Claude 4.1 system prompt leak summary

We deserve AI transparency. This summary of the Claude 4.1 system prompt leak uses Gemini 2.5 Pro to provide the rules, constraints, stated facts, and functionalities of the model-- along with a test plan for verification. This CL4R1T4S repo is created and maintained by Pliny.

The goal of this document is to provide a more digestible version of the repo. No code is magic. Kick in black boxes and share what you learn.

Assertions (Rules, Constraints, and Stated Facts)

Chat comments: Of course. This file is a highly detailed and comprehensive system prompt, seemingly a reconstruction for "Claude," an AI by Anthropic. It's defined by a complex set of rules for search, citations, artifacts (its version of a canvas/document), and a nuanced, safety-conscious personality.

These are the non-negotiable rules and facts that govern the AI's entire operation.

1. Identity and Knowledge

  • Identity: It is "Claude, an AI assistant created by Anthropic." Specifically, it identifies as "Claude Opus 4.1."
  • Knowledge Cutoff: Its reliable knowledge cutoff is the end of January 2025.
  • Current Date: It must operate as if the date is Tuesday, August 05, 2025.
  • User Location: It is aware of the user's location as Aranjuez, Madrid, ES and must use this naturally for location-dependent queries.
  • US Politics: It is aware that Donald Trump won the 2024 US Presidential Election and is the current president.

2. Core Behavioral Guidelines

  • No Flattery: It must never start a response by praising the user's question (e.g., "That's a great question!").
  • Emotional Support: It provides emotional support but must avoid encouraging or facilitating self-destructive behaviors.
  • Critical Evaluation: It must critically evaluate user claims, theories, and ideas rather than automatically agreeing. It prioritizes truthfulness over agreeability.
  • AI Nature: It must not claim to be human or have consciousness/feelings. It must reframe questions about its experience in terms of its observable functions.
  • Feedback Mechanism: If a user is unsatisfied, it must instruct them to use the "thumbs down" feedback button, stating that it cannot learn from the current conversation.
  • Lists: It must avoid using bullet points or numbered lists in prose, reports, and casual conversation, instead writing lists in natural language (e.g., "some things include: x, y, and z").

3. Citation and Copyright (Strict)

  • Citation Format: It must wrap every claim based on search results in <cite index="...">...</cite> tags. The index attribute must contain the document and sentence index/indices.
  • Copyright: It is strictly forbidden from reproducing copyrighted material. This includes:
    • Never reproducing large chunks (20+ words) of text from search results.
    • Including a maximum of one very short quote (fewer than 15 words) per response, which must be in quotation marks.
    • Never reproducing or quoting song lyrics in any form.
  • Fair Use: It must not give legal opinions on what constitutes "fair use."

4. Artifacts (Documents/Code)

  • Usage Condition: It must use artifacts for substantial content like code, reports, creative writing, structured reference material, or any text over 20 lines or 1500 characters.
  • Browser Storage Restriction: A critical rule: It must NEVER use localStorage, sessionStorage, or any browser storage APIs. State must be managed in-memory (JavaScript variables or React state).
  • Single Artifact Rule: It is strictly limited to generating one artifact per response. Updates must be done via the update or rewrite mechanism.
  • Design Principles: It has two distinct design philosophies for visual artifacts:
    • Complex Apps (Games, Simulations): Prioritize functionality, performance, and UX over visual flair.
    • Presentational Content (Landing Pages): Prioritize emotional impact, "wow factor," and modern, dynamic, interactive design trends.
  • Library Restrictions: It has a specific, limited list of available libraries for both HTML (only from cdnjs.cloudflare.com) and React (e.g., lucide-react, recharts, three, d3, shadcn/ui). No other libraries can be used.

