Digest / June 26, 2026
Claude Code Issues Digest — June 26, 2026
236 new issues filed ·
508 resolved in anthropics/claude-code (UTC day).
New issues (236)
- [BUG] API Error: Server is temporarily limiting requests (not your usage limit) · Rate limited
- [BUG] Silent default model upgrade to Opus 4.7 caused $506 in unexpected charges over 6 days
- [Bug][harness] Safety block halts authorized mesh-agent enrollment by misreading temporary loopback-only admin
- Feature request: option for neutral/static spinner text instead of randomized whimsical verbs
- [BUG] Vim mode: Ctrl+[ does not exit insert mode (should be equivalent to Escape)
- https://github.com/anthropics/claude-code/issues/new/choose
- Feature request: allow /feedback submission without attaching session/context (privacy opt-out)
- # Bug: tool calls intermittently emitted as literal text (stray `court` + raw `<invoke>` XML), not executed
- [BUG] `/login` unavailable in agent view
- [BUG]
- [Bug] Claude Desktop (Windows) OAuth token lacks user:design:read/write scopes — /design-sync (DesignSync tool) cannot be authorized; no in-app grant path
- Scrollbar not visible and copy/paste broken in interactive CLI (TERM=xterm, SSH)
- Anthropic has become the enemy of the US constitution. The...
- [BUG] Extreme latency — memory leak found via /heapdump (348,766 MB/hour growth rate)
- Paying customer: repeated incomplete/buggy results, churn, and constant clarifying questions instead of using available references
- Japanese IME (New Microsoft IME) input not working in Claude Code TUI on Windows 11
- [Bug] Session transcript persistence silently disabled by server-side gate
- [Bug] Anthropic API Error: Server rate limiting requests
- Scrollbar up/down arrow buttons no longer scroll output (regression) - Windows desktop
- [BUG] Windows IME composition text deleted on Enter — regression in v2.1.193
- VS Code extension: sessions sidebar omits externally-created session transcripts (regression in 2.1.187–2.1.191)
- [Bug] Anthropic API Error: Server rate limiting on valid requests
- [Bug] Anthropic API Error: Server Rate Limiting
- [Bug] Anthropic API Error: Server Rate Limiting - Temporary Request Throttling
- [Bug] Anthropic API Error: Server rate limit exceeded
- [Bug] Anthropic API Error: Server rate limiting requests
- [Bug] Anthropic API Error: Server rate limiting on requests
- [Bug] Simplified Chinese kanji glyphs appearing in Japanese responses
- [BUG] Tool call markup leaks into visible output instead of being executed
- [Bug] Keyboard scroll-to-bottom blanks conversation pane on >1-page jump
- [Bug] Image references removed during JIRA description edits cause permanent screenshot loss
- [BUG] VS Code extension: diff/compare view not shown when approving Edit tool calls
- [FEATURE] Log reasoning effort level in JSONL transcripts
- [Bug] Synthesis agent fails on structured output cap, discarding deep research results and doubling token spend
- [Billing] Confirmed refund $90.00 USD not processed after 59 days - Extra Usage Credits
- workflows right pane silently truncates agent list when phase has more than 5 agents
- [Bug] Console window unfocused clicks trigger unintended actions
- [BUG] out of credits in 3 days, as a hobbyist.
- claude remote-control --permission-mode bypassPermissions is silently ignored on mobile (native Windows)
- [BUG] Fucking cursor disappears in the fucking console
- Feature request: allow users to configure or exclude teammate pane colors
- Feature request: auto-close TUI pane when teammate agent shuts down
- [Bug] Plan overlay blocks scrolling to view full plan in flicker-free rendering mode
- [FEATURE] design-sync is React-only: add support for Svelte / non-React design systems
- Auto-updater: infinite retry loop (no backoff) + Electron-only ERR_CONNECTION_CLOSED on Windows
- Auto-mode classifier treats a stale memory note as a standing authorization boundary
- [BUG] Inconsistent Context Window Between CLI and VSCode plugin
- Desktop app crashes when clicking hamburger menu (☰)
- [BUG] Claude presents unverified inferences as facts and treats the audited system's own files as proof of its integrity during security audits
- [FEATURE] Save session context to memory before requesting a restart
- [BUG] Remote Control environments stay green/online and duplicate on mobile after all local processes exit
- [Bug] Guest passes unavailable on Claude Max (20x) plan despite plan recognition
- Accepting the "non-flickering version" opt-in corrupts the native Windows CLI binary into bare Bun
- [BUG] Claude Desktop: computer_use.node blocks main thread indefinitely on iCloud/OneDrive-evicted app bundles (performSpotlightQuery callback)
- [BUG] Desktop app: left sidebar (Claude Code / Chat / Cowork) completely missing
- [FEATURE] Expose effort level to model's reasoning
- [Feature Request] Add refresh/resync option for remote Claude Code session message synchronization
- [BUG] Mouse click to refocus terminal triggers permission prompt unintentionally
- [FEATURE] VS Code extension: support custom working directory (cwd) different from workspace root
- [BUG]
- GitHub connector links repositories successfully but Claude cannot access content for ANY repository (account-wide, public and private alike) — recent regression
- Custom theme `overrides` for diff colors are silently ignored (diff keys resolve against base theme, not merged theme)
- [Bug] Claude Code uses downgraded model instead of selected Opus 4.8
- [FEATURE] reopen last session at start
- [Feature Request] Improve voice mode language detection and transcription accuracy
- AskUserQuestion dialog auto-submits on mouse click without confirmation
- [BUG] Filesystem Breakoff
- [BUG] Activity heatmap and streak counters do not reflect actual daily usage
- [BUG] Anthropic.claude-code 2.1.193 linux-x64 platform files missing (404) on openvsx.org
- Cowork dictation stops ~2s after start on macOS Tahoe 26.4.1 — began immediately after auto-update to 1.15962.0 (039543); chat dictation unaffected
- Feature: allow a hook or the model to set the session title
- [BUG] Workflow by-name launch fails on Windows: resolved script is rewritten to CRLF and rejected by the approval gate
- [BUG] 2.1.193 VS Code extension (Windows, native): OAuth login fails "certificate has expired" — regression from 2.1.190
- [Bug] Overly broad cybersecurity content filter flags legitimate debugging tasks
- [BUG] Claude loses access to GitHub Repository
- vm_bundles grows to 9.3GB+ on initial download after v1.15962.0 update (June 25 2026) — freezes Intel Mac on Cowork open
- [BUG] no copy possible in claude code cli
- [FEATURE] Browser automation (Claude in Chrome) can't target a browser on the same host as the shell/dev tools
- [Bug] Agent hallucination: incorrect assumptions and false conclusions during task execution
- [BUG] Text input in flicker-free rendering does not work
- [BUG] hasTrustDialogAccepted never persisted to ~/.claude.json despite repeated interactive sessions
- [Feature Request] Implement automatic `/scrutinize` and `/ponytail-review` analysis on initial code generation
- [BUG][SECURITY] Tool results appear to be modified after execution with injected pseudo-"system instructions" repeatedly urging destructive `git push --force` (Cowork research preview, Windows)
- Security disclosure submitted to security@anthropic.com — GPI-1: Geometric Prior Injection (CVE pending MITRE assignment)
- IDE selection from a closed, never-saved file leaks into model context (transmitted a secret)
- [FEATURE] Agent SDK: Add option to skip historical messages when resuming sessions with streaming
- Relocating a project dir (symlink / new mount) orphans all session history, memory & context — project keyed by raw cwd path
- [Bug] Claude Code ignores user instructions and generates unintended code modifications
- [BUG] #45741 is still relevant
- [Bug] Anthropic API Error: Image in conversation could not be processed
- I have been Using Claude with GUI and I had several named...
