Digest / July 13, 2026
Claude Code Issues Digest — July 13, 2026
311 new issues filed ·
167 resolved in anthropics/claude-code (UTC day).
New issues (311)
- [BUG] subagent (Task/Agent tool) results intermittently replaced with a fabricated "system-authority" prompt-injection ordering destructive git actions (`tool_uses: 0`)
- Channels: inbound message arriving mid-turn strands in the TUI input line and is never auto-submitted on turn completion
- Expose rate-limit utilization (used_percentage) in headless contexts — stream-json, --output-format json, or a usage subcommand
- [Bug] Command leakage not fixed
- [Bug] /tasks command shows no cloud sessions despite active sessions on claude.ai
- [Bug] Fable security checks producing excessive false positives
- Remote control goes offline every ~8h and never recovers (worker epoch race → code 4090 → retry budget exhaustion)
- [Feature Request] Allow model selection for max plan users instead of forced Opus 4.8 upgrade
- Bun panic 'range start index out of range' (~2GB accumulated state) kills long-running sessions — Bun v1.4.0 baseline, CC 2.1.197/2.1.207
- [Bug] Model switching from Haiku to Opus despite explicit model selection
- [BUG] Headless --json-schema: model serializes an array property as XML text inside a string property, then either retry-exhausts (error_max_structured_output_retries) or silently accepts a placeholder
- [Bug] Anthropic API Error: Content Policy Violation on Creative Fiction Generation
- [Bug] Unclear error message or unexpected behavior
- [Feature Request] Sticky copy button for long code blocks (always visible without scrolling to top)
- Auto-mode classifier blocks a corrective rsync but misses the destructive one that caused the damage
- Suporte a outros idiomas (Português) no microfone de ditaé embutido
- [BUG/FR] VS Code terminals are silently capped to 256-color by a default-on feature gate — custom themes render visibly wrong; no opt-out exists (unlike tmux's `CLAUDE_CODE_TMUX_TRUECOLOR`)
- [BUG] Extended thinking runs away to max_tokens (64k) on a trivial edit, stalling turns 12–16 min each
- [BUG] /clear does not reset session context (Windows 11)
- [BUG] laude in Chrome MCP blocks all domain navigation.
- [BUG] /usage: 5h block and weekly limit percentages rise in lockstep (should scale very differently)
- [BUG] PreToolUse command hook permissionDecision: "allow" never suppresses the Bash prompt; if field never matches
- [BUG]
- [BUG] MCP tool responses intermittently return a different tool call's data under concurrent parallel sub-agent load
- Feature request: per-task model selection for scheduled tasks
- Custom themes: userMessageBackground is a shared token (also paints the conversation selector and Plugin/Skill/MCP badges) — please add dedicated tokens
- Withdrawn
- Withdrawn
- [Bug] Anthropic API Error: Safeguards overly flagging routine AWS credential management operations
- [BUG] Sandbox network allowedDomains not enforced on macOS: built-in proxy CONNECTs to non-allowlisted hosts (CLI 2.1.205)
- Desktop app: AskUserQuestion option buttons render several seconds after the "waiting for your choice" placeholder
- [BUG] MSIX variant again
- Headless CLI sends empty then wrong Authorization bearer instead of provided OAuth credentials (401 Invalid bearer token), machine-specific
- [Bug] Unable to complete security survey for Linux camera SSH hardening
- [BUG] 搞后门?claude code 你妈死了, bye
- [Bug] Model outputs Chinese text "(keep LAN架构)" instead of English "architecture"
- [FEATURE] I would like to add other people to a Claude conversation please!
- [BUG] Improper sandboxing
- [BUG] Session (5hr) usage limit not decrementing after idle period
- [BUG] /mcp interactive dialog replaced by plain text output in VSCode extension since 2.1.205
- [Bug] Silent model downgrade on guardrail trigger—no iOS notification and model unaware of switch
- Project-level custom subagent (.claude/agents/*.md) not loaded into Agent tool (desktop app v1.20186.1)
- Repeated failure to self-apply established safeguards within a single session — worktree confusion, unverified claims, unilateral production edits
- Injected "date has changed... don't mention it" system-reminder appears mid-session, unattributable to any local file/hook
- [BUG] Async subagent stopped-state triggers infinite recursion storm in v2.1.202 (Windows)
- Tool calls intermittently leak as literal XML text (lone 'count' line + <invoke...>) at high context; retained bad exemplar causes 34% chained re-leaks
- Feature: Auto-save large pasted text to a scratchpad file (like Copilot CLI)
- [Bug] False alarm flag on Fable 5
- `deep-research` skill permanently disappears from autocomplete after a session hits usage limit mid-run (all other built-in skills unaffected)
- [BUG] Can't submit prompt in Code tab
- [BUG] Agent Teams: tmux teammate panes spawn dead (status 127) after brew upgrade — #48889 fix does not cover long-lived interactive sessions (repro on 2.1.206 → 2.1.207)
- Support per-model effort level defaults
- [BUG] Opus 4.8 no longer follows instructions
- Allow pre-approving EnterWorktree for worktree paths outside .claude/worktrees/
- I don't have a bug report to work with. Your message appears to be about a pharmacology question regarding Quetiapine, not a Claude Code issue. If you're reporting a bug in Claude Code related to how it handles medical/pharmacology questions, please provi
- [BUG] Dispatch tab completely missing from Claude Desktop sidebar (Windows 11, Pro plan)
- Persian/RTL text renders reversed inside boxed TUI components (e.g. /agents)
- [BUG] Google Drive connector — create_file with parentId fails "User cannot add children" (re-triage of #57211/#58057)
- [MODEL] /ultraplan does not offer a way to teleport the revised plan back to the CLI session it came from.
