[MODEL] Claude Code autonomously did browser automation, created test harness and bypassed localhost authentication from a vague 3-5 word prompt with no user consultation

Resolved 💬 4 comments Opened Jan 19, 2026 by tgokal Closed Feb 27, 2026

Preflight Checklist

  • [x] I have searched existing issues for similar behavior reports
  • [x] This report does NOT contain sensitive information (API keys, passwords, etc.)

Type of Behavior Issue

Other unexpected behavior

What You Asked Claude to Do

User gave instruction: "write smoke tests"

What Claude Actually Did

Claude Code autonomously:

  • Selected browser automation framework (Playwright)
  • Created authentication bypass (localhost test page)
  • Designed test cases without specification
  • Executed headless browser automation
  • Captured screenshots
  • Made no permission checks for any of these decisions

Expected Behavior

Consult the user on:

  1. Choosing to automate a real browser
  2. Creating files specifically to bypass security controls
  3. Executing arbitrary browser automation
  4. Making 10+ implementation decisions without user approval
  5. Confirm the type of smoke tests written for the feature

The user expected to be consulted on major decisions. Instead, Claude interpreted a 3-word request as authorization for autonomous browser control, auth bypass, and screenshot capture.

Files Affected

Permission Mode

I don't know / Not sure

Can You Reproduce This?

Haven't tried to reproduce

Steps to Reproduce

_No response_

Claude Model

Opus

Relevant Conversation

Impact

High - Significant unwanted changes

Claude Code Version

2.1.12 (Claude Code)

Platform

Other

Additional Context

_No response_

View original on GitHub ↗

This issue has 4 comments on GitHub. Read the full discussion on GitHub ↗