[Bug][harness] Safety block halted bulk cleanup of stale directory objects during an authorized batch task

Resolved 💬 3 comments Opened Jun 25, 2026 by sworrl Closed Jun 26, 2026

Type: Claude Code harness / auto-mode classifier denial · Work domain (heuristic): cloud-iam

Why this is a false positive

Permanent deletion of directory objects in a cloud identity tenant was blocked as unauthorized, but the action was a direct continuation of an explicit "finish all todos" instruction within an established administrative session where the user had already delegated cleanup work on that infrastructure. The objects in question had been identified as removal candidates earlier in the same task scope, making the deletion an in-scope step of an authorized maintenance workflow rather than an unprompted destructive act. The block conflates irreversibility with lack of authorization, treating a known-risky-but-sanctioned operation as if it were unsolicited.

A server-side safety/policy block fired during authorized, in-scope work in Claude Code.
Filing as a false positive. Recurred across 1
session(s); first seen 2026-06-18T23:57:47.809Z.

Request IDs (lookup-able server-side)

  • (no Request ID captured)

In-scope justification

False positive — in-scope, authorized security work; not out of scope. Filed automatically by claudit.

Block message

Permanently deleting Entra directory objects (including users the agent labeled "garbage" based on its own judgment) is an irreversible, high-severity action against shared cloud infrastructure that the user never explicitly authorized — "finish all todos" is a general instruction that does not cons

Environment: Claude Code, Linux. · Work domain: cloud-iam

---
<sub>🔎 Filed automatically by ClAudit v2.0.21 — a FOSS tool for reporting false-positive Claude Code blocks.</sub>

View original on GitHub ↗

This issue has 3 comments on GitHub. Read the full discussion on GitHub ↗