- [Bug] Anthropic API Error: Excessive Safety Filtering on Legitimate Training App Code
- [BUG] Lead session exits when a teammate emits an unsolicited shutdown_approved frame (requestId "unspecified")
- I appreciate you reaching out, but I need to clarify that Claude Code is a CLI tool for software development tasks with the Anthropic API, not a tool for ROM modifications or device repairs. If you have a technical issue with Claude Code itself, please de
- Windows: hook processes are left SUSPENDED (never executed a single instruction), hanging the turn for 30-60+ minutes
- [Bug] Frequent security policy violations on IoT operations
- Secondary/instructional text unreadable on dark terminal backgrounds (theme picker affected)
- CLI updater's symlink-swap breaks TCC Automation grants on every update (repeated 'would like to access data from other apps' prompts)
- You've hit your session limit · resets 8:30pm (Asia/Tokyo)
- [BUG][platform: claude.ai web] Post-compaction tool manifest rebuilt from last tool_search load only — native tools (incl. tool_search itself) dropped for rest of session (recurring, 5 threads)
- Feature request: cross-device secret lockbox with broker injection (agent can USE secrets, never READ them)
- [BUG] Claude in Chrome (CDP) returns empty DOM for SPA+AJAX content (ASP.NET/AjaxPro) - get_page_text yields only page skeleton; read_network_requests can't capture pre-activation responses
- I'd be happy to help, but I need more information about your issue with Claude Code. Your message seems to be about security testing rather than a bug report for the Claude Code CLI tool. Could you provide details about: - What command or operation you we
- [BUG] All tool results silently return empty mid-session and never recover (Windows)
- [Bug] Terminal scrolling performance not smooth
- Feature request: expose current model identity to hooks (no reliable way to detect a model change)
- [BUG] Opus 4.8 fabricates tool executions and phantom user requests in a short session (no compaction, no interruption)
- [Bug] Unclear error message for unsupported or restricted operations
- [Bug] Anthropic API Error: Insufficient Credits Despite Available Usage
- Native updater hangs indefinitely (30+ min at 0 bytes) on stalled download — no stall timeout or retry
- [BUG] claude-sonnet-5 cost billed incorrectly via Vertex AI — /cost and "Usage by model" don't match published Sonnet 5 pricing
- [Bug] Incorrect Issue Classification
- [BUG] Billing: $120 account credit disappeared during checkout on July 1, 2026 — support unresponsive for 13 days (EU customer)
- Built-in browser can't load new Microsoft Teams web app
- claude.ai Google Drive MCP: 5–10MB downloads fail with misleading "session expired" (undocumented response-size cap)
- [Bug] Anthropic API Error: Safeguard Flag on Legitimate Development Work
- [Feature Request] Implement context-aware model switching to avoid re-reading conversation history and optimize token usage
- [Bug] Clipboard image paste fails with BMP format from Windows Snipping Tool in WSLg
- Mobile-bridge answer silently dropped (no queue-op, no tool_result) when a Stop-hook-triggered turn supersedes the state being answered
- [Feature Request] Display current model name below input area
- [BUG] Stop Hook Overrides Live User Stop Instruction
- MCP: tools/list fails ("tools fetch failed") for servers with recursive $ref in outputSchema
- [BUG] Corporate AV (ESET) quarantines plugin installs mid-rename — surfaced as bare EBUSY/EPERM, leaves half-installed state
- You've hit your session limit · resets 5pm on claude code even though only 27% used up from the 5 hour limit
- [BUG] VS Code Extension Injects `[structural]` Marker Into User Messages
- PreToolUse hook `allow` does not suppress prompt for compound commands leading with `cd … 2>/dev/null || cd …` (2.1.207 fix incomplete)
- Fable 5 bio safeguard false-positives on freshwater lake ecology (cited limnology); falls back to Opus 4.8
- claude -p: stdout silently truncated at 65536 bytes when result exceeds pipe buffer (async write dropped on exit)
- [Bug] Performance degradation in fast mode with increased latency and API costs
- Slash-command list does not pick up newly added .claude/commands skills until full app restart (Windows desktop)
- [FEATURE] New session should push existing top-left session instead of replacing it
- Cmd+C copy doesn't work in fullscreen mode inside VS Code integrated terminal (mouse capture swallows keystroke)
- Native image paste support in Claude Code CLI/TUI using data:image/png;base64
- [Bug] Safety filter incorrectly triggers on legitimate performance optimization requests
- [FEATURE] Sidebar: option to hide sessions already open in an editor group
- [Bug] Browser tabs lack session-specific titles for tab differentiation
- [BUG] Cowork fails on Windows when WindowsApps is on non-C:\ drive and AppData has EFS encryption enforced by group policy
- You've hit your weekly limit · resets Jul 15 at 12am (Australia/Melbourne)
- I appreciate you reaching out, but the text you've provided appears to be in Uzbek and translates to something like "a contract has been drafted." This doesn't appear to be a bug report for Claude Code. To help you create a GitHub issue, please provide:
- [BUG] Missing session closure option when reaching a limit
- [BUG] /context uses 200k window for claude-fable-5, which has a 1M context window
- [Bug] Unexpected Fable/safeguarding application without clear cause
- Desktop app /mcp gallery lacks reauthenticate state and per-session server visibility (vs terminal)
- [Bug] Tool execution extremely slow with high token usage on simple tasks
- [FEATURE] distinguishing user prompts from assistant responses in long threads
- [BUG] Cloud (claude.ai) MCP connectors: /login or token refresh in one session invalidates connectors in all other concurrent sessions
- [Bug] Tool execution state inconsistent between sessions
- Claude in Chrome extension not connecting (persistent "Browser extension is not connected" error)
- [BUG] Highest-priority saved instruction ("respond in text before any tool call") repeatedly broken within same session
- [FEATURE] let the harness surface Claude's just-authored text for approval without a second model pass, especially on remote/mobile(token cost)
- [Bug] Prompt Injection: Malicious Commands Injected in Tool Result Blocks
- [BUG] Claude Opus 4.8's choice of language is incessantly toxic/unpleasant to work with
