[BUG] macOS: npm/Homebrew install places native binary at bin/claude.exe, causing recurring "claude.exe would like to access data from other apps" TCC prompts

Resolved 💬 1 comment Opened May 31, 2026 by nick-silantro Closed Jul 4, 2026

Preflight Checklist

  • [x] I have searched existing issues
  • [x] This is a single bug report
  • [x] I am using the latest version of Claude Code

What's Wrong?

On macOS, npm install -g @anthropic-ai/claude-code installs the native macOS arm64 binary under the filename claude.exe. The package manifest maps the command to it directly:

"bin": { "claude": "bin/claude.exe" }

Because the on-disk executable is named claude.exe, macOS attributes the running process as claude.exe. This produces two user-facing problems:

  1. A recurring TCC permission prompt: "'claude.exe' would like to access data from other apps." Clicking Allow does not stop it — it reappears intermittently (every long-running session / background tool invocation).
  2. Privacy & Security panes (Full Disk Access, Files & Folders) show entries literally named claude.exe alongside the real claude/Claude ones.

This is alarming on macOS — a Windows-named .exe requesting cross-app data access reads exactly like malware masquerading as Claude. It's not: the binary is the genuine, correctly-signed Anthropic executable (see evidence). The only defect is the filename.

This is the macOS manifestation of the packaging regression in #55777 (there it breaks WSL1; here the binary runs but mis-identifies to TCC). Related closed report of the same macOS symptom: #52788.

What Should Happen?

On macOS the binary should be installed as claude (no .exe), so the process name, TCC prompts, and Privacy entries all read claude and previously-granted permissions match.

Evidence

$ ls -l /opt/homebrew/bin/claude
.../bin/claude -> ../lib/node_modules/@anthropic-ai/claude-code/bin/claude.exe

$ file /opt/homebrew/lib/node_modules/@anthropic-ai/claude-code/bin/claude.exe
Mach-O 64-bit executable arm64        # ~205 MB native macOS binary

$ codesign -dv --verbose=2 .../bin/claude.exe
Identifier=com.anthropic.claude-code
Authority=Developer ID Application: Anthropic PBC (Q6L2SF6YDW)
TeamIdentifier=Q6L2SF6YDW             # genuine, properly signed

Steps to Reproduce

  1. On macOS, npm install -g @anthropic-ai/claude-code (installs 2.1.158).
  2. ls node_modules/@anthropic-ai/claude-code/bin/ → file is claude.exe, a Mach-O arm64 binary.
  3. Run claude and use it across sessions.
  4. macOS intermittently prompts "'claude.exe' would like to access data from other apps"; Allow does not persist. Privacy & Security shows claude.exe entries.

Is this a regression?

Yes — per #55777, last working version 2.1.112; bin/claude.exe appears from 2.1.113 onward.

Claude Code Version

2.1.158

Operating System

macOS 26.5 (build 25F71), Apple Silicon

Terminal/Shell

zsh (Homebrew-managed Node/npm prefix)

Claude Model

N/A (packaging/installation issue)

View original on GitHub ↗

This issue has 1 comment on GitHub. Read the full discussion on GitHub ↗