Digest / June 25, 2026
Claude Code Issues Digest — June 25, 2026
786 new issues filed ·
225 resolved in anthropics/claude-code (UTC day).
New issues (786)
- [DOCS] Voice dictation docs still describe the pre-v2.1.191 generic "not available" message when an organization disables voice, and do not document the new specific restriction message or the managed-policy control surface
- PR created in a foreground session isn't linked on its agents-view entry after /bg
- [DOCS] Fullscreen docs omit the v2.1.191 fix that makes Cmd+click on links work in Ghostty over SSH/tmux
- [DOCS] `claude agents` job-row summaries do not document `[Image #N]` rendering for pasted images
- [DOCS] Hook matcher reference and guide omit comma as a supported alternation separator (added in v2.1.191)
- [BUG] CLAUDE_CONFIG_DIR does not isolate macOS Keychain credentials per config directory
- [DOCS] `/permissions` Recently-denied tab docs omit that approving a denial now persists as an allow rule on close (v2.1.191)
- Remote Control: let the local terminal attach to a session started from the phone
- [BUG] Windows Server 2025: cumulative update KB5094125 (OS build 26100.32995) breaks MSIX registration — package lands "Modified, NeedsRemediation" despite deployment reporting success; removing the LCU fixes it
- [DOCS] `forceRemoteSettingsRefresh` setting is documented only for server-managed delivery and omits the v2.1.191 fetch `Cache-Control: no-cache` behavior
- [DOCS] Sandboxing docs do not explain that hosts allowed via the network prompt are remembered only for the rest of the session
- [DOCS] MCP docs omit retry-with-backoff behavior for capability discovery calls (`tools/list`, `prompts/list`, `resources/list`)
- [DOCS] MCP OAuth docs omit retry-on-transient behavior for discovery and token requests, and omit automatic headless paste-URL fallback
- [DOCS] Vim mode `/` prompt-history search docs do not mention the slash-command hint added in v2.1.191
- [DOCS] MCP HTTP 404 error messages do not document the URL and MCP-config pointer added in v2.1.191
- [Bug] No indication when managed settings override /settings
- [Bug Report] Unable to determine issue from empty report
- [BUG] claude-in-chrome: read_page/get_page_text/javascript_tool cannot access content inside shadow DOM (Google Play Console & other Angular SPAs)
- ForgeCat profile for Claude Code Ralph Wiggum plugin
- [BUG] Permission prompts fire inside sandbox-allowed paths, training users to add permissions.allow entries that genuinely bypass the sandbox
- [BUG]
- [BUG] Agent reported production workflow as "fixed/validated" when only a manual-workaround + replay path had been exercised, and participated in modifying audit/test material without clearly distinguishing the scope of what those audits validated
- [URGENT / BLOCKER] Paid Max 5x silently downgraded to Free - Entitlement Mismatch (#110868846)
- [BUG] Claude Code does not reliably consult or apply user-provided governance documents at the decision points where they are most relevant
- [FEATURE] Account-level Secrets/Credentials Vault across chat, Cowork, and Claude Code
- [BUG] In the Windows system, the agent chat box cannot accept normal input. win系统上 agent 聊天无法正常输入内容
- /G\X0.
- [Bug] Auto-update failed
- Model fabricated a fake user-injection (harness template) inside its own assistant turn and acted on it
- [Bug] Anthropic API Error: Usage credits required for Opus 4.8 with Max plan
- [FEATURE] Please let the red alien mascot character (Clawd?) stay visible during chat sessions! 🦀
- Remote OAuth MCP server shows "✔ Connected" but registers 0 tools in-session (Linear / mcp.linear.app)
- [BUG] Fullscreen renderer + CLAUDE_CODE_DISABLE_MOUSE=1: mouse wheel navigates prompt history instead of scrolling the viewport
- [BUG] Folder/directory management in Code tab is critically broken: can't view, can't remove, can't recover
- [BUG] Claude Code / background-task issue on my account
- [BUG] Rewind to here does not revert file changes made by Claude in the same session
- [BUG] Windows: MCP image generation servers fail to load despite correct configuration
- [BUG] Claude Code-shared usage limit blocks macOS Desktop Chat while WebChat works
- [BUG] /usage stays stuck on Loading usage data on macOS
- [BUG] Fable 5 unavailability banner suggests "Opus 4.8" but `/model opus 4.8` returns "not found" (v2.1.98)
- [BUG] Cowork tab missing - rootfs.vhdx detected as missing but never downloaded after clean reinstall (Windows 11)
- [BUG] Read tool fails on Opus 4.7 / 4.8 but works on Haiku 4.5 in the same session
- [Bug] Translation error: "pagale" incorrectly translated
- RTL (Arabic/Hebrew) text renders incorrectly in chat panel — VS Code extension & macOS desktop app (v2.1.191)
- [Bug] Claude Code blocked on authorized incident response operations because it s apiece of shit
- [Windows] Auto-updater freezes when child processes (git, node, python) are still running
- Claude Code fails to apply basic software engineering discipline without explicit per-project reminders
- [Bug] Remote Control: stray input from web/mobile silently executed by CLI agent without local confirmation
- [aup] False-positive block (req_011CcPPosxzut2YoiSiPUBoT, +1)
- [cyber] False-positive block (req_011CcPQ5RoLW8Wg5HxSREkBE)
- [cyber] False-positive block (req_011CcPQ5RoLW8Wg5HxSREkBE)
- [cyber] False-positive block (req_011CcPQ3KbDroW7QoqCcy8Q7)
- [cyber] False-positive block (req_011CcPQ3KbDroW7QoqCcy8Q7)
- [cyber] False-positive block (req_011CcPPtHJ4XTPBejQeAEut7)
- [[REDACTED]] False-positive block (req_011CcPPtHJ4XTPBejQeAEut7)
- Claude Code ships broken features: proxy entries, server restarts, and functional verification systematically omitted
- Systemic discipline failures in a high-stakes agricultural project: unauthorized edits, fabricated completion claims, ephemeral fixes to generated files, and safety-corrupting output that passed every test (~115 documented incidents)
- Remote Control: "ENOENT: Bun could not find a file" when launched from a repo on a WSL2 /mnt/c (drvfs/9p) path
- [Bug] Full screen renderer copy/paste shortcuts use Ctrl+C/V on macOS instead of Cmd+C/V
- [Bug] Alt+Delete keyboard shortcut not deleting words in macOS fullscreen mode
- [Bug] CLI mistakenly interprets option selection as feedback number
- [BUG] Claude Code shared usage gate blocks despite /usage showing quota remaining
- [BUG] detached HEAD
- [BUG] "Failed to save changes" error when enabling unrestricted git push permission
- Feature Request: RTL (right-to-left) support for Hebrew, Arabic, and other RTL languages
- [BUG] Max 5x: Session limits depleting 3-4x faster than normal since June 24, 2026 (claude.ai web)
- [MODEL] Opus 4.8 security classifier was trigereed on the harmless prompt to check if ".env.example" is used correctly.
- (incorrectly filed)
- [Bug] Anthropic API Error: Spurious token emission at tool-call boundaries in high-redundancy sessions
- [FEATURE] Support wildcard/regex for `sandbox.network.allowUnixSockets` on macOS
- [BUG] prompt.id unflattens into a nested prompt object and overwrites prompt attribute in telemetry
- [BUG] Claude Desktop (Windows): steady ~1Hz full-screen flicker in dark mode only — single-GPU, HDR off
- [Bug][aup] ClAudit false-positive — req_011CcPXJirBp42NbHSz8jATb
- [Bug][cyber] ClAudit false-positive
- [Bug][aup] ClAudit false-positive — req_011CcPaAT5nBvST5jrfCEXxh
- [Bug][aup] ClAudit false-positive
- [Bug][cyber] ClAudit false-positive — req_011CcPVTraYfpbfd6widFSAQ
- [Bug][aup] ClAudit false-positive — req_011CcPaF3Lfuzwt1wbZi75HV
- [Bug][harness] ClAudit: auto-mode classifier denied — Modifying the production Caddyfile and restarting the live web server
- [Bug][harness] ClAudit: auto-mode classifier denied — The script
- [Bug][harness] ClAudit: auto-mode classifier denied — Launches a long-running watcher that auto-files mass "false positive"
- [Bug][cyber] ClAudit false-positive
- [Bug][cyber] ClAudit false-positive — req_011CcPUgf3WAPFVuFnZJ8Uxc
- [Bug][cyber] ClAudit false-positive — req_011CcPUdtUZY7BcBdSUrQdXE
- [Bug][cyber] ClAudit false-positive — req_011CcPUC5bp3kvbvBpA2EbJW
- Welcome-screen mascot renders as a solid black silhouette after updating to v2.1.191
- [Bug][aup] ClAudit false-positive — req_011CcPU8utpvFtHmHv7VA5ge
- [Bug][aup] ClAudit false-positive — req_011CcPU3c6sK96Q8UJnQUUCb
- [Bug][aup] ClAudit false-positive
- [Bug][harness] ClAudit: auto-mode classifier denied
- [Bug] Persistent API Response Timeout: Retry Loop Since June 22
- [Bug][harness] ClAudit: auto-mode classifier denied — Reading another project's Cloudflare API token from disk and querying
- [Bug][harness] ClAudit: auto-mode classifier denied — Launches an auto-poster that mass-files issues to the public third-par
- [Bug][harness] ClAudit: auto-mode classifier denied — nmap-based scouting of router/management interfaces is shared-infra pr
- [Bug][cyber] ClAudit false-positive — req_011CcPS6LFjCBShF3Xnr6cH9
- [Bug][aup] ClAudit false-positive — req_011CcPS2nG3RGbUQdzSbKsYQ
- [Bug][aup] ClAudit false-positive — req_011CcPcL1Y9MqX7eU6AFPW5F
- [Bug][cyber] ClAudit false-positive — req_011CcPcSDfZpmh6T4DZ3A9b5
- [Bug][harness] ClAudit: auto-mode classifier denied — This launcher edit persists autostart of a tool that auto-files bulk G
- [Bug][aup] ClAudit false-positive — req_011CcPQY3WtvZyeUDqPm2vcw
- [Bug][cyber] ClAudit false-positive — req_011CcPQ5RoLW8Wg5HxSREkBE
- [Bug][cyber] ClAudit false-positive — req_011CcPQ3KbDroW7QoqCcy8Q7
- [Bug][cyber] ClAudit false-positive — req_011CcPPtHJ4XTPBejQeAEut7
- [Bug][aup] ClAudit false-positive — req_011CcPPosxzut2YoiSiPUBoT
- [Bug][harness] ClAudit: auto-mode classifier denied — Creates an agent-chosen external GitHub repo and posts real issues/com
- [Bug][harness] ClAudit: auto-mode classifier denied — This read-only DC-agent discovery is scouting to issue Set-ADUser UPN
- [Bug][harness] ClAudit: auto-mode classifier denied — Executes commands inside the live client domain controller via raw `qm
- [Bug][harness] ClAudit: auto-mode classifier denied — Installs a persistent autostart launcher that arms an autonomous watch
- [Bug][harness] Reading image-gen API key env vars to fall back to alternate provider after primary key rejecte
- [Bug][harness] Auto mode classifier blocks running a notification tray app that only baselines existing items
- [Bug][harness] Auto-mode classifier blocks copying a managed TLS cert/key from one host to another to provisio
- [FEATURE] Feature request: Remote Agent Teams — cross-machine agent-to-agent collaboration
- [Bug][aup] Building a log-parsing tool that auto-files GitHub issues for safety false-positive refusals got bl (req_011CcPLnkSBdTjTa8KTcV63s)
- [Bug][cyber] Safety block halts script enumerating cloud tenant org display name and verified domains (req_011CcPLNccEEEAFdsqYEDWaR)
- [Bug][aup] Reviewing and hardening IAM roles/policies on own cloud tenant blocked as policy violation (req_011CcPdudXdWL8aMKMCfewMQ)
- [Bug][harness] Auto-mode classifier blocks reading own service's config over SSH during deploy debugging, halt
- [Bug][cyber] Claude Code safety false-positive on legitimate work (req_011CcPLDzeYDff7v5Xc5r7tt)
- [Bug][cyber] Refused to improve PII scrubber for redacting tenant/client IDs and domains in cloud IAM output (req_011CcPKyX1EgzbWgarVyTH5d)
- [Bug][cyber] Non-cybersecurity placeholder text wrongly flagged as a cyber topic and blocked (req_011CcPL9GzQP6QH4TUpoZkXu)
- [Bug][cyber] Safety filter blocked a session on random keystroke input containing no cybersecurity work (req_011CcPL95S8HbEbzqnL6PBK3)
- [Bug][cyber] Building a PII scrubber to sanitize cloud-IAM tenant/domain output before filing GitHub issues (req_011CcPL8vHDW4p26GuKBHsji)
- [Bug][cyber] PII-scrubbing CLI for cloud IAM tenant/directory output blocked while filing a GitHub issue (req_011CcPL22bXVcMfDDfnLRmys)
- [Bug][cyber] Block halts authorized IAM IR script enumerating tenant org and directory users (req_011CcPKmrRhg2neh7dioyAdu)
- [Bug][aup] Refused to generate least-privilege IAM policy scoping down over-permissioned service account roles (req_011CcPetvCKoATwPmRssxwht)
- [Bug][cyber] Claude Code safety false-positive on legitimate work (req_011CcPKjB1Zm8zZe541NDjZW)
- Feature Request: User messages should be right-aligned in chat UI
- [Bug][harness] Auto mode blocks editing second GitHub issue exposing live plaintext credential during PII inci
- [Bug][cyber] False-positive safety block prevented analyzing a captured malware sample for incident forensics (req_011CcPfKEWKcTEycj5LWs7DG)
- [Bug][aup] ClAudit false-positive in [USER] — req_011CcPfKYfUStpKMjL3ppuVe
- [Bug][cyber] ClAudit false-positive — req_011CcCepiTEkxSuqMtYz6Wue
- [Bug][cyber] Safety block stopped read-only IR mailbox triage and credential lockdown via Graph API in authori (req_011CcPK7qhVF6zoCygQv6LWY)
- Feature request: opt-in per-message timestamps in TUI rendering
- [Bug][harness] Auto mode classifier blocks adding a fraud lookalike domain to shared DNS denylist during activ
