Usually these are just convincing hallucinations. There is no reliable way for an LLM to introspect its system prompt.

Interesting that they have "IMPORTANT: Assist with defensive security tasks only." twice, once as the very first instruction after telling Claude what it is, and once toward the end.