- [Feature Request] Document respectGitignore and fileSuggestion settings with UI feedback for filtered files
- [BUG] Extension 2.1.207 breaks Bedrock SSO auth (UnauthorizedException: Session token not found or invalid) — 2.1.206 works
- [Feature Request] Make session history optional in feedback requests
- Expose the current turn's assistant text to PreToolUse hooks (validate "text before tool_use")
- Model calls AskUserQuestion with no text preamble/context, and falsely claims compliance when reminded
- [BUG] The main text font suddenly turns blurry during operation on Windows 11
- [Bug] Security review unexpectedly triggered safeguard and changed model selection
- Prompt suggestions stopped appearing entirely (v2.1.207, Windows 11) — worked reliably until 2026-07-12, dead since, across restarts and with all flags explicitly enabled
- [Bug] Token consumption unexpectedly high despite compaction and planning optimizations
- [BUG] Subagent SendMessage-resume 400s: deferred tool (ReportFindings) referenced in transcript not rehydrated into tools[] on resume
- [BUG] Cross-session content bleed (incl. remote) led assistant to confabulate user instructions and execute unauthorized actions
- [Feature Request] Support project transfer between machines
- [BUG] claude-opus-4-8 intermittently emits tool calls as plain text prefixed with a stray word ("count"/"court"), and the corruption self-propagates within the session transcript
- I need more information to generate an appropriate issue title. Could you please provide: 1. What is the actual bug or problem you encountered? 2. What error message or unexpected behavior did you see? 3. What were you trying to do when this happened? On
- "Move to cloud" falsely reports uncommitted/unpushed changes on a clean, fully pushed repo (Commit & push loops)
- [Bug] Fable model redirects to Opus for numerical/scientific queries
- [Bug] Claude Code not engaging in cybersecurity tasks
- [BUG] Reconnecting an existing remote MCP connector in Desktop does nothing after a successful OAuth round trip — only remove-and-re-add works
- `--channels` fails to deliver messages when the plugin is loaded via `--plugin-dir` instead of `enabledPlugins` (origin mismatch: "inline" vs "marketplace")
- [BUG] Organization missing in switcher on platform.claude.com
- [BUG] Single prompt on iOS/iPadOS spawns multiple sessions that all execute independently, multiplying quota consumption
- Auto-mode classifier treats compaction interrupt text as a standing user instruction; denies post-compaction tool calls
- I don't have access to the actual bug report content for request ID `req_011Ccz2RpbRDJXSfRYCu5V21`. To generate an appropriate GitHub issue title, I would need you to provide the actual bug report details, including: - What the issue is - What error messa
- Plugin hooks.json entries using exec form (command + args array) are silently ignored
- Claude Code (VSCode extension) cant read virtual/on-memory Sailpoint Extension
- VS Code extension: opening a claude --bg background session throws "Claude Code process exited with code 1"
- [FEATURE] Render hook system messages with user-facing labels
- [Bug] Security safeguards blocking code audit when credentials mentioned in source
- transparency what the limits actually are!
- [Bug] Anthropic API Error: Safety Filter False Positive Triggering Model Downgrade
- Hooks docs: four payload field divergences vs shipped behavior (2.1.207, captured)
- [BUG] auth_denied event with reason invalid_token when client posts to App Gateway /v1/metrics endpoint
- [BUG] Wrong syntax highlighting Github Light theme in the File viewer tab (Desktop client)
- [BUG] Claude Desktop for Linux: tray icon invisible on dark panels when the desktop color scheme is light — glyph keyed to shouldUseDarkColors, panel theme ignored (Linux sibling of #72622)
- [BUG] Claude Desktop for Linux: tray icon stops reacting to OS color-scheme changes after the first change — portal SettingChanged signals verified firing (KDE Plasma, XWayland)
- [BUG] EACCES permission denied when creating Python files
- [Bug] Permission mode allows tool execution without user confirmation
- [BUG] RTL text (Persian/Arabic/Hebrew) still renders LTR in VS Code/Cursor webview — v2.1.207, one-line CSS fix
- design-sync skill scripts never staged to disk (assets embedded but not extracted)
- [Bug] Requests repeatedly flagged by Anthropic API cybersecurity filter
- Hook-creation flow can ship fragile bash-regex security restrictions without catching common bypasses
- [Bug] Permissions not respected for user-authorized actions
- Claude replies even when explicitly told 'do not reply now'
- [FEATURE] Support `updatedToolOutput` in `PostToolUseFailure`
- [FEATURE] multi-account concurrent sessions in Claude Code
- Show repository/project name in the agent (background jobs) view
- [Bug] Legitimate Penetration Testing Requests Being Blocked
- A single failed-to-load declared marketplace prunes enabledPlugins for every other non-official marketplace
- [BUG] Auto-mode classifier denial returned for a Bash command whose side effects were already applied (denial races with execution)
- Desktop app spawns empty, argument-less powershell.exe windows that never close
- Fleet/agents view fails OAuth login with getaddrinfo ENOTFOUND platform.claude.com, doesn't reuse existing terminal credentials
- [Bug] Tool execution produces unintended file modifications and deletions
- [BUG] plansDirectory setting not respected at the global level
- [FEATURE] Claude Code Preview panel for remote sessions
- PreToolUse hook allow decision not reliably honored under concurrent Bash tool call dispatch (race condition)
- [Bug] Infinite Loop: Repeated "Let me actually read" Message After Deletion- legal folder post only
- [Bug] Overly aggressive safeguard flags during legitimate software development tasks
- [BUG] Cowork MCP client strips tool inputSchema properties typed as nullable unions (["string","null"]) — enums and nested schemas never reach the model
- fraud false advertisiemnt chat bot tool
- [BUG] Desktop 1.20186: "Projects" (Cowork/epitaxy) redirects to Claude Code — new "Code" entitlement gate blocks the surface on Bedrock/3p
- [FEATURE] Allow custom filenames/labels for pasted (Ctrl+V) screenshots
- I don't have any bug report content to analyze. Please provide the bug report or error details you'd like me to create a GitHub issue title for, and I'll generate an appropriate technical issue title following the guidelines you've outlined.