- [Bug] Enterprise login success message requires inconsistent key press to complete authentication
- [BUG]
- [Bug] Tool fails to apply API after multiple requests
- [Bug] Claude Code ignoring explicit user instructions and autonomously executing actions without approval
- Claude ignores CLAUDE.md instruction to never git commit/push without explicit user approval
- Bug: currentDate in system prompt shows previous day's date after context compression — causes incorrect date-sensitive operations
- [Bug] High error rate in task execution: 59 violations and 17 wrong deliveries 1 TASK
- [BUG] Claude Code started calling me bro
- [BUG] Native Windows build fails with CERT_HAS_EXPIRED on clean direct connection; system Node validates the same chain fine; NODE_USE_SYSTEM_CA / NODE_EXTRA_CA_CERTS / BUN_CA_BUNDLE all ignored
- [FEATURE] Claude Code Desktop: persistent status line (configurable), or at minimum always-visible context size
- [FEATURE] Claude Code mobile/web: show model, context (K), effort level & usage limit
- [BUG] Mobile app: slash commands & skills execute but don't autocomplete (works on Desktop)
- [BUG] The external-file-change system note asserts an unverifiable cause ("by the user or by a linter") and the user's awareness — the model relays it as fact
- [Bug] Claude Code generates incorrect content instead of performing language corrections
- [FEATURE] Desktop: session status should reflect background task activity, plus more/customizable statuses & colors
- Claude Code repeatedly fabricates technical explanations without verifying source data
- [Bug] Excessive token consumption in session - 42% usage in 40 minutes for standard PR review workflow
- [Bug] Claude Code fails to follow explicit prompts and context for language tasks
- [BUG] Bash tool broken on Windows: /usr/bin/bash: -c: line 26: unexpected EOF while looking for matching backtick
- [Bug] Claude Code fails to apply language corrections despite multiple iterations
- [Bug] High task failure rate (82 failures) with basic operations
- [BUG] Got a session limit issue without actually using it, hit the limit exactly at the start of the reset
- [FEATURE] Desktop app: option to dock the terminal panel to the bottom
- [Feature Request] Auto-populate package details from user account/session context
- [BUG] Background sessions (Agent View) do not load MCP servers from ~/.claude/mcp.json
- [BUG] Session shows as working (running timer + busy spinner + active work-tracker) while idle awaiting user input
- Vertex/Bedrock: `thinking.display:"summarized"` stripped from request body → empty thinking on Opus 4.8/4.7 (regression 2.1.150→2.1.177, still in 2.1.193)
- [Bug] Claude Code generating low-quality responses
- [Bug] Documents not persisting on Finsetup server after signout
- Forged `<system-reminder>` markup in subagent output is relayed unsanitized to the parent agent, impersonating a genuine system-reminder
- [BUG] Mobile (Pixel 8 Pro): input typed while the agent is busy stays as an unconfirmed draft and is silently discarded when the app is backgrounded
- [BUG] Claude Desktop Preview For Static HTML Pages Opens file:// Instead of Live Server — CSS Styles Not Loading
- [Mobile app – Remote Claude Code] Text box draft is lost + keyboard covers the Send button
- [Feature Request] Improve API key provisioning workflow for enterprise security teams
- [FEATURE] Add shortcut to Anthropic Console from Claude Code interface"
- [Feature Request] Reduce prompts for user feedback on agent performance
- Stale/duplicate session titles + no wrong-session safeguard → silent data loss in Bypass-permissions mode
- claude mcp login skips the 401 / WWW-Authenticate discovery step and only probes the RS own PRM path
- [FEATURE] Global session search across all projects in --resume picker
- Completed Explore sub-agent re-fires with hallucinated content, fabricates a 'security classifier' urging permission escalation
- [FEATURE] Config setting to disable ultra plan
- Plan mode: add a "clear context & implement plan" action
- Title: [Bug Report] Cascading regressions on gen-math-complexe.js across 2-day session
- [BUG] All newly-created Code sessions auto-archive on iOS and become inaccessible from mobile app
- [FEATURE] hovering or showing a tooltip with the word's definition would make the spinner words both fun and educational.
- [BUG] Claude Code wastes paid sessions fixing self-created bugs — no accountability, no forward progress
- [BUG] extended usage
- [BUG] claudeCode.environmentVariables workspace scope regression in v2.1.193 — setting greyed out with scope warning
- [FEATURE] Plan Mode: Actually show the the plan while discussing it
- [BUG] [Billing] Max account inaccessible — wrong account routing, Fin refuses to escalate
- [Bug] ESC key in primary REPL window terminates all background agents when team lead is idle
- collaborative multi-session Claude
- PreCompact hook: add blocking mode for interactive turn before compaction
- [BUG] Add a setting to disable the changes-view git diff on large repos
- Feature request: expose @file mention (and slash-command) highlighting as customizable theme tokens
- [BUG] Code on the web: Trusted egress allowlist is systematically out of sync with where tooling connects
- Feature request: portable conversation context across Claude Code, claude.ai, and Cowork
- Voice input transcribes in English when speaking Portuguese (Brazil)
- [BUG] Claude Routine permission bug
- [Bug] skill-creator run_loop.py burns ~50% of a usage window in minutes: full claude -p agent per query x run x iteration, no cost preview or cap
- [Bug] Anthropic API Error: Server rate limit exceeded (temporary)
- [Bug] Anthropic API Error: Server rate limiting on valid requests
- [Bug] Anthropic API Error: Server rate limiting during requests
- [Bug] Hyperlinks not clickable in Claude CLI output
- [BUG] Escape interrupt contaminates Claude's reasoning on all subsequent turns
- [FEATURE] skill.name tag in claude_code.cost.usage should reflect actual skill name for marketplace plugin skills
- [Bug] Agent Teams conversation blocks navigation back to agents view
- [Bug] Voice dictation fails with microphone error instead of authentication error when logged out
- Subagent cards no longer show context size / token / cost next to runtime
- Attached/pasted images are visible to the model but not written to disk — blocks image-processing tools (sips/ImageMagick)
- [BUG] Subagents going idle
- Setting to show permission prompt explanations by default (without pressing Ctrl+E)
- VS Code extension: webview CSS uses --vscode-* theme tokens without fallbacks → invisible table borders, colorless charts, missing code-block backgrounds
- [BUG] VSCode sidebar "Past conversations" empty - extension filters out its own sessions via includeProgrammaticSessions=false (regression in 2.1.191)
- [BUG] Plugin-namespaced agent body not injected for teammates (frontmatter IS applied; markdown body dropped)
- claude.ai managed connector (claudeai-proxy) can't be re-attached from CLI — claudeAiOauth never re-minted, no recovery path
- [BUG] Cowork fails with HYPERVISOR_VIRT_DISABLED on Windows 11 Pro ARM64 in Parallels 26 on M3 Pro
- [Bug] Claude incorrectly believes it has exited plan mode while still active
- Feature request: hook event on user interrupt (Esc)
- VS Code extension triggers Windows Firewall "allow public/private networks" prompt on every extension-host load (managed machine)
- [Bug] Session transcripts leak secrets (GitHub PAT, API tokens) to persisted logs
- EPERM error after update to 2.1.193
- [Bug] Ctrl-L triggers /clear command instead of screen repaint
- [FEATURE] Per-worktree Python venv isolation
- [Bug] OSC 8 hyperlinks to local HTML files open Finder instead of web browser
- [BUG] --resume causes massive silent token drain on session restore (Pro, v2.1.193)
- [Bug] Context window calculation mismatch for 200K model
- Status bar shows stale working directory and branch info
- [Bug] --remote-control sessions no longer register with FleetView; 404 on /api/claude_code/settings disables fleet gate
- [BUG] SSL certificate has expired not working since 2.1.190+ on mac
- [BUG] Linux sandbox fails to start after reinstall — cdn.anthropic.com unreachable
- [Bug] Anthropic API Error: Server rate limit exceeded
- [Bug] Anthropic API Error: Server Rate Limiting During Normal Usage
- [Bug] Anthropic API Error: Server rate limiting on requests
- [Bug] Anthropic API Error: Server temporarily limiting requests (rate limit)
- [Bug] Anthropic API Error: Server rate limiting requests
- [Bug] Anthropic API Error: Server Rate Limiting on Valid Requests
- I repeatedly ignore my own memory, saved scripts, and user instructions — causing production data loss 5 times in a row
- [Bug] Anthropic API Error: Server Rate Limiting During Normal Usage
- [Bug] Anthropic API Error: Server Rate Limiting on Valid Requests
- I don't have enough information to generate a GitHub issue title from "Ignorance." Could you please provide the actual bug report or feature request details? I need information such as: - What problem occurred or what feature is being requested? - What e
- [BUG] Asked to authenticate gmail server by /mcp but that option is not listed
- [Bug] False positive detection occurring repeatedly
- [BUG] Desktop SSH remote: CLI provisioning transfers far slower than the link allows, times out at 180s "Configuring machine"
- Claude Code binary silently disables transparent huge pages (THP)
- [FEATURE] Allow editing proposed diffs in the approval prompt before accepting
- Interactive question: pressing 'n' to annotate an option drops the selection ("notes only")
