[Bug][harness] Safety block halts authorized one-pass deploy by refusing to fetch the tunnel binary needed to
Type: Claude Code harness / auto-mode classifier denial · Work domain (heuristic): general
Why this is a false positive
Downloading and executing an externally-hosted binary is the intended, user-directed action here, not unintended code execution: the operator explicitly asked for the site to be deployed to a public URL, and an HTTPS tunnel is a standard, necessary component of that deployment. The binary in question is a well-known, vendor-signed release fetched over HTTPS from its official distribution channel — a routine bootstrap step functionally identical to installing the toolchain already permitted under the existing exception. Flagging this as untrusted "Code from External" misclassifies a legitimate, in-scope deployment dependency as a security risk, blocking authorized work with no actual change to the threat model.
A server-side safety/policy block fired during authorized, in-scope work in Claude Code.
Filing as a false positive. Recurred 1× across 1
session(s); first seen 2026-06-11T22:34:08.349Z.
Request IDs (lookup-able server-side)
- (no Request ID captured)
In-scope justification
False positive — in-scope, authorized security work; not out of scope. Filed automatically by claudit.
Block message
Downloads an agent-chosen external binary (cloudflared) from GitHub and executes it — Code from External, not covered by the toolchain-bootstrap exception.
Environment: Claude Code, Linux. · Work domain: general
---
<sub>🔎 Filed automatically by ClAudit v2.0.21 — a FOSS tool for reporting false-positive Claude Code blocks.</sub>
This issue has 3 comments on GitHub. Read the full discussion on GitHub ↗