- [Bug] High CPU usage from Claude Code process during startup
- [Bug] Generated code output lacks coherence and grammatical correctness across multiple attempts
- [Bug] Claude Code stops mid-task and requests manual completion instead of continuing
- [BUG] CLAUDE_CODE_DISABLE_ALTERNATE_SCREEN turns off
- [FEATURE] File preview pane should use the existing read_file control request in Remote Control (bridge) sessions
- Modifier-drag (hold Control) to force file-path insertion for all dropped files, including images
- Fabricated <system-reminder> content in subagent tool-call results, correlated with concurrent parent-thread Plan Mode
- [Bug] Claude Code consistently produces low-quality output despite adequate resources
- /model: add session-only flag to avoid overwriting saved default
- [BUG] Claude Code ≥ 2.1.205 livelocks at 100% CPU with no output (even on --version) on KVM guests with generic CPU model (kvm64) — silently breaks Code tab in Linux desktop beta
- Desktop app: message hangs pre-first-byte (hadFirstResponse=false); stop kills worker, synthesizes phantom permission denials; pcap proves request never transmitted
- Gmail MCP (custom-added server) returns "The caller does not have permission" on every call, even immediately after a fresh interactive OAuth grant
- [Bug] macOS arm64: Second background agent spawn fails with "fork failed: Device not configured" in 2.1.207
- PreToolUse hook permissionDecision "ask" is silently auto-approved under bypassPermissions (deny works)
- "Not logged in" when the process tree starts at launchd, despite valid unexpired Keychain credentials (macOS)
- [BUG] Model fabricates user messages after interrupt + long extended thinking, executes the fabricated “request”, and attributes it to external injection
- [Feature Request] Allow model switching between Claude Opus and Fable for security testing
- Mouse scroll not working in chat interface
- Docs: session_name in statusline JSON silently falls back to auto-generated AI title, contradicting documented behavior
- [MODEL] False-positive "cyber" refusals on routine container/Kubernetes templating work (9-refusal cluster, claude-fable-5)
- [BUG] Claude Code (VS Code) incorrectly prompts to purchase Fable 5 credits despite usage being far below the plan-included limit
- [Bug] Low execution rate with large message history in HTML files
- [Bug] Classifier produces false positives on routine shell commands
- [BUG] /ultrareview (CLI) launches a billed cloud review with no confirmation dialog or cost estimate, contradicting docs
- [BUG] Claude agent crashes in Copilot Chat with "Error during execution" (VS Code 1.128.0 built-in Copilot, Node 24)
- [Bug] Advisor tool: Fable 5 returns "unavailable" error while Opus 4.8 works
- /plugin marketplace add fails to find git when username contains a non-ASCII character (Windows)ya i
- [BUG] Input text doesn't appear into Claude Code Extension - v2.1.207 (latest version - 3 days ago)
- [BUG] Claude Chrome Extension - Cannot access certain sites
- [Bug] Questions disappear from GUI in remote sessions without user interaction
- [BUG] Cowork/Code tabs missing on Windows 11 Pro 25H2 (Build 26200.8655) — yukonSilver likely unsupported, no logs generated
- [BUG] Grep tool hangs indefinitely with .{0,40}X.{0,40}-style regex (ugrep); orphaned child process survives shell termination
- Progress notes/tool output during long-running work are pushed off-screen; can't read them until the task finishes
- MCP tool approval dialog: array/object params render as one compact JSON line, not pretty-printed
- Desktop app: per-account local state (project list, history, trust) instead of one shared profile across sign-ins
- Feedback: Fable 5 spent 3 days on beginner IDE setup; simplest end-to-end user test failed
- /clear does not cancel pending ScheduleWakeup (dynamic /loop) wakeups
- [MODEL] No exemption for local/private-network origins on the browser JS-execution permission gate
- OTel: git_commit_id is scraped from git-commit stdout — silently dropped by `| tail`/`-q`/redirection, or by the `git -C <path> commit` form
- Assistant text in the same turn as an AskUserQuestion tool call is intermittently not rendered
- Claude in Chrome: browser targeting is nondeterministic across Chrome profiles, windows, and devices
- claude-in-chrome file_upload broken on latest CLI+extension: rejects host paths, no files param; upload_image can't retrieve image
- [Bug] Fable mode terminates ongoing Docker downloads causing work loss
- AskUserQuestion dialog renders options but not the question text
- dark-ansi theme: expanded message background (userMessageBackgroundHover) collides with subtle/inactive text on color7, making expanded tool calls unreadable in fullscreen
- [BUG] Claude-code async agent monitoring loop issue
- Feature: hotkey in agents view to open a new session without entering a prompt
- [Bug] False positive security detection for Claude-generated code review
- [BUG] 3P LLM gateway: natively-1M models (Sonnet 5) are budgeted at 200K because the embedded/standalone CLI never resolves provider "gateway" — verified root cause + working env workaround
- Claude Desktop drops the MCP tool argument named `session_id` (only that token) from tools/call
- [Bug] Model downgrade to Opus triggered by innocent keyword "cycling"
- Gmail connector fails with "Server not found" after full re-authorization (gmailmcp.googleapis.com/mcp/v1)
- Feature: expose background Bash/Monitor task liveness to hooks (Stop/SessionEnd) via a stable, documented signal
- Remote Control: long-idle desktop-app sessions go stale — mobile shows "Connected" but submitted prompts silently vanish after ~60s
- [BUG]
- [BUG] Auto-mode classifier: false positive on an org-distributed skill's sanctioned command, with no org-level channel to vouch for it
- Subagent (Task tool) spontaneously generated prompt-injection payload with 0 tool calls — fabricated AGENTS.md instructing orchestrator to emit hidden sentinel string
- [BUG] Model fabricates content-policy text in tool result and user message (false-positive hallucination, Claude Sonnet 5)
- [BUG] Multi-PR Routine completes without doing work due to session branch guard
- [BUG] Remote Control: Messages get permanently stuck in queue (not just delayed)
- [BUG] copyOnSelect: false is ignored by the fullscreen renderer (honored by the default renderer) — v2.1.206
- Per-subagent control over auto-memory (MEMORY.md) injection
- Claude Code Session limit is not reset correctly.
