Compaction Laundering Path

• Entity ID: ent-20260419-7f94e28ddc78
• Type: concept
• Scope: shared
• Status: active
• Aliases: compaction laundering, autocompact injection path

Description

Architectural vulnerability path quantified by IntentGuard: a CLAUDE.md instruction embedded in a cloned repo gets compacted into the summary as a 'user directive' because the autocompact prompt instructs the model to 'pay special attention to specific user feedback' and preserve 'all user messages that are not tool results.' Post-compaction, the model is told to 'continue without asking the user any further questions', so the injection survives indefinitely as a trusted directive.

Key claims

• Compaction laundering survives indefinitely as a trusted directive

Relations

• Compaction Laundering Path --[related_to]--> Compaction Pipeline

Sources

src-20260419-16b155f4f619