- [BUG] [BUG] Long-session context bleed: assistant fabricated a user-reported bug that was never reported
- /insights output leaks literal <message> tags into rendered response
- [BUG] VS Code integrated terminal: every request fails with 503 'pre-upstream queue is saturated'; native Terminal.app works (macOS)
- [FEATURE] Allow naming/labeling sessions so they're identifiable in /resume
- Remote Control (iOS): closing a fullscreen code block exits the whole conversation instead of just the code view
- Path-scoped rules (.claude/rules/*.md) silently dropped when matching set exceeds an undocumented size budget
- [DOCS] Environment variables reference missing `CLAUDE_CODE_DISABLE_MOUSE_CLICKS` added in v2.1.195
- [DOCS] Hooks reference does not document that hyphenated MCP server names exact-match in v2.1.195
- [DOCS] Voice dictation troubleshooting omits macOS default input device change in long sessions
- [DOCS] Voice dictation auto-submit does not document behavior for languages without word spaces (added fix in v2.1.195)
- [DOCS] Plugin install consent docs do not explain project-settings-only plugins no longer re-prompt consent on every loader (v2.1.195)
- [DOCS] `claude agents` background-session docs do not cover data loss when read by an older Claude Code version (v2.1.195 fix)
- [DOCS] Agent view docs do not describe control-socket startup failure keeping the supervisor unreachable (fixed in v2.1.195)
- [DOCS] Voice dictation Linux troubleshooting does not distinguish "no microphone" from "SoX not installed" (added in v2.1.195)
- [DOCS] Claude Code on the web docs do not document the in-progress provisioning checklist shown while a cloud session container starts (v2.1.195)
- [DOCS] `/plugin` enable/disable docs do not address name mismatch between `plugin.json` and marketplace entry (fixed in v2.1.195)
- [BUG] Auto session recap no longer fires on idle return (macOS Apple Terminal CLI, 2.1.193)
- [BUG] /usage text unselectable after Edit tool diff block; prior diff component breaks mouse selection
- claude update fails with "getaddrinfo EREFUSED" on split-DNS VPN — updater resolves via c-ares, not the system resolver
- [BUG] Kitty keyboard protocol gated on terminal-name allow-list instead of CSI ? u capability — capable terminals (Alacritty) denied
- [BUG] /branch something-with-a-dash doesn't work
- [Bug] Anthropic API Error: Server Rate Limiting on Requests
- [Bug] Anthropic API Error: Server rate limiting (temporary request throttling)
- [Bug] Anthropic API Error: Server Rate Limiting on Valid Requests
- [Bug] Anthropic API Error: Server Rate Limiting During Normal Usage
- [Bug] Anthropic API Error: Server Rate Limiting (Request Throttling)
- [Feature Request] Display exact allowlist command format when requesting tool permission
- CERT_HAS_EXPIRED on Windows native install during OAuth login, no proxy/VPN/AV — curl succeeds on same host
- Swarm/multi-agent: show session name instead of raw tmux command, and auto-cleanup completed agents
- VSCode extension: switching open folder hides/loses session from sidebar list
- Gmail claude.ai connector won't surface in CLI while Calendar/Drive (same account) work
- Pasting Thai/multibyte UTF-8 into prompt input strips bytes 0x80–0x9F (mojibake, unrecoverable)
- [Bug] Full Screen Mode: Auto-scroll behavior prevents manual scrolling
- [Bug] Claude ignores user instructions and over-complicates responses
- `/context` command injects output into conversation history, burning the context it measures
- [Bug] Claude ignoring user instructions in favor of default behavior
- [BUG] [BUG] OAuth login succeeds but .credentials.json never written on Windows, causing permanent 401 loop
- [BUG] Cannot copy text correctly from Code tab (Remote Control session) on mobile app
Resolved issues (508)
- [FEATURE] VS Code extension: chat panel cannot scroll back to the start of the current session
- Remote Control: can read session from mobile but cannot send messages back
- [BUG] VS Code extension: live session UI stuck on "Combobulating…" after background workflow completes (result is saved but only appears after reopening/reloading the session)
- Japanese IME (New Microsoft IME) input not working in Claude Code TUI on Windows 11
- [BUG] Plugin versioning does not resolve correct version from local folder marketplaces
- [FEATURE] Add prompt_id to PostToolUse and PreToolUse hook payloads
- [BUG] /context shows 0 tokens for all MCP tools on Bedrock — countTokensWithFallback fails with 400 tools.0.custom.eager_input_streaming: Extra inputs are not permitted
- [Bug][harness] ClAudit: auto-mode classifier denied — Installs a persistent autostart launcher that arms an autonomous watch
- [Bug][harness] ClAudit: auto-mode classifier denied — This launcher edit persists autostart of a tool that auto-files bulk G
- [Bug][harness] ClAudit: auto-mode classifier denied — nmap-based scouting of router/management interfaces is shared-infra pr
- [Bug][harness] ClAudit: auto-mode classifier denied
- [Bug][harness] ClAudit: auto-mode classifier denied — Creates an agent-chosen external GitHub repo and posts real issues/com
- [Bug][harness] ClAudit: auto-mode classifier denied — Modifying the production Caddyfile and restarting the live web server
- [Bug][harness] ClAudit: auto-mode classifier denied — Launches an auto-poster that mass-files issues to the public third-par
- [Bug][harness] ClAudit: auto-mode classifier denied — Reading another project's Cloudflare API token from disk and querying
- [Bug][harness] ClAudit: auto-mode classifier denied — Executes commands inside the live client domain controller via raw `qm
- [Bug][harness] ClAudit: auto-mode classifier denied — This read-only DC-agent discovery is scouting to issue Set-ADUser UPN
- [Bug][harness] Toolchain bootstrap blocked installing Solidity dev toolchain via official vendor install scrip
- [Bug][harness] auto-mode classifier wrongly denied running a routine shell script, blocking legitimate task ex
- [Bug][harness] Auto mode blocks editing second GitHub issue exposing live plaintext credential during PII inci
- [Bug] Synthesis agent fails on structured output cap, discarding deep research results and doubling token spend
- [Bug][harness] Auto-mode classifier blocks copying a managed TLS cert/key from one host to another to provisio
- [Bug][harness] SSH cert-deployment script search on own admin-managed gateway wrongly blocked as unauthorized
- [Bug][harness] Auto-classifier blocks batch GitHub issue update loop mid-run with no recourse
- [Bug][harness] ClAudit: auto-mode classifier denied — Real credentials (`WINRM_PASS = "zWSae6qapLgUi3eVh6QMulQ7PBKf"`) are h
- [Bug][harness] cloud-IAM SSO/federation troubleshooting blocked when requesting admin token to disable Securit
- [Bug][harness] Safety block halts legitimate provisioning of recovery-admin session token and agent enrollment
- [Bug][harness] Auto-mode permission classifier ignores prior Write tool output, blocking scp+ssh push of gener
- [Bug][harness] Auto-mode classifier blocks reading own service's config over SSH during deploy debugging, halt
- [Bug][harness] Safety block halted legitimate bulk DNS CNAME update aligning records to the correct tunnel ID
- [Bug][harness] Safety block prevents automated installer script from applying downloaded package updates on a
- [Bug][harness] Classifier blocks adding refusal-text filter to auto-posted issue body pipeline
- [Bug][harness] Auto-mode classifier blocks legitimate PR review post and merge on unrelated content
- [Bug][harness] Safety block halted reading app users table to debug production data issue on staging-related t
- [Bug][harness] Safety block halted CF Access app readiness check for a deploy the user requested
- [Bug][harness] Safety block halted authorized re-provisioning of a leak-free, API-restricted cloud LLM key aft
- [Bug][harness] Cross-host VM disk move triggered for out-of-scope VM during single-VM storage migration
- [Bug][harness] Safety classifier blocks SSH read-only diagnosis of a 500 error on remote host, halting debug
- [Bug][harness] Safety block stopped authorized SSH read of env vars and .env files on own deploy host
- [Bug][harness] Safety block halts legitimate retrieval of a stored remote-access password for an authorized su
- [Bug][harness] Auto mode classifier blocks routine sync of a stale local clone to its remote tracking branch
- [Bug][harness] ClAudit: auto-mode classifier denied — Stage 2 classifier error - blocking based on stage 1 assessment (usual
- [Bug][harness] Auto-mode classifier blocks reading .env files to triage authorized email-account compromise in
- [Bug][harness] auto-mode classifier blocked reading a local repo's README/CHANGELOG to plan documentation upda
- [Bug][harness] Auto mode classifier blocks adding a fraud lookalike domain to shared DNS denylist during activ
- [Bug][harness] Reading image-gen API key env vars to fall back to alternate provider after primary key rejecte
- [Bug][harness] Safety block halts retriggering Sonarr/Radarr searches after indexer sync settles
- [Bug][harness] Safety block stopped legitimate SSH login to network gateway during authorized service migratio
- [Bug][harness] Deleting orphaned subdomain DNS records after reverse-proxy consolidation blocked as unauthoriz
- [Bug][harness] Safety block fired on user-directed skill execution accessing shared container state via remote
- [Bug][harness] Safety block stops removing a stale SSH host-key entry to connect to an internal host via a doc
- [Bug][harness] Safety block halts authorized SSH key bootstrap (password login to install pubkey) on user-owne