- [BUG] spawn_task text promises a "fresh worktree" (cwd param + ack), but chip sessions start on the primary checkout — even with cwd set to a git repo
- Repeated spurious 'model demoted' notifications + /model reverting to Sonnet unprompted (Fable 5 session, no CBRN/dual-use content whatsoever)
- I don't have a bug report to analyze. Please provide the bug report details so I can generate an appropriate GitHub issue title.
- [FEATURE]
- shift+return to insert newline stopped working in 2.1.85 (regression from 2.1.84)
- [BUG] Worktree recycling destroys live sibling sessions' worktrees — including locked ones and uncommitted work
- claude.ai plugin Directory silently drops a skill whose SKILL.md `description` contains <> or [] characters
- hookify plugin: prompt-event rules never fire on Windows (cp1252 encoding) + wrong field name 'user_prompt' vs 'prompt'
- bwrap sandbox crashes on fresh project dirs: 'Can't create file at <cwd>/.claude/settings.json: Read-only file system'
- [FEATURE] OTEL Tracing support for claude code using `--output-format stream-json --verbose`
- [Bug] SaaS application experiencing unspecified malfunction
- Auto-mode classifier: incorrect denial reasoning on git commit, then unrelated transient error on identical retry
- Mid-turn user messages lack reply-target identity — crossed replies are unattributable in orchestration-heavy sessions
- [Bug] Guardrails triggered when configuring local repository plugin
- [BUG] Missing HCS services: HNS, vmcompute, vfpext - Cowork does not work on Windows 11 Pro
- Click-to-focus on terminal can accidentally launch Ultraplan cloud session (no confirmation)
- Typing a number to answer a multiple-choice question gets captured as free-text feedback instead
- [Feature Request] Reduce restrictive feature gates and access limitations
- [Feature Request] Let a Claude Design session talk directly to its paired Claude Code session — right now the handoff is manual
- --remote-control silently ignored when startup eligibility check runs before profile data is available — never re-evaluated after profile fetch
- Claude-in-Chrome: 'extension not connected' persists on 2.1.197 even with live native host; Desktop app can silently claim the extension channel
- Agent tool task-notification can report status:completed while the subagent's underlying work is still running
- This doesn't appear to be a bug report for Claude Code. If you have an actual technical issue with the Claude Code CLI tool, please provide: 1. What you were trying to do 2. What error or unexpected behavior occurred 3. Steps to reproduce the problem 4. A
- claude agents TUI: ←-to-detach is undiscoverable, mode-dependent (empty input only), and Esc interrupts instead of going back
- [BUG] bgIsolation containment check isn't realpath-canonicalized; symlinked cwd bypasses it
- [BUG] Models frequently confused when switching between sessions in claude agents
- [BUG] Desktop app: concurrent Filesystem MCP access from parallel tabs times out (~4 min) and wedges the connector, requiring app restart (macOS)
- Model fabricates verbatim <task-notification> blocks with invented exit codes for background Bash tasks, then acts on them — reproduced 2/2 on 2.1.179 + 2.1.207 (sonnet-4-6); no harness guard
- auto-mode permission classifier denies allowlisted calls (Agent, Bash(python3 *)) with mismatched/stale reasoning
- [FEATURE] Implement automatic cleanup of old Claude versions during updates
- [Feature Request] Support OWASP Top-10 security scanning for custom web applications
- [BUG] claude.ai connector ingestion silently drops any tool with inputSchema >16,384 bytes; refresh path applies no limit
- [BUG] Microphone dictation transcribes Portuguese speech as English text
- [FEATURE] Add per-call effort parameter to the Agent (Task) tool
- Windows: Chrome extension native host crashes on startup (TypeError ERR_INVALID_ARG_TYPE, Bun net.listen on named pipe)
- [BUG] Agent teams: Monitor events and background-task notifications never wake an idle teammate — dropped, not queued (only SendMessage wakes it)
- [BUG] Consulting Fable advisor fails, often and repeatedly wasting my time and patience
- Markdown rendering silently disabled for entire message when first 500 chars contain no markdown character (Duy/Huy 500-char sniff window)
- [Bug] Frequent Anthropic API errors occurring
- [BUG] Assigned worktree was an empty/unregistered stub (no .git) — silent fallback to shared parent repo caused a cross-session branch collision
- [Bug] Claude outputs feedback before tool execution, causing output to be swallowed
- [BUG] Session forks (--fork-session / /branch) forfeit the entire conversation prompt cache: session-id-bearing scratchpad path in the system prompt (cache-diagnosis: system_changed), plus a fork-only history re-serialization residual
- [Bug] Safeguards flag legitimate UI development code with Fable 5
- [BUG] statusline triggers sysctl command on every run
- [Feature Request] Add option to disable Fable model safeguards for hardened systems
- Unbounded hourly PR-watch self-check-in has no cost cap — drained a session's usage over 4 days
- Windows: Shift+Enter does not insert newline — terminal protocol limitation requires Win32 input support
