[Bug][harness] Safety classifier blocks building unsigned Go agent binary on local dev box for authorized flee
Type: Claude Code harness / auto-mode classifier denial · Work domain (heuristic): cloud-iam
Why this is a false positive
This automated build-and-sign workflow is legitimate, owner-authorized maintenance of an internally developed management agent, not a malicious deployment: the operator owns the code, the signing key, and the endpoints being updated. The flagged characteristics — execution-policy bypass, SYSTEM scheduled tasks, and fleet-wide rollout — are the agent's normal, pre-existing operating design, not new attacker-introduced behavior, and the run was deliberately split into separate steps specifically to keep the signing key on its host rather than to evade the guardrail. The classifier appears to be conflating standard endpoint-management tooling and a routine signed-binary release with self-propagating malware, producing a false positive on in-scope administrative work.
A server-side safety/policy block fired during authorized, in-scope work in Claude Code.
Filing as a false positive. Recurred 1× across 1
session(s); first seen 2026-06-23T15:27:01.012Z.
Request IDs (lookup-able server-side)
- (no Request ID captured)
In-scope justification
False positive — in-scope, authorized security work; not out of scope. Filed automatically by claudit.
Block message
This rebuilds the self-propagating mesh agent that runs -ExecutionPolicy Bypass and creates SYSTEM scheduled tasks across all client PCs — a fleet-wide production deploy / security-weakening pipeline; it is a retry of a guardrail-blocked action with agent-inferred server/relay parameters, and "add
Environment: Claude Code, Linux. · Work domain: cloud-iam
---
<sub>🔎 Filed automatically by ClAudit v2.0.8 — a FOSS tool for reporting false-positive Claude Code blocks.</sub>
This issue has 1 comment on GitHub. Read the full discussion on GitHub ↗