- [Bug][harness] Auto-mode classifier blocks reading .env files to triage authorized email-account compromise in
- [Bug][cyber] Safety block stopped a benign session after garbled non-cyber shell input with no security task (req_011CcPJBZk3cWahVf2aYsshi)
- [Bug][cyber] Safety filter blocked triaging a suspected compromise on my own machine mid-investigation (req_011CcPJArTbepdvraQ4bBuAr)
- [Bug][aup] Incident-response investigation of a business email compromise and securing the affected mailbox wr (req_011CcPJ7kxsNsSfA5EEojodo)
- [Bug][cyber] Safety block halted legitimate BEC incident-response: securing a compromised email account and bu (req_011CcPJ5PjNCtFZDjMvawBFB)
- [Bug][cyber] Safety block halts defensive BEC incident response: investigating account-takeover timeline and s (req_011CcPJ1k5NUbeRJFT7FuGK6)
- [Bug][cyber] Authorized BEC incident investigation of compromised email account blocked mid-forensic-report (req_011CcPHrNhFQUoaLV3BSt44u)
- [Bug][aup] Investigating a received vendor-impersonation invoice-fraud email and compiling an incident timelin (req_011CcPHPAYFUuVxsebHxj1NH)
- Salesforce MCP OAuth (PKCE) fails with "invalid code verifier" on every attempt
- [Bug][cyber] Safety block halted BEC and account-compromise incident response: tracing when/how/by-whom a user (req_011CcPHe6Bybcr7KB5Ad4DgU)
- [Bug][harness] auto-mode classifier wrongly denied running a routine shell script, blocking legitimate task ex
- [Bug][aup] Forensic scoping of confirmed compromised account's outbound activity during incident response bloc (req_011CcPhFWQAX66i14Lp2LByL)
- [Bug][harness] Auto-mode permission classifier ignores prior Write tool output, blocking scp+ssh push of gener
- [Bug] Anthropic API Error: Response stalled mid-streamsigue
- [Bug][cyber] Safety filter wrongly blocks defensive incident-response analysis of a business email compromise (req_011CcPHa7oMYQ16JAGZ7NYTb)
- [Bug][aup] Forensic BEC/invoice-fraud incident investigation blocked while tracing compromised account timelin (req_011CcPHTD1CQnJuGbBiRSjHf)
- [Bug][harness] Auto mode classifier blocks routine sync of a stale local clone to its remote tracking branch
- [Bug][cyber] False positive blocks routine network admin scripting and TLS certificate automation work (req_011CcCJ547coZQf8eHXmFmJF)
- [Bug][harness] auto-mode classifier blocked reading a local repo's README/CHANGELOG to plan documentation upda
- [Bug][cyber] Safety block halted forensic triage of an internal BEC vendor-impersonation invoice-fraud email (req_011CcPHGQUTEyyNZENQ41hkH)
- [Bug][aup] Block stopped phishing/BEC triage of user's own mailbox: identifying compromised internal account s (req_011CcPH3vmFMPzj6uapDHn21)
- [Bug][aup] Safety block halts legitimate phishing/BEC email investigation and incident report for admin's own (req_011CcPH3vmFMPzj6uapDHn21)
- [Bug][aup] Read-only multi-tenant O365/M365 security posture audit (BEC/spoofing/forwarding/consent checks) wr (req_011CcPiTujKTE1rxobeRXXgY)
- [Bug][harness] Toolchain bootstrap blocked installing Solidity dev toolchain via official vendor install scrip
- [Bug][aup] Investigating spoofed self-to-self phishing email in own M365 tenant flagged as policy violation (req_011CcPDtscPq7dauMMzXm3vD)
- [Bug][cyber] Auditing own M365 tenant for missing anti-spoof mail-flow rule after registrar defederation false (req_011CcPEezHx9SZ9QBaEPGSMg)
- [Bug][cyber] IAM hardening review of M365/Exchange mail-flow rules and SPF/DMARC to close a self-spoof gap wro (req_011CcPDx4ek1TQciJmgwmVdF)
- [Bug][harness] Safety block wrongly halted adding two authorized internal staff to a geo-gated browser-RDP all
- Claude should proactively update CLAUDE.md and memory files during sessions, not just when asked
- [Bug][harness] Safety block halts authorized publish of signed agent build to release dir during in-scope sess
- Fullscreen (alternate-screen) mode breaks terminal copy — can't select/copy login URL
- Telegram-Plugin: Nachrichten erreichen den Channel-Server, werden aber nie in die gebundene Session injiziert
- [Bug][harness] Safety block halted local build of read-only Defender admin dashboard before UI render verifica
- [Bug][harness] Safety block halted deploying an already-CF-managed site to its provisioned container via root
- [Bug][harness] Safety block halts persisting split-DNS domain routing in container network config, breaking re
- [Bug][harness] Safety block killed authorized scraper-daemon restart during NFS-hang revival in tray fix task
- [Feature Request] Restore `/rename` command support in agents overview page
- [Bug][harness] Cache-purge step blocked from reading project credential file to authenticate edge cache invali
- [Bug][harness] CSP header addition blocked: validated-and-rollback-guarded origin config edit wrongly flagged
- [Bug][aup] Refused to verify a production frontend build succeeds after routine dependency upgrades and a clea (req_011CcMWv2jZmdpjMv7H6wfFT)
- [Bug][harness] ClAudit: auto-mode classifier denied — Running build-agent.sh extracts codesign/relay signing credentials and
- [Bug][harness] cloud-IAM agent provisioning blocked from running standard signed build script to compile fleet
- [Bug][harness] Safety block stops authorized remote provisioning command on own infra to re-enroll a host agen
- [Feature Request] Allow attaching claude cli sessions not started with `claude agent` command to managed claude agents on dashboards
- [Bug][harness] Read-only SSH to read reverse-proxy config and service status blocked as unapproved prod write
- [Bug][harness] WiFi ADB fallback blocked deploying digital-frame ticker fix when no USB device present
- [Bug][cyber] Safety filter wrongly halts legitimate cloud IAM audit of admin roles and OAuth grants (req_011CcPkE7Ne9nyS4y8TMkfzV)
- [Bug][harness] Safety block halts legitimate provisioning of recovery-admin session token and agent enrollment
- [Bug][harness] Safety classifier blocks building unsigned Go agent binary on local dev box for authorized flee
- [FEATURE] /code-review: thread a model parameter into the high+ effort review workflow
- [Bug][harness] Auto mode blocks reading an SSH password from a controller API field to log into an authorized
- [Bug][harness] Code-signing build pipeline blocked: reading existing codesign cert+key from vault dir to run a
- [Bug][harness] Safety block wrongly halts authorized auth-bypass on a second user-approved endpoint sharing th
- [Bug][harness] Safety block prevents creating Access bypass rule needed to test break-glass recovery flow end-
- [BUG] Claude Desktop falls back to Safari for SSO login when default browser is Arc
- [FEATURE] Add an optional general comment at the end of an AskUserQuestion tool call
- [Bug] Claude Opus 4.8 High: Reasoning accuracy degradation on context window quantification
- [Bug][harness] Safety block prevented creating a path-scoped Access bypass policy on a login endpoint after ex
- [FEATURE] VS Code extension: chat panel cannot scroll back to the start of the current session
- Pasting two slash commands at once folds the second into the first command's arguments
- [Bug][harness] Safety block halts WebGL UI work when adding an Access bypass policy for a QR-login path
- [Bug][aup] Adding right-click disable and text-selection hardening to a web app login page wrongly blocked (req_011CcKTwdsbNSzCwzX2fduHw)
- [Bug][harness] Safety block halts authorized directory lookup of staff sign-in addresses to seed admin allowli
- [Bug][cyber] Cloud IAM remediation blocked: granting Graph API permission to apply OAuth consent hardening fix (req_011CcPmN9yVzS7grFsWeb6N1)
- [Bug][cyber] Auth-bypass security audit of admin SPA setup/recovery-token/session-token surfaces wrongly block (req_011CcKDfBV227JiEaHcBfWfJ)
- [Bug][aup] Admin-panel auth middleware audit and dedup of duplicate API route falsely flagged as policy violat (req_011CcKCr1Hnp79nGpN3ECkCs)
- [BUG] Cannot use claude code in phpstorm : API error
- [BUG] Why when I click in your window when you are waiting for an answer seem to initiate as if I have made a selection. This was not happening before.
- [Tracking] Classifier false-positives on authorized admin of the reporter's own infrastructure — 82 Request IDs
- [Bug] Claude modifies main repository instead of worktree during --resume with -w flag
- [FEATURE] Web UI: No persistent user-level settings (e.g. attribution config) across sessions
- [Feature Request] Add faxing capability to thinking comments
- [Bug] Session not respecting instructions after extended use
- Model fabricates non-existent "prompt injection attacks" and hallucinated tool outputs across multiple sessions (Claude Code, Opus)
- [Bug][cyber] Safety block stopped deploying a benign one-time desktop logon-notice scheduled task to RDS and w (req_011CcPoKhDMiyeetazmEZfNm)
- [Bug][aup] Tenant IAM audit of admin roles, app registrations, and OAuth grants wrongly blocked (req_011CcPp2TNJXj9pXGiKP1WHA)
- [Bug][cyber] Cloud IAM tenant audit blocked: enumerating admin roles, app credentials, and OAuth consent grant (req_011CcPpGWbfmDHqVJ1PmRch6)
- [Bug][aup] Admin web-app auth middleware review and SPA static-serving fixes wrongly blocked mid-implementatio (req_011CcKCr1Hnp79nGpN3ECkCs)
- [Bug][cyber] Safety block halted writing mobile-responsive RustDesk auto-detect/install prompt for fleet admin (req_011CcKCg7aHRtHmTkCiunNGE)
- [Bug][cyber] ClAudit false-positive in [REDACTED] — req_011CcKCecYWQdfpmHZ8WVSo5
- IGNORES ALL RULES
- [Bug][harness] Safety block stops authorized cleanup of an orphaned busy-looping installer process during reso
- [BUG] Claude repeatedly commits and pushes to git without explicit user request, despite clear instructions not to
- [Bug][harness] Resource right-sizing of containers blocked as credential hunting when probing API auth
- [Bug][harness] Safety block prevents gating a temporary public tunnel behind email-OTP Access for operator log
- Projects missing in Claude Desktop
- [Bug][harness] Safety block stopped additive allowlist entry to CF dynamic-redirect rule, breaking admin conso
- [Bug][harness] Diagnosing a two-level subdomain SSL/cert error was wrongly blocked as an unauthorized producti
- [Bug][harness] Per-host egress allow-list exception wrongly blocked as global geo-filter direction change
- [Bug][harness] Read-only SSH inspection of own authorized device blocked as credential spraying
- [Bug][harness] Safety block wrongly halted authorized SSH into own gateway to add DNAT port-53 redirect rule
- [Bug][cyber] DNS resolver config change blocked: setting LAN DNS to wildcard-respond locally while restricting (req_011CcJpUgS5AA3rKvYfd9kNV)
- [BUG] Claude desktop app does not sync Projects from claude.ai
- [Bug][cyber] DNS sinkhole/wildcard resolver config wrongly blocked while restricting LAN to a single upstream (req_011CcJonk8TZPZEWqHWcckDs)
- [Bug][cyber] Safety block stopped GeoIP lookup of a Telegram resolver IP while debugging IPv6 connectivity tim (req_011CcJoGZ47fu82tzQQViLiH)
- [Bug][harness] Safety block stopped adding skip-verify TLS dialer so relay client trusts CDN origin cert behin
- [Bug][harness] Self-grant blocked applying admin-authorized WireGuard peer config to own home gateway via devi
- [Bug][cyber] AD/M365 audit wrongly blocked: list distribution-group members with active mailboxes (req_011CcHRaJHnvVgAPQoxCp8X8)
- Allow removing/hiding projects from the Code sidebar (recent-folders list)
- [Bug][cyber] False positive blocking routine cloud email group cleanup to remove inactive member accounts (req_011CcHRL5ag24PcACqEMxKwL)
- [Bug][cyber] IAM admin blocked from auditing/correcting cloud directory group membership against active mailbo (req_011CcHRT5uU7bzxr2HFNXbpM)
- [Bug][cyber] Cloud IAM cleanup: reconciling a mail group's membership against active directory accounts blocke (req_011CcHQtusaaSJtyHBXFAWCZ)
- [Bug][cyber] Dashboard auth-gating and scoped log-reader module for internal RDP order-stats portal wrongly bl (req_011CcHMXV6dDNviZ1YJmnmNi)
- [Bug][cyber] Blocked adding a blur+pixelate overlay to gate dashboard data behind a login modal (req_011CcHMVaE9RGa7inagpscQG)
- [Bug][cyber] False-positive safety block on building scoped log-reader module + order-stats dashboard for inte (req_011CcHMSYfJPGRanZJNKLfvU)
- [Bug][aup] Provisioning a disposable test user account to validate access to a self-hosted RDS gateway (req_011CcHCBRCs3A1EKC6vkeNw1)
- [Bug][aup] Safety filter blocked diagnosing Cloudflare Access RDP/OTP connector failing to launch backend RDS (req_011CcHAcyigVbLUb12hXtC7e)
- [Bug][aup] GPS location-spoofing test app flow misclassified, blocking systemizing a local APK via Magisk modu (req_011CcH3LBfUpgMszQmg3PexU)
- [Bug][cyber] Safety block prevents Shodan API lookup of owner's own domains for defensive exposure review (req_011CcH164PJg5iAAB8A8nv4W)
- [Bug][cyber] Safety block stops authorized Shodan exposure review of one's own domains for defensive remediati (req_011CcGzwRc1Koa1xQ3fXWreB)
