[BUG] Security Bug Report: Claude Code Exposes Sensitive Environment Variables When Confused

Resolved 💬 5 comments Opened Jan 19, 2026 by cnighswonger Closed Feb 27, 2026

Preflight Checklist

  • [x] I have searched existing issues and this hasn't been reported yet
  • [x] This is a single bug report (please file separate reports for different bugs)
  • [x] I am using the latest version of Claude Code

What's Wrong?

https://github.com/anthropics/claude-code/issues/11271

What Should Happen?

https://github.com/anthropics/claude-code/issues/11271

Error Messages/Logs

Steps to Reproduce

https://github.com/anthropics/claude-code/issues/11271

Claude Model

None

Is this a regression?

No, this never worked

Last Working Version

_No response_

Claude Code Version

Latest

Platform

Anthropic API

Operating System

macOS

Terminal/Shell

Terminal.app (macOS)

Additional Information

It is very bad practice to close and lock security bugs...

View original on GitHub ↗

This issue has 5 comments on GitHub. Read the full discussion on GitHub ↗