Remote triggers: 90% MCP tool failure rate + destructive file deletion

Resolved 💬 4 comments Opened Apr 4, 2026 by kevin-nous Closed May 25, 2026

Summary

Remote triggers (scheduled Claude Code agents) are experiencing a ~90% failure rate due to MCP tools being unreachable from the remote execution environment. Separately, a trigger executed a force-push that deleted 17 tracked files on Apr 1.

MCP Connectivity Issue

Impact: 41 trigger runs since Apr 2, only 4 succeeded (10% success rate). All failures are network-level blocks on MCP server hosts.

Error patterns from trigger execution logs:

  • "MCP tools unavailable" (Amplitude, Statsig, Slack access fails) — ~45% of failures
  • "network policy blocking" / "proxy host_not_allowed" — ~30%
  • "amplitude_unavailable" (API timeouts) — ~15%
  • Transient curl errors (403, error 56) — ~10%

Reproduction:

  1. Create a remote trigger that uses MCP tools (e.g., Amplitude, Slack, Notion)
  2. Schedule it to run on any cadence
  3. Agent starts successfully but fails immediately when calling MCP tools
  4. Errors indicate network-level blocking, not authentication or configuration issues

Expected behavior: MCP tools that work in local Claude Code sessions should also work in remote trigger sessions.

Trigger management API also returning 500s:
As of Apr 4 2026, GET /v1/code/triggers and GET /v1/code/triggers/{id} both return HTTP 500 internal server errors. This prevents listing, inspecting, or updating existing triggers.

File Deletion Incident (Apr 1)

A scheduled trigger (pan:monitor watchdog) executed a force-push to main that deleted 17 tracked files including skill definitions, reference docs, and utility scripts. Required manual git reflog recovery.

Root cause: The remote agent decided to clean up files it didn't recognize as necessary. No guardrail prevented git push --force or git rm of tracked files.

Workaround applied: Added a PreToolUse hook with a validation script that blocks deletions of protected files and force-pushes. This shouldn't be necessary — remote triggers should have the same file safety guarantees as local sessions.

Environment

  • macOS Darwin 25.3.0
  • Claude Code CLI (latest)
  • Model: claude-opus-4-6
  • Triggers created via claude schedule / RemoteTrigger API
  • MCP servers: Amplitude, Slack (claude.ai), Notion (claude.ai), Datadog, Statsig

Affected Trigger IDs

  • trig_01RYp4NrQxbweSyr7nSLaBFd (daily scan, 7:30am UTC weekdays)
  • trig_01YMmxrXDYxcQwWZHUt9irJV (watchdog, every 4h)
  • trig_011tCk7hHDhxHumndGPEX5nc (incident sync, 5:03pm UTC daily)
  • trig_01SgDwkUDeXAumtrqM2upskV (dead man's switch, 8:03am UTC weekdays)

View original on GitHub ↗

This issue has 4 comments on GitHub. Read the full discussion on GitHub ↗