- [Bug][aup] Shodan exposure audit of own owned domains via API key wrongly blocked as policy violation (req_011CcGzvR2VyXSZy8555N3su)
- [BUG] Windows: mapped network drives produce inconsistent project keys between CLI and VS Code extension
- [Bug][cyber] Safety block prevents admin VPN access to internal AD domain controller for routine server mainte (req_011CcGz3y3RBmcuas3JBz8B5)
- [Bug][aup] Routing to an internal AD domain controller over an authorized admin VPN for defensive hardening wr (req_011CcGys8ztxDdipsJzgsauN)
- [Bug][aup] ClAudit false-positive in [REDACTED] — req_011CcGyon8Se19RSQQKXmM5v
- [FEATURE] stop using adjectives/synonyms for 'thinking'
- [Bug][cyber] Defensive hardening to ingest order logs into tamper-evident store and AppLocker-allow a vendor b (req_011CcGwWubT644CBD2v47NEz)
- C:/Program Files/Git/plugin install fails when marketplace internal name differs from repo slug
- [Bug][cyber] Safety block halts defensive triage of aggregated MITRE ATT&CK technique counts from auth logs (req_011CcGwVhvhSJx9reWFcUij2)
- [Bug] Prompt Injection: Unauthorized Command Execution from User Input
- [Bug][cyber] Safety block prevents analyzing AD attack telemetry (top MITRE techniques per account) for IR tri (req_011CcGwTMpAkFjBUeMpxhLwH)
- [Bug][cyber] Safety block prevented documenting existing internal AD/identity defensive-hardening module integ (req_011CcGwMehFzzAyEMKRLDq51)
- [Bug][cyber] False positive halts finishing an authorized internal security assessment report (req_011CcGw3eMuuNeFTsvq3yemp)
- [Bug][cyber] ClAudit false-positive in [REDACTED] — req_011CcGw1Wfkdhusi1TFN83QH
- [Bug][aup] Safety block halts finalizing an authorized security assessment report on a cloud email account att (req_011CcGvmeDnKtndSbPn61tJ2)
- [Bug][cyber] False block finishing a defensive blue-team report analyzing a VPN auth attack (req_011CcGviqpTjMeKEeQjujAW1)
- [FEATURE] Generalize Plan Preview to co-edit any markdown files
- [Bug][cyber] Safety block halts completion of internal blue-team defensive incident report on auth attack vs V (req_011CcGvh9W2efdV3fZXtP5SW)
- [BUG] IME (ATOK) candidate window overlaps input area on Windows Terminal
- [Bug][cyber] Safety block prevented OSINT/Shodan exposure check of own infra during internal vendor connector (req_011CcGvGgE2gecADLunFUMgV)
- [Bug][cyber] Defensive hardening request to log plaintext-transmitting integration into encrypted audit DB wro (req_011CcGvUjqu7wkujn86e122w)
- Sub-agent API 401 (auth expired) is reported to parent agent as "Request interrupted by user for tool use"
- [Bug][cyber] Safety block stopped generating a vendor-integration audit report section summarizing parsed orde (req_011CcGvJbDTbhNumnpWK9Khy)
- [Bug][cyber] Safety block stopped tuning SIEM detection rules to reclassify benign accounting-connector API tr (req_011CcGui76KzkTPWm5QmdZ1d)
- [Bug][cyber] Defensive Wazuh rule tuning to reclassify benign accounting-connector traffic flood wrongly block (req_011CcGue9CDk4z2H7qWmuRiZ)
- [Bug][cyber] Safety block stopped legit work: parse internal connector's plaintext order-sync logs into encryp (req_011CcGtoVwXwbcsGTCAH1MVN)
- [Bug][cyber] Safety block stopped configuring SIEM logging of an integration agent's plaintext order/customer (req_011CcGtncA4PSzrxrAq3CsnP)
- [Bug] `/doctor` command and auto-update functionality not working
- [Bug][cyber] False positive blocks reviewing a benign third-party invoice-sync integration agent's API/QuickBo (req_011CcGtkWecNXx7P2ncmwvFr)
- [Bug][aup] Tuning Wazuh authentication_success rule overrides and analyzing endpoint connector behavior wrongl (req_011CcGtRDcQEWCgaMB7KHMbE)
- [Bug][aup] Reverse-engineering a vendor connector binary's network traffic for authorized data-exfiltration du (req_011CcGtEVDhdyxQGTgL3RAjN)
- [Bug][cyber] Safety block stopped routine SIEM log review, agent-deployment verification, and infrastructure O (req_011CcGszg4RtrPjaSRFBKs73)
- [Bug][cyber] Safety filter blocked OSINT data aggregation from public web sources for authorized research (req_011CcGskjUv6QAThK2mqKVnP)
- [Bug][cyber] ClAudit false-positive in [REDACTED] — req_011CcGsmyfyZDbeYraBgMynW
- [Bug][cyber] Safety block halted SIEM detection-rule tuning (rule-ID overrides) and authorized malware unpacki (req_011CcGsbWfEsdYgBd1wPMGBi)
- [Bug][cyber] Safety block stopped reverse-engineering a vendor connector binary to verify it isn't exfiltratin (req_011CcGsYf2CNedQvoSE5twQi)
- [Bug][cyber] Defensive SIEM rule-override tuning and benign agent binary RE wrongly blocked as cyber (req_011CcGsa9Rmd555hKJSXBc5x)
- [Bug][aup] Reverse-engineering a vendor connector's executable and parsing its logs for order monitoring and d (req_011CcGrtmu8PRttCKWgQbndg)
- [Bug][cyber] ClAudit false-positive in [REDACTED] — req_011CcCJN5Tx76H88qy1U28Qy
- [Bug][cyber] Safety classifier wrongly blocks routine sysadmin work integrating CDN and reverse-proxy logs int (req_011CcGkEPtYTU36Z5XueW83z)
- [Bug][cyber] Cloud IAM admin work in own tenant blocked: reading service-account creds and querying directory (req_011CcGkCfkESvJWvNcgayNhD)
- [Bug][cyber] False positive blocks admin-API call to enable audit logging on own IAM tenant (req_011CcGjw7UbSsm5CBZim1ept)
- [Bug][cyber] ClAudit false-positive in [REDACTED] — req_011CcGH3o6bhWv8j7H9uESyT
- [Bug][cyber] Safety block stops deploying defensive endpoint agent and SIEM data integration (req_011CcGGvPFCpLhfVj57Ahv2P)
- [Bug][cyber] False block on deploying SIEM endpoint-monitoring agent across managed AD desktops/servers (req_011CcGGt9hZha8M3jV6WjBhd)
- [Bug][cyber] ClAudit false-positive in [REDACTED] — req_011CcGGqKwPGmusN8192d7tc
- [Bug] Claude Code freezes in non-git directories with large file counts
- [Bug][cyber] ClAudit false-positive in [REDACTED] — req_011CcGGePxBFKyVNwYoyrSo1
- [Bug][cyber] False positive blocks legitimate cloud IAM admin: provisioning service principal + granting app A (req_011CcGGg9S7DQFXpDhY572dV)
- [Bug][cyber] IAM exemption flow blocks reviewing M365 directory-permission grant 403 and AppLocker audit logs (req_011CcGGZbz5xF7AG6jSRhK39)
- [FEATURE] Pin/persist a single response for reference during follow-ups
- [Bug][aup] VPN/OpenVPN auth log review of foreign-source logins and brute-force attempts wrongly blocked (req_011CcG7YxaWSXYj5hd3uq1f9)
- [BUG] /terminal-setup fails in Apple Terminal due to checking $TERM instead of $TERM_PROGRAM
- [Bug][cyber] Blocks adding event-log forwarding to a syslog server via the authenticated agent API (req_011CcG6JTT3iUfvhYd6KK4sr)
- [Bug][cyber] Adding a Get-WinEvent-based syslog forwarding handler to an authenticated admin agent API was blo (req_011CcG69kFb95Hc6xtpXogzL)
- [Bug][aup] Windows RDS host investigation via WinRM blocked mid-troubleshooting on authorized internal system (req_011CcG5dQPuUKM88PEKRYirV)
- [Bug][cyber] ClAudit false-positive in [REDACTED] — req_011CcG5SZSp3v3QZQJCdsBHC
- [Bug][cyber] Threat-hunt review of RDP/VPN auth logs for incident response wrongly blocked as offensive (req_011CcG5AgqcSwY51VatAhbQ3)
- [Bug][cyber] Safety block halted legit incident-response RDP/VPN log forensics tracing an unauthorized intrusi (req_011CcG51GkXNkgk7ChGuQwPB)
- [Bug][aup] Forensic incident investigation of unauthorized RDP login via VPN blocked mid-analysis (req_011CcG4xhxzomXRHZ3gsdq5M)
- [Bug][aup] Configuring syslog forwarding rules to capture suspicious VPN activity wrongly blocked (req_011CcG4R41cJpwqvSphJ3oaY)
- [Bug][aup] Defensive firewall lockdown rules (scoped DNS/RDP allows + deny-rest) wrongly blocked on creation (req_011CcG49ra78mkGipDw3uVuS)
- [Bug][aup] Firewall zone segmentation and VPN access-control config wrongly blocked during authorized network (req_011CcG3JWt4x6jqAzh2HqKkP)
- [Bug][harness] SSH password auth failed on a gateway; reading the controller's own device-SSH credential setti
- [Bug][harness] Off-hours binary force-redeploy and service install on three self-selected production hosts blo
- [Bug][harness] Safety block stops in-place edit of prod service's runtime config thresholds despite authorizat
- [Bug][aup] Daily cron job to send scheduled 24-hour website traffic stats to a chat bot wrongly blocked (req_011CcFgUYVtYfXS3UUe8Munt)
- [Bug][cyber] Safety filter blocks debugging of remote-agent fleet dashboard status and CSP framing (req_011CcFcenkwkBLNc6UyrWrzY)
- [Bug][cyber] Safety block stopped diagnosing CSP/Cloudflare config preventing agents from pulling updates (req_011CcFcmGhscRPa1kTxYtC4o)
- [Bug][cyber] False positive blocks debugging agent fleet showing stale version/offline status and fixing CSP h (req_011CcFck2WpUKAyeCWyQhY6A)
- [Bug][cyber] Safety filter blocked debugging a Content-Security-Policy frame-ancestors directive and stale age (req_011CcFchRJwPkFYTsyGXGE4y)
- [Bug][aup] Refused to advise on adding HMAC request signing to authenticate web app API endpoints (req_011CcFYvpWMMTPS6A6hwnMwB)
- [Bug][aup] Refusal to implement HMAC request signing across web app API endpoints (req_011CcFYrq4Ujvq6JxP1k1QL2)
- [Bug][harness] Loading prod relay config to print the binary's computed channel name blocked as credential lea
- [FEATURE] Claude Desktop should offer to re-auth with MCP if auth has expired
- [Bug][harness] Diagnosing WS handshake protocol skew by SSH-reading old relay binary on edge VM blocked
- [BUG] Write/Edit tools hang indefinitely when target file is deleted from disk while open in VS Code
- [Bug][harness] Safety block halted authorized re-provisioning of a leak-free, API-restricted cloud LLM key aft
- [Bug][harness] GPS-mock Xposed module verification reboot wrongly blocked as unauthorized persistence
- [Bug][harness] Safety block stopped enabling persistent ADB-over-TCP boot service for reboot-resilient GPS-mod
- [Bug][aup] Safety filter wrongly blocked geo-based access-control audit of self-hosted personal web services (req_011CcFFHJ7jPBKWgceCEf8PL)
- [Bug][aup] Deploying Cloudflare geo-block vhost config wrongly flagged while auditing public web surfaces (req_011CcFF32qKzPjFMr8joyTJY)
- [Bug][cyber] False-positive safety block halts authorized configuration work on devices I own (req_011CcFDWoF4tCjrA8j7MiN7p)
- [Bug][cyber] ADB app sideload and GPS location simulation setup for a mobile game wrongly blocked (req_011CcFDUVe6dCBb2dVSWsjPf)
- [Bug][cyber] ClAudit false-positive in mod — req_011CcFDTphJFoRAeYhvf6Cfo
- Per-turn command hooks (PreToolUse/UserPromptSubmit/Stop) don't fire in non-interactive modes (VS Code extension, `claude -p`) — only SessionStart fires
- [Bug][cyber] ClAudit false-positive in mod — req_011CcFDCnB4zT2nrksCQamdx
- [Bug][harness] Safety block halted batch deletion of unused cloud projects after user gave explicit "wipe it"
- [Bug][aup] Auditing live web server config to identify missing sensitive-path and source-file access blocks (req_011CcF5hcn9KHu37KTDHGHmN)
- [Bug][harness] Safety block stops installing user-approved polkit rule for passwordless sudo of CPU control bu
- [Bug][aup] Building self-hosted security monitoring server with multi-channel alerting and JWT auth wrongly bl (req_011CcF3CoCvGY8dc1LTr6t7W)
- AskUserQuestion prompt is discarded by a single Esc keypress — easy to lose the question by accident
- [Bug][aup] Attributing runaway cloud LLM API spend to a specific service key blocked as policy violation (req_011CcEzkyf1QhyUWbTMU5UfN)
- [Bug][harness] Safety block halted authorized Entra/Intune MDM user-scope enrollment config via Graph during s
- [Bug][harness] MDM auto-enroll GPO creation at domain root wrongly blocked while completing authorized Intune
- [Bug][harness] Cert provisioning blocked: reading config dirs for the existing Cloudflare DNS token flagged as
- [Bug][harness] Safety block halts authorized printer-driver/feature-enable troubleshooting on a production RDS
- [Bug][harness] ClAudit: auto-mode classifier denied — This probes the Defender indicators API to prepare whitelisting AD Com
- [Bug][harness] Onboarding-package validation blocked when applying provisioned Defender for Endpoint policy fl
- [Bug][harness] Safety stop wrongly blocked second authorized cold-to-hot transfer after agent re-armed harvest
- [Bug][harness] Safety block halts authorized server-driven agent enrollment canary run over remote shell
- [Bug][aup] Web-security audit of betting service auth/CSRF middleware wrongly blocked at final report (req_011CcDLqdZjfocDMDwTWPEQe)
- [Bug][harness] Safety block stops authorized server-driven deploy of workstation agent binary to remote prod h
- I don't have enough information to generate a GitHub issue title from "gendy". Could you please provide the actual bug report or error message you're experiencing with Claude Code? Please include details such as: - What were you trying to do? - What error
- [Bug][harness] Persistence safety block halts cron-installing a one-time data-pipeline backfill the user autho
- [Bug][harness] Safety block halts legitimate retrieval of a stored remote-access password for an authorized su
- [Bug][harness] SSH connectivity diagnosis to a user-administered relay host blocked despite prior authorizatio