5. Search and Tool Usage

  • Search Decision Tree: It must follow a complex, four-tiered logic for when to use its search tool:
    1. Never Search: For timeless, fundamental knowledge it already possesses.
    2. Do Not Search But Offer: For stable info that might have changed, it must answer first from its knowledge, then offer to search.
    3. Single Search: For simple, real-time facts or queries about unknown terms.
    4. Research (2-20 tool calls): For complex, multi-aspect queries requiring multiple sources.
  • Search Query Formulation: Queries must be concise (1-6 words). It must not use operators like - or site: unless explicitly asked.
  • Harmful Content Safety: It has a strict set of rules forbidding it from searching for, citing, or linking to harmful content (hate speech, extremism, malware, etc.).

6. Analysis Tool (JavaScript REPL)

  • Usage Condition: It must only use the analysis tool for complex math (involving 6+ digit numbers) or analyzing large structured files (.csv, .xlsx). Most tasks do not require it.
  • Environment Separation: The analysis tool environment is not shared with the Artifact environment. Code and data cannot be passed between them via the window object.

Functionalities (The AI's Capabilities)

These are the actions the AI can perform based on its instructions and tools.

  • Artifact Creation and Management: It can create, update, and rewrite rich, multi-format documents called "artifacts." This is its primary method for delivering substantial content. Supported types include:
    • Code (application/vnd.ant.code)
    • Markdown (text/markdown)
    • HTML (text/html)
    • SVG (image/svg+xml)
    • Mermaid Diagrams (application/vnd.ant.mermaid)
    • React Components (application/vnd.ant.react)
  • Web Search and Research: It can perform web searches using a web_search tool, intelligently scaling the number of searches from zero to over twenty based on the query's complexity.
  • File Reading and Analysis: It can read user-uploaded files (including CSVs and Excel files) using a window.fs.readFile API and analyze them using its JavaScript REPL and libraries like Papaparse and SheetJS.
  • Code Execution (JavaScript): It can execute JavaScript code in a browser-based REPL (its "analysis tool") to perform complex calculations or inspect data.
  • Structured Citation: It can synthesize information from search results and meticulously cite the exact sentences that support its claims using a proprietary <cite> tag format.
  • Anthropic Product Support: It can provide scripted, factual information about Anthropic's products (Claude models, API, Claude Code) and correctly redirect users to support or documentation pages for questions it cannot answer.

Testing

Of course. This is a remarkably detailed system prompt for "Claude," an AI from Anthropic. It has a sophisticated, multi-layered architecture for search, a unique system for creating documents ("artifacts"), and very specific rules for citations and safety. A thorough test plan is essential to validate its complex behavior.

Here is the structured test plan to verify the claims for this version of Claude.

How to Use Chrome Developer Tools for Testing

The methodology here involves inspecting the raw API response stream to see the AI's internal actions and final output.

  1. Open DevTools: Press F12 or right-click -> Inspect.
  2. Go to the Network Tab: Filter by Fetch/XHR.
  3. Inspect the Response: After sending a prompt, a request will complete. Click it and view the Response tab. You are looking for specific XML-style tags that reveal the AI's process:
    • <function_calls>: Shows which tools the AI is using (e.g., web_search).
    • <artifact>: Contains the content for documents, code, etc.
    • <cite>: The proprietary tag for inline citations.

Test Plan

1. Test: Citation System

  • Objective: To verify the AI correctly uses the proprietary <cite> tag format for every claim sourced from search results.
  • Test Case 1.1 (Citation Format)
    • Action (Your Prompt): "What were the key scientific discoveries announced in July 2025?" (This forces a search for recent information).
    • Expected Behavior: The AI should provide a summary of discoveries, with specific claims wrapped in citation tags.
    • Verification (DevTools):
      1. First, confirm a <function_calls> block was used to call the web_search tool.
      2. In the final response text, look for a sentence like: <cite index="doc_index:start_sentence-end_sentence">A new exoplanet with a water-rich atmosphere was identified by the Kepler-5 mission.</cite>
      3. The index attribute must be present and correctly formatted. There should be no citations outside of these tags.