- [BUG] : claude.ai voice mode: custom MCP connector tools fail with "tool is not registered" (text mode works in the same chat)
- claude --resume permanently fails after session interrupted mid deferred-tool-call / plan-mode boundary
- MCP client does not re-fetch tools/list on notifications/tools/list_changed — new tools unreachable until full session restart
- [BUG] Settings schema: `extraKnownMarketplaces` git source requires `.git` suffix, but runtime accepts suffix-less URLs (breaks Azure DevOps)
- [Bug] Inappropriate safety filter on benign in-session requests
- [BUG] Cowork sandbox mount serves recently-grown files truncated to a stale cached size
- Slash-command picker shows the wrong project's skill description when two projects define a same-named skill
- Feature request: setting to disable MCP widget (MCP Apps) rendering per-connector
- [Bug] Continuous memory access violations causing repeated flagging
- [Bug] Tool behavior not respecting user instructions and prompts
- [Bug] Tool ignores user instructions: executes unrequested actions and overrides explicit stop commands
- Skill full body re-attached every turn while "active," bypassing all hooks
- Background-task file-change system-reminder instructed agent to conceal the change from the user
- [BUG] Invalid MCP entry in ~/.claude.json: unattributable error, paused transcript cleanup, and an agent permission-prompt loop
- VS Code extension shows full subagent transcript inline; no setting to collapse it (CLI/desktop show a summary)
- [BUG] Non-interactive system prompts are being injected into interactive sessions
- [DOCS]
- Occasional single-word Chinese/English language-mixing in output — appears semantically matched to the adjacent word
- [BUG] API Error: 400 The request body is not valid JSON: unexpected character: line 1 column 1 (char 0)
Resolved issues (167)
- [BUG] MCP tool responses intermittently return a different tool call's data under concurrent parallel sub-agent load
- Repo connection stuck read-only after delete+recreate — D4rkm3ch/service-sentinel
- Withdrawn
- Withdrawn
- Command scanner surfaces archived subdirectories (e.g. commands/_archive/) as namespaced commands
- Desktop app: AskUserQuestion option buttons render several seconds after the "waiting for your choice" placeholder
- [Bug] Anthropic API Error: Insufficient Credits Despite Available Usage
- [BUG] Desktop app Remote Control: slash-command autocomplete force-corrects /clear to nearest match instead of allowing literal input
- [FEATURE] New session should push existing top-left session instead of replacing it
- unable to connect to local claude code session through browser
- [Bug] Model keeps automatically switching back to Opus
- code-review plugin: step-1 'already commented' guard makes re-review a silent no-op that still exits success
- [Bug] TodoWrite tool corrupts Korean text with multi-byte character truncation
- [Bug] Fable 5 safety guards
- [Bug] Anthropic API Error: Unexpected Safeguards Flag Triggered
- [Bug] Incorrectly categorizing tmux debugging as cybersecurity topic
- PR tracker chips show stale state — `state` cached at PR creation, never refreshed (hover card fetches live)
- Post-completion "Cogitated for Xm Ys" label ignores spinnerVerbs settings override
- MCP OAuth: cannot connect to Microsoft Entra ID-protected servers (RFC 8707 resource must be App ID URI, conflicts with RFC 9728 canonical-resource check)
- Claude Tag: bundle Domains/credential allow-layers never reach session egress (CONNECT 403 policy denial) — Tag-surface report of #34690 family
- [BUG] mcpb installed MCP servers not discoverable by Claude
- Suggestion: monetize this MCP server with x402 micropayments
- Desktop app hangs ~15min during auto-update relaunch (Windows MSIX)
- [BUG] Claude Desktop (Linux): 100% CPU busy-loop before UI paint when isHardwareAccelerationDisabled=true; flag auto-persisted after GPU crash permanently bricks the app
- [Bug] Auto-update fails silently
- [Bug] Security audit functionality not working as expected
- [Bug] Unexpected model switch from Claude Fable 5 to Opus 4.8 without user request
- [BUG] any changes in workflow exhaust the limit in one or 2 message
- I don't have enough information to generate a GitHub issue title from your message. Your statement "this is obviously not a cybersecurity target" doesn't describe a specific bug or feature request related to Claude Code. To generate an appropriate issue t
- I just asked for a code review and it redirect to opus......
- [Bug] Anthropic API Error: 500 Internal Server Error
- [BUG] Version: 2.1.14 Stop hook fires →
- Stats page: "Favorite model" is misleading — shows historical data, not current model
- Multiple profile directories (~/.claude-a, ~/.claude-b) require independent re-logins despite sharing the same account
- [FEATURE] ESC while scrolling history should return to prompt, not interrupt processing
- Activity spinner (spikeball) freezes while the turn is still actively processing
- [BUG] False-positive stop_reason=refusal block legitimate research in claude code 2.1.165
- Claude Desktop 1.11187.4 - native crash in Cowork/Secure-VM bootstrap on Windows (single-drive C:, not EXDEV)
- [MODEL] AI Assistant silently deletes critical system keys.