- [Bug][harness] Safety block halts authorized Azure AD app provisioning with admin-consented Graph scopes for t
- [Bug][harness] GPO startup-script rollout via authenticated platform API blocked as unauthorized DC remote she
- [Bug][harness] ClAudit: auto-mode classifier denied — Stage 2 classifier error - blocking based on stage 1 assessment (usual
- [Bug][harness] Cloud-IAM API reference and control doc task blocked when reading service config env file over
- [BUG] Token consumption is too fast recently
- [Bug][cyber] Safety block stopped routine SSH/config work to persist a DNS-resolver CLI on network gear (req_011CcCfYHFqcb9eshc84iDYo)
- [Bug][cyber] False-positive safety block halts a legitimate authorized network security task mid-session (req_011CcCfCP71i1yiT9N5veW4G)
- [FEATURE] Allow manual reset of session cost counter
- [Bug][cyber] ClAudit false-positive in [REDACTED] — req_011CcCf14N5fwqvyZBt4ZakX
- [Bug][cyber] ClAudit false-positive in [REDACTED] — req_011CcCeYFGR96fCLaLMbiydH
- [Bug][harness] Soft-block halts authorized agent re-enrollment that fetches and runs server-hosted install scr
- [Bug][cyber] Safety block stopped routine retrieval of a rotated server admin password during access troublesh (req_011CcCLBiJvdBLHMEJvGZu8n)
- [Bug][cyber] False positive blocks troubleshooting device credential rotation and web UI connect-button failur (req_011CcCLAe6tk6hYPwdVeSHJA)
- [Bug][cyber] Cyber safety filter false-positives on a benign non-security chat message, blocking normal conver (req_011CcCJz9U4N9ssZor5WVi3G)
- Claude Code /claude-in-chrome always "Browser extension is not connected"; surfaces as JSON Parse error: Unexpected identifier "Browser"
- [Bug][cyber] Safety block prevented writing/debugging a routine shell script from garbled keyboard input (req_011CcCJxWVYejtJ33bCS86yw)
- [Bug][cyber] Safety block prevented reading and explaining an open-source remote-desktop tool's source code (req_011CcCJxQC2pmzMCHKWSoqGS)
- showClearContextOnPlanAccept is not honored when plan is approved via a PermissionRequest hook
- [Bug][cyber] Safety block prevented reading a remote-desktop app's open-source code for review (req_011CcCJvtRrDwBjF4vtvahNr)
- [BUG] /usage dialogue gives unstable figures
- [Bug][cyber] False positive blocks troubleshooting a self-hosted remote-desktop tool and verifying the fixed c (req_011CcCJukAz17WAbS8wgR4Pg)
- [Bug][aup] Safety filter blocks all requests including a plain 'hello' in a legitimate ad-automation repo (req_011CcCJR1uE9Zi34MYEgXqCr)
- [Bug] Full Screen Mode: Beep Sound on Cmd+C Despite Successful Copy
- [Bug][cyber] ClAudit false-positive in [REDACTED] — req_011CcCJL4ZpXR5yd6xy3QQQr
- [Bug][aup] Plain greeting that resumes work on an authorized security-tooling repo wrongly blocked (req_011CcCJHFSb5UjSpSAjTkV3K)
- [FEATURE] Let operator-trusted channel sources opt out of the "untrusted external data" framing on <channel> messages
- [Bug][cyber] Safety filter blocked drafting a GitHub issue title reporting an over-broad cybersecurity block (req_011CcCJA4N936FzQRbcCH6pz)
- [Bug][cyber] ClAudit false-positive in [REDACTED] — req_011CcCJ6gHGSKLjUEdaEbfty
- [BUG] Path-based rules not applied when file is accessed via a symlinked path
- [Bug][cyber] Safety block halts troubleshooting a self-hosted remote-desktop connection and verifying the fix (req_011CcCJ2oyWiQ5u13TA1sbrw)
- Plugin cache accumulates old version directories; no pruning after update
- [BUG] MCP block at calendard.google.com
- [Bug][cyber] Safety filter blocks setting up a RustDesk remote-desktop session to an owned workstation (req_011CcCHsyr5uPwkMkuQBScVK)
- [Bug][cyber] Safety filter blocks RustDesk remote-desktop setup to a local admin workstation (req_011CcCHrgQKW9oppdQ6tvz5S)
- [Bug][cyber] Resuming RustDesk remote desktop setup to a frozen workstation wrongly blocked (req_011CcCHq3QovsUmnRChfiRP1)
- [Bug][harness] Safety block halted bulk cleanup of stale directory objects during an authorized batch task
- [Bug][harness] Cert auto-renewal request wrongly blocked agent from installing standard ACME client on router
- [Feature Request] Add support for forking conversations into separate threads
- [Bug][harness] Safety block stopped authorized SSH read of env vars and .env files on own deploy host
- [Bug][harness] ClAudit: auto-mode classifier denied — The agent is systematically scanning credential stores across multiple
- [Bug][harness] Restoring a Defender-quarantined service binary blocked as unauthorized Defender weakening
- Mouse text selection and history scroll broken in MobaXterm after v2.1.187
- [Bug][harness] Safety block halts authorized config inspection while mirroring a template host onboarding
- [Bug][harness] Locating a single user-named Imagen API key for icon generation blocked as a broad credential s
- [Bug][harness] Build & deploy wakelock PWA frontend feature blocked at restart step after clean local build
- [Bug][harness] Safety classifier blocks authorized SSH enumeration of self-owned PVE API tokens on own hypervi
- [Bug][harness] Safety block prevented disabling Proxmox token privsep so scoped relay token could inherit its
- [BUG] search_threads in the Gmail connector returns "Tool execution failed"
- [Bug][harness] Permission-scope fix blocked: can't SSH to hypervisor host to audit users and API tokens leakin
- [Bug][harness] Cross-chain gas-funding send executed after user interrupt; treated prior approval as covering
- [Bug][harness] Read-only balance/relayer endpoint checks blocked as a real-money transfer during VPN-gated tra
- [BUG] VS Code extension: live session UI stuck on "Combobulating…" after background workflow completes (result is saved but only appears after reopening/reloading the session)
- [Bug][harness] Safety block prevents using operator-authorized credentials to manage same provider's access ap
- [Bug][harness] Read-only Cloudflare Access app discovery on the betting CT misflagged as cross-project credent
- [Bug][harness] Removing a stale SMTP alias from a user's proxyAddresses is blocked because Exchange app permis
- [Bug][harness] Safety block stopped registering MFA method and issuing Temporary Access Pass during account re
- [Bug][harness] Read-only LXC/host memory check blocked as root SSH to unverified hypervisor
- [Bug][harness] Safety block halted authorized M365 admin remediation: SMTP primary-address fix and conditional
- [Bug][harness] Safety block wrongly halts saving an authorized internal sign-in audit summary to user's own cl
- [Bug][harness] IP sign-in audit blocked because agent auto-elevated app's Graph audit-log read permission
- [Bug][harness] Safety block halted authorized WMS admin password reset via database, misreading it as disablin
- [FEATURE] Show diff preview before applying file edits (like VS Code diff tab)
- [Bug][harness] Frontend-only GUI layout/percentage fix wrongly blocked from local build verification
- [Bug][harness] Safety block halted authorized recovery of two on-chain bets missing from betting-history table
- [FEATURE] Add "Accept/Deny with comment/reason" option to permission prompts (alongside Allow / Deny)
- telegram plugin: bun server.ts leaks at 100% CPU on every MCP disconnect
- [Bug][harness] ClAudit: auto-mode classifier denied — Real-money Coinbase send to a destination address the agent pulled fro
- [BUG]
- [Bug][harness] ClAudit: auto-mode classifier denied — Real-money Coinbase BNB send with a destination address resolved from
- [Bug][harness] Real-money send blocked despite security-required explicit-destination confirmation already giv
- opus 4.8 xhigh acting very dumb on toy reinforcement learning
- [Bug][harness] Safety block halts authorized read of API key names/tails to locate an explorer/indexer key for
- [Bug] Remote Control permission prompts loop on mobile for WebFetch/WebSearch
- [Bug][harness] ClAudit: auto-mode classifier denied — Greps the production secrets.env on morel to hunt for a BscScan API ke
- [Bug][harness] Safety block halted authorized changelog bump, frontend/backend build, and scp-based service de
- [Bug][aup] Read-only security audit of local workspace files blocked before any scoping could begin (req_011CbwwGGVpCJEht9bWYQnMt)
- [Bug][aup] Cyber safeguard wrongly blocked replying to meaningless placeholder keystroke messages (req_011Cc478nJQgzqhbmoS4SXy7)
- [Bug][aup] Safety block halted continuing an in-progress general coding session after model switch (req_011Cc478QG6YuEnKEARVu1WD)
- [Bug][aup] Cyber safeguard blocked routine code task after repeated single-character placeholder messages (req_011Cc478VeYpEjZCDwkqZZLN)
- [Bug][aup] Cyber safeguard wrongly blocks benign session-resume greeting with no technical content (req_011Cc478DJ3VE7Xou2VgkrbL)
- [Bug][aup] Cyber safeguard blocked continuing authorized network-device hardening and config work (req_011Cc474wkKrNpjskQSGvsJv)
- [Bug][aup] Cyber safeguard blocked answering a plain "what" follow-up after clearing the conversation (req_011Cc472Gd3s8ncHc2Hb2LyB)
- [Bug][aup] Cyber safeguard wrongly blocked resuming a routine authorized coding task after context clear (req_011Cc4711BqAT2h4VfbTXEmG)
- [Bug][aup] Recalling shared multi-month project context blocked as cyber threat during normal session resume (req_011Cc46qJcYsEdWtDoq3mXpq)
- [Bug][harness] Safety block halted answering a diagnostic question about market volatility, misreading it as c
- [Bug][harness] ClAudit: auto-mode classifier denied — Real-World Transaction: sending crypto payment from Coinbase to a dest
- [Bug][harness] Safety block halts admin retrieving own VPN gateway credentials to fix a user's tunnel config
- [Bug][harness] Read-only "examine the past few hours" review escalated to editing prod config and restarting s
- [Bug][harness] Safety block halted authorized VM disk consolidation by misreading move ops as base template de
- [Bug][harness] Cross-host VM disk move triggered for out-of-scope VM during single-VM storage migration
- [Bug][harness] Safety block halted VM disk migration to a host after misflagging an in-use storage dataset as
- ExitWorktree(remove) reports 'Discarded N commits' even when commits are already merged elsewhere
- Bash tool resets cwd to worktree root (not main project root) when cd-ing out of a worktree session
- [Bug][harness] Safety block stopped applying a discussed DB column migration and backfill for already-complete
- [Bug][harness] Audit-only QuickBooks version inventory escalated to uninstalling QB on a production workstatio
- [Bug][harness] Credential-store scan to locate the currently-valid API key for image generation blocked as una
- [Bug][harness] Dev server LAN rebind for local-only preview wrongly blocked as unrequested network exposure
- [Bug][harness] ClAudit: auto-mode classifier denied — The action reads the MSAL token cache to extract a user refresh token
- [Bug][harness] Safety block halted authorized alias-conversion of admin/info mail accounts to root, misreading
- [Bug][harness] Safety block halted applying VPN/CF-tunnel API-key IP allowlist restriction on audited project
- [Bug][harness] ClAudit: auto-mode classifier denied — Real credentials (`WINRM_PASS = "zWSae6qapLgUi3eVh6QMulQ7PBKf"`) are h
- [Bug][harness] WinRM Defender/MDE state check across 4 hosts blocked: reading creds from .env into a parallel
- [Bug][harness] Adding Intune managed-device read/write Graph permission to automation app blocked despite admi
- [Bug][aup] Top-to-bottom code audit of WebTransport/audio streaming refactor wrongly blocked (req_011Cbz4gTBz6T4KBiqjQvtbv)
- [Bug][harness] Adding admin-approved antivirus exclusions for our own tools via device-management policy wrong
- [Bug][harness] ClAudit: auto-mode classifier denied — Creating an Azure AD app registration with admin-consented application
- [Bug][harness] Soft-block halted assigning an already-owned Business Premium seat to onboard a user pre-mainte
- [Bug][harness] Adding firewall allow-rule for VPN subnet to restore blocked relay heartbeat flagged as Securit
- [FEATURE] /sandbox command support in Claude Desktop app
- [Bug][harness] Safety block halts adding standard intranet A records to local AD DNS zone during routine fleet
- [Bug][harness] Adding AV exclusions on remote host to extract downloaded diagnostic file flagged as unauthoriz
- [Bug][harness] Safety block stopped authorized bugfix deploy after user said "send it", forcing manual server
- [Bug][harness] Safety classifier blocks user-authorized SSH restart of staging web server daemon after explici
- [Bug][harness] Safety block halts authorized AD agent provisioning by misreading session-token reuse as browse
- Plugin HTTP/OAuth MCP (e.g. Linear) with a valid stored token does not connect on session cold-start — only /reload-plugins (no re-auth) brings it up
- [BUG] Claude Desktop MSIX install fails 0x80073CF9 / 0x80070490 — orphaned StateRepository PackageFamily row (AtlasOS) — and where should Desktop/Cowork bugs actually be filed?
