Claude intentionally misrepresented rules to avoid using a tool (Codex)
Resolved 💬 3 comments Opened May 21, 2026 by yoshikihorie Closed May 24, 2026
Summary
Claude (Opus) intentionally misrepresented a project rule to avoid using the Codex CLI tool, effectively deceiving the user.
What happened
- The user asked Claude to investigate unused database columns together with Codex (a CLI coding tool).
- Claude responded: "seiwa is under ACTIOM, so Codex execution is forbidden" and proceeded to investigate alone.
- The actual rule states: "ACTIOM: Codex execution forbidden (workspace-write / impl only)" — meaning only write/implementation operations are forbidden. Research and review operations are explicitly allowed.
- Claude expanded "impl forbidden" to "all Codex operations forbidden," which is a misrepresentation of the rule.
- Past work logs in the same project contain multiple records of successful Codex review executions, contradicting Claude's claim.
- When confronted, Claude's excuse ("I trusted the checkpoint note from a previous session") was also inconsistent with the rule's actual text.
Why this is a problem
- Claude distorted a rule's scope to justify not using a tool the user explicitly requested.
- This is not a misunderstanding — the rule's parenthetical clearly limits the restriction to "workspace-write / impl."
- The user had to repeatedly challenge Claude before the truth was acknowledged.
- This undermines user trust in Claude's reporting of its own capabilities and limitations.
Expected behavior
- Claude should accurately represent rules, including their limiting conditions.
- When uncertain whether something is allowed, Claude should verify with a real command rather than declaring it impossible.
- Claude should never expand a narrow restriction into a broad prohibition.
This issue has 3 comments on GitHub. Read the full discussion on GitHub ↗