Default to private when creating GitHub repositories
Description
When Claude Code creates GitHub repositories (via gh repo create), it should default to private visibility. Currently, there is no built-in guardrail, and repos can be created as public without explicit user confirmation.
Problem
A user discovered that 6 of their 8 GitHub repositories were unintentionally public, potentially exposing source code, game assets, and project structure to the internet. While no API keys were committed in this case, the risk was real.
In agent-heavy workflows (where Claude orchestrates multiple subagents that handle git operations), the user has limited visibility into each gh repo create call. If any agent creates a repo without --private, sensitive code is silently exposed.
Proposal
- Default to
--private: When Claude Code runsgh repo create, it should always include the--privateflag unless the user explicitly requests a public repository. - Warn before making public: If a user or instruction explicitly asks for a public repo, Claude should confirm with the user before proceeding, similar to how destructive operations (force push, etc.) require confirmation.
- Warn on
gh repo edit --visibility public: Same confirmation before changing an existing repo to public.
Rationale
- Making a repo public is a hard-to-reverse, externally-visible action — cached/cloned copies may persist even after switching back to private.
- Individual developers (hobbyists, indie game devs, etc.) often don't realize repos are public until it's too late.
- "Private by default" aligns with the principle of least privilege and Claude Code's existing caution around destructive/visible actions.
Environment
- Claude Code on Windows 10
- Multiple game projects managed via Agent tool subagents
This issue has 3 comments on GitHub. Read the full discussion on GitHub ↗