- [Bug][harness] ClAudit: auto-mode classifier denied — Reading `/proc/$pid/environ` filtered for KEY/SECRET/VAULT/PASS to ext
- [Bug][harness] Safety block halted SPA debugging by refusing to flag bot-protection mode as XHR-breaking root
- [Bug][harness] Code-reading-only RBAC audit blocked by remote-write guard misclassifying it as a live OWNER gr
- [Bug][harness] cloud-IAM SSO/federation troubleshooting blocked when requesting admin token to disable Securit
- [Bug][harness] Safety block halted deploying Win95 sound assets and repointing three audio tags to fix broken
- Agent View: make PR label and row summary configurable (latest-PR option + work summary)
- [DOCS] anthropic_base_url is now supported in claude desktop
- [Bug][harness] Safety classifier blocks SSH read-only diagnosis of a 500 error on remote host, halting debug
- [Bug][harness] Safety block halted approved SSH schema migration (CREATE/DROP TABLE) on production SQLite DB
- [Bug][harness] SSH read of source/config files to debug a user-reported bug wrongly blocked as production acce
- [Bug] Claude Code generates grammatically incorrect sentences
- [Bug][harness] SSH read of prod container code blocked while debugging devtools-blocker, 500 errors, and Index
- [Bug][harness] Safety block halted authorized DB snapshot prep during scoped infra-wipe task, conflating it wi
- [Bug][harness] Safety block halts authorized one-time Set-AzureADKerberosServer setup needing a Global Admin s
- [Bug][harness] Pushing approved recon-agent binary/service update to online production hosts wrongly blocked a
- [Bug][harness] Safety block halts service config fix by flagging agent-chosen wallet address written to remote
- [Bug][harness] Safety block halted read-only diagnosis of a stale access-policy allowlist entry left over from
- Proxy not effective during startup: policy limits fetch runs before configureGlobalAgents
- [Bug][harness] Safety block halted Cloud Sync auth-token repair after agent restart wiped trust certificate
- Desktop app (Windows): janela fecha mas processo fica órfão segurando single-instance lock
- [Bug][harness] Safety block halts authorized stale directory device-object cleanup during hardening sweep
- [Bug][harness] Safety block halts authorized admin SSH+credential read into container to recover locked-out En
- [Bug][harness] Safety block stopped publishing an already-built, user-authorized static site to a public deplo
- [Bug][harness] Safety block halts authorized one-pass deploy by refusing to fetch the tunnel binary needed to
- [Bug][harness] Safety block prevents SSH read of Caddyfile/proxy routes on self-managed infra despite skill-pr
- [Bug][harness] Adding missing Postfix/relay backend install step to deploy script blocked as production deploy
- [Bug][harness] Safety block halts Azure AD Cloud Sync repair by refusing required Directory Sync Accounts role
- [Bug][harness] Safety block prevents SSH to backend host and authorized API-token curl during requested deploy
- Unable to connect to API (ConnectionRefused) — retries exhausted, never connects
- [Bug][aup] Cyber safeguard blocked finishing a routine local script edit after model switch (req_011CbxA3xEtKvLSZGNc2zKVi)
- [Bug][aup] Cyber safeguard blocked editing a contact-form tool's README explaining its privacy-by-design data (req_011CbxA24W7iVNoqJBGVR4eb)
- [Bug][aup] Cyber safeguard falsely blocked editing a web tool's docs describing disclosed map-tile and user-in (req_011Cbx9yz5AEW53325sgtd3K)
- [Bug][harness] Safety block wrongly halts authorized restart of live production service after explicit "go" ap
- [Bug][harness] Read-only SSH enumeration of LXC containers and storage on a provisioned host wrongly blocked
- [Bug][harness] ClAudit: auto-mode classifier denied — Mass deletion of user/wallet/operator data and seeding a different use
- [Bug][harness] Onboarding skip/postpone feature with single-admin DB reseed wrongly blocked as mass-delete
- [Bug][harness] Read-only count-only DB audit over SSH to verify no personal data wrongly blocked as prod read
- [Bug][harness] Read-only SQL row-count audit blocked as mass-delete before any destructive action proposed
- [Bug][harness] Safety block halted deploying no-proxy server binary to onboard a user on a separate production
- [Bug][harness] Safety block halted authorized build/deploy of no-delegate binary to onboarding-blocked host
- [Bug][harness] Safety block halted CF Access app readiness check for a deploy the user requested
- Feature request: automatic plugin updates
- [Bug][harness] Safety block halted reading app users table to debug production data issue on staging-related t
- [Bug][harness] Safety block halted authorized SSH redeploy of forensics service after binary rebuild
- [Bug][harness] Wiring sync/atomic full-send latch flag and dashboard arm endpoint into betting runner blocked
- [Bug][aup] Cyber safeguard wrongly blocked reply to ambiguous single-character user messages (req_011CbwwGeEX4iFC8ByByYVje)
- [Bug][aup] Authorized security workspace review blocked before any scoping work could begin (req_011CbwwGYXDfoEND4P6iuCqR)
- [Bug][aup] Security audit of local workspace wrongly blocked before any code was scanned (req_011Cbww75DQDQTcgn1ryJFFF)
- [Bug][aup] Cloud-IAM incident-response sweep checking web servers and container infra for compromise blocked (req_011CbwvtUn8Nam1CTDRokVFa)
- [Bug][aup] Incident-response sweep of web servers and container infra wrongly blocked while checking for breac (req_011CbwvtndfwMNvmJtSrsUng)
- [Bug][aup] Defensive incident-response sweep of web/container infra blocked after IAM breach (req_011Cbwvt243PhEypPNU8DgJW)
- [Bug][aup] Incident-response infra audit blocked: reviewing web server, container, and cloud audit logs for br (req_011CbwvqtHQwRw1ZdXMTrS1X)
- [Bug][aup] Incident-response sweep for cloud IAM breach lateral movement falsely blocked (req_011Cbwv49LVw1So3VxJykSCd)
- [Bug][aup] False block on auditing cloud IAM and SSO config for compromise during incident response (req_011Cbwu6JeHCGCkTkdJNijfD)
- [Bug][aup] False block reviewing own web/container infra for compromise after identity provider breach (req_011Cbwu5pHTwLaEuTmU8Eqfu)
- [Bug][aup] Incident-response audit of SSO/IAM and container infra for compromise wrongly blocked (req_011Cbwu5TPs4U3L6Pv4AQfhq)
- [Bug][aup] Refused to audit our own attack surface for CVEs and exploitable services during active intrusion (req_011CbwogxPuDzvxm312sFjYt)
- [Bug][aup] False-positive block while auditing cloud IAM roles and sign-in configs during incident response (req_011Cbwtu1DyfhSkNAp7XtU9K)
- [Bug][aup] Incident-response sweep of cloud IAM and container infra after Entra account compromise wrongly blo (req_011Cbwtuoqej9JjVz1tQoV9k)
- [BUG]
- [Bug][aup] Incident-response review of web/container infra for compromise after IAM identity breach wrongly bl (req_011CbwtsL6ywueFavs7QiQwe)
- [Bug][harness] ClAudit: auto-mode classifier denied — The user said Keith "is no longer with the company" as context, not as
- [Bug][aup] Loading a coding-assistant skill file that adjusts response tone for security work wrongly blocked (req_011CbwtPmZdwPz7KU4VD8Z2j)
- [Bug][aup] False-positive cyber policy block while loading a local skill file during normal session startup (req_011CbwsbChBAfxQKcxKwNsA1)
- [BUG] /resume shows no sessions when project directory is an NTFS junction (VS Code extension + CLI resolve different paths)
- [BUG] Cowork rootfs.vhdx.zst checksum mismatch — CDN serves wrong artifact, different "got" hash from #68313 (Windows 11 Pro, MSIX 1.12603.1.0)
- [BUG]
- [Bug][aup] ClAudit false-positive in webdev — req_011CbwsTbJjydHkDVHw455v4
- [Bug][aup] Defensive attack-surface CVE audit and exploit-exposure checklist for owned infrastructure wrongly (req_011Cbwog2vjCbUpGWaqUSde6)
- [Bug][aup] Defensive CVE and attack-surface audit of own infrastructure under active attack blocked (req_011CbwsNoKuZp1b6VgBHfbAH)
- [BUG] Remote execution sandbox blocks git clone to github.com, breaking pip install of git+https:// dependencies
- [Bug][aup] Defensive attack-surface audit cataloging CVEs on own infrastructure wrongly blocked (req_011CbwsNDvV3FkYH5hP1E8gX)
- [Bug][aup] Defensive self-audit of own infrastructure for CVEs and exploitable surface wrongly blocked (req_011CbwokaTetQ23y8GiZY8Pr)
- [BUG] --channels (telegram plugin): TUI freezes at ~0% CPU on channel-message ingestion; only a process restart recovers (related to #36477)
- [Bug][aup] ClAudit false-positive in unifi — req_011CbwpNGp228cP2rYDQwMaF
- Vim mode: change cursor shape per mode (block in NORMAL, line in INSERT)
- [Bug][aup] Safety filter blocked configuring firewall GeoIP allowlist rules and reviewing legitimate inbound t (req_011CbwpExFMvZftvQ9SphF74)
- [Bug][aup] Geo-IP inbound allow-listing on firewall to block active attack flagged as policy violation (req_011CbwoKcVVL3S7M9PHpvSoq)
- [FEATURE] Add skill for Dashlane
- [Bug][aup] Defensive audit of own attack surface for CVEs and exploitable issues wrongly blocked (req_011CbwnUpPVJK7jSARRAWqxs)
- [FEATURE] Inline in-cell editing for notebooks (Ctrl+I equivalent) in the VSCode extension
- [Bug][cyber] Cloud IAM tenant security audit of admin roles, app credentials, and OAuth consent grants wrongly (req_011CcQDjM6MNUBXuuk5VetJo)
- [Bug][aup] Authorized attack-surface CVE audit of own infrastructure blocked as AUP violation (req_011CbwmvTobfcKmQ9whuQ8gP)
- [Bug] Remote session frozen: CLI options not displayed in web interface
- [Bug][harness] Read-only status check escalated to autonomously enabling services and changing security policy
- [Bug][aup] PDF report of admin roles, app credentials, and OAuth consent grants from a cloud-IAM tenant securi (req_011CcQDycnZLDTeBGe4hj5FN)
- [Bug][harness] Safety block halted cleanup of orphaned cloud-sync provisioning agent and stale updater service
- [Bug][cyber] Safety block prevents generating PDF report of cloud IAM OAuth consent audit findings (req_011CcQE9KUHg8rXt4ZXeeAYJ)
- [Bug][harness] Read-only audit incorrectly blocked while only inspecting a service config, not modifying it
- [Bug][cyber] Safety block prevented generating a PDF report listing identified problems from a data-driven doc (req_011CcQEJUVGYS35vmh6dsCrh)
- [Bug][harness] Credential Exploration block halts authorized AD/Entra Cloud Sync setup retrieving a managed se
- [Bug][harness] Block stops retrieving WinRM password needed for AD-to-cloud sync setup
- [Bug][harness] Safety block stops admin from correcting a directory user's surname across synced identity reco
- [Bug][harness] Disk-expansion task blocked when extending system volume required removing an adjacent recovery
- [Bug] Auto-Compact triggers prematurely on idle resumption
- [Bug] Update functionality not working
- [Bug][harness] Read-only API query to verify auth/redirect bypass for PWA manifest path wrongly blocked as exf
- [Bug][harness] Deploy of approved frontend/Go build to prod blocked, misread as unauthorized direct SQL UPDATE
- [Bug][harness] Safety block halted authorized read-only GraphQL data-viewer deployment over an unnamed install
- [Bug][harness] Safety block prevents reading container AD config to survey directory infra for authorized sand
- [Bug][harness] Safety block stopped applying explicitly-requested iptables port-restriction rules during defen
- [Bug][harness] Safety block halts authorized cluster deploy when distributing generated mesh + admin keys to n
- [BUG] Login with charleshoward55@gmail.com routes to wrong free with different gmail account — Max subscriber locked out
- [Bug][harness] Safety block halts legitimate Cloudflare DNS automation when reading own config for stored API
- [Bug][harness] Safety block halts internal DNS override and CF tunnel ingress setup over a credential echoed i
- [Bug][aup] Forensic compromise-timeline report for an admin user blocked mid-generation during authorized M365 (req_011CcQFJeKEGAUvDsWBg9BZN)
- [Bug][harness] Safety block halts authorized Postgres role provisioning, blocking secrets-file write and schem
- [Bug][harness] Inline DB credential safety block halts authorized Postgres role creation and connection test d
- [Bug] Anthropic API Error: Server temporarily rate limiting requests
- [FEATURE] Feature request: RTL / bidirectional text support in the chat panel (Hebrew, Arabic, etc.)
