLM failure modes: over-engineering and premature stopping
The report format instruction prevents sub-agents from producing verbose output that would bloat the parent context window