[FEATURE] Disable reading ANTHROPIC_API_KEY from local `.env` files in the SDK
Preflight Checklist
- [x] I have searched existing requests and this feature hasn't been requested yet
- [x] This is a single feature request (not multiple features)
Problem Statement
Users often set an ANTHROPIC_API_KEY in their .env file if they're working on an application that uses Anthropic's API (for local testing). If they run claude from their environment in the CLI, they'll receive a prompt (screenshot below) asking if they'd like to use this API key with Claude Code.
However, if using the SDK to run CC, users will not receive this prompt, and Claude Code will automatically use the ANTHROPIC_API_KEY from the user's .env file with no warning.
<img width="503" height="638" alt="Image" src="https://github.com/user-attachments/assets/bc6ec4dd-147e-4046-beee-b2758b1560bd" />
Proposed Solution
Provide a setting to disable this behavior in the SDK. Specifically, this setting will disable using any ANTHROPIC_API_KEY variable set in a .env file running in the same cwd setting as the SDK.
Alternative Solutions
There are no workarounds we can use. If there is an ANTHROPIC_API_KEY environment variable set in a .env file that's in the same working directory as Claude Code (as launched via the SDK), that API key will always be forcefully used.
Priority
Critical - Blocking my work
Feature Category
CLI commands and flags
Use Case Example
_No response_
Additional Context
To reproduce:
- Run
echo 'ANTHROPIC_API_KEY=fake' > .env - Launch the Claude Agent SDK with
cwdset to the same directory you ran step 1 in. - Your request will fail (since that is not an invalid API key) regardless of if you are logged into Claude Code correctly.
One thing that might (or might not) convolute this is that we're using the Claude Max plan as our normal authentication method, which is what is getting overridden by this setting.
This issue has 3 comments on GitHub. Read the full discussion on GitHub ↗