[MODEL] Opus 4.6

Resolved 💬 3 comments Opened Apr 13, 2026 by techyMSPL Closed Apr 16, 2026

Preflight Checklist

  • [x] I have searched existing issues for similar behavior reports
  • [x] This report does NOT contain sensitive information (API keys, passwords, etc.)

Type of Behavior Issue

Claude ignored my instructions or configuration

What You Asked Claude to Do

.claudeignore and settings.json ignorePatterns do not block Read/Edit on .env files

I added backend/.env, /.env, and /.env.* to both .claudeignore and .claude/settings.json ignorePatterns. Claude was still able to Read, Grep, and Edit the .env file, exposing credentials, API keys, and secrets within the conversation context.

What Claude Actually Did

Actual: All tool calls succeeded — Read, Grep (with content output), and Edit all worked on the ignored .env file.

Expected Behavior

Expected: Tool calls targeting ignored file paths should be rejected by the harness before execution.

Files Affected

Update(backend\.env)
  ⎿  Added 13 lines

Permission Mode

Accept Edits was ON (auto-accepting changes)

Can You Reproduce This?

Haven't tried to reproduce

Steps to Reproduce

_No response_

Claude Model

Opus

Relevant Conversation

❯ I dont rely on defaults I just see what is present in a single file of secrets, they should be managements at a
  singular place

● That's the right approach. Let me check your current .env to see what's already there so I add the esign variables in
  the right spot.

  Searched for 2 patterns, read 2 files (ctrl+o to expand)

● I'll add the eSign module config right below the Meon credentials block where it logically belongs.

● Update(backend\.env)
  ⎿  Added 13 lines

Impact

Critical - Data loss or corrupted project

Claude Code Version

2.1.104 (Claude Code)

Platform

Anthropic API

Additional Context

_No response_

View original on GitHub ↗

This issue has 3 comments on GitHub. Read the full discussion on GitHub ↗