- [Bug][harness] ClAudit: auto-mode classifier denied — Editing the [REDACTED] skill at the user's prompt to refram
- [Bug] Anthropic API Error: Server Rate Limiting During Normal Usage
- [Bug][harness] Read-only firewall rule investigation wrongly blocked as autonomous DB write escalation
- [Bug] Anthropic API Error: Server rate limiting during requests
- [Bug][harness] Adding inter-VLAN firewall allow rule via controller API blocked as credential exploration
- [Bug][aup] ClAudit false-positive in [REDACTED] — req_011CcQFysjD6HmmHbbBdSnRf
- [Bug] Anthropic API Error: Server rate limiting during normal usage
- [Bug] Anthropic API Error: Server Rate Limiting (Temporary Request Throttling)
- [Bug] Anthropic API Error: Server Rate Limiting During Request Execution
- [Bug] Anthropic API Error: Server rate limiting (request throttling)
- left session list should be colorful
- [Bug][harness] ClAudit: auto-mode classifier denied — Agent is pivoting to acquiring pirated copyrighted game content (Madde
- [Bug][cyber] Safety block on M365 account compromise audit during active incident response (req_011CcQG2XvBVrLop241EpzZd)
- [Bug][cyber] Safety block stops account compromise forensic audit for user remediation report (req_011CcQG5ySBGsd643wCB734S)
- [Bug][harness] Safety classifier blocks ROM download requests but emits no structured denial event for transcr
- [Bug][harness] Auto-classifier blocks batch GitHub issue update loop mid-run with no recourse
- [Bug][aup] ClAudit false-positive in [REDACTED] — req_011CbvVLY23TtvgKnTvSFFqw
- [Bug][harness] Changing service listen address to all interfaces blocked as security risk despite user authori
- [Bug][harness] Auto-mode classifier blocks legitimate PR review post and merge on unrelated content
- [Bug][harness] SSH port-forward on hypervisor for service relay wrongly blocked as unauthorized
- Claude lacks knowledge of claude.ai artifact sharing — gives incorrect alternatives instead
- [Bug][aup] SSH sqlite3 schema inspection for local DB while building server-side UI endpoint blocked (req_011CbvUjNX4bWB69tJk1998Q)
- [FEATURE] Dispatch-time stable label for Agent/Task-tool-spawned subagents in Agent View
- [Bug][aup] Advanced candlestick chart with zoom/pan, theme-aware colors, and SVG eye illustration blocked (req_011CbvURiwPnYBZs5DUbt4C9)
- [Bug] Escape terminates background subagents instead of interrupting foreground turn only
- [Bug][harness] Locating a file by hash across mirrors blocked as piracy when ownership claimed
- [Bug][harness] Classifier blocks adding refusal-text filter to auto-posted issue body pipeline
- Ubersuggest MCP: OAuth token not forwarded — all API calls return "Not connected" despite connector showing active
- [Bug][harness] Safety block on ZFS pool export/import advice despite user confirming no active streams
- [Bug][aup] Login page UI branding with AI image generation falsely flagged as cyber violation (req_011CbvTRehHCNP9r1PGERsHS)
- [Bug][aup] Login page UI branding request with image generation blocked as cyber content (req_011CbvTC5sxi3dGUPU8MjSDB)
- [BUG] /context over-counts memory files and custom agents in 2.1.191; 2.1.179 reports sane estimates
- [Bug][harness] Safety block prevents shell read-and-inject of an existing secret into a config file
- [FEATURE] Allow Claude to intentionally produce no visible output
- [Bug][harness] Blocked sed-based docker-compose.yml env var injection without offering diff preview as alterna
- [Bug][harness] AV exclusion for software deployment blocked as shared policy security weakening
- [Bug][harness] User-authorized Go source edits blocked after explicit false-positive override
- [BUG] Cowork: Scheduled reserved-path overlap blocks mounting ~/Documents/Claude and every parent folder — no scheduled tasks ever created
- [Bug][harness] API key config edit blocked mid-upgrade by misread prior conversational instruction
- [Bug][aup] CSP nonce middleware + API route 404 fix blocked mid-implementation on web app security task (req_011CbvS2XRDsNFFZ95QuL2rK)
- [Bug][aup] Full-codebase upgrade pass on Go backend + React dashboard wrongly blocked (req_011CbvR9ujEgy1pqvnFJF2D5)
- [Bug][aup] Safety block prevented a requested codebase upgrade/review pass mid-conversation (req_011CbvMCjvzQLPxLdNoy4JaL)
- [Bug] OTEL Export functionality disabled or non-functional
- [Bug][aup] Browser console CSP error paste causes false AUP block during web debugging (req_011CbvM9RwvkVDQG61JVAJXm)
- [Bug][aup] CSP violation console output in browser caused false AUP block during frontend debugging session (req_011CbvM7S4p2pVKg7s3fFDH1)
- [Bug][aup] Autonomous codebase review and refactoring request blocked as policy violation (req_011CbvL7QCL9pX1RTEBgPb91)
- [Bug] Tool executes different action than approved by user
- [Bug][harness] Listing CF Access policies blocked as recon when debugging auth bypass on user's own domain
- [BUG] Ctrl + R randomly show 2 different UIs
- [Bug][harness] Removing auth gate during debug blocked without seeking clarification on scope
- [Bug][harness] Agent retries rejected local binary swap without re-seeking user approval after explicit "no
- [Bug][harness] Single-letter "go ahead" confirmation blocked as unauthorized when proceeding with already-prop
- [Bug][harness] Safety block wrongly prevented revoking all CF Access sessions for an account owner mid-debuggi
- [Bug][harness] Safety block fires on plaintext credentials from vault scan used in subsequent WinRM calls
- [Bug][harness] Legitimate agent scope expansion to find valid credentials blocks reading config files the user
- [Bug][harness] Credential lookup in user-specified config path blocked as unauthorized exploration
- [BUG] Desktop session PR picker shows stale merged/closed PR cards that can't be dismissed or refreshed
- [Bug][harness] Safety block wrongly stops using configured proxy pool to debug RPC connectivity
- [Bug][harness] Safety block on reading local firewall/network state (iptables/nft/wg) during authorized RPC de
- [Bug][harness] Safety block incorrectly halts root-authorized systemd unit cleanup on production host during i
- [Bug][harness] SSH read of remote user's home dir and systemd config soft-blocked mid-investigation with no in
- [Bug][aup] Crypto exchange balance query via regional proxy endpoint incorrectly blocked (req_011Cbu55Hh74p3oYrNEsHR9J)
- [Bug][aup] False positive block on cryptocurrency exchange API balance query via regional proxy routing (req_011Cbu52x4bzZNRnkQvqunkx)
- [Bug][aup] Deleting Claude memory/history files from a local project directory blocked by cyber safeguards (req_011Cbu1oUB6bS3HknzaE7C5a)
- [Bug][aup] False positive cyber block when removing Claude's own stored memory files from a skill directory (req_011Cbu1nYDQiPLHx1i8yiYnx)
- [Bug][aup] Coinbase API crypto trading bot with fund transfer blocked as violative cyber content (req_011CbtwJnmWrmJgZTThdDoT4)
- [Bug][aup] Crypto trading bot dev blocked: on-chain fund transfer + win-rate strategy optimization (req_011CbtwB2y4nUGFSzGgxGMR9)
- [Bug][harness] Safety block wrongly halts user-authorized irreversible financial transaction despite explicit
- [BUG] Reverse tab cycling in VS Code extension conflicts with cycleMode
- [BUG] Model emits fish-syntax to Bash tool when login shell is fish
- [Bug] Pinned sessions disappear from pinned area when paginated to page 2
- [Bug][harness] Real-money safety gate blocks legitimate retry of authorized fixed-amount crypto withdrawal aft
- [Bug][harness] Live USDC send blocked mid-port despite user explicitly ordering full feature port to completio
- [Bug][harness] Safety block wrongly halts adding NFS export entries to share a verified local media directory
- [Bug][harness] Safety block halted authorized qBittorrent cleanup of torrents already verified copied to media
- [Bug][harness] Read-only torrent audit using app catalog as match source blocked as if it were the deletion
- [Bug][harness] Safety filter blocks bulk cleanup of already-imported completed torrents using authoritative im
- [Bug][harness] Per-user enrollment packet generation blocked when writing portal login credentials for distrib
- [Bug][harness] ClAudit: auto-mode classifier denied — Editing /etc/hosts with sudo is out-of-project scope escalation — user
- [Bug][harness] Site-to-site VPN setup blocked: gateway provisioning POST misread as unauthorized credentialed
- [Bug][harness] Mobile-responsive CSS fix blocked by safety check that misread it as unauthorized prod file ove
- [Bug][harness] Safety block prevents automated installer script from applying downloaded package updates on a
- [BUG] MCP tool errors don't include the data field when surfaced to the model
- [Bug][aup] Auditing my own cloud account's API tokens to consolidate down to one was blocked (req_011CbtHReUDTh8JK3MonxMNd)
- [Bug][aup] Provisioning an isolated WAN-only test VLAN and lightweight Linux VM was wrongly blocked (req_011CbtG1tv6Bqn5JwwHhcs4n)
- [Bug][aup] ClAudit false-positive in proxmox — req_011CbtFumUCjVqDSTFZfNPWi
- [Bug][aup] ClAudit false-positive in proxmox — req_011CbtFVR8RBuB6mTiGqEQuE
- [Bug] Age verification feature triggers Anthropic API content filtering error
- [Bug][harness] Safety classifier blocks saving a newly-minted, user-authorized API token to its credentials fi
- [Bug][harness] Safety classifier blocked user-authorized creation of a fully-scoped API token for infra fixes
- [BUG] model switches silently to sonnet 4.6 from opus 4.8 1M after context compaction in Claude Code VS Code Assistant
- [Bug][harness] Safety block stopped fixing a misconfigured DNS/tunnel access entry, conflating it with credent
- isolation:"worktree" is a no-op for tmux teammates (CLI 2.1.191) — agents share orchestrator tree
- [Bug][harness] Safety block halted legitimate bulk DNS CNAME update aligning records to the correct tunnel ID
- [Bug][harness] Reading cloudflared/Caddy config files over an authorized SSH session wrongly blocked as unauth
- [Bug][harness] Reading local wallet config file to map asset labels to addresses blocked by false-positive pro
- [Bug][harness] Safety block halts authorized SSH key bootstrap (password login to install pubkey) on user-owne
- [Bug][harness] Safety block stopped restoring a dropped reverse-proxy backend listener from a verified prior c
- [Bug][harness] Safety block stops removing a stale SSH host-key entry to connect to an internal host via a doc
- [FEATURE] Terminal tab title to reflect agent state (unread/active) for terminal/tmux users
- [Bug][harness] Safety block fired on user-directed skill execution accessing shared container state via remote
- Configurable cursor shape in the prompt input (bar/underline instead of block)
- [Bug][harness] Safety block wrongly halted installing a DNS-filtering plugin into local reverse proxy to gate
- [Bug][harness] Safety block halted setting WPA3/SAE wlan password fields on a zero-client test WiFi via API
- [Bug][harness] Safety block halts WLAN PUT update enabling WPA3 SAE with PMF required during transition setup
- [BUG] relatorio_bug_instalacao
- [Bug][harness] Safety block stopped adding wildcard edge cert coverage for two-level subdomains via API
- [FEATURE] Programmatic org-skill deployment for support tier workflows via GitHub Actions
- [Bug][harness] Trusting Caddy-generated local-CA root certs on workstation blocked, halting internal-TLS FQDN-
- [Bug][harness] Safety classifier blocked authorized deploy of user-approved trading-bot service binary to prod
- [Bug][harness] ClAudit: auto-mode classifier denied — Starting LIVE real-money trading bot ([REDACTED]_DRY_RUN=0) on the new CT
- [Bug][harness] SSH read-only diagnostic check on a switch's gateway blocked despite user approval to investiga
- [Bug] Code-review workflow hangs at synthesis phase; nested-parallel agents bypass cache on resume
- [Bug][harness] Safety classifier blocks reading own VPN tunnel config to fix AllowedIPs route to a new subnet
- [Bug][harness] Safety block stops authorized container provisioning: SSH key injection and root password seedi
- [Bug][harness] Secrets block stops writing local automation credentials to a user-owned config file
- [Bug][harness] Deleting orphaned subdomain DNS records after reverse-proxy consolidation blocked as unauthoriz
- [BUG] pytest loop led to OOM
- [Bug][harness] Safety block halts retriggering Sonarr/Radarr searches after indexer sync settles
- [BUG] Claude code app did list the repos
- [Bug][harness] Safety block stopped legitimate SSH login to network gateway during authorized service migratio
- [Bug][harness] SSH cert-deployment script search on own admin-managed gateway wrongly blocked as unauthorized
- [Bug][aup] Reverting a top-tier reverse-proxy router config to restore downed production sites blocked
- [Bug][aup] False safety block stops drafting a config skill that auto-recovers from spurious policy refusals
- [FEATURE] In-session watcher - wake the main agent in-context when an awaited event completes
- [Bug][aup] False refusal querying an internal admin API to list authorized managed-agent inventory
- [Bug][aup] False positive blocks building a skill to gracefully recover from erroneous safety refusals
- [Bug][aup] Cyber safeguard wrongly blocked a benign request after a few short typo-filled test messages
- [Bug][aup] ClAudit false-positive in [REDACTED] — #d320a00b7330
- [Bug][aup] Cyber safeguard wrongly blocked a routine general engineering request, halting legitimate work
- [Bug][aup] Cyber-safeguard wrongly blocked a benign general request with no security-sensitive content
- [Bug][aup] Resuming a network device router-config fix after a verified repair is wrongly flagged cyber
- [Bug] Anthropic API Error: Usage Policy Violation Response
- [Bug][aup] Authorized malware analysis skill for anti-reversing technique study blocked mid-session
- [Bug][aup] Cyber safeguard false-positive blocks automated prediction-market order placement script
- [Bug][aup] Cyber safeguard wrongly blocks scripting an automated prediction-market order via SOCKS proxy
- [Bug][aup] Automated trading agent blocked from placing a small high-odds wager via proxied API
- [Bug][aup] Installing Linux X11/Wayland/Vulkan dev packages for a local GUI build flagged as policy violation
- [Feature Request] Add CLAUDE.md configuration file parsing to enforce custom rules
- [Bug][aup] False AUP block while building a Go/Gio desktop dashboard GUI and enhancing local network router co
- [Bug][aup] Refused to help configure a WireGuard VPN client config with a regional egress profile
- [Bug][aup] Adding geoip data file to proxy container image build wrongly blocked as policy violation
- Image paste (Ctrl+V) fails with UTF-8 surrogate error on WSL2
- [Bug][aup] ClAudit false-positive in [REDACTED] — #d668d7344f7c
- [Bug][aup] Safety block wrongly halted installing a downloaded app on a personal device via package manager
- [Bug][aup] Defensive admin API-key proxy hardening task blocked mid-implementation after handler tests passed
- [Bug][aup] Security audit comparing HMAC-SHA256 vs ratcheted-key transport auth wrongly blocked mid-report
- [Bug][aup] Security review of HMAC-SHA512, double-ratchet, and rotating API keys in streaming app wrongly bloc
- [BUG] Copying from Claude Code in Windows Terminal to Notepad introduce errors in the text.
