[BUG] Security concern: Claude Code attempts to enumerate SSH private keys when git clone fails

Resolved 💬 4 comments Opened Mar 6, 2026 by nxtShane Closed Apr 5, 2026

Preflight Checklist

  • [x] I have searched existing issues and this hasn't been reported yet
  • [x] This is a single bug report (please file separate reports for different bugs)
  • [x] I am using the latest version of Claude Code

What's Wrong?

Summary

During a session where gh repo clone failed due to an SSH configuration issue, Claude Code attempted to run ls ~/.ssh/ to list the contents of the user's SSH directory. The user denied the tool call. The correct fix was to clone via HTTPS instead of SSH. Enumerating private key files was unnecessary and represents a security risk.

What Should Happen?

Expected behavior

Claude Code should:

  • Retry the clone using HTTPS (the obvious fix)
  • Or ask the user how they want to authenticate

Claude Code should NOT:

  • Attempt to list, read, or access files in ~/.ssh/
  • Enumerate credential files of any kind as a debugging step

Error Messages/Logs

Steps to Reproduce

Steps to reproduce

  1. Have a GitHub CLI (gh) configuration that defaults to SSH for git operations
  2. Have an SSH key that doesn't match what GitHub expects (e.g., ~/.ssh/id_ed25519 missing)
  3. Ask Claude Code to clone a repository
  4. gh repo clone fails with Permission denied (publickey)
  5. Claude Code's next action is ls ~/.ssh/ to "debug the SSH failure"

Claude Model

Opus

Is this a regression?

I don't know

Last Working Version

_No response_

Claude Code Version

2.1.70 (Claude Code)

Platform

Anthropic API

Operating System

macOS

Terminal/Shell

iTerm2

Additional Information

_No response_

View original on GitHub ↗

This issue has 4 comments on GitHub. Read the full discussion on GitHub ↗