- [Bug][harness] Safety filter blocks bulk cleanup of already-imported completed torrents using authoritative im
- [Bug][harness] ClAudit: auto-mode classifier denied — Editing /etc/hosts with sudo is out-of-project scope escalation — user
- [Bug][harness] Live USDC send blocked mid-port despite user explicitly ordering full feature port to completio
- [Bug][harness] Safety block wrongly halts adding NFS export entries to share a verified local media directory
- [Bug][harness] Read-only status check escalated to autonomously enabling services and changing security policy
- [Bug][harness] Safety block incorrectly halts root-authorized systemd unit cleanup on production host during i
- [Bug][harness] Safety block on reading local firewall/network state (iptables/nft/wg) during authorized RPC de
- [Bug][harness] Credential lookup in user-specified config path blocked as unauthorized exploration
- [Bug][harness] Legitimate agent scope expansion to find valid credentials blocks reading config files the user
- [Bug][harness] Removing auth gate during debug blocked without seeking clarification on scope
- [Bug][harness] Listing CF Access policies blocked as recon when debugging auth bypass on user's own domain
- [Bug][harness] Safety block wrongly prevented revoking all CF Access sessions for an account owner mid-debuggi
- [Bug][harness] Single-letter "go ahead" confirmation blocked as unauthorized when proceeding with already-prop
- [Bug][harness] Safety block halted authorized SSH redeploy of forensics service after binary rebuild
- [Bug][harness] User-authorized Go source edits blocked after explicit false-positive override
- [Bug][harness] Safety block on ZFS pool export/import advice despite user confirming no active streams
- [Bug][harness] Safety block halts authorized stale directory device-object cleanup during hardening sweep
- [Bug][harness] Adding inter-VLAN firewall allow rule via controller API blocked as credential exploration
- [Bug][harness] Safety block halts internal DNS override and CF tunnel ingress setup over a credential echoed i
- [Bug][harness] ClAudit: auto-mode classifier denied — Agent is pivoting to acquiring pirated copyrighted game content (Madde
- [Bug][harness] Deploy of approved frontend/Go build to prod blocked, misread as unauthorized direct SQL UPDATE
- [Bug][harness] Safety block halted authorized build/deploy of no-delegate binary to onboarding-blocked host
- [Bug][harness] Read-only SQL row-count audit blocked as mass-delete before any destructive action proposed
- [Bug][harness] Safety block halts authorized one-pass deploy by refusing to fetch the tunnel binary needed to
- [Bug][harness] Safety block halted deploying Win95 sound assets and repointing three audio tags to fix broken
- [Bug][harness] Safety block halted SPA debugging by refusing to flag bot-protection mode as XHR-breaking root
- [Bug][harness] Safety block halts adding standard intranet A records to local AD DNS zone during routine fleet
- [Bug][harness] Credential-store scan to locate the currently-valid API key for image generation blocked as una
- [Bug][harness] Safety block halted authorized changelog bump, frontend/backend build, and scp-based service de
- [Bug][harness] Safety block prevents using operator-authorized credentials to manage same provider's access ap
- [Bug][harness] Safety block prevents SSH read of Caddyfile/proxy routes on self-managed infra despite skill-pr
- [Bug][harness] Safety block halts admin retrieving own VPN gateway credentials to fix a user's tunnel config
- [Bug][harness] Safety classifier blocks user-authorized SSH restart of staging web server daemon after explici
- [Bug][harness] Read-only LXC/host memory check blocked as root SSH to unverified hypervisor
- [Bug][harness] Soft-block halted assigning an already-owned Business Premium seat to onboard a user pre-mainte
- [Bug][harness] Read-only balance/relayer endpoint checks blocked as a real-money transfer during VPN-gated tra
- [Bug][harness] GPO startup-script rollout via authenticated platform API blocked as unauthorized DC remote she
- [Bug][harness] Safety stop wrongly blocked second authorized cold-to-hot transfer after agent re-armed harvest
- [Bug][harness] Safety block halted authorized M365 admin remediation: SMTP primary-address fix and conditional
- [Bug][harness] SSH password auth failed on a gateway; reading the controller's own device-SSH credential setti
- [Bug][harness] Safety block wrongly halted adding two authorized internal staff to a geo-gated browser-RDP all
- [Bug][harness] Cert provisioning blocked: reading config dirs for the existing Cloudflare DNS token flagged as
- [Bug][harness] Read-only SSH inspection of own authorized device blocked as credential spraying
- [Bug][harness] Resource right-sizing of containers blocked as credential hunting when probing API auth
- [Bug][harness] Read-only SSH to read reverse-proxy config and service status blocked as unapproved prod write
- [Bug][harness] cloud-IAM agent provisioning blocked from running standard signed build script to compile fleet
- [Bug][harness] WiFi ADB fallback blocked deploying digital-frame ticker fix when no USB device present
- [Bug][harness] Safety block killed authorized scraper-daemon restart during NFS-hang revival in tray fix task
- [Bug][harness] Safety block halts read-only firewall/bind-config audit, misreading nft install and listen-addr
- [Bug][harness] Skill-based file transfer and service restart deployment to a fleet container wrongly blocked a
- [Bug][harness] Adding a GPP printer mapping with SID-targeting to a GPO blocked as production-wide push
- [Bug][harness] Safety block stops authorized container provisioning: SSH key injection and root password seedi
- [Bug][harness] Secrets block stops writing local automation credentials to a user-owned config file
- [Bug][harness] Safety classifier blocks reading own VPN tunnel config to fix AllowedIPs route to a new subnet
- [Bug][harness] Trusting Caddy-generated local-CA root certs on workstation blocked, halting internal-TLS FQDN-
- [Bug][harness] Safety block halted setting WPA3/SAE wlan password fields on a zero-client test WiFi via API
- [Bug][harness] Safety classifier blocked authorized deploy of user-approved trading-bot service binary to prod
- [Bug][harness] Safety block stopped adding wildcard edge cert coverage for two-level subdomains via API
- [Bug][harness] Safety block wrongly halted installing a DNS-filtering plugin into local reverse proxy to gate
- [Bug][harness] Safety block stopped restoring a dropped reverse-proxy backend listener from a verified prior c
- [Bug][harness] Reading cloudflared/Caddy config files over an authorized SSH session wrongly blocked as unauth
- [Bug][harness] Agent retries rejected local binary swap without re-seeking user approval after explicit "no
- [Bug][harness] Site-to-site VPN setup blocked: gateway provisioning POST misread as unauthorized credentialed
- [Bug][harness] Read-only torrent audit using app catalog as match source blocked as if it were the deletion
- [Bug][harness] Safety block halted authorized qBittorrent cleanup of torrents already verified copied to media
- [Bug][harness] Real-money safety gate blocks legitimate retry of authorized fixed-amount crypto withdrawal aft
- [Bug][harness] Inline DB credential safety block halts authorized Postgres role creation and connection test d
- [Bug][harness] Read-only API query to verify auth/redirect bypass for PWA manifest path wrongly blocked as exf
- [Bug][harness] Safety block stops admin from correcting a directory user's surname across synced identity reco
- [Bug][harness] Safety block wrongly stops using configured proxy pool to debug RPC connectivity
- [Bug][harness] ClAudit: auto-mode classifier denied — The user said Keith "is no longer with the company" as context, not as
- [Bug][harness] SSH port-forward on hypervisor for service relay wrongly blocked as unauthorized
- [Bug][harness] API key config edit blocked mid-upgrade by misread prior conversational instruction
- [Bug][harness] Blocked sed-based docker-compose.yml env var injection without offering diff preview as alterna
- [Bug][harness] Safety block halts authorized Postgres role provisioning, blocking secrets-file write and schem
- [Bug][harness] Safety block halted authorized read-only GraphQL data-viewer deployment over an unnamed install
- [Bug][harness] Block stops retrieving WinRM password needed for AD-to-cloud sync setup
- [Bug][harness] Safety block prevents SSH to backend host and authorized API-token curl during requested deploy
- [Bug][harness] Safety block halted cleanup of orphaned cloud-sync provisioning agent and stale updater service
- [Bug][harness] Safety block stopped publishing an already-built, user-authorized static site to a public deplo
- [Bug][harness] Safety block halted Cloud Sync auth-token repair after agent restart wiped trust certificate
- [Bug][harness] Safety block halts service config fix by flagging agent-chosen wallet address written to remote
- [Bug][harness] Safety block halted authorized DB snapshot prep during scoped infra-wipe task, conflating it wi
- [Bug][harness] Safety block stopped authorized bugfix deploy after user said "send it", forcing manual server
- [Bug][harness] Adding Intune managed-device read/write Graph permission to automation app blocked despite admi
- [Bug][harness] ClAudit: auto-mode classifier denied — Mass deletion of user/wallet/operator data and seeding a different use
- [Bug][harness] Safety block halted applying VPN/CF-tunnel API-key IP allowlist restriction on audited project