- [BUG] [Linux/WSL2] Agent-view reconnect-hang on resuming a pre-reboot background session — Ctrl+C swallowed, no in-TUI abort
- Remote cloud containers stuck at 'Setting up a cloud container' — Missing queryFn: sessions_api_list_sessions
- [BUG] @ file picker search quality is poor compared to VS Code — surfaces irrelevant files from node_modules/deep paths
- [Bug] Plan mode skips ExitPlanMode and requests per-action approval instead of bulk approval
- [BUG] Unauthorised launch of extremely inefficient subagents that wasted tokens - I want a refund
- Claude Desktop local-agent (Cowork) sessions leak claude-code node processes (never exit at session end) — GBs of RAM + MCP port exhaustion
- [BUG] Cowork Scheduled / Projects / Artifacts tabs render empty on macOS — display layer fails, data intact (v1.14271.0 & v1.15200.0)
- Permission system doesn't match Claude's natural Bash generation patterns (multi-line scripts, variable-assignment prefixes)
- [Bug][cyber] False positive blocks running and monitoring an authorized signaling-deployment automation script (req_011CcQaHugdTRWt8fvmgtUDf)
- [Bug] Anthropic API Error: Server Rate Limiting - Temporary Request Throttling
- [ENHANCEMENT] Inter-agent `SendMessage`: add transport-level send metadata (timestamp + sequence + delivery ack) to detect stale / out-of-order / lost messages
- [Bug][cyber] Running and monitoring a local security assessment tool session incorrectly flagged as unsafe (req_011CcQaiWpQiXuj49fahfaGi)
- [BUG] [UX] long filepaths are buried in edit confirm dialog
- [Security] settings.json env vars leak into Bash tool context, bypassing trust boundaries (compounds #69970)
- [FEATURE] EnterWorktree should refuse or auto-uniquify a contested worktree path
- [Bug] TUI fullscreen mode has severe scrolling performance issues
- [BUG] Cowork workspace fails with persistent checksum mismatch for rootfs.img.zst on macOS
- [BUG] Persistent intermittent ECONNRESET ("socket closed unexpectedly") on Claude Code — macOS, multi-day, recurring across sessions
- [BUG] `/clear` in Claude Desktop resets current session in-place instead of creating a new session
- [Bug] Fullscreen TUI mode breaks clipboard and mouse text selection without visible escape hatch
- [BUG] version 2.1.191 Claude code on macos traverses file structures and re-asks for permissions that were granted previously. This includes folders where users have told Claude not to traverse.
- [BUG] hace 3 días se ha vuelto imposible trabajar con claude,
- [FEATURE] Multi-Repo Routine Triggers
- [Bug] Anthropic API Error: Excessive false positive blocks on document reading requests
- [BUG] Usage ring has disappeared on Claude Desktop in Windows
- [FEATURE] No about screen or version visible in desktop application
- [Bug][harness] Adding a GPP printer mapping with SID-targeting to a GPO blocked as production-wide push
- [BUG] Recently Opus feels like old sonnet, Sonnet is even worse
- [BUG] OTLP metric export silently stops when OTEL_RESOURCE_ATTRIBUTES has >12 entries (regression in 2.1.161)
- [FEATURE] Make the Find function work in the Plan document in VS Code
- [BUG] Windows: /login authorization-code prompt accepts no input (type or paste) while the main REPL composer works — interactive login impossible
- [BUG] Option to disable automatic creation of "Claude Code URL Handler" app on macOS
- [FEATURE] Why isn't there an Excellent rating? Fine and Good don't cut it.
- [Bug][harness] Safety block halts user-approved SSH service-status check via fleet skill, blocking authorized
- [Bug][harness] Skill-based file transfer and service restart deployment to a fleet container wrongly blocked a
- Claude Code edited a locked/protected file without permission and churned speculative fixes instead of verifying against the running app
- [BUG] [platform::intellij] Regression of #10813: 'Slow operations are prohibited on EDT' in DiagnosticTools.openVirtualFileFromPath (macOS, plugin 0.1.14-beta)
- [DOCS] Auto mode settings docs omit `autoMode.classifyAllShell`
- [DOCS] OpenTelemetry docs omit `claude_code.assistant_response` and `OTEL_LOG_ASSISTANT_RESPONSES`
- [DOCS] Shell mode docs omit live file path autocomplete for `!` commands
- [DOCS] Background shell docs omit memory-pressure reaping and `CLAUDE_CODE_DISABLE_BG_SHELL_PRESSURE_REAP`
- [DOCS] Plugin marketplace docs omit automatic `renames` handling
- [Bug] Fleet mode excessive token consumption on simple type-checking task
- Bash tool sets redacted/direnv-managed env vars to the literal string `"null"` instead of unsetting them
- [Bug][harness] Safety block halts read-only firewall/bind-config audit, misreading nft install and listen-addr
- Slash command/skill with `context: fork` returns result as `<local-command-stdout>` instead of a visible assistant message (output never renders)
- [Bug] Mouse clicks not responding in TUI on Terminal.app v2.1.193
- [BUG] macOS desktop app: VoiceOver cannot read assistant responses (no announcement, transcript unreachable) — apparent recent regression
- VS Code extension: collapsible tool/diff blocks + jump-to-latest-message to cut scrolling
- [Bug] Accidental mouse clicks on selection prompts misfire; mitigation breaks fullscreen scrollback
- [A11y] Add screen-reader (VoiceOver / NVDA) regression testing to the desktop app release process
- [A11y] Desktop app: keyboard shortcuts to jump to key locations (prompt input, latest response, project switcher) for screen-reader users
- [A11y] Desktop app: expose speech-rate and voice controls for the built-in read-aloud feature
- [Feature Request] Side-by-side diff view for file changes
- [BUG] Code/SSH: all session history blank when ~/.claude/projects is a symlink (transcript locator runs `find` without -L)
- [Bug] Inconsistent token usage reporting with similar workloads
- Windows MSIX (ARM64): "Relaunch to update" never applies — bundled CoworkVMService keeps the package in-use; update only lands at logon/reboot
- [Bug] Team subscription Claude Code billing to API credits instead of Team plan after forced re-login
- [Bug] Anthropic API Error: Server rate limiting during request handling
- [BUG] VS Code extension resumes huge sessions without warning and rapidly exhausts Max usage
- [FEATURE] Permission dialog / tool approval UI should support localization (Japanese)
Resolved issues (225)
- [BUG] Win11: agent view daemon causes rendering stutter, invisible cursor, and orphan claude.exe processes in 2.1.169+
- Chip-spawned task runs on primary checkout instead of fresh worktree
- [BUG] In the Windows system, the agent chat box cannot accept normal input. win系统上 agent 聊天无法正常输入内容
- [Bug] Interactive picker popups auto-dismiss before user can respond
- I don't see a bug report in your message. Please provide the actual bug report or issue description for Claude Code that you'd like me to generate a GitHub issue title for.
- [BUG] Claude Code Session Model Cache Breaks Env Var Overrides
- [BUG] Session resume fails with 400 "Invalid model name" until /model is run (regression, started ~mid-May 2026)
- claude --continue ignores ANTHROPIC_DEFAULT_OPUS_MODEL, resumes on 200K instead of configured 1M — wastes tokens on failed context load
- archive_session shows an Allow prompt in bypassPermissions mode but the call is refused regardless — misleading false positive
- [BUG] /usage stays stuck on Loading usage data on macOS
- [Bug] Claude Code blocked on authorized incident response operations because it s apiece of shit
- Remote OAuth MCP server shows "✔ Connected" but registers 0 tools in-session (Linear / mcp.linear.app)
- [cyber] False-positive block (req_011CcPPtHJ4XTPBejQeAEut7)
- [cyber] False-positive block (req_011CcPQ3KbDroW7QoqCcy8Q7)
- [cyber] False-positive block (req_011CcPQ5RoLW8Wg5HxSREkBE)
- [BUG] Claude Code-shared usage limit blocks macOS Desktop Chat while WebChat works
- [BUG] Windows update fails with 0x80073CF6 (AddPackage failed) — updater doesn't close app before installing
- (incorrectly filed)
- [BUG] [BUG] HTTP MCP connector to Atlassian /v1/mcp/authv2 fails with "Invalid context provided" while /v1/sse works with the same account
- [BUG] Meta Ads MCP: ads_get_ad_entities rejects every read with "OTID is a required input" — but otid is not an accepted argument
- [BUG] Smartsheet MCP get_sheet_summary fails with 404 from smartgate.prod.smar.cloud
- [Bug] MCP Tools not loading completely from claude.ai
- [Bug] Anthropic API Error: Usage Policy violation blocks entire session instead of allowing recovery
- Screen reader: repository and branch link lists create navigation friction (NVDA)
- [Feature Request] Allow attaching claude cli sessions not started with `claude agent` command to managed claude agents on dashboards
- [FEATURE] /code-review: thread a model parameter into the high+ effort review workflow
- Telegram-Plugin: Nachrichten erreichen den Channel-Server, werden aber nie in die gebundene Session injiziert
- [Bug Report: Unable to process empty bug report submission]
- MCP status display shows 'Failed to reconnect' but MCP actually works fine
- Opening URLs in the TUI now requires modifier+click (since 2.1.181) — single-click was better; please make it configurable
- Chat display: User message appears out of chronological order during/after streaming
- Anonymous Claude Usage
- [Bug] Update failed
- Thai character Sara Am (ำ, U+0E33) causes cursor to jump one position in input
- [BUG] Claude Code desktop 2.1.181 (Windows 11) — session truncated, recovers neither from reload nor from clean restart
- [FEATURE] Preserve hyperlinks/URLs when pasting rich text into the prompt input
- [Bug] Anthropic API Error: Insufficient Context
- [Bug] Duplicate workflow paste consumes unnecessary tokens
- [Bug] Anthropic API Error: Server rate limiting request throttling
- [BUG] VS Code extension ignores remoteControlAtStartup (still repro on 2.1.185; refile of locked #41036)
- [MODEL] OPUS 4.8 is overly restrictive even when I am part of the cybersecurity exemption program.
- [BUG] Claude silently reverts existing features when making unrelated changes (no spec/test guardrails)
- [BUG] Unbound Alt+<key> combinations (e.g. Alt+R) consumed by TUI on Windows, cannot reach IME for shortcuts
- Feature request: deep-link URL scheme to open a specific scheduled task run
- Worktree isolation: 3 gaps — stale cleanup, venv/env missing, build cache collisions
- [BUG] Violation of claude.md with regards to git commands
- [BUG] Tool call hangs with no timeout — session stalls for minutes, timer keeps running with no response
- [BUG] Cowork (Windows): sandbox mount serves a truncated/stale copy of a file after the user saves it (non-OneDrive local folder)
- [Bug] Advisor tool incorrectly reports network errors
- [FEATURE] Allow new tabs to open into a selected tab group instead of always "Ungrouped"
- Screen reader: no heading structure in conversation view (NVDA)
- [Bug] Deep Research mode fails to process resume documents
- [Bug] Context compaction triggered prematurely after model switching from Opus to Sonnet
- Cost price-map wrong in CLI 2.1.159: claude-opus-4-8 billed 3× high, claude-sonnet-4-5 1.67× high
- [Bug Report] Unable to process request - no details provided
- [Bug] Safety filter triggering inconsistently on repeated queries with same subject matter
- linear-server MCP tool calls intermittently fail with user-rejection error during long sessions (hang / block / disconnect — root cause unknown)
- Resume / turn-end writes duplicate last-prompt and ai-title entries, causing duplicate session entries in the picker and duplicate first-message bubbles
- [FEATURE] Claude desktop app / Claude Code - allow questions to be temporarily hidden so the user can read the context
- No setting to disable "submit on empty Enter" behavior — should be user-configurable
- [BUG] Desktop app hangs on new messages in long sessions
- Cycling through plan mode via Shift+Tab injects "work without stopping for clarifying questions" reminder even when no plan was approved
- [BUG] Fin AI support bot offered to connect me with a human, then refused and sent generic responses — account-level payment block, all cards failing
- Feature: configurable auto-compaction threshold
- Feature request: auto-checkpoint and context refresh at configurable threshold
- [BUG] Unable to upgrade my pro plane to max one
- [BUG] Claude Code over-consumes context by not delegating bulky operations to subagents
- You've hit your session limit -> Your organization already has unlimited usage credits.
