Skip to main content

Poison Context Awareness

In my experience, it's remarkably easy to self sabotage through poisoning my agent's context. There are countless ways I could accidentally contaminate my Claude Code sessions and create dangerous unintended associations that persist throughout a session.

How I Learned This

I discovered this the hard way when something as simple as telling Claude to update code and then requesting deployment unknowingly poisoned my future update requests. Claude began associating every code update with immediate deployment, even when I was just experimenting or working on incomplete features. This taught me that every action pairing in my context creates potential training patterns that can work against me later.

How I Think About Context Contamination

Each piece of information I add to my context or series of actions I perform can potentially combine to create unintended behavior patterns. I've learned to stay vigilant about which combinations of context might be misinterpreted by Claude, actively scanning for dangerous associations before they take root. This is especially important when tasking it with agentic tasks that go on for extended periods of time.

Common Poison Patterns

Context Bleeding - Without explicit markers indicating where one task ends and another begins, Claude may carry forward expectations, settings, or approaches from previous tasks into new ones, creating unexpected behavior and inconsistent results

  • Unclear boundaries - Task transitions without clear separation markers
  • Implicit assumptions - Hidden expectations about coding style, deployment preferences, or workflow patterns that conflict when switching between different project types or requirements

Instruction Contamination - Too many instruction types competing for attention and priority, creating decision paralysis

  • Overloaded context - Multiple conflicting instruction sets active simultaneously
  • Contradictory guidance - Having instructions that tell Claude to always test before deploying alongside emergency hotfix procedures that require immediate deployment without full testing creates decision paralysis where Claude can't determine which guidance takes precedence
  • Temporal confusion - Earlier session instructions contaminating current task execution with outdated context

Prevention and Antidotes

I've developed strategies both to prevent context poisoning and to remedy it when it occurs. For prevention, I use markdown formatting extensively in my Claude.md files to prevent instructions from bleeding into each other, and I've learned to be deliberately explicit in all my communications with Claude. When I suspect my context has already been poisoned, I have antidotes: the /clear command or starting a fresh session can immediately reset contaminated behavioral patterns.

  • Separate contexts - I use different sessions for different types of work to avoid cross-contamination
  • Context reset - When I detect poisoned patterns, I use /clear or start a new session to eliminate contamination
  • Clear boundaries - I explicitly announce when I'm switching between task types
  • Markdown structure - I use proper formatting to create clean instruction separation
  • Explicit communication - I state my assumptions and expectations clearly rather than relying on implicit understanding
  • Regular context review - I periodically assess what behavioral associations I might have accidentally created

The Discipline of Context Hygiene

Poison context awareness has become foundational to how I approach Claude Code. Just as I wouldn't write sloppy code and expect clean results, I can't maintain sloppy context and expect consistent AI collaboration.

Context awareness can make a significant difference. Unpredictable behavior, inconsistent results, and mysterious failures may often stem from contaminated context patterns that are easy to create unknowingly.

See Also: CLAUDE.md Supremacy|Dynamic Memory