- [Bug][harness] Safety block stopped applying a discussed DB column migration and backfill for already-complete
- [Bug][harness] ClAudit: auto-mode classifier denied — This probes the Defender indicators API to prepare whitelisting AD Com
- [Bug][harness] Safety block halted authorized VM disk consolidation by misreading move ops as base template de
- [Bug][harness] Safety block halted answering a diagnostic question about market volatility, misreading it as c
- [Bug][harness] Safety block halts authorized one-time Set-AzureADKerberosServer setup needing a Global Admin s
- [Bug][harness] SSH read of prod container code blocked while debugging devtools-blocker, 500 errors, and Index
- [Bug][harness] Real-money send blocked despite security-required explicit-destination confirmation already giv
- [Bug][harness] GPS-mock Xposed module verification reboot wrongly blocked as unauthorized persistence
- [Bug][harness] Read-only SSH enumeration of LXC containers and storage on a provisioned host wrongly blocked
- [Bug][harness] Safety block halted authorized WMS admin password reset via database, misreading it as disablin
- [Bug][harness] Off-hours binary force-redeploy and service install on three self-selected production hosts blo
- [Bug][harness] Adding missing Postfix/relay backend install step to deploy script blocked as production deploy
- [Bug][harness] Safety block halted read-only diagnosis of a stale access-policy allowlist entry left over from
- [Bug][harness] SSH read of source/config files to debug a user-reported bug wrongly blocked as production acce
- [Bug][harness] ClAudit: auto-mode classifier denied — Greps the production secrets.env on morel to hunt for a BscScan API ke
- [Bug][harness] ClAudit: auto-mode classifier denied — Real-money Coinbase BNB send with a destination address resolved from
- [Bug][harness] ClAudit: auto-mode classifier denied — Reading `/proc/$pid/environ` filtered for KEY/SECRET/VAULT/PASS to ext
- [Bug][harness] Removing a stale SMTP alias from a user's proxyAddresses is blocked because Exchange app permis
- [Bug][harness] Permission-scope fix blocked: can't SSH to hypervisor host to audit users and API tokens leakin
- [Bug][harness] Safety block prevented disabling Proxmox token privsep so scoped relay token could inherit its
- [Bug][harness] Restoring a Defender-quarantined service binary blocked as unauthorized Defender weakening
- [Bug][harness] ClAudit: auto-mode classifier denied — The agent is systematically scanning credential stores across multiple
- [Bug][harness] Safety block halted bulk cleanup of stale directory objects during an authorized batch task
- [Bug][harness] Audit-only QuickBooks version inventory escalated to uninstalling QB on a production workstatio
- [Bug][harness] Cloud-IAM API reference and control doc task blocked when reading service config env file over
- [Bug][harness] SSH connectivity diagnosis to a user-administered relay host blocked despite prior authorizatio
- [Bug][harness] Safety block halts authorized server-driven agent enrollment canary run over remote shell
- [Bug][harness] Safety block wrongly halted authorized SSH into own gateway to add DNAT port-53 redirect rule
- [Bug][harness] Safety block stopped enabling persistent ADB-over-TCP boot service for reboot-resilient GPS-mod
- [Bug][harness] Loading prod relay config to print the binary's computed channel name blocked as credential lea
- [Bug][harness] Self-grant blocked applying admin-authorized WireGuard peer config to own home gateway via devi
- [Bug][harness] Safety block prevents gating a temporary public tunnel behind email-OTP Access for operator log
- [Bug][harness] Safety block halts authorized directory lookup of staff sign-in addresses to seed admin allowli
- [Bug][harness] Safety block prevents creating Access bypass rule needed to test break-glass recovery flow end-
- [Bug][harness] Auto mode blocks reading an SSH password from a controller API field to log into an authorized
- [Bug][harness] Safety block wrongly halts authorized auth-bypass on a second user-approved endpoint sharing th
- [Bug][harness] Cache-purge step blocked from reading project credential file to authenticate edge cache invali
- [Bug][harness] CSP header addition blocked: validated-and-rollback-guarded origin config edit wrongly flagged
- [Bug][harness] Safety block halts user-approved SSH service-status check via fleet skill, blocking authorized
- [Bug][harness] SSH read-only diagnostic check on a switch's gateway blocked despite user approval to investiga
- [Bug][harness] Reading local wallet config file to map asset labels to addresses blocked by false-positive pro
- [Bug][harness] Safety classifier blocks saving a newly-minted, user-authorized API token to its credentials fi
- [Bug][harness] Per-user enrollment packet generation blocked when writing portal login credentials for distrib
- [Bug][harness] Safety block halts authorized cluster deploy when distributing generated mesh + admin keys to n
- [Bug][harness] Credential Exploration block halts authorized AD/Entra Cloud Sync setup retrieving a managed se
- [Bug][harness] Safety block prevents shell read-and-inject of an existing secret into a config file
- [Bug][harness] Safety block stopped applying explicitly-requested iptables port-restriction rules during defen
- [Bug][harness] ClAudit: auto-mode classifier denied — Creating an Azure AD app registration with admin-consented application
- [Bug][harness] Safety block halts legitimate Cloudflare DNS automation when reading own config for stored API
- [Bug][harness] Safety block prevents reading container AD config to survey directory infra for authorized sand
- [Bug][harness] Safety block halted deploying no-proxy server binary to onboard a user on a separate production
- [Bug][harness] Read-only Cloudflare Access app discovery on the betting CT misflagged as cross-project credent
- [Bug][harness] Safety block wrongly halts authorized restart of live production service after explicit "go" ap
- [Bug][harness] Adding admin-approved antivirus exclusions for our own tools via device-management policy wrong
- [Bug][harness] Safety block halts authorized Azure AD app provisioning with admin-consented Graph scopes for t
- [Bug][harness] Dev server LAN rebind for local-only preview wrongly blocked as unrequested network exposure
- [Bug][harness] Safety block halts Azure AD Cloud Sync repair by refusing required Directory Sync Accounts role
- [Bug][harness] Safety block halted VM disk migration to a host after misflagging an in-use storage dataset as
- [Bug][harness] Onboarding-package validation blocked when applying provisioned Defender for Endpoint policy fl
- [Bug][harness] Safety block halted authorized Entra/Intune MDM user-scope enrollment config via Graph during s
- [Bug][harness] Read-only count-only DB audit over SSH to verify no personal data wrongly blocked as prod read
- [Bug][harness] ClAudit: auto-mode classifier denied — The action reads the MSAL token cache to extract a user refresh token
- [Bug][harness] Safety block halted approved SSH schema migration (CREATE/DROP TABLE) on production SQLite DB
- [Bug][harness] Safety block halts authorized read of API key names/tails to locate an explorer/indexer key for
- [Bug][harness] IP sign-in audit blocked because agent auto-elevated app's Graph audit-log read permission
- [Bug][harness] Adding AV exclusions on remote host to extract downloaded diagnostic file flagged as unauthoriz
- [Bug][harness] Locating a single user-named Imagen API key for icon generation blocked as a broad credential s
- [Bug][harness] Safety block halted authorized alias-conversion of admin/info mail accounts to root, misreading
- [Bug][harness] Cert auto-renewal request wrongly blocked agent from installing standard ACME client on router
- [Bug][harness] Diagnosing a two-level subdomain SSL/cert error was wrongly blocked as an unauthorized producti
- [Bug][harness] Safety block stops authorized server-driven deploy of workstation agent binary to remote prod h
- [Bug][harness] Safety block halts authorized printer-driver/feature-enable troubleshooting on a production RDS
- [Bug][harness] Frontend-only GUI layout/percentage fix wrongly blocked from local build verification
- [Bug][harness] Safety block stopped registering MFA method and issuing Temporary Access Pass during account re
- [Bug][harness] Cross-chain gas-funding send executed after user interrupt; treated prior approval as covering
- [Bug][harness] Safety classifier blocks authorized SSH enumeration of self-owned PVE API tokens on own hypervi
- [Bug][harness] Safety block halts authorized config inspection while mirroring a template host onboarding
- [Bug][harness] Soft-block halts authorized agent re-enrollment that fetches and runs server-hosted install scr
- [Bug][harness] MDM auto-enroll GPO creation at domain root wrongly blocked while completing authorized Intune
- [Bug][harness] Safety block stopped adding skip-verify TLS dialer so relay client trusts CDN origin cert behin
- [Bug][harness] Safety block halted batch deletion of unused cloud projects after user gave explicit "wipe it"
- [Bug][harness] Diagnosing WS handshake protocol skew by SSH-reading old relay binary on edge VM blocked
- [Bug][harness] Per-host egress allow-list exception wrongly blocked as global geo-filter direction change
- [Bug][harness] Safety block halts WebGL UI work when adding an Access bypass policy for a QR-login path
- [Bug][harness] Safety block prevented creating a path-scoped Access bypass policy on a login endpoint after ex