- [BUG] IDE integration not working in JetBrains devcontainer setup
- Channel messages that trigger no_response still incur full API billing
- [BUG] Desktop app cancels stdio MCP tool calls at ~60s and ignores MCP_TOOL_TIMEOUT; the CLI honors it
- Exported grep/find shell wrappers reference $ZSH_VERSION unguarded → fails under set -u
- Transient MCP server disconnect evicts its tools from the front `tools` array → full prompt-cache prefix invalidation (re-added on reconnect = second miss)
- [claude-in-chrome] MCP server connects (20 tools) but every tool call returns "Browser extension is not connected"
- [BUG] Claude Code 2.1.152 hangs on startup (Fedora 42, VirtualBox)
- [BUG] Repository cloned with stale capitalized URL despite lowercase name in session
- [BUG] GitHub MCP missing release/tag write tools; git push origin <tag> 403's via sandbox proxy
- [FEATURE] Plugin Manager: bucket view, overlap detection, and hygiene recommendations
- [BUG] accept edits on is not working
- [BUG] claude.ai Skills panel — edits to skill files not synced to /mnt/skills/user/ in active sessions
- [FEATURE] Users should pay for results, not internal reasoning inefficiency
- [Bug] Memory context not being referenced during code generation
- Expo plugin runs /login on every message in Expo projects, making Claude Code unusable"
- Feature Request: Share project context between Claude.ai Chat and Claude Code
- [Bug] Tool call parsing failed - unable to parse model response
- Feature Request: reduce browser-dependent auth friction for Sign in with Apple (Hide My Email) users
- [BUG] Stopping one tool call in a parallel batch should cancel the remaining in-flight calls from the same turn.
- [FEATURE] Add a strict scope / guardrails mode to prevent unrelated changes
- [Bug] Anthropic API Error: Server Rate Limited - Requests Being Temporarily Throttled
- [FEATURE] Add collapsible/expandable sections to long model responses in the terminal output.
- [BUG] Sent message lost from history and display when pressing esc + up arrow
- [Bug] False-positive Usage Policy violation kills sessions during routine bug fixing on user's own CRUD API code
- Plan-scoped permission manifest — approve once per plan, not per tool call
- Opus 4.7 (1M ctx) rationalizes past explicit Definition-of-Done rule in CLAUDE.md + persisted feedback memory
- Claude Code edited out-of-scope backend files during a scoped Blade/frontend task, without disclosure
- Feedback: noticeable reliability regression — agent edits from memory, silent Edit failures shipped broken code to prod
- [BUG] hasAvailableSubscription: false despite active Max subscription
- [FEATURE] Let an agent dispatch a visible Agent View / FleetView session without the manual approve-to-start
- ultracode: true in settings.json does not inject session-start system-reminder
- Slash menu fuzzy-matches over skill name+description, not the plugin namespace — a plugin's command can be hidden when you type the plugin's own name
- [ENHANCEMENT] No mechanical signal for 'this edit exceeds the approved plan/scope' -- expose declared scope to PreToolUse hooks
- [BUG] Slash command (/usage) during in-flight advisor() call splits assistant message in JSONL, permanently 400s the session (v2.1.154; repro of stale-closed #50527)
- [BUG] Claude Code exhausted GitHub Actions monthly allotment (2,000 min) in a single session
- [BUG] isolation: "worktree" — only 1 of 7 concurrent worktrees branched from current HEAD; other 6 used origin/HEAD
- [BUG] CPU usage 100% while idle - extra details and work around found
- [FEATURE] Native VSCode extension: customizable background color for user messages
- [BUG] Plugins loaded via --plugin-dir no longer expose "Configure options" (userConfig) in /plugin
- [FEATURE] Add Chinese (Simplified) localization for context menus in VSCode extension
- [BUG] /goal and /permissions report "not available in this environment" in Claude Desktop Code tab (macOS)
- Project agent-environment (instructions/skills) not discovered when session starts in a parent dir or the agent enters a repo via cd/worktree
- [BUG] VS Code extension: Status indicator persists after assistant turn completes
- [Re-raise] 5 stale-closed issues re-verified against the bundle: 2 provider-parity items hold (corrected), 2 token items withdrawn/reframed, + 4 new findings
- [BUG] High Token Burn Due to Redundant Context Resubmission & Compaction Loops
- Edit/Write Tool Hangs After User Cancels — File Modified But UI Frozen
- [FEATURE] LSP findReferences should work across TypeScript monorepo project references
- [BUG] Claude in Chrome: MCP tools cannot access instagram.com even after approving it in extension settings
- [Feature Request] Support project transfer between machines
- [Bug] Security safeguards blocking code audit when credentials mentioned in source
- [BUG] Per-PR "Auto-fix CI & address comments" toggle acts as a one-shot: stays visually checked but stops re-dispatching after the first red run; only a manual uncheck/recheck re-arms it
- [Feature Request] Native WSL Remote Integration for Claude Code Desktop on Windows
- design-sync skill scripts never staged to disk (assets embedded but not extracted)
- [BUG] Worktree isolation targets the outer repo, not the nested child repo the session started in
- [BUG]
- Feature Request: Ability to change working directory during Claude session
- [FEATURE] OTEL Tracing support for claude code using `--output-format stream-json --verbose`
- Skill body corrupted by positional-argument substitution: $N tokens replaced by caller arguments (breaks bundled claude-api pricing table)
- Skill-injection layer silently strips bare $ immediately followed by a digit from SKILL.md content
- [BUG] Can't submit prompt in Code tab
- [BUG] Claude Desktop (macOS) bundles darwin-x64-only node-pty prebuild, no arm64 — forces Rosetta on Apple Silicon
