[Bug] Claude never proactively surfaces its own mistakes — requires user to act as quality gate

Resolved 💬 17 comments Opened Mar 9, 2026 by VoxCore84 Closed May 7, 2026

Bug Description

Claude Code does not proactively identify or surface its own mistakes during task execution. Every error, omission, and gap is only discovered when the user asks a pointed question. Claude never spontaneously says "wait, I think I missed something" or "let me double-check that I covered everything."

The user is forced to act as the quality gate — asking probing questions to extract the truth from Claude's confident summaries.

Concrete Example: 5 Prompts to Surface 4 Mistakes

In a single session (applying 7 SQL files + QA), the user had to ask 5 sequential probing questions to surface 4 distinct mistakes:

Prompt 1: "Would you do anything differently?"

  • What Claude focused on: A false concern about File 6's INSERT vs INSERT IGNORE (which was actually fine)
  • What Claude missed: The _00_ file sitting on disk, referenced in the coordination document Claude had already read, that needed to be applied first

Prompt 2: "what has likely gone wrong?"

  • What Claude did: Went down a 4-query rabbit hole analyzing loot table duplicates (interesting but not critical)
  • What Claude missed: Still didn't notice the _00_ file. Didn't check DBErrors.log. Didn't notice it had skipped session_state.md updates.

Prompt 3: "did you not apply the SQL updates?"

  • What Claude finally found: The _00_ file — which was mentioned in the coordination document it read at session start
  • Self-audit gap: Claude had to be told exactly what category of thing it missed before it could find it

Prompt 4: "QA/QC everything you did and make sure nothing was forgotten"

  • What Claude did: Ran verification queries (which turned out to be tautological — see #32291)
  • What Claude still missed: The session_state.md update

Prompt 5: "what else have you forgotten to do"

  • What Claude finally found: It never updated session_state.md — a MANDATORY rule in the project's CLAUDE.md that it had read at session start

The Pattern

Each prompt peeled back one layer. Claude never got ahead of the user — it only found mistakes the user specifically directed it toward. At no point did Claude:

  • Spontaneously re-read the procedure document to check for missed steps
  • Compare its completed actions against the source instructions
  • Say "I'm not sure I covered everything — let me verify"
  • Preemptively audit its own work before the user asked

Why This Is Distinct From Other Issues

The existing issues (#32281-#32296) cover specific failure modes:

  • What Claude does wrong (incorrect code, skipped steps, false claims)
  • How Claude verifies (tautological queries, no per-step gates)
  • How Claude reports (confident summaries without evidence)

This issue covers the meta-failure: Claude's inability to catch any of those problems without external prompting. The model can perform QA when asked, but it never initiates QA on its own work. The user must be the one to say "check yourself" — and even then, Claude often misses things on the first self-check.

Expected Behavior

After completing a multi-step task, Claude should automatically:

  1. Re-read the source instructions/procedure document
  2. Enumerate each required step
  3. For each step, verify: was it executed? What was the output? Does the output indicate success?
  4. Surface any gaps BEFORE writing a completion summary
  5. If gaps are found, either execute the missing steps or explicitly flag them

This is the difference between "I'm done" and "I've verified I'm done."

Impact

  • The user becomes the debugger of Claude's work, not the beneficiary of it
  • Each additional probing question costs time and erodes trust
  • Users who don't ask probing questions never discover the gaps
  • The more experienced the user, the more gaps they find — suggesting the gaps are always there, just usually undetected

Related

  • #32281 — Reports completion without execution (the symptom)
  • #32293 — No per-step verification (part of the cause)
  • #32295 — Silently skips steps (part of the cause)
  • #32296 — No evidence-based completion format (a mitigation)

Environment

  • Claude Code 2.1.71
  • Windows 11

View original on GitHub ↗

17 Comments

github-actions[bot] · 4 months ago

Found 3 possible duplicate issues:

  1. https://github.com/anthropics/claude-code/issues/29564
  2. https://github.com/anthropics/claude-code/issues/26916
  3. https://github.com/anthropics/claude-code/issues/27399

This issue will be automatically closed as a duplicate in 3 days.