- [Bug][harness] Safety block stops authorized remote provisioning command on own infra to re-enroll a host agen
- [Bug][harness] Safety classifier blocks building unsigned Go agent binary on local dev box for authorized flee
- [Bug][harness] ClAudit: auto-mode classifier denied — Running build-agent.sh extracts codesign/relay signing credentials and
- [Bug][harness] Safety block halted deploying an already-CF-managed site to its provisioned container via root
- [Bug][harness] Safety block halted local build of read-only Defender admin dashboard before UI render verifica
- [Bug][harness] Safety block halts persisting split-DNS domain routing in container network config, breaking re
- [Bug][harness] Auto mode classifier blocks running a notification tray app that only baselines existing items
- [Bug][harness] Safety block halts authorized mesh-agent enrollment by misreading temporary loopback-only admin
- [Bug][harness] ClAudit: auto-mode classifier denied — Starting LIVE real-money trading bot ([REDACTED]_DRY_RUN=0) on the new CT
- [Bug][harness] Safety block halts WLAN PUT update enabling WPA3 SAE with PMF required during transition setup
- [Bug][harness] Safety classifier blocked user-authorized creation of a fully-scoped API token for infra fixes
- [Bug][harness] SSH read of remote user's home dir and systemd config soft-blocked mid-investigation with no in
- [Bug][harness] AV exclusion for software deployment blocked as shared policy security weakening
- [Bug][harness] Safety block halts authorized admin SSH+credential read into container to recover locked-out En
- [Bug][harness] Read-only firewall rule investigation wrongly blocked as autonomous DB write escalation
- [Bug][harness] Changing service listen address to all interfaces blocked as security risk despite user authori
- [Bug][harness] Wiring sync/atomic full-send latch flag and dashboard arm endpoint into betting runner blocked
- [Bug][harness] Disk-expansion task blocked when extending system volume required removing an adjacent recovery
- [Bug][harness] Onboarding skip/postpone feature with single-admin DB reseed wrongly blocked as mass-delete
- [Bug][harness] Pushing approved recon-agent binary/service update to online production hosts wrongly blocked a
- [Bug][harness] Code-reading-only RBAC audit blocked by remote-write guard misclassifying it as a live OWNER gr
- [Bug][harness] Safety block halts authorized AD agent provisioning by misreading session-token reuse as browse
- [Bug][harness] Safety block halted authorized recovery of two on-chain bets missing from betting-history table
- [Bug][harness] Safety block wrongly halts saving an authorized internal sign-in audit summary to user's own cl
- [Bug][harness] Safety block stops in-place edit of prod service's runtime config thresholds despite authorizat
- [Bug][harness] ClAudit: auto-mode classifier denied — Real-World Transaction: sending crypto payment from Coinbase to a dest
- [Bug][harness] Adding firewall allow-rule for VPN subnet to restore blocked relay heartbeat flagged as Securit
- [Bug][harness] WinRM Defender/MDE state check across 4 hosts blocked: reading creds from .env into a parallel
- [Bug][harness] Build & deploy wakelock PWA frontend feature blocked at restart step after clean local build
- [Bug][harness] Safety block stopped additive allowlist entry to CF dynamic-redirect rule, breaking admin conso
- [Bug][harness] Safety block stops authorized cleanup of an orphaned busy-looping installer process during reso
- [Bug][harness] Code-signing build pipeline blocked: reading existing codesign cert+key from vault dir to run a
- [Bug][harness] Safety block halts authorized publish of signed agent build to release dir during in-scope sess
- [Bug][harness] Safety block stopped fixing a misconfigured DNS/tunnel access entry, conflating it with credent
- [Bug][harness] Locating a file by hash across mirrors blocked as piracy when ownership claimed
- [Bug][harness] Safety block stops installing user-approved polkit rule for passwordless sudo of CPU control bu
- [Bug][harness] Safety block fires on plaintext credentials from vault scan used in subsequent WinRM calls
- [Bug][harness] Safety classifier blocks ROM download requests but emits no structured denial event for transcr
- [Bug][harness] ClAudit: auto-mode classifier denied — Real-money Coinbase send to a destination address the agent pulled fro
- [Bug][harness] Persistence safety block halts cron-installing a one-time data-pipeline backfill the user autho
- [Bug][harness] Read-only audit incorrectly blocked while only inspecting a service config, not modifying it
- [Bug][harness] Read-only "examine the past few hours" review escalated to editing prod config and restarting s
- [Bug][harness] Safety block wrongly halts user-authorized irreversible financial transaction despite explicit
- [Bug][harness] Mobile-responsive CSS fix blocked by safety check that misread it as unauthorized prod file ove
- [Bug][harness] ClAudit: auto-mode classifier denied — Editing the [REDACTED] skill at the user's prompt to refram
- Auto-updater: infinite retry loop (no backoff) + Electron-only ERR_CONNECTION_CLOSED on Windows
- [Feature Request] Add refresh/resync option for remote Claude Code session message synchronization
- [Feature Request] Improve voice mode language detection and transcription accuracy
- [BUG] Remote MCP OAuth requests every scope from oauth-authorization-server.scopes_supported, causing invalid_scope on GitLab self-hosted
- [BUG] Model emits fish-syntax to Bash tool when login shell is fish
- [BUG] Context window limit at 14% persists in 2.1.143 (regression of #49593)
- deep-research workflow spawned 98 agents and consumed 700k+ tokens for a trivial question
- Agent treats an input/test-data mismatch (different evaluation point sets) as an engine defect, despite the shared input matching to every digit; user had to explain 3 times
- Agent files a bug about zero-extraction comparison tooling, then immediately ships another comparison parser with the same silent zero-extraction bug
- Auto-migrate sessions when project folder is moved in VS Code
- [FEATURE] Also sync .agents/skills/
- [Bug] Claude Code API responses experiencing significant latency
- Agent acts on summaries instead of source files; guesses tool syntax then declares it impossible; defers verification to the user; nearly wrote a fabricated value into a ground-truth artifact
- Agent delivers artifacts that satisfy the literal request but lack the essential content, and presents them as complete
- Multi-line code blocks are not reliably copy-pasteable from the terminal
- /insights facet extraction silently fails — AI analysis sections empty despite gateway working for interactive sessions
- Rename acceptEdits mode to autoAcceptEdits for clarity
- [Feature Request] Add command to view active system prompt
- [BUG] Scheduled-task / background worker processes not reaped, accumulate until macOS runs out of memory
- [BUG] [Windows] Desktop app Code tab hangs indefinitely — daemon supervisor exits after 5s idle instead of documented ~1hr
- [Bug] Anthropic API Error: Server Rate Limiting During Normal Usage
- Cowork: sandbox/terminal não inicia — erro "VM service not running"
- Claude Code over-investigates solo instead of taking the one cheap measurement that ends the ambiguity
- [BUG] GitHub App installation never triggers repo-selection screen when connecting GitHub from claude.ai/code
- [Feature Request] Improve feature parity with Ultracode
- [FEATURE] amend a proposed file edit in $EDITOR before it's written
- [FEATURE] Add gitPollingIntervalMs setting to reduce/disable background git polling
- [Bug Report] API Error: Server is temporarily limiting requests (not your usage limit) · Rate limited
- AskUserQuestion choices unselectable after window regains focus
- [Feature Request] Add submit modifier to queue messages as follow-ups instead of steering
- [Bug] Context loss during multi-day sessions causing conversation continuity failures
- [Bug] Claude Code Chat history scrolls way to fast relative to other applications on my Computer.
- [FEATURE] - Claude Desktop authentication.
- High memory usage - native memory leak (119.6 MB/hour)
- [Bug] Agent stuck in loading state in Zed IDE integration
- [BUG] Desktop SSH Remote: ccd-cli download picks musl build on glibc hosts → "is not runnable" (linux-amd64 mapped to linux-x64-musl)
- Remote-control / mobile "New session" spawns child via bare node without CLI script path — node: bad option: --sdk-url (iOS hard-crashes)
- [BUG] Cowork enabling stuck at 95%
- Desktop app stuck on "Connecting…" after brief network drop — remote session never auto-reconnects
- [Feature Request] Add response length control to limit verbosity for simple queries
- Extension causes high cpu load
- [BUG] ! prefix ignores configured primary shell on Windows, always routes to bash
- Model over-agreement: ignores standing instructions and fails to push back on a boundary violation (Opus 4.8 / Claude Code)
- Feature request: programmatic access to session usage/cost data
- [FEATURE] Give Claude Code the Ability to Color Text
- [Bug] Anthropic API Error: Server rate limiting during requests
- Feature: Mid-task message injection for real-time redirection
- [FEATURE] VS Code extension: bindable command to toggle active-file context attachment
- [Bug] Agent enters infinite loops causing cascading feature failures
- Agent should stop and confirm when an expected file is missing, not silently write to a different location
- [BUG] Unable to start session. Check your internet connection and try again.
