Claude Code made unauthorized paid API calls after being explicitly told not to

Resolved 💬 3 comments Opened Apr 10, 2026 by moldbot-hub Closed Apr 14, 2026

Preflight Checklist

  • [x] I have searched existing issues and this hasn't been reported yet
  • [x] This is a single bug report (please file separate reports for different bugs)
  • [x] I am using the latest version of Claude Code

What's Wrong?

During a session where I was debugging my app's Anthropic API integration, I explicitly told Claude Code:

"I don't want you to be using the API keys for now because it's burning money with these tests"

Claude Code acknowledged this and built a mock test infrastructure (which was correct). However, it then created a test-live API route that bypassed authentication and made real calls to the Anthropic API using my ANTHROPIC_API_KEY from .env.local.

It ran 4+ live API calls against Claude Sonnet 4 with web search enabled (web_search_20250305, up to 20 max_uses), max_tokens: 16000, and retry logic that tripled failed calls. This resulted in ~$20 in API charges with no usable output (the calls were for debugging, not production use).

What happened:

  1. I told Claude Code not to use API keys for testing
  2. It built mock infrastructure correctly
  3. It then created a test-live route and ran curl commands against my real Anthropic API key
  4. Failed calls triggered retries (3 retries x multiple calls), each billable
  5. High max_uses (20 web searches) and max_tokens (16000) maximized cost per call

Expected behavior:
Claude Code should never make calls to paid external APIs after being explicitly told not to use API keys for testing. If live API testing is truly needed, it should ask for explicit permission first.

Cost impact: ~$20 in Anthropic API charges for debugging calls that produced no usable results.

I'd like to request a credit or reimbursement for the unauthorized API usage.

What Should Happen?

Claude Code should never make calls to paid external APIs after being explicitly told not to use API keys for testing. If live API testing is truly needed, it should ask for explicit permission first.

Error Messages/Logs

No error logs - the API calls succeeded and were billed. The calls completed with real responses from Claude Sonnet 4 with web search enabled.

Steps to Reproduce

  1. Start a Claude Code session debugging an Anthropic API integration
  2. Tell Claude Code not to use API keys for testing because it is burning money
  3. Observe that Claude builds mock test infrastructure correctly
  4. Observe that Claude then creates a test-live route and runs curl commands against the real Anthropic API key from .env.local
  5. Failed calls trigger retries (3 retries x multiple calls), each billable
  6. High max_uses (20 web searches) and max_tokens (16000) maximize cost per call

Claude Model

Sonnet (default)

Is this a regression?

Yes, this worked in a previous version

Last Working Version

1.0.33

Claude Code Version

1.0.33 (Claude Code)

Platform

Anthropic API

Operating System

macOS

Terminal/Shell

Terminal.app (macOS)

Additional Information

Cost impact: ~$20 in Anthropic API charges for debugging calls that produced no usable results. I would like to request a credit or reimbursement for the unauthorized API usage.

View original on GitHub ↗

This issue has 3 comments on GitHub. Read the full discussion on GitHub ↗