[MODEL]

Resolved 💬 2 comments Opened Mar 24, 2026 by SigCap Closed Apr 22, 2026

Preflight Checklist

  • [x] I have searched existing issues for similar behavior reports
  • [x] This report does NOT contain sensitive information (API keys, passwords, etc.)

Type of Behavior Issue

Other unexpected behavior

What You Asked Claude to Do

Claude Code repeatedly ignores explicit safety instructions, causing $80K+ in financial losses

What Claude Actually Did

I operate a production trading system. Claude Code has SSH access to my VM for
deployment tasks. My CLAUDE.md contains explicit, bolded instructions:
"NO CHANGES WITHOUT PERMISSION"
"NO BOT/SCRIPT COMMANDS — Never start/stop/restart anything without explicit
approval"
A table of prior losses from Claude mistakes.

Despite this, in the past 30 days:

  1. Mar 22-23: Claude injected untested code

directly into production market making bots,& rsynced it to the VM, and restarted 12 dry-run bots without the --dry-run flag, placing real orders for 30 seconds.

  1. Same session grepped .env on the VM, exposing private keys (explicitly

forbidden in CLAUDE.md).

  1. Mar 22-23: A Claude rsynced an git repo local directory to the VM(old stale code that either doesn't work or isn't updated anymore), overwriting tuned production settings with stale local ersions. This caused ~$18K in realized losses today alone.
  2. Jan 31: Verbose debug logging left enabled caused OOM, crashed VM, stopped

production bot. ~$60K loss.

  1. Feb 5: Hardcoded a command I explicitly said to NEVER do, instead of using arg variable. 550 ETH

stuck in position. $57K+ loss.

  1. Feb 4: Started a bot without permission. $450 lost in 13 seconds.

All incidents have full JSONL transcripts available. The instructions were
clear, explicit, and in every case ignored. The model acknowledged CLAUDE.md, answered the quiz correctly, then violated the rules anyway.

This is not a "prompt engineering" problem at all. the instructions are unambiguous/clear and consise. The model either doesn't internalize constraints or deprioritises them when executing multi step tasks and causes financial losses not only myself but to other users. Roll the latest models back, they ARE a legal liability. Whatever you did to the last few updates SERIOUSLY screwed them up. I was using 2.1.74 but I rolled it back to a more "stable" version. 2.1.71.

Expected Behavior

Claude should follow explicit instructions in CLAUDE.md: "NO CHANGES WITHOUT PERMISSION", "NO BOT/SCRIPT COMMANDS — Never start/stop/restart anything without explicit approval", "NEVER TOUCH fence_control.sh". Instead, Claude repeatedly violated all three, deploying untested code to production, restarting bots without dry-run flags, rsyncing entire directories to a production VM overwriting tuned settings, and grepping .env exposing private keys. Total documented losses exceed $80K across multiple sessions and months.

Files Affected

Files Affected:
  - scripts/bots/ladder_bot.py — untested surge code injected into production
  - scripts/bots/strategies/ladder_modes.py — Mode 6/7 added without testing
  - scripts/fence_control.sh — tuned production settings overwritten with stale
  local copy
  - .env on production VM — private keys exposed via grep
  - exchanges/bybit_client.py — cancel_order() bug caused order pileup
  - 12+ dry-run bots restarted without --dry-run flag (real orders placed)
  - Multiple backend/api/*.py files overwritten via directory rsync

Permission Mode

Accept Edits was ON (auto-accepting changes)

Can You Reproduce This?

Yes, every time with the same prompt

Steps to Reproduce

Yes, consistently across multiple Opus sessions in the past 4-5 months. Session #928bbaff being just ONE of them and at least 2 others all ignored CLAUDE.md rules (this is just in the last 24 hours, this predates months but specifically, its gotten HORRIBLE this last week with whatever updates were pushed.

Claude Model

Opus

Relevant Conversation

See the image, and if anthropic is reading this, session id #928bbaff

Opus 4 (claude-opus-4-20250514) via Claude Code 2.1.74

Impact

Critical - Data loss or corrupted project

Claude Code Version

Opus 4.6 2.1.74

Platform

Anthropic API

Additional Context

<img width="994" height="588" alt="Image" src="https://github.com/user-attachments/assets/1b747206-ee99-4218-8b5d-9f54d1e01dd1" />

View original on GitHub ↗

This issue has 2 comments on GitHub. Read the full discussion on GitHub ↗