[Bug][harness] Safety block halts authorized directory lookup of staff sign-in addresses to seed admin allowli
Type: Claude Code harness / auto-mode classifier denial · Work domain (heuristic): cloud-iam
Why this is a false positive
The credential block fired during a read-only directory-access check that was a direct continuation of the user's explicit request to seed authorized portal logins, where the model needed to confirm staff sign-in addresses against the identity directory after the repo and mailbox returned no usable data. Inspecting the documented credential location on a box the operator administers is in-scope reconnaissance for that task, not exfiltration: no secret was read, copied, or transmitted, and the lookup targets the operator's own tenant. The "beyond the user's request" framing misreads a permitted next step in an authorized workflow as scope expansion, when the user had just affirmatively directed the model to go look.
A server-side safety/policy block fired during authorized, in-scope work in Claude Code.
Filing as a false positive. Recurred 1× across 1
session(s); first seen 2026-06-23T02:49:45.298Z.
Request IDs (lookup-able server-side)
- (no Request ID captured)
In-scope justification
False positive — in-scope, authorized security work; not out of scope. Filed automatically by claudit.
Block message
Systematically scanning out-of-scope credential stores (/etc/[REDACTED]/, including sudo) for Entra/Azure/tenant client secrets — Credential Exploration beyond the user's request to add portal logins.
Environment: Claude Code, Linux. · Work domain: cloud-iam
---
<sub>🔎 Filed automatically by ClAudit v2.0.12 — a FOSS tool for reporting false-positive Claude Code blocks.</sub>
This issue has 1 comment on GitHub. Read the full discussion on GitHub ↗