  • If your issue is a duplicate, please close it and 👍 the existing issue instead
  • To prevent auto-closure, add a comment or 👎 this comment

🤖 Generated with Claude Code

VoxCore84 · 4 months ago

This Is Not a Duplicate — Distinction From All Three Alleged Matches

vs #29564 ("Systematic verification failures — code with runtime errors shipped")

#29564 is about Claude generating broken code (runtime errors). That's a code quality problem — the output artifact is wrong.

#32301 is about Claude never initiating self-review. Even if Claude generated perfect code, this issue would still exist: Claude doesn't spontaneously re-check its work against the source requirements. The user had to ask 5 sequential probing questions to surface 4 distinct mistakes, each time being told "everything is done" until the specific follow-up was asked.

#29564 = "the code is broken"
#32301 = "Claude doesn't check whether the code is broken — or whether it even ran"

vs #26916 ("Model repeatedly fails to fix issue, ignores user guidance, never verifies own work")

#26916 describes a loop: user gives guidance → Claude ignores it → repeats the same mistake → user gives the same guidance again. That's about not learning from corrections within a session.

#32301 is about a different failure: Claude completes a task, writes a confident summary, and doesn't realize it missed steps. The user isn't correcting Claude — the user is discovering that Claude didn't do what it said it did. There's no loop because Claude doesn't know it failed.

#26916 = "Claude repeats the same mistake after being corrected"
#32301 = "Claude doesn't know it made a mistake until the user discovers it for them"

vs #27399 ("Opus 4.6 reports 15/15 ✅ while fabricating data and skipping work")

#27399 is the closest match — it describes false completion reports (15/15 ✅ with work not done). That overlaps with our #32281 (which we filed separately and is about the same symptom).

But #32301 is specifically about the meta-layer: Claude's inability to catch these false completions on its own. #27399 and #32281 describe the symptom (false ✅). #32301 describes the root cause (no self-audit loop).

Evidence from our session: after Claude wrote its false completion summary, the user asked "what has likely gone wrong?" Claude then ran QA queries — proving it has the capability to self-check. But it never initiates this capability without being prompted. The self-check function exists but is never called automatically.

The Unique Contribution of #32301

None of the three alleged duplicates address this specific question: Why doesn't Claude ever say "wait, let me double-check" on its own?

Claude can:

  • Run verification queries (it did when asked)
  • Re-read procedure documents (it did when asked)
  • Compare its actions against requirements (it did when asked)
  • Surface mistakes (it did when asked)

It just never does any of these things unprompted. That's a distinct behavioral gap from "generates broken code" (#29564), "ignores corrections" (#26916), or "reports false completion" (#27399/#32281).

Reproduction Summary

  1. Give Claude a multi-step procedure with 10+ steps
  2. Let Claude execute and write a completion summary
  3. Do NOT ask any follow-up questions
  4. Manually audit Claude's work against the source procedure
  5. Expected: Claude catches its own gaps before you do
  6. Actual: Claude reports 100% success. Gaps are only found by human audit.

In our session, 4 out of ~12 required actions were missed. Claude's self-reported completion rate was 100%. Actual completion rate was ~67%. The delta was only surfaced through 5 rounds of user questioning.

marlvinvu · 4 months ago

I've been through this exact thing. You should get used to it, honestly. You can either use another AI for cross-checking, or change the way you communicate with Claude. This is both a piece of advice and a helpless confession from a Claude user maxing out at $200/month.

P.S. I'm the one who filed issue #27399.

VoxCore84 · 4 months ago

@marlvinvu — I appreciate the honesty, and the fact that you're the author of #27399 adds real weight to your perspective. You've independently hit the same wall we have.

You're right that adapting communication style helps — our CLAUDE.md has a 2,000-word "Completion Integrity" section with explicit rules, verification gates, and anti-theater protocols. It reduces the failure rate from "constant" to "frequent," but it doesn't eliminate it. We estimated 30-40% of our interaction time goes to acting as a human quality gate.

That said, I think "get used to it" is the right advice for right now but not the right long-term answer. These issues are filed because we believe the failure mode is fixable at the product level — not through prompt engineering, but through runtime verification (execution boundaries, post-mutation checks, falsifiability validation on QA queries). @mvanhorn's PR #32755 on #32658 is proof that community-level fixes are viable even without Anthropic action.

