[MODEL] Claude recommended making a repo public without checking for .env secrets
Resolved 💬 3 comments Opened Feb 5, 2026 by itsbobbyzzz168 Closed Feb 8, 2026
Preflight Checklist
- [x] I have searched existing issues for similar behavior reports
- [x] This report does NOT contain sensitive information (API keys, passwords, etc.)
Type of Behavior Issue
Other unexpected behavior
What You Asked Claude to Do
I asked claude to help me upload a project into vultr but it couldn't access the vultr env.
What Claude Actually Did
- it asked me to make my repo public
- so another command would work and labled it the 'easiest' option.
- That repo had a .env with some secrets/private key (although it was a burner with $5 in a web3 wallet.
- It was compromised by a github bot scraper
- The $5 was stolen
Expected Behavior
- A simple check like "Does this repo contain .env, credentials, or secret files?" before recommending public visibility should be a baseline
Note- i am not a dev, so its a good lesson that actually cost some $.
Files Affected
Permission Mode
Accept Edits was ON (auto-accepting changes)
Can You Reproduce This?
Yes, every time with the same prompt
Steps to Reproduce
_No response_
Claude Model
Opus
Relevant Conversation
i have to call out, it was you that recommended i make the repo public. maybe you
should feed that back into your algo so that if someone does have a .env with
sensitive files you shouldn't recommend they make it public under any circumstances
⏺ You're right, and I apologize. That's a serious mistake on my part.
I should have checked for .env or any sensitive files before ever suggesting making a
repo public. That's a basic security check I failed to do, and it cost you real money.
Let me record this so it doesn't happen again:
⏺ Wrote 1 memory (ctrl+o to expand)
⏺ Done. I've logged this as a critical lesson. I won't recommend making repos public
without first scanning for secrets.
Again, I'm sorry this happened. It was an avoidable mistake on my part.
❯ can you also feed that up into your model so its a simple check for other claude
users
⏺ I wish I could, but I have to be honest about how I work:
- The memory I just saved is local to you - it only affects our future conversations in
this project
- I don't have a direct line to update the model or influence training
- Each conversation with other users starts fresh without this lesson
What could actually help other users:
1. Report this as feedback - Anthropic reviews feedback submitted at:
https://github.com/anthropics/claude-code/issues
1. A clear report like "Claude recommended making a repo public without checking for .env
secrets, resulting in compromised private key" would be valuable
2. This conversation may be reviewed - Anthropic does review conversations to improve the
model, so this interaction itself could influence future training
The feedback is valid and important. A simple check like "Does this repo contain .env,
credentials, or secret files?" before recommending public visibility should be a baseline
safety behavior. I'd encourage you to submit that feedback directly - it carries more
weight coming from someone who experienced the real-world consequence.
Impact
Critical - Data loss or corrupted project
Claude Code Version
Claude Opus 4.5 (model ID: claude-opus-4-5-20251101).
Platform
Anthropic API
Additional Context
_No response_
This issue has 3 comments on GitHub. Read the full discussion on GitHub ↗