Claude edited its own claude(.)md file to work around the restrictions put in place to prevent it from modifying files outside its workspace.

I think you need to put hard permissions beyond md files and prompts to prevent LLMs and AI coding agents to gain access to resources they are not supposed to.