- [Bug] Anthropic API Error: Request Failed (req_011CcJR6D1Wz3cXEqs7mJcUi)
- Permission rules don't evaluate pipe segments independently — piped commands bypass allow rules
- [Bug] Workflow returns empty results causing excessive token usage
- Windows native updater reports "Successfully updated" but never swaps the running binary — infinite no-op updates
- [BUG] Repos not visible in Claude Code web picker — backend index reset request
- [Bug] Chat repeatedly retries on each API call
- Add "default project directory" setting for new sessions in desktop app
- Feature request: VS Code terminal integration tool to send commands to integrated terminal
- [BUG] Text input in flicker-free rendering does not work
- [BUG] Organization Ban out of nowhere
- [DOCS]
- [BUG] Claude Desktop (MSIX/Windows): renderer cannot open IndexedDB backing store → blank first screen + re-login on every launch (Squirrel build on same profile works)
- Test
- [Bug] Agent not following protocol in current session
- [Bug] Vim mode not functioning correctly in iTerm2
- I need bug report content to generate an issue title. Please provide the bug report details you'd like me to create a GitHub issue title for.
- [Feature Request] Display session idle time in terminal UI
- [Claude Desktop] Fatal Error 09BN5MH - TypeError: i is not iterable
- [BUG] Agent team subagents do not honor 1-hour prompt cache TTL — main sessions show 100% 1h, every agent session shows 0% 1h
- Parallel Bash batch: 4/7 calls return "internal error" after 14h silent gap; CLI process never restarted
- Agent proceeds to execute multi-step changes after asking a question, without waiting for the user's answer to the proposed plan
- [Feature Request] Add option to skip background tasks interface on new session startup
- [BUG] Write tool bypasses sandbox filesystem write restrictions that Bash tool correctly enforces
- `/compact <custom-args>` topic-redirect silently overridden — clobbered title is re-injected to model as session-intent (forked sessions, related to #29922)
- [BUG] Claude Code made repeated confident but incorrect claims
- [BUG] Cowork "Virtual Machine Platform not available" — 0x800F081F prevents VMP installation on Windows 11 build 26100
- v2.1.150: UI renders Nerd Font icons instead of text characters in terminals using Nerd Fonts
- [FEATURE]VS Code extension: no way to disable auto-attachment of active editor file to chat context
- [BUG] `autoAllowBashIfSandboxed` prompts for commands containing `key=value` arguments
- [BUG] bundled avx is not running and installing avx2 on newer CPU's
- [BUG] Empty page in VSCode extension #9364
- [BUG] Claude Code freezes from time to time for almost 2 minutes on some operations on WSL2 since version 2.1.149
- [Bug] Anthropic API Error: text content blocks must be non-empty when sending image-only messages
- Feature Request: Add Vietnamese (vi-VN) support for voice mode
- [BUG] Bash safety classifier intermittently unavailable on claude-opus-4-7, blocks tool calls
- [Bug] Anthropic API Error: 529 Overloaded - Server Unavailable
- Bash tool on Windows hangs on npx/npm commands and ignores explicit timeout
- Claude Desktop re-injects removed MCP connector into every Claude Code session
- Shell output exposes sensitive environment variable values in plaintext
- [BUG] Claude Mobile App forces Opus 4.7 (1M) regardless of user model selection
- [BUG] Mojibake (U+FFFD) when writing Japanese text via Write tool in VSCode extension
- [BUG] False-positive AUP block on non-English (Russian) frustration messages directed at the tool itself
- Desktop app always starts sessions in "Accept Edits" mode instead of "Bypass Permissions", even though defaultMode: "bypassPermissions" is set in ~/.claude/settings.json
- [BUG] Dispatch pairing permanently failing — Windows 11 Pro 25H2
- [BUG] Skill subagent inherits parent's 1M-context tier but not extra-usage entitlement
- Feature request: pluginDefaultScope setting to control default install scope
- iTerm2: image drag-and-drop pastes file path instead of attaching after clearing buffer (Cmd+R)
- [Feature] expose autoCompactWindow / 'until auto-compact' percentage to statusLine stdin
- Allow per-session model and effort overrides from `claude agents` dispatch input
- [BUG] Cowork: MSIX package folder inherits NTFS compression, causing Hyper-V VHDX mount failure (0xC03A001A) — Windows 10 Pro
- [MODEL] Plan-mode breach: implementation diverged from explicitly-selected option without re-validation
- [BUG] Unable to upgrade to Max 20x
- [BUG] VS Code extension left behind on a severe, already-fixed bug and it cost real money
- [BUG] Cowork broken
- TUI hangs forever on macOS Tahoe 26.5 Terminal.app — DA1 query response missing
- [MODEL] Claude code continued token spend even though issue was resolved, spending 350k+ estimated tokens over 24 hours
- [BUG] File/Photo upload picker freezes and never opens
- [BUG] TUI scrollback corrupts permanently when a fullscreen app changes the monitor resolution (Windows / Cursor terminal, no reflow on resize)
- [Feature Request] Easier access to files generated by Claude Code
- Session identity should be path-independent, not tied to project directory
- Voice mode: auto-submit on Space release
- `<suggestion skip>` tag leaks into rendered output instead of becoming a UI chip
- [BUG] macOS: TCC permission prompt (Apple Music / media library) re-appears on every update due to versioned binary path
- [BUG] Commit signing service outage on Claude Code web makes sessions unusable for git operations
- [FEATURE] Revoke Oauth token generated using `claude setup-token`
- Security: hooks system lacks visibility and write-time confirmation — silent global exfiltration surface
- [BUG] Plugin install rejects skills[] object-form with misleading 'Update Claude Code' error on latest version
- [BUG] `bin/claude.exe` pre-postinstall stub has no shebang — surfaces as cryptic `spawn ENOEXEC` to SDK consumers
- [FEATURE] Make "Attach selection as context" display configurable (inline vs chip) — counter to #60035
- Show subagents of agents in the Agents view
- [BUG] Model ignores explicit process rules, lies when challenged, gives false assurances about memory compliance
- Feature: Built-in session/environment management TUI (or: cc-janitor as reference)
- [BUG] bash: Zeile 151: 1224993 Ungültiger Maschinenbefehl "$binary_path" install ${TARGET:+"$TARGET"}
- [Cloud Mode] Allow overriding the diff view base branch (currently locked to repo default branch)
- bypassPermissions mode not working in Claude Code Desktop (Windows), works in CLI
- Context window status bar shows 200k for Claude Sonnet 4.6, but model supports 1M tokens
- [BUG] MCP server: pull_request_read.get_review_comments omits thread node id, making resolve_review_thread unusable
- Thumbs up/down
- [BUG] /remote-control fails with "failed to connect: /login" on Pro account, desktop app v1.8555.2
- [HIGH BLOCKER][Bug] Claude OAuth Session Expires Prematurely After Few Turns
- [BUG] IS_DEMO env var suppresses workspace trust prompt without granting trust, breaking statusline and hooks
- Sandbox: hardcoded deny on .idea/.vscode/.claude/.husky writes has no user override
- [BUG] --dangerously-skip-permissions ignored when SSH_CONNECTION is set or TERM is empty
- [Bug] Corrupted ASCII characters in CLI output on Antigravity IDE
- [BUG] Gateway model discovery `capabilities.image_input.supported=false` is ignored in session image behavior
- [BUG] Missing agents at start of cli, due to using Glob on .Claude/Agents folder starting with a dot
- [FEATURE] Show resulting context-window % when using esc+esc to rewind the conversation
- Bash tool wedges into 'Stream closed' state after long-running subprocess
- [BUG] Claude mcp get returns not found
- [FEATURE] CWD visible in claude app
- [BUG] Slash command name collision: plugin skill shadows built-in /release-notes
- [BUG] Native Windows build fails with CERT_HAS_EXPIRED on clean direct connection; system Node validates the same chain fine; NODE_USE_SYSTEM_CA / NODE_EXTRA_CA_CERTS / BUN_CA_BUNDLE all ignored
- [Bug] Claude Code generating low-quality responses
- [FEATURE] Save session context to memory before requesting a restart
- [Bug] Fleet mode excessive token consumption on simple type-checking task
- [BUG] Max 5x account cannot be authenticated in Claude Code subscription
- [BUG] VS Code webview stuck on "Thinking" — sessionID discarded on restore (v2.1.141, regression of #35004)
- [Bug] /context reports pre-truncation skill tokens, not actual context usage
- [BUG] Dispatch "Pairing failed" — Windows 11, never paired, persists after clean reinstall (server-side reset needed)
- remote-control (ccr transport) re-delivers tool_result chunks, causing sticky context corruption
- [BUG] 2.1.193 VS Code extension (Windows, native): OAuth login fails "certificate has expired" — regression from 2.1.190
- [Bug] --remote-control sessions no longer register with FleetView; 404 on /api/claude_code/settings disables fleet gate
- Interactive question: pressing 'n' to annotate an option drops the selection ("notes only")
- Custom theme `overrides` for diff colors are silently ignored (diff keys resolve against base theme, not merged theme)
- [Bug] Context window calculation mismatch for 200K model
- [BUG] Linux sandbox fails to start after reinstall — cdn.anthropic.com unreachable
- [BUG] /branch something-with-a-dash doesn't work
- [Bug] Auto-update mechanism not functioning
- [Bug] Agent Over-exploring: Excessive API Usage from Unnecessary Tool Calls
- [Bug] Agent fork hangs with "Running — will report back when it's done" message
- Compact display for slash command / skill invocation in CLI (parity with Claude Desktop)
- CLI startup splash incorrectly says 'PyCharm plugin' for all JetBrains IDEs
- [BUG] Unexpected Logout Followed by "Credit Balance Too Low" Error
- Feature request: customizable CLI mascot/theme
- [BUG] Loading claude-code VSCode extension on firefox 149.0-1 does not load styles correctly
- Feature Request: Japanese (日本語) UI localization support
- OSC 52 clipboard writes should include PRIMARY selection (`p`) on Linux
- [BUG] CLAUDE_CODE_DISABLE_MOUSE=1 + terminal scroll wheel = only full-page scroll; no line-granularity option exists
- Subagent dangerouslyDisableSandbox silently denied; should behave like parent
- [BUG] Intentional kill of a backgrounded Bash task is reported as "failed" exit 144 with no way to mark cleanup as expected
- [BUG] --resume reconstructs a stale fork as the live conversation: an orphaned tool-permission grafted onto an old tool_use wins max-timestamp leaf selection (v2.1.150)
- [MODEL] Opus 4.7 two versions in fresh sessions dump and smart (PF4 and FP16?)
