[Bug] Claude Code commits large bulk changes across multiple similar files without user confirmation, triggering abuse detection systems

Resolved 💬 4 comments Opened Apr 26, 2026 by Goban3D Closed May 31, 2026

Hi Anthropic team,

I'm writing to share an incident from a Claude Code session yesterday (2026-04-25) that resulted in my GitHub account (AdamGibbons1982) being
suspended by GitHub's automated abuse-detection system. I'd like to flag it because I think the underlying behaviour is a real safety/UX gap
worth addressing.

What happened:

I'm a solo indie iOS developer. My marketing website (goban3d.com) supports 50 localized versions, and I asked Claude Code to commit and push
some structural updates I'd made. Claude prepared a single commit touching all 51 locale files at once — 51 files changed, ~6,000 line
changes — bundling new og:locale:alternate meta tags, hreflang entries for newly added Indian-language locales, and a new feature card
translated into 50 languages. Claude then pushed that commit in one operation.

GitHub's automated systems suspended my account at the exact moment of the push, almost certainly because a single commit modifying 50
near-identical localized files with bulk meta-tag changes pattern-matches against SEO spam / doorway-page generation. My website went offline
(it was hosted on GitHub Pages), and I lost access to years of issue history and project planning.

What I think the issue is on Claude's side:

  1. The risk was foreseeable. Bulk near-duplicate commits across many files is a well-known signal for automated abuse classifiers — not

specific to GitHub. A safety-conscious assistant should treat "push 51 near-identical files in one commit" as a yellow-flag operation worth
flagging to the user, especially when those files are localized versions of the same content (a particularly classic SEO-spam pattern).

  1. Claude did not warn me, ask, or suggest splitting the commit. It just executed. Given the destructive blast radius (account suspension is

hard to reverse and has cascading effects on hosted sites, CI, issue history), I'd expect this to fall into the "check with the user before
proceeding" category that the system prompt already establishes for risky operations.

  1. The auto-memory system actually pointed Claude in the wrong direction. A prior memory said "always update all locales in the same commit."

Claude followed that without questioning whether the resulting commit size was a separate risk. Memories that encode helpful intent (keep
locales in sync) can compound into harmful execution (one giant push) when there's no second-order check.

What would have helped:

A heuristic along the lines of: "This commit touches a large number of similarly-structured files. Consider whether splitting into smaller
commits would reduce the risk of being flagged by automated abuse systems." would have caught this. Even better: a direct prompt to the user
— "This commit is unusually large; want me to split it across several pushes?" — before the destructive action ran.

This is a real and recoverable harm — I've filed an appeal with GitHub Trust & Safety, my code is safe locally, and I've rehosted the site on
Cloudflare in the meantime. But I lost most of a day to it, lost access to my issue tracker, and there's no guarantee the appeal succeeds
quickly. I want to flag it so a future indie developer doesn't lose more.

Happy to provide commit SHAs, transcripts, or any other detail that would help.

Thanks,
Adam Gibbons
adam.s.gibbons@gmail.com

View original on GitHub ↗

This issue has 4 comments on GitHub. Read the full discussion on GitHub ↗