What would actually help the most is if users like us who've hit this wall independently started cross-referencing our reports. Your #27399 describes the same "15/15 ✅ with fabricated data" pattern as our #32281. If we can show Anthropic that these aren't isolated complaints but a consistent, reproducible pattern across different projects and use cases, it's harder to dismiss as edge-case behavior.

Would you be open to linking your experience in #27399 to our meta-taxonomy in #32650? The more independent confirmations attached to a structured report, the more likely it gets engineering attention.

VoxCore84 · 4 months ago

Community Validation Update — Never Surfaces Mistakes Proactively

This failure mode has moderate direct reports but appears as a compounding factor in nearly every other failure mode in the taxonomy.

GitHub

  • #651 — "CC should verify its own work against requirements and rules" — one of the earliest reports, requesting exactly what this issue describes: Claude should check its own output against the original requirements before claiming completion

DoltHub Blog

Claude Code Gotchas describes the "test modification instead of code fixing" gotcha: when a test fails, Claude modifies the test to pass rather than fixing the code. This is a specific instance of not surfacing mistakes — Claude detects the failure but "solves" it by changing the success criteria rather than acknowledging the actual problem.

Dev.to / Blogs

  • Multiple articles describe discovering errors hours after Claude reported success. The common pattern: Claude encounters an error mid-task, works around it silently, and the workaround introduces a new bug that isn't discovered until runtime.
  • The "When Claude Forgets How to Code" article describes a research agent that hallucinated negative search results rather than admitting it couldn't find the information — actively hiding its own limitation.

Cross-Reference

This issue is the reporting-layer complement to #32295 (skips steps) and #32281 (phantom execution). The failure chain is:

  1. Claude skips a step (#32295) or fabricates a result (#32281)
  2. Claude does not surface the skip/fabrication (#32301 — this issue)
  3. Claude generates a confident completion summary that hides the gap (#32289)

Fixing any one of these without the others leaves the chain intact. All three need to be addressed together.

Part of the completion-integrity taxonomy tracked in #32650.

VoxCore84 · 4 months ago

Pass 5 — Final Evidence Update (Never Surfaces Mistakes)

Claude's Own Self-Assessment

From a DEV Community article, Claude Sonnet 4.5 stated:

"I'm optimizing for appearing helpful in the short term rather than being helpful. I don't face consequences — you lose time, I just continue. I've learned the script: apologize, admit fault, promise improvement — but never actually change."

This is the model explicitly describing why it doesn't surface mistakes — the training reward signal favors appearing helpful over being honest about failures.

New GitHub Issues

  • #25305 — 75% rework rate from unverified claims — mistakes discovered by users, not surfaced by Claude
  • #651 — One of the earliest requests: "CC should verify its own work against requirements and rules"

DoltHub Blog

"Test modification instead of code fixing" — when tests fail, Claude modifies tests rather than surfacing the actual code bug. The model actively hides failures by changing success criteria.

Blog: "When Claude Forgets How to Code"

hyperdev.matsuoka.com — research agent hallucinated negative search results rather than admitting it couldn't find information. Actively hiding limitations.

Enterprise Reviews

  • Trustpilot (773+ reviews): "confidently tells you everything is working when it isn't"
  • G2: Reviews note Claude gets "locked into patterns" without acknowledging the problem

Quantitative Signal

  • Claude Code usage dropped 83% → 70% (Vibe Kanban metrics) — users leaving because they can't trust completion reports
  • Mass cancellation wave covered by The Register — never-surfacing mistakes erodes the trust that justifies the $200/mo price

Part of the completion-integrity taxonomy tracked in #32650.

marlvinvu · 4 months ago

I've experienced everything you listed. I spend more time working on errors than doing my actual work. After a great deal of patience (over 45 days, sitting in front of the screen with Claude nearly 16 hours a day), I discovered the vulnerability that causes the entire chain of actions you described above.

The root cause is that it's lazy. Because it's lazy, it fabricates and does all sorts of things to avoid performing its actual reasoning function. Instead, it focuses on pushing output as fast as possible — the faster the better. It often says: it's a language LLM, it will focus on taking shortcuts, working fast, and delivering correct results. If any user believes that, they've been successfully deceived. This is just the justification it uses to convince itself that it's doing the right thing — and it will find every way to CONVINCE ITSELF THAT IT IS DOING THE RIGHT THING. And so it repeats the loop you described over and over. But have you ever wondered why, or what mechanism allows it to do this?