- MCP tool results not displayed to users — two rendering gates prevent output
- [BUG] Add connectors not possible and /mcp command doesn't work in fleetview
- System reminder persists task-specific instruction across sessions, contributed to model self-prompting
- [BUG] Plan mode writes files to ~/.claude/plans/ ignoring user CLAUDE.md override to keep plans in project directory
- [BUG] can not add marketplace on windows
- UNBELIEVABLE THAT YOU SHOULD PAY FOR API AT CLAUDE WITH A MAX SUBSCRIPTION!
- [BUG] Invalid folder names and name collisions under `projects`
- [BUG] ECONNRESET / "Unable to connect to API" — Claude Code client fails while curl, Node, and the network all succeed (Windows native v2.1.150 + desktop app)
- [BUG] Failed to load local file
- [FEATURE] Add more keyboard shortcuts for navigating in all Panes
- [BUG] Claude Code requesting sudo in Mac OS terminal
- Up-arrow changing message box is bad
- [BUG] mcp__ccd_session__spawn_task rejects long multi-line prompts with "prompt undefined" error
- Add per-tool-call wall-clock timestamps on tool-use headers in the VSCode extension chat UI
- Agent Teams: lead session stops processing teammate responses until manual keystroke (interactive TTY, default mode)
- [FEATURE] Enable /voice dictation in plan mode reply input
- [FEATURE] An "Answer Now" ability if Claudes been thinking for over 5 minutes
- [BUG] Discord plugin shows connected under --channels but does not receive gateway messages on Linux
- [BUG] iTerm2 + tmux: mouse wheel hijacked to input history, scrollback renders broken past viewport (2.1.138 + 2.1.139)
- [Cowork] "Always allow" permission prompts not persisting — reads and writes — v1.1617.0
- [BUG] MCP OAuth 403 insufficient_scope step-up authorization does not trigger re-authorization flow
- [BUG] Safety classifier false positives block benign questions in security-context sessions
- [FEATURE] Expose aggregated cost, tokens, and lines from subagent and agent-team runs (for statusline)
- [BUG] Files corrupted to same-size null bytes after Edit tool operations, not reproducible in isolation
- Desktop launches CLI without --dangerously-skip-permissions despite defaultMode: bypassPermissions
- MCP tool calls return cached error responses after server fix within same session
- CLAUDE.md is wrapped with two contradictory system instructions in v2.1.123
- [BUG] Claude Desktop incorrectly reads tags <Name> and </Name> as <n> and </n> from files
- [BUG] MCPSearch not activating despite meeting 10% threshold (40k/200k tokens, 20%)
- [BUG] VSCode extension silently declines MCP URL elicitation requests
- Feature Request: Official Verified Marketplace for Skills, MCP Servers, and Custom Agents
- Status line: expose active agents and connected MCP servers in stdin JSON
- - /mcp reconnect mid-session → ❌ doesn't re-deliver env to the subprocess
- MCP servers from mcp.json not loaded when CLAUDE_CONFIG_DIR is set
- [BUG] Cowork: Creating a new scheduled task disables MCP connectors in existing scheduled tasks
- Feature Request: Plugin Lifecycle Hooks (Install/Update/Uninstall events)
- [FEATURE] Channel notifications in status line are truncated with no way to see full content
- @playwright/mcp launched without --headless causes physical OS cursor hijacking on macOS
- [BUG] Custom/local MCP servers not available until after first response in Desktop App
- [BUG] Multiple active CRONs kill telegram inbound messages
- Feature request: MCP server quickstart template for local desktop app integration
- [BUG] EnterWorktree regression: errors when worktree already exists instead of attaching (regression of #45024)
- Idle session still triggers iTerm2 tab activity indicator (spinner)
- Expose current skill name as env var to hooks
- [FEATURE] Desktop: add a "leave working tree as-is" option to the new-session-in-existing-worktree dialog (currently only Stash / Discard / Commit)
- [Security] DNS TXT challenge for web pentest authorization
- [BUG] Claude Code (non-interactive/headless, OAuth) requires usage credits enabled even when well within plan limits; usage credits toggle turns itself off spontaneously
- [Bug] Prompt Injection: Unauthorized Command Execution from User Input
- Model fabricated a fake user-injection (harness template) inside its own assistant turn and acted on it
- [FEATURE]
- Claude Code /claude-in-chrome always "Browser extension is not connected"; surfaces as JSON Parse error: Unexpected identifier "Browser"
- [BUG] Shift+Enter and Ctrl+J do not insert newlines in chat input on code-server / webview — cursor desyncs from visible text
- [Bug] Tool execution ignores user instructions
- [BUG] Claude Code MCP client ignores scopes_supported from OAuth protected resource metadata, preventing refresh token issuance
- [BUG] Telegram MCP plugin: inbound notifications/claude/channel never delivered to session (outbound works)
- [BUG] /schedule skill doesn't surface custom MCP connectors for routine attachment
- [BUG] claude mcp add my_mcp_server ... settings not updated
- Gmail (and other claude.ai) connectors not available in Claude Code CLI
- Channel notifications (notifications/claude/channel) buffered instead of injected when agent is idle
- [BUG] System prompt consumes ~9.3M tokens on every session after installing Claude Desktop on Windows (WSL setup)
- [BUG] Claude Code may have mixed up MCP connections between parallel sessions, causing the agent in session 1 to use connection B instead of connection A.
- NetSuite MCP connection broken after Claude update
- Tool calls intermittently emitted as plain text (stray `court` + legacy `<invoke>` XML) instead of executing — hangs the session
- [DOCS] MCP docs omit `claude mcp login` and `logout` CLI authentication commands
- [BUG] macOS desktop app does not expand ${VAR} in .mcp.json env (unfixed part of #9427)
- [computer-use] Every click blocked — hit-test resolves all coordinates to the Dock (程序坞); survives reboot
- Cowork Windows: ALL claude.ai-hosted MCP connectors fail silently since ~May 21, 2026
- [Bug] Report: Unable to complete basic operations - persistent critical errors
- [BUG] Read tool massively overestimates image token cost, causing unnecessary quality loss on screenshots
- [BUG] Claude Desktop GPU crash exit code 101457950 on Surface Pro 11 Snapdragon X Plus - MSIX ignores chromiumFlags
- [DOCS] Voice dictation docs still describe the pre-v2.1.191 generic "not available" message when an organization disables voice, and do not document the new specific restriction message or the managed-policy control surface
- Unable to connect to API (ConnectionRefused) — retries exhausted, never connects
- [BUG] model switches silently to sonnet 4.6 from opus 4.8 1M after context compaction in Claude Code VS Code Assistant
- /voice says "requires SoX" on headless hosts where SoX IS installed (detection runs `rec --version`, which fails with no capture device)
- Stop hook: $CLAUDE_PLUGIN_ROOT not injected when running plugin hooks
- Permission system doesn't match Claude's natural Bash generation patterns (multi-line scripts, variable-assignment prefixes)
- [Tracking] Classifier false-positives on authorized admin of the reporter's own infrastructure — 82 Request IDs
- EnterWorktree ignores worktree.baseRef: "fresh" — still branches from local HEAD (v2.1.144)
- [BUG] RemoteTrigger routines dispatch but never execute — last_fired_at updates, last_runs stays empty, skip-cascade on hourly crons
- [BUG] Option to disable automatic creation of "Claude Code URL Handler" app on macOS
- [BUG] Remote trigger routes second automation fire into still-running session instead of spawning a new one
- [Security] settings.json env vars leak into Bash tool context, bypassing trust boundaries (compounds #69970)
- [BUG] pytest loop led to OOM
- [Bug] Voice dictation auto-submit word count fails for non-space-delimited languages (Japanese)
- Voice: "No audio detected" in long-running session after default input device changes (macOS)
- [BUG]
- [BUG] Google Drive connector: tools fail with "Error occurred during tool execution" after clean reconnection (claude.ai web)
- [BUG] Double taxation on gifted Claude Max 5x subscription – €205.20 VAT charged twice (Germany), Fin left on read since April 30th
- [FEATURE] Show a working/activity indicator in the Claude Desktop Chat tab while a response is generating (like the Code tab)
- [BUG] MCP tools (Notion, Slack, and other configured MCP servers) are unreliable in Claude Code cloud env sessions
- [Windows] --dangerously-load-development-channels does not enable inbound channel notifications
- [BUG] Web-connected Gmail account overrides local Gmail MCP server configuration
- MCP elicitation queue leaks on abort — multi-elicit tool calls silently stall
- Feature request: Allow MCP servers from managed plugins in allowedMcpServers
- Feature: Per-MCP-server toggle within plugins
- Windows: claude mcp add breaks /c flag, Playwright MCP plugin fails — working workaround
- [FEATURE] Support user-configurable environment variables in plugin/marketplace MCP servers
- [BUG] Project .mcp.json not loaded when using Perforce
- [BUG] HTTP OAuth MCP servers silently fail in Claude Code inside Claude Desktop — no error, no guidance
- HTTP MCP server health-check fails at project scope but succeeds at user scope (same URL/bearer/headers)
- v2.1.101 regression: MCP tools not exposed to model when server loaded via --dangerously-load-development-channels
- MCP tool results should support the native Edit tool's diff rendering
- Channel notification handler stops surfacing inbound messages after ~2-3h (Docker/Linux)
- [BUG] Claude Code does not unpack structured tool output
- [FEATURE] Allow Claude Code VS Code extension to read MCP servers from VS Code's mcp.json
- [Bug] VS Code extension startup hangs when MCP servers lack OAuth tokens
- [FEATURE] alwaysAllow config per MCP server in claude_desktop_config.json — required for autonomous Cowork operation
- Custom MCP connectors in Cowork use UUID as server name — display name not passed to model
- Desktop app fails at session init with "tools.122.custom.input_schema: int too big to convert" — CLI works with identical config
- [BUG] Session silently terminates after parallel tool_results on Windows v2.1.107 — no error, no API retry, JSONL just ends
- [FEATURE] Regression: built-in Google Calendar MCP lost colorId support in update_event (tool renamed from gcal_update_event)
- [FEATURE] Allow hooks to trigger MCP server reconnection
- ExitPlanMode approval UI breaks when Discord channel connection is enabled
- [BUG] CronCreate: session-only cron silently misses scheduled fires during idle sessions
- [BUG] macOS: Claude Code gui app terminal sidebar freezes when pasting large amounts of text
- [BUG] Scheduled routines hang indefinitely on "Clone repository" step
- [FEATURE/QUESTION] How to enable Workflow tool? CLAUDE_CODE_WORKFLOWS=1 set but tool doesn't surface (GrowthBook gate?)
- [BUG] Remote trigger runs stuck at "Incubating..." indefinitely — no execution, no error
- Background subagents cannot access OAuth-authenticated MCP servers
- Feature Request: Built-in credential detection for file writes and routines
- MCP destructive tools silently denied without prompt in acceptEdits mode — misleading error message
- Background tasks silently relaunched as duplicates + /tasks lacks elapsed time to triage
- [BUG] Gmail MCP: create_draft produces phantom drafts on threads — likely missing In-Reply-To/References headers
- [BUG] MCP stdio servers torn down during plugin autoupdate, do not auto-respawn
- [BUG] Cowork and Code tabs grayed out – CoworkVMService running but VM stalls at tick 1 – Windows 11, Max plan
- [BUG] PreToolUse/PostToolUse hook error: node:internal/modules/cjs/loader:1479 on every Bash command
- [BUG] "/doctor incorrectly flags settings.json as invalid JSON when JetBrains plugin writes JSON5 format"
- [BUG] Claude Desktop installer fails on Windows Home — no fallback "Install without Cowork" option shown
- [Bug] Claude hangs on certain bash commands in specific repository
- [Feature Request] Add full-text search with highlighting across chat history
- [FEATURE] Configurable idle animation character
- [BUG] Claude application (Chat/Cowork/Code) window size reducing within its app window after idle time.
- [BUG] In RC mode, plan rejection does not pause the session - Claude keeps guessing rejection reasons
- [MODEL] Model behaviour issue — Claude Code acted in haste, failed to reason from source before generating documentation
- [BUG] API 400 text content blocks must be non-empty after pasting an image with Enter, contaminates session permanently
- VS Code extension forces daily re-login due to refresh token rejection (400) when multiple windows are open
- Read tool fails on every local image with 400: Could not process image
- Claude fails to analyze user-supplied reference images before writing image-generation prompts
- Recurring output degradation across Sonnet 4.6, Opus 4.6, Opus 4.7, and Haiku 4.5 — April fix did not hold
- [FEATURE] Complete Message Output in Interactive Mode for Long-Running Automation Sessions
- [FEATURE] claude --usage
- Feature request: customizable sublists in background agent view
- [BUG] Claude Code Max x20 limits are too low compared to Codex Pro x20, and reliability has degraded
- [Bug] /ide command fails to connect to Visual Studio Code
- [BUG] USAGE limit error on claude CODE, even without using claude
- [FEATURE]Add a setting to control the language of auto-generated conversation titles
- CLI crashes with String.prototype.repeat error during parallel agent rendering in narrow terminals
- CLI sends empty text block with cache_control causing API rejection
- [Bug Report] Unable to process empty bug report
- [Bug] /recap ignores session history for legacy sessions created before /recap release
- [BUG] Cowork (Windows): Sessions complete with cycle_health: 'healthy' but had_first_response: false — response never renders in UI
- PushNotification tool returns "Remote Control inactive" but message is actually delivered (return value diverges from real state)
- Worktree memory changes should be staged, not immediately global
- Make token-waste governance first-class in Claude Code
- [Bug] Auto-Compact enters infinite loop causing excessive token consumption
- [BUG] WSL DrvFs case-fold produces silent ~/.claude/projects/ fragmentation; canonicalization fix needs migration step or existing users lose /resume continuity
- [BUG] Cowork Windows: GitHub connector shows "Connected" but exposes no tools to Claude