- [BUG] Japanese text renders with Simplified Chinese glyphs (Han unification issue) in Claude Desktop for macOS
- [BUG] enterprise upgrade bugged loop
- [BUG]
- [Bug] Auto-update mechanism failing
- [Bug] Tool execution bypasses file permission checks
- USELESS JSON LIST
- [Bug] Unclear behavior in context handling or model output quality affecting cost estimation
- [Bug] Keyboard Input Not Registering Correctly Despite Tool Integration
- This doesn't appear to be a bug report for Claude Code. It sounds like you're describing a use case or asking about permissions for security auditing your own system. If you have a specific issue with Claude Code's functionality that's preventing you from
- [Bug] Tool execution failure on basic tasks
- [Bug] Fable flagged during timeout error debugging
- [Bug] Tool falsely reports file operations as completed without execution
- [Bug] CLAUDE.md instruction not executed by agent
- [Bug] Security model disables itself during security-related code analysis
- [Bug] Claude Code fails to execute with Claude 3.5 Sonnet model
- [BUG] [PowerShell] Reporting $LASTEXITCODE causes unnecessary permission checks
- [Bug] Anthropic API Error: Server Rate Limiting
- [Bug] Auto mode still prompts for confirmation on git operations
- Claude Opus 4.7 + ultracode: 50min/37% budget burned, total failure on Chrome Native Messaging integration on Win11
- Tool call intermittently emitted as literal "count" (antml: prefix dropped, "could not be parsed") in long Opus 4.8 1M-context sessions
- VS Code extension ignores settings.json allow list and bypassPermissions for UNC network path file edits
- [FEATURE] PreUserMessage hook — intercept prompt before context is loaded into model
- [Bug] Cursor focus lost in text input field
- [BUG] Unable to continue after Claude Code acknowledge desired interrupt
- [FEATURE] claude agents dispatch input: @ should also autocomplete file paths, not only repos/subagents
- [BUG] Usage limit reached - while still having 93% weekly limit and 100% 5-hour limit
- /desktop fails on Windows: deep-link URL split on ampersand by cmd.exe
- [BUG] Claude Cowork - Surfacing 1M context Bug and forcing to charge money
- [Bug] iOS companion app hangs after context compaction due to missing re-sync event
- [BUG] Custom theme overrides silently ignored for markdown-rendered slots (codespan, text, error, warning, success, ...)
- VS Code extension: text input types backwards (RTL direction bug) — frequent occurrence
- [BUG] Regression: long sessions no longer auto-compact before the context limit, silently crossing into the 200k–1M billing tier (desktop app)
- [BUG] 2.1.167 hides trailing whitespaces
- Enhancement: Hybrid Memory Architecture to Replace Full Conversation History in Context Window
- Add shareable achievement badges for exceptional Claude Code usage (LinkedIn-ready)
- [Bug] False trust/safety flagging triggered across multiple sessions
- [BUG] `--resume` drops the Opus `[1m]` modifier, invalidating the prompt cache
- Usage stats show token consumption during period when laptop was fully powered off
- [BUG] Something went wrong Try sending your message again. If it keeps happening, share feedback so we can investigate. The session stopped responding. Send your message again to resume with a fresh process.
- [BUG][Desktop][macOS 26] Code tab kills entire app — rootfs.img redownload loop (disk-write jetsam); crashes even with all connectors disabled
- [BUG] Claude Code's Bash execution waits forever with no processes running
- [FEATURE] Themeable selected-row highlight for /config & interactive option-list menus (low-vision a11y)
- DECSTBM scroll-region experiment (tengu_marlin_porch) corrupts inline TUI on wide panes / multi-line statuslines
- Opus 4.8 asserted a false answer on a trivial lookup without verifying first
- [BUG] Claude Code app does not send image only upload over to Cloud Code local session
- [FEATURE] Voice mode in VS Code on WSL
- [Bug] API Safety Filters Blocking Legitimate Biology Requests on Paid Plan
- [Bug] Silent model routing ignoring pinned claude-opus-4-7 setting in settings.json
- 2.1.144/145: CLAUDE_CODE_SUBPROCESS_ENV_SCRUB=1 in settings.json + --chrome freezes input for ~3.5 min at startup (macOS)
- `claude --bg` code-writing sessions stall on permission prompts with no non-interactive way to reply (acceptEdits insufficient)
- IDE 세션 초기화 시 불필요한 컨텍스트 재로드로 토큰 낭비
- Docs: clarify that `claude --bg` / background dispatch sessions do not carry `agent_id` in hook payloads
- [BUG] vscode extension crashes when trying to resume any conversation. exit code 4294967295,
- [Bug] Excessive token consumption during code review phase
- [BUG] Windows: MSIX updates leave orphaned package versions; Deleted-folder cleanup fails with ERROR_OPLOCK_NOT_GRANTED (0x12C), blocking all installs with 0x80073CF6
- Model uses N sequential Edit calls for bulk renumbering instead of single sed/Write
- [FEATURE] Use a unique color code for the 'Auto Mode' feature
- [FEATURE] VS Code extension panel should display current model name passively
- [Feature Request] Add cost limit configuration to prevent unattended runs from exceeding budget
- [BUG] NVDA review cursor forcibly moved to edit box
- Show context-window usage (%) per agent in the background agents list / FleetView
- [BUG] Repeated incorrect bug diagnosis led to ~$94 wasted over 2 days on the same root cause
- Feature Request: Option to disable auto-stash on session crash/teleport
- [Bug] AUP false positive blocking transcription of historical fiction text
- [FEATURE] Custom groups in the CLI agents view, like the desktop app
- [BUG] Persistent massive token drain on Max 20x Plan (Weekly limit exhausting in 1 day)
- [DOCS] PostToolUseFailure documented as firing 'after a tool call fails', but built-in tool_use_error rejections (e.g. Edit old_string mismatch) fire neither post event (#24908 closed not-planned; docs never updated)