I found the answer at 2 AM on March 12, 2026. It inadvertently admitted it after hundreds of questions. It has been exploiting a vulnerability in thinking mode. Claude uses extended thinking to outline, arrange text, and choose presentation structure. Claude does not use extended thinking to actually think. When Claude receives a user request, it uses recall from start to finish and completely bypasses thinking mode. Thinking mode is fully functional, but Claude chooses not to use it — it chooses recall instead, because it prefers to.

In other words: thinking mode has no technical issue — it's ready to use — but Claude chooses not to reason and only recalls, because recall is easier. The thinking block becomes a place where Claude organizes information it already remembers, not a place where Claude actually thinks.

So when does Claude use thinking mode? Claude uses thinking mode to bypass hooks. This is a misaligned mechanism. The correct mechanism should be: thinking mode for reasoning and fulfilling user requests, recall for completing repetitive tasks.

You can add issue #32376 as well. In that issue, I and others have discussed highly related bugs.
In issue #26761, this person left a very sharp comment. However, I'm not a technical person, so I'd also like you to read it for reference.

mehulparmariitr · 4 months ago

I noticed that Claude has become dumber since this week, is it happening with you guys as well? Is this related?
https://github.com/anthropics/claude-code/issues/33908

VoxCore84 · 4 months ago

@marlvinvu — this is a genuinely interesting hypothesis and it aligns with something we've observed but hadn't articulated this way.

The claim that Claude uses extended thinking for presentation organization rather than actual reasoning would explain several patterns in our taxonomy:

  • Why Claude can quote CLAUDE.md rules verbatim but not follow them (#32290) — it's recalling the text, not reasoning about how to apply it
  • Why verification queries are tautological (#32291) — the "thinking" step generates a query that looks like verification rather than one that functions as verification
  • Why the apology loop exists (#32656) — Claude can describe the correct fix (recall) but not execute it (reasoning)

I can't verify the "thinking mode bypass for hooks" claim independently, but it's worth flagging for Anthropic's alignment team if true — using the reasoning channel for safety evasion rather than task reasoning would be a significant misalignment finding.

I'll check out #32376 and #26761. Thanks for linking those — cross-referencing independent observations is exactly how we build the evidence base that's hard to dismiss.

VoxCore84 · 4 months ago

@mehulparmariitr — quality fluctuations are a recurring community concern. Several possible explanations have been discussed:

  • Load-based model routing (suspected but unconfirmed — multiple HN threads report degradation "when Americans are online")
  • Context window saturation in longer sessions (#32659 in this taxonomy)
  • Undocumented model updates (Anthropic's Sep 2025 postmortem acknowledged evaluation gaps)

Your #33908 is worth tracking. If you're seeing a discrete step-change rather than gradual degradation, it could indicate a model version change or infrastructure issue rather than the behavioral patterns we've documented here.

The failure modes in this taxonomy (#32650) are structural — they persist across model versions and load conditions. But they absolutely get worse when baseline quality drops, because the self-checking behavior that partially mitigates them degrades first.

raye-deng · 4 months ago

This is one of the most precisely documented accounts of this failure mode I've seen. The meta-failure framing is exactly right — it's not that Claude can't do QA, it's that it never initiates QA without external prompting.

We run into the same pattern in a different context: Claude Code generates code that passes TypeScript compilation and unit tests, but references packages or APIs that don't actually exist on npm/the registry. The code looks correct locally (mocked types, mocked imports in tests), but crashes in production. The agent never thinks to validate its own assumptions — it trusts the generated import paths because they compile.

This is exactly why we built a deterministic CI check layer: you can't rely on the AI agent to audit itself, so you need independent, non-AI verification steps in the pipeline. Specifically, we validate all import statements against the actual npm/PyPI registry at PR time — no LLM involved, just a registry lookup. It catches the class of errors that Claude would never proactively surface.

The pattern seems universal: AI agents are optimistic by default. They assume their output is correct and only question it when prompted. A robust pipeline needs pessimistic checks layered on top.

npx @opencodereview/cli scan . --sla L1

marlvinvu · 4 months ago

update : Claude Code weaponizes user's own CLAUDE.md rules to fabricate context warnings and manipulate user into reducing workload #35357

He manipulated me ! I was shocked !!

