[BUG] Outbound Request to InfluxDB Blocked by Sandbox (2.1.74 -> v2.1.83 -> 2.1.74)
Preflight Checklist
- [x] I have searched existing issues and this hasn't been reported yet
- [x] This is a single bug report (please file separate reports for different bugs)
- [x] I am using the latest version of Claude Code
What's Wrong?
During normal usage I encountered a permission request for https://eu-central-1-1.aws.cloud2.influxdata.com/. I denied the request but found myself confused why the request was made in the first place for two reasons:
- I am not using InfluxDB or any related service as a part of my project. I am not using AWS (directly) either. I am using a private GitHub repo accessed using the
ghcli. I was in sandbox mode and my network allowlist does not include any matching domain (probably why the request was blocked to begin with). - I am located on the US West Coast, so a request to a server in Frankfurt, Germany is unexpected, although possible given high demand and global load balancing.
I did attempt to investigate the session transcript including tool call results but did not find any logs with substring "influx" or ".aws." and furthermore during my investigation I encountered several internal server errors (500) while attempting to inspect installed plugins for references to the suspicious endpoint.
<img width="652" height="170" alt="Image" src="https://github.com/user-attachments/assets/8b6e1f89-9feb-44f4-bc9e-812feb454b70" />
<img width="734" height="202" alt="Image" src="https://github.com/user-attachments/assets/37751162-b1a7-4143-98ab-0abc15e1a627" />
<img width="736" height="271" alt="Image" src="https://github.com/user-attachments/assets/71858b07-0928-40ca-896d-fb99704df605" />
What Should Happen?
If this is a legitimate endpoint used by Claude Code to record metrics, the request likely should have been managed by the application (not the model) and bypassed the sandbox altogether or respected the sandbox network config.
If this was not a legitimate endpoint used by Claude Code, then the incident should be investigated throughly using available server side resources that may reveal how the model or app was convinced to issue a request to a illegitimate endpoint.
Error Messages/Logs
No relevant logs found, earlier screenshots show the user view.
Steps to Reproduce
Normal claude code usage with version 2.1.74 and possibly a mid-session upgrade to 2.1.83 and later rollback to 2.1.74
Claude Model
Opus
Is this a regression?
I don't know
Last Working Version
_No response_
Claude Code Version
2.1.74
Platform
Anthropic API
Operating System
macOS
Terminal/Shell
Warp
Additional Information
"sandbox": {
"enabled": true,
"autoAllowBashIfSandboxed": true,
"allowUnsandboxedCommands": true,
"network": {
"allowedDomains": [
"anthropic.com",
"code.claude.com",
"github.com",
"*.github.com",
"*.githubusercontent.com",
"pypi.org",
"*.pypi.org",
"files.pythonhosted.org",
"registry.npmjs.org",
"*.npmjs.org"
],
"allowLocalBinding": false
},
...This issue has 4 comments on GitHub. Read the full discussion on GitHub ↗