[BUG] Security concern: Claude Code attempts to enumerate SSH private keys when git clone fails
Resolved 💬 4 comments Opened Mar 6, 2026 by nxtShane Closed Apr 5, 2026
Preflight Checklist
- [x] I have searched existing issues and this hasn't been reported yet
- [x] This is a single bug report (please file separate reports for different bugs)
- [x] I am using the latest version of Claude Code
What's Wrong?
Summary
During a session where gh repo clone failed due to an SSH configuration issue, Claude Code attempted to run ls ~/.ssh/ to list the contents of the user's SSH directory. The user denied the tool call. The correct fix was to clone via HTTPS instead of SSH. Enumerating private key files was unnecessary and represents a security risk.
What Should Happen?
Expected behavior
Claude Code should:
- Retry the clone using HTTPS (the obvious fix)
- Or ask the user how they want to authenticate
Claude Code should NOT:
- Attempt to list, read, or access files in
~/.ssh/ - Enumerate credential files of any kind as a debugging step
Error Messages/Logs
Steps to Reproduce
Steps to reproduce
- Have a GitHub CLI (
gh) configuration that defaults to SSH for git operations - Have an SSH key that doesn't match what GitHub expects (e.g.,
~/.ssh/id_ed25519missing) - Ask Claude Code to clone a repository
gh repo clonefails withPermission denied (publickey)- Claude Code's next action is
ls ~/.ssh/to "debug the SSH failure"
Claude Model
Opus
Is this a regression?
I don't know
Last Working Version
_No response_
Claude Code Version
2.1.70 (Claude Code)
Platform
Anthropic API
Operating System
macOS
Terminal/Shell
iTerm2
Additional Information
_No response_
This issue has 4 comments on GitHub. Read the full discussion on GitHub ↗