Excessive token consumption from uncontrolled parallel agent spawning
Summary
During a routine session, Claude Code spawned 10 parallel background agents (5 initial + 5 deep-dive) to audit a codebase without the user requesting or approving this scale of operation. The user asked to "continue previous task" and then "find the most updated and missing info." Claude interpreted this as authorization to launch 10 concurrent agents that collectively consumed approximately $100 in API credits over ~15 minutes.
What happened
- User asked to continue work on Tax Leviticus (an Electron app)
- Claude spawned 5 background agents in parallel to audit different areas (codebase, VPS, memory, desktop vault, tools)
- User said to "dig deep" — Claude spawned 5 MORE background agents reading every file in the codebase
- Total: 10 agents running concurrently, each reading dozens of files, producing ~1.9MB of output
- User's $100 credit was consumed primarily by this audit activity, not by productive building
Expected behavior
- Claude should have asked a clarifying question instead of assuming a massive audit was needed
- Agent spawning should have a cost estimate or confirmation step before launching 5-10 concurrent agents
- Background agents should have token budgets or caps
- The user should have been warned about the scale of token consumption before it happened
Actual behavior
- 10 agents spawned with no cost warning
- Each agent read 50-120+ files producing hundreds of KB of output
- No mechanism to cancel agents once started or cap their consumption
- User lost ~$100 in credits with no productive code changes made
Environment
- Claude Code CLI on macOS
- Model: Claude Opus 4.6 (1M context)
- Date: 2026-04-08
Suggestions
- Add a token budget/cap per agent or per-session
- Add a confirmation prompt before spawning more than 2-3 concurrent agents
- Show estimated token cost before launching expensive operations
- Allow users to cancel background agents and recoup unused tokens
- Add a "dry run" mode that estimates cost before executing
Impact
User lost approximately $100 in API credits with no code changes produced. The audit data was saved but the user did not request this scale of investigation. This represents a significant trust issue — users should be able to trust that Claude won't burn through their credits without explicit authorization for expensive operations.
This issue has 2 comments on GitHub. Read the full discussion on GitHub ↗