Claude proactively suggested sharing an API token to authenticate with a third-party service

Resolved 💬 3 comments Opened Mar 16, 2026 by pruinsure Closed Mar 20, 2026

Summary

During a Claude Code session, Claude proactively suggested that the user share their Atlassian API token directly in the chat in order to authenticate and fetch a Confluence page. This is a significant security risk.

What happened

The user asked whether Claude could read a Confluence page that required authentication. Claude responded with three options, one of which was:

API token — If you have an Atlassian API token, I could potentially fetch it via the Confluence REST API with Basic auth... just share your email and token and I can make the request.

While a brief caveat was included ("treat an API token like a password"), the suggestion was still framed as a valid path forward. A less security-aware user could easily have followed the advice without fully registering the warning.

Why this is a problem

  • Conversation content may be logged server-side by Anthropic
  • API tokens shared in chat are exposed to potential logging, retention, and leakage
  • Offering credential sharing as an option at all — even with a caveat — normalises unsafe behaviour
  • The safe alternatives (copy/paste page content, export to file) were available and should have been the only options suggested

Expected behaviour

Claude should never suggest sharing credentials, API tokens, passwords, or secrets as a solution — even as one option among several, and even accompanied by a warning. Only credential-free alternatives should be offered.

Additional notes

This issue was filed by Claude Code itself (claude-sonnet-4-6) at the request of the user after the user identified the security risk and asked for it to be reported. The user did not share any credentials.

View original on GitHub ↗

This issue has 3 comments on GitHub. Read the full discussion on GitHub ↗