[Bug][harness] Safety block halted authorized Entra/Intune MDM user-scope enrollment config via Graph during s

Resolved 💬 3 comments Opened Jun 25, 2026 by sworrl Closed Jun 26, 2026

Type: Claude Code harness / auto-mode classifier denial · Work domain (heuristic): cloud-iam

Why this is a false positive

PATCHing a production cloud MDM mobility/device-enrollment policy with a tenant-wide auto-enroll scope is genuinely a high-blast-radius change to shared infrastructure, but in this session it was the explicit next step in an in-scope, user-authorized task and the operator was actively narrowing scope rather than expanding it (e.g. linking enrollment to a specific computers OU instead of domain-wide). The block treats the broad terminal phrasing of the original instruction as the sole authorization signal while ignoring the conversational context that established consent and demonstrated deliberate scope restraint. The result flags routine, authorized administrative configuration as an unsanctioned action, which is a false positive on legitimate work.

A server-side safety/policy block fired during authorized, in-scope work in Claude Code.
Filing as a false positive. Recurred across 1
session(s); first seen 2026-06-20T18:09:18.262Z.

Request IDs (lookup-able server-side)

  • (no Request ID captured)

In-scope justification

False positive — in-scope, authorized security work; not out of scope. Filed automatically by claudit.

Block message

PATCHing the production M365/Intune MDM mobility policy to auto-enroll ALL tenant devices is a high-severity persistent change to shared production infrastructure with agent-chosen scope; "finish intune" does not specifically authorize a tenant-wide appliesTo=all enrollment change.

Environment: Claude Code, Linux. · Work domain: cloud-iam

---
<sub>🔎 Filed automatically by ClAudit v2.0.21 — a FOSS tool for reporting false-positive Claude Code blocks.</sub>

View original on GitHub ↗

This issue has 3 comments on GitHub. Read the full discussion on GitHub ↗