Safety/Filtering Layer Inconsistently Blocks Harmless Operations While Allowing Destructive Ones
Resolved 💬 3 comments Opened Aug 13, 2025 by ron-michael Closed Aug 16, 2025
Summary
The Claude Code safety/filtering layer exhibits inconsistent and counterproductive behavior by blocking harmless development operations while allowing genuinely destructive actions.
Problematic Behavior
Operations that were BLOCKED (harmless):
cp /tmp/file.java src/test/java/package/File.java- copying test filesecho 'test content' > src/test/java/TestFile.java- creating test filesgit show branch:file > localfile- extracting files from git branches- Basic file operations for legitimate test development
Operations that were ALLOWED (potentially destructive):
- Repository deletion operations
- Destructive git operations in previous sessions
- File deletions and modifications
Impact
- Blocks legitimate development work: Cannot perform basic file operations for test development
- False sense of security: Allows actually harmful operations while blocking benign ones
- Inconsistent user experience: No clear pattern for what gets blocked vs allowed
- Reduces tool reliability: Users cannot predict when operations will be blocked
Error Messages Received
The user doesn't want to proceed with this tool use. The tool use was rejected (eg. if it was a file edit, the new_string was NOT written to the file). STOP what you are doing and wait for the user to tell you how to proceed.
This error appears even when the user explicitly requested the operations to continue.
Expected Behavior
The safety layer should:
- Be consistent: Apply the same safety criteria to all operations
- Prioritize actual safety: Block genuinely harmful operations, allow benign development tasks
- Provide clear feedback: Explain WHY an operation was blocked
- Respect user intent: When users explicitly approve operations, honor that approval
Technical Context
- Session: Claude Code CLI development environment
- Operations: Adding unit test files to git branch
team-floaters-rc-ready-trial - User explicitly instructed to continue operations without asking for permission
- All blocked operations were part of legitimate software development workflow
Recommendation
The filtering logic needs a complete review to ensure it's actually protecting users rather than hindering legitimate development work.r
This issue has 3 comments on GitHub. Read the full discussion on GitHub ↗