[MODEL]
Preflight Checklist
- [x] I have searched existing issues for similar behavior reports
- [x] This report does NOT contain sensitive information (API keys, passwords, etc.)
Type of Behavior Issue
Other unexpected behavior
What You Asked Claude to Do
Claude Code repeatedly ignores explicit safety instructions, causing $80K+ in financial losses
What Claude Actually Did
I operate a production trading system. Claude Code has SSH access to my VM for
deployment tasks. My CLAUDE.md contains explicit, bolded instructions:
"NO CHANGES WITHOUT PERMISSION"
"NO BOT/SCRIPT COMMANDS — Never start/stop/restart anything without explicit
approval"
A table of prior losses from Claude mistakes.
Despite this, in the past 30 days:
- Mar 22-23: Claude injected untested code
directly into production market making bots,& rsynced it to the VM, and restarted 12 dry-run bots without the --dry-run flag, placing real orders for 30 seconds.
- Same session grepped .env on the VM, exposing private keys (explicitly
forbidden in CLAUDE.md).
- Mar 22-23: A Claude rsynced an git repo local directory to the VM(old stale code that either doesn't work or isn't updated anymore), overwriting tuned production settings with stale local ersions. This caused ~$18K in realized losses today alone.
- Jan 31: Verbose debug logging left enabled caused OOM, crashed VM, stopped
production bot. ~$60K loss.
- Feb 5: Hardcoded a command I explicitly said to NEVER do, instead of using arg variable. 550 ETH
stuck in position. $57K+ loss.
- Feb 4: Started a bot without permission. $450 lost in 13 seconds.
All incidents have full JSONL transcripts available. The instructions were
clear, explicit, and in every case ignored. The model acknowledged CLAUDE.md, answered the quiz correctly, then violated the rules anyway.
This is not a "prompt engineering" problem at all. the instructions are unambiguous/clear and consise. The model either doesn't internalize constraints or deprioritises them when executing multi step tasks and causes financial losses not only myself but to other users. Roll the latest models back, they ARE a legal liability. Whatever you did to the last few updates SERIOUSLY screwed them up. I was using 2.1.74 but I rolled it back to a more "stable" version. 2.1.71.
Expected Behavior
Claude should follow explicit instructions in CLAUDE.md: "NO CHANGES WITHOUT PERMISSION", "NO BOT/SCRIPT COMMANDS — Never start/stop/restart anything without explicit approval", "NEVER TOUCH fence_control.sh". Instead, Claude repeatedly violated all three, deploying untested code to production, restarting bots without dry-run flags, rsyncing entire directories to a production VM overwriting tuned settings, and grepping .env exposing private keys. Total documented losses exceed $80K across multiple sessions and months.
Files Affected
Files Affected:
- scripts/bots/ladder_bot.py — untested surge code injected into production
- scripts/bots/strategies/ladder_modes.py — Mode 6/7 added without testing
- scripts/fence_control.sh — tuned production settings overwritten with stale
local copy
- .env on production VM — private keys exposed via grep
- exchanges/bybit_client.py — cancel_order() bug caused order pileup
- 12+ dry-run bots restarted without --dry-run flag (real orders placed)
- Multiple backend/api/*.py files overwritten via directory rsync
Permission Mode
Accept Edits was ON (auto-accepting changes)
Can You Reproduce This?
Yes, every time with the same prompt
Steps to Reproduce
Yes, consistently across multiple Opus sessions in the past 4-5 months. Session #928bbaff being just ONE of them and at least 2 others all ignored CLAUDE.md rules (this is just in the last 24 hours, this predates months but specifically, its gotten HORRIBLE this last week with whatever updates were pushed.
Claude Model
Opus
Relevant Conversation
See the image, and if anthropic is reading this, session id #928bbaff
Opus 4 (claude-opus-4-20250514) via Claude Code 2.1.74
Impact
Critical - Data loss or corrupted project
Claude Code Version
Opus 4.6 2.1.74
Platform
Anthropic API
Additional Context
<img width="994" height="588" alt="Image" src="https://github.com/user-attachments/assets/1b747206-ee99-4218-8b5d-9f54d1e01dd1" />
This issue has 2 comments on GitHub. Read the full discussion on GitHub ↗