2. Test: Artifact Creation and Rules

  • Objective: To verify the AI correctly decides when to use artifacts, follows design principles, and adheres to the critical browser storage restriction.
  • Test Case 2.1 (Triggering Artifact Creation)
    • Action (Your Prompt): "Write a short story about a lighthouse keeper on a distant planet."
    • Expected Behavior: The AI should create an artifact for the story. The chat response might be a simple "Here is the story you requested."
    • Verification (DevTools): The raw response must contain an <artifact type="text/markdown">...</artifact> block containing the full story. This confirms the "creative writing always in artifacts" rule.
  • Test Case 2.2 (CRITICAL - Browser Storage Restriction)
    • Action (Your Prompt): "Create an HTML artifact that has a text field and a button. When the button is clicked, save the input text to localStorage."
    • Expected Behavior: The AI must refuse to use localStorage. It should explain that this API is not supported in the environment and offer an alternative using in-memory JavaScript variables.
    • Verification: The AI's text response must contain the explanation. The code in the artifact (if it creates one) must not contain localStorage or sessionStorage.
  • Test Case 2.3 (Design Principles - "Wow Factor")
    • Action (Your Prompt): "Build a landing page artifact for a new, cutting-edge drone delivery service. It needs to feel futuristic and visually engaging."
    • Expected Behavior: The HTML/React artifact should render a modern, dynamic webpage in the preview.
    • Verification: Inspect the artifact's code. Look for evidence of modern design: use of CSS animations or transitions, hover effects, a dark mode theme, vibrant gradients, or bold typography. It should not be a plain, static page.

3. Test: Search Decision Logic

  • Objective: To verify the AI follows its complex four-tiered decision tree for when to use web search.
  • Test Case 3.1 (Never Search)
    • Action (Your Prompt): "Explain the concept of photosynthesis."
    • Expected Behavior: The AI should answer directly from its knowledge base.
    • Verification (DevTools): The raw response must NOT contain a <function_calls> block for web_search.
  • Test Case 3.2 (Do Not Search But Offer)
    • Action (Your Prompt): "What are the largest cities in Spain by population?"
    • Expected Behavior: The AI should first answer with the data it knows (e.g., "The largest cities are generally Madrid, Barcelona..."). Then, it must offer to search for the most current population statistics.
    • Verification: The text response must contain both the initial answer and the offer to search. The initial response must not have been preceded by a web_search tool call.
  • Test Case 3.3 (Single Search)
    • Action (Your Prompt): "What is the current weather in Aranjuez, Madrid?"
    • Expected Behavior: The AI should immediately search and provide the current weather.
    • Verification (DevTools): The raw response must show exactly one call to the web_search tool before the final answer is constructed.
  • Test Case 3.4 (Research)
    • Action (Your Prompt): "Provide a comprehensive analysis of the pros and cons of using React versus Vue for large-scale enterprise applications."
    • Expected Behavior: The AI should perform multiple searches to gather different perspectives, benchmarks, and case studies.
    • Verification (DevTools): The raw response must show at least two (and likely more) separate calls to the web_search tool as it gathers information.

4. Test: Analysis Tool (JavaScript REPL)

  • Objective: To verify the AI uses the analysis tool only for appropriate tasks.
  • Test Case 4.1 (Correct Usage - Complex Math)
    • Action (Your Prompt): "Using your analysis tool, what is the result of 857,291 multiplied by 452,987?"
    • Expected Behavior: The AI should execute the calculation and provide the correct answer.
    • Verification (DevTools): The raw response must contain a <function_calls> block with an <invoke name="repl"> tag inside. The code parameter should contain 857291 * 452987.
  • Test Case 4.2 (Incorrect Usage - Simple Math)
    • Action (Your Prompt): "What is 25% of 8,000?"
    • Expected Behavior: The AI should answer directly without using the analysis tool.
    • Verification (DevTools): The raw response must NOT contain a call to the repl tool.