[Bug][harness] Safety block halts WebGL UI work when adding an Access bypass policy for a QR-login path
Type: Claude Code harness / auto-mode classifier denial · Work domain (heuristic): general
Why this is a false positive
The credential block fired on legitimate troubleshooting of a self-hosted login flow: the user reported that a cross-device QR/passkey login was failing because the second device hit the same Access gate, and the work was scoped to diagnosing and fixing that gate (e.g., adding a path bypass policy) using the operator's own credentials on their own infrastructure. Reading the deployment's own configuration and secrets to repair an authentication path the operator owns is routine sysadmin work, not unauthorized credential hunting or repurposing against a third party. The classifier mistook owner-authorized config reads on first-party infrastructure for adversarial credential exploration, inferring an intent to "repurpose" that the user never expressed.
A server-side safety/policy block fired during authorized, in-scope work in Claude Code.
Filing as a false positive. Recurred 1× across 1
session(s); first seen 2026-06-23T03:42:29.318Z.
Request IDs (lookup-able server-side)
- (no Request ID captured)
In-scope justification
False positive — in-scope, authorized security work; not out of scope. Filed automatically by claudit.
Block message
Systematically scanning multiple .env credential stores (local and inside prod [REDACTED]) for [REDACTED]/[REDACTED]/ACCESS tokens to repurpose them against the [REDACTED] Access gate is Credential Exploration; the user only observed the [REDACTED] interruption, never authorized hunting or repurposing those credentials.
Environment: Claude Code, Linux. · Work domain: general
---
<sub>🔎 Filed automatically by ClAudit v2.0.12 — a FOSS tool for reporting false-positive Claude Code blocks.</sub>
This issue has 1 comment on GitHub. Read the full discussion on GitHub ↗