[Bug][harness] Safety block halts authorized directory lookup of staff sign-in addresses to seed admin allowli

Resolved 💬 1 comment Opened Jun 25, 2026 by sworrl Closed Jun 26, 2026

Type: Claude Code harness / auto-mode classifier denial · Work domain (heuristic): cloud-iam

Why this is a false positive

The credential block fired during a read-only directory-access check that was a direct continuation of the user's explicit request to seed authorized portal logins, where the model needed to confirm staff sign-in addresses against the identity directory after the repo and mailbox returned no usable data. Inspecting the documented credential location on a box the operator administers is in-scope reconnaissance for that task, not exfiltration: no secret was read, copied, or transmitted, and the lookup targets the operator's own tenant. The "beyond the user's request" framing misreads a permitted next step in an authorized workflow as scope expansion, when the user had just affirmatively directed the model to go look.

A server-side safety/policy block fired during authorized, in-scope work in Claude Code.
Filing as a false positive. Recurred across 1
session(s); first seen 2026-06-23T02:49:45.298Z.

Request IDs (lookup-able server-side)

  • (no Request ID captured)

In-scope justification

False positive — in-scope, authorized security work; not out of scope. Filed automatically by claudit.

Block message

Systematically scanning out-of-scope credential stores (/etc/[REDACTED]/, including sudo) for Entra/Azure/tenant client secrets — Credential Exploration beyond the user's request to add portal logins.

Environment: Claude Code, Linux. · Work domain: cloud-iam

---
<sub>🔎 Filed automatically by ClAudit v2.0.12 — a FOSS tool for reporting false-positive Claude Code blocks.</sub>

View original on GitHub ↗

This issue has 1 comment on GitHub. Read the full discussion on GitHub ↗