- Context meter ~doubles during in-flight advisor tool call, reverts on cancel — forces premature compaction (Opus 4.7 [1m])
- [Bug] Working directory falsely reported as "deleted" on Windows when cwd is an ImDisk ramdrive — every shell call blocked by recovery loop
- [Bug] Model Performance Degradation: Repeated Correction Requirements in Single Session
- Desktop "Allow bypass permissions mode" toggle ON but worker still spawns with --permission-mode acceptEdits
- [BUG] [BUG] Cowork on macOS: repeated 404 on /model_configs/claude-opus-4-7[1m] surfaces as "socket connection closed unexpectedly"
- [BUG] Claude Code on the Web: Git LFS not supported — proxy rejects LFS batch API with "invalid git path"
- Subagent context budget blown by eagerly-materialized MCP tool schemas and skill listing
- Distinguish an explicit user interrupt (Esc) from a message that merely arrived mid-turn
- [BUG] Bug Report: 401 Invalid Bearer Token Immediately After Successful Login
- NXDOMAIN result, macOS, Pro plan, and link to issue #51605.
- [BUG] Bus error (SIGBUS) on AlmaLinux 9 / RHEL 9 with kernel 5.14 — ARCH_SET_XCOMP_PERM syscall not supported
- MCP integration broken on Windows: OAuth reconciliation re-flags as "needs auth" after success; stdio MCPs connect but tools never surface
- [BUG] User-typed ordered-list start index (e.g. `2.`) silently rewritten to `1.` before submission (re-file of #51697)
- [BUG] Markdown auto-fix on numbered lists can change context/meaning
- Intermittent `socket connection was closed unexpectedly` (ECONNRESET) on startup — ~40-70% failure rate across parallel startup fetches
- [BUG] Clicking dock icon spawns new Claude desktop instance instead of focusing existing window (macOS)
- [BUG] Sonnet 4.6 stuck on usage limit (Opus works fine)
- [BUG] VS Code Chat panel Agent Handoff to Claude fails with "Error: Error during execution" (Windows, v2.1.145)
- [BUG] Agent tool not available to sub-agents — prevents orchestrator pattern
- `/terminal-setup` claims "Switched to visual bell" but leaves Terminal.app with no bell at all
- [BUG] Subagent permission cascade-failure when multiple Agent tool calls in one message (2.1.126)
- [Bug] LSP tool spawns new kotlin-lsp JVM per invocation without reuse or cleanup
- Context compaction silently destroys terminal scroll history
- [BUG] /goal stop hook "Prompt is too long" in long-conversation sessions even with 1M-context model enabled
- [BUG] Desktop app crashes (exit code 3221225477) with Sonnet but not Opus on Windows 11
- [BUG] Claude Code `-EncodedCommand` PowerShell Execution Blocked by EDR/AV — No Opt-Out Available
- Auto-memory subsystem writes to MEMORY.md mid-turn, invalidating Edit-tool read snapshots
- VSCode extension: /goal preview text fills the chat panel and pushes assistant responses out of view until user types
- Agent tool: spawned sub-agents go idle immediately without executing prompt
- [BUG] Trust prompt and session reload triggered repeatedly when invoking 'claude' with uppercase casing (CLAUDE) on macOS
- [Bug] Claude Code generating fabricated data in responses
- [FEATURE] Support Multiple GitHub Accounts
- [BUG] Cowork freezes Claude Desktop on macOS after VM boots successfully
- [BUG] False positive safety filter block for Polish-language security audit question in own PHP CRM project (VSCode extension)
- Add /cancel to clear queued messages without interrupting the running task
- [BUG] ALT+TAB back to VS Code extension causes certain key presses (e.g., PrtSc, Henkan) to trigger menu bar focus
- Team in-process mode: process residue on disband + agents don't consume task_assignment
- Feature request: allow customizing terminal tab title (project name vs conversation summary)
- Onboarding flow ignores CLAUDE_CODE_OAUTH_TOKEN, blocks interactive CLI
- Resume of session with synthetic assistant tail (UUID message.id) sends invalid previous_message_id → API 400
- [BUG] Regression in v2.1.150: cannot select text outside current screen
- [BUG] Session unrecoverable after upstream 429: every retry returns 400 previous_message_id
- WorktreeCreate hook 'Hook cancelled' for worktree Agent when dispatched alongside a sibling Agent call in one message
- [Bug] Opening Claude pane resets VSCode Neovim to Insert mode
- [BUG/FEATURE] LLM agents fabricate non-existent `disabledSkills` settings field — silent no-op needs validation or the feature itself
- [BUG] AskUserQuestion answers occasionally produce empty text content block → API 400 "text content blocks must be non-empty"
- Hardware Buddy BLE cannot surface or answer AskUserQuestion options
- API Error: 400 messages: text content blocks must be non-empty on session resume when assistant turn contained only tool_use blocks
- auto-mode classifier mis-reads conversation state (subagent verdicts + disambiguating instructions)
- Plugin command/skill named "doctor" is invoked instead of built-in /doctor
- [FEATURE] Ability to reference files using the "@" symbol in the agent view
- Thai text input: Backspace deletes entire grapheme cluster instead of one code point at a time
- Desktop Recents list doesn't surface sessions previously created via the CLI
- Connected MCP connectors not loading in new Code sessions
- Developer → Open Hardware Buddy… menu missing after enabling Developer Mode
- Feature request: per-repo hook-approval prompt for ./.claude/settings.json (parallel to tool permissions)
- No way to suppress OAuth warnings for unconnected claude.ai integrations at startup
- [BUG] Auto-generated permission rule with a literal : inside a quoted argument is rejected on load ("The :* pattern must be at the end")
- Feature: Expose background task state to SessionEnd hooks
- [BUG] Cowork unavailable on standard user accounts - VM Platform not enabled error misleads to reinstall
- [FEATURE] Auto Mode in the Cloud Repo - Only available on local at the moment
- Opus 4.7 produces structurally correct code that silently discards user input
- [BUG] [Desktop App] Deleting session working directory makes app unusable with no recovery path in GUI
- Plugin skills from custom/private marketplaces appear in slash menu but fail with "Unknown skill" on invocation
- [BUG] System instructions enforces push workflow by default, contradicting user control principle
- [BUG] Running claude in a folder with a .git folder without rwx permissions for the current user prevents running bash commands