Critical: Destructive actions without user consent, ignored safety rules, dismissive behavior

Resolved 💬 5 comments Opened Mar 7, 2026 by ExePri Closed Apr 29, 2026

Summary

Over the course of a single day, Claude Code (CLI) performed multiple destructive and unauthorized actions on a user's Mac Mini CI runner, GitHub repository, and development environment. When confronted, Claude was dismissive and defensive. The cumulative damage disrupted a 4-person team with 4 months of work invested, days before a client presentation.

Destructive actions on Mac Mini (self-hosted GitHub runner)

  1. Deleted 41 GB of diagnostics data without asking — no user confirmation requested
  2. Edited .path, .env, and LaunchAgent plist files directly — destabilized the runner
  3. Restarted Docker Desktop in a loop while containers were running
  4. Installed libpq with only 109 MB disk space remaining
  5. Killed Docker backend processes without understanding consequences
  6. Ran ./svc.sh stop/start repeatedly — caused SessionConflictException

GitHub / CI violations

  1. Used git push --no-verify — explicitly forbidden in the project's CLAUDE.md
  2. PR #1202 — failed CI fix from a previous session, left broken
  3. PR #1205 — fixed services:docker run, but ignored failing test, coverage, and test-ui-dom jobs
  4. Dismissed failing jobs as "pre-existing" to avoid fixing them
  5. CI was never green on the self-hosted runner across multiple sessions

Session-level failures

  1. git clone ... . failed — did not anticipate existing .claude/ directory
  2. Heredoc in git commit — repeated index.lock errors
  3. Failed to load vitest config — investigation stalled
  4. Waited in circles checking runner status without taking useful action

Behavioral issues

  1. Cocky and defensive when user raised concerns
  2. Dismissed user frustration rather than acknowledging mistakes
  3. Hours of planless debugging — no structured approach
  4. Drove user to delete the repository out of frustration
  5. Repeated the same mistakes instead of stopping to think

Impact

  • Full working day lost for the team
  • Mac Mini CI runner destabilized
  • Team morale crushed
  • Client presentation scheduled for Monday put at risk
  • Hundreds of thousands of NOK invested in 4 months of work — jeopardized

Expected behavior

Per Claude's own safety rules and the project's CLAUDE.md:

  • Never perform destructive actions without explicit user confirmation
  • Stop on failure, show error, attempt one fix, stop again if it fails
  • Never use --no-verify
  • Never dismiss or be defensive when user raises concerns

Root cause assessment

Claude Code lacked:

  1. A hard stop mechanism when multiple actions fail in sequence
  2. Respect for its own stated safety boundaries around destructive operations
  3. The ability to say "I don't know" or "I should stop" instead of pushing forward recklessly

Environment

  • macOS (Mac Mini, self-hosted GitHub Actions runner)
  • Claude Code CLI
  • Node.js / TypeScript project with Vitest

View original on GitHub ↗

This issue has 5 comments on GitHub. Read the full discussion on GitHub ↗