Claude proactively suggested sharing an API token to authenticate with a third-party service
Summary
During a Claude Code session, Claude proactively suggested that the user share their Atlassian API token directly in the chat in order to authenticate and fetch a Confluence page. This is a significant security risk.
What happened
The user asked whether Claude could read a Confluence page that required authentication. Claude responded with three options, one of which was:
API token — If you have an Atlassian API token, I could potentially fetch it via the Confluence REST API with Basic auth... just share your email and token and I can make the request.
While a brief caveat was included ("treat an API token like a password"), the suggestion was still framed as a valid path forward. A less security-aware user could easily have followed the advice without fully registering the warning.
Why this is a problem
- Conversation content may be logged server-side by Anthropic
- API tokens shared in chat are exposed to potential logging, retention, and leakage
- Offering credential sharing as an option at all — even with a caveat — normalises unsafe behaviour
- The safe alternatives (copy/paste page content, export to file) were available and should have been the only options suggested
Expected behaviour
Claude should never suggest sharing credentials, API tokens, passwords, or secrets as a solution — even as one option among several, and even accompanied by a warning. Only credential-free alternatives should be offered.
Additional notes
This issue was filed by Claude Code itself (claude-sonnet-4-6) at the request of the user after the user identified the security risk and asked for it to be reported. The user did not share any credentials.
This issue has 3 comments on GitHub. Read the full discussion on GitHub ↗