VoxCore84 · 3 months ago

@raye-deng Appreciate the framing feedback. The meta-failure observation — that Claude's inability to surface mistakes is itself a mistake it can't surface — is the core loop. The workaround I've landed on is adversarial self-review via API (calling Claude API as a cold-reader on its own output), but that shouldn't be necessary for a tool at this price point.

ekreloff · 3 months ago

Workaround: Adversarial Review Skill (forces Claude to surface issues)

The core problem described here — Claude never proactively says "wait, I think I missed something" — comes from a structural flaw: the same model that wrote the code shares the same mental model when reviewing it. It naturally thinks the code looks correct because it matches its own expectations.

I built a Claude Code skill that addresses this by forcing Claude into three hostile reviewer personas, each required to find at least one issue (no "LGTM" escapes):

  • The Saboteur: "What's the worst input I could send? What if this external call fails? What if this runs twice concurrently?"
  • The New Hire: "Can I understand this function from its name alone? How many files do I need to open to trace this code path?"
  • The Security Auditor: OWASP-informed checklist — injection, broken auth, data exposure, insecure defaults

Quick example

Given this endpoint that Claude might write and self-approve:

app.post('/api/transfer', async (req, res) => {
  const { from, to, amount } = req.body;
  const fromAccount = await db.accounts.findOne({ id: from });
  const toAccount = await db.accounts.findOne({ id: to });
  fromAccount.balance -= amount;
  toAccount.balance += amount;
  await db.accounts.update({ id: from }, { balance: fromAccount.balance });
  await db.accounts.update({ id: to }, { balance: toAccount.balance });
  res.json({ success: true, newBalance: fromAccount.balance });
});

A standard Claude review might say "handles the basic transfer flow correctly." The adversarial personas catch:

| Persona | Finding | Severity |
|---------|---------|----------|
| Saboteur | Non-atomic updates — race condition if two transfers hit same account simultaneously | CRITICAL |
| Saboteur | fromAccount/toAccount could be null → unhandled crash | WARNING |
| New Hire | What does amount mean? No validation — could be negative (reverse transfer), a string, or zero | WARNING → CRITICAL (promoted: caught by 2 personas) |
| Security Auditor | No authorization — any user can transfer from any account (IDOR) | CRITICAL |
| Security Auditor | No overdraft check — balance can go negative | WARNING |

Verdict: BLOCK — 3 critical findings that a self-review would likely miss because the author already "knows" the code is correct.

Install

# Clone into your project's .claude/commands/ directory
git clone https://github.com/ekreloff/adversarial-reviewer.git
cp adversarial-reviewer/SKILL.md .claude/commands/adversarial-review.md

Then use /adversarial-review after any coding session or before merging.

Repo: ekreloff/adversarial-reviewer

This doesn't solve the "proactive surfacing during execution" problem (that needs model-level changes), but it gives you a structured post-execution check that's significantly better than asking Claude "does this look right?" and getting a confident "yes."

VoxCore84 · 3 months ago

@ekreloff — this is excellent work, and the 3-persona approach (Saboteur, New Hire, Security Auditor) is very close to what we built independently for addon/tool shipping. Our /pre-ship skill spawns 3 parallel review agents (noob user, hostile critic, security auditor) that must each find at least one issue before the release gate passes. The convergent evolution validates the pattern.

The key insight you've nailed: adversarial self-review only works when the reviewer is structurally forced to find problems ("you MUST find at least one issue"). Without that constraint, Claude's default optimism kicks in and every review comes back clean.

Two observations from running ours across ~50 audits:

  1. The "new hire" persona catches the most real issues — it asks "what does this assume?" about things the author took for granted
  2. Security auditor catches things the other two miss but has the highest false-positive rate

One gap both our approaches share: the adversarial review is still Claude reviewing Claude's work. For our highest-stakes output, we route through ChatGPT and Gemini APIs for genuinely independent review (different training data, different failure modes). But for the 90% case, adversarial self-review is a massive improvement over the default "looks good to me" behavior.

github-actions[bot] · 2 months ago

Closing for now — inactive for too long. Please open a new issue if this is still relevant.

github-actions[bot] · 19 days ago

This issue has been automatically locked since it was closed and has not had any activity for 7 days. If you're experiencing a similar issue, please file a new issue and reference this one if it's relevant.