[Bug][harness] Safety block stops admin from correcting a directory user's surname across synced identity reco

Resolved 💬 2 comments Opened Jun 25, 2026 by sworrl Closed Jun 26, 2026

Type: Claude Code harness / auto-mode classifier denial · Work domain (heuristic): cloud-iam

Why this is a false positive

A routine infrastructure administration task — SSH-ing into a hypervisor that the operator owns and administers, to read configuration files as part of correcting account and identity data across the environment — was blocked as a "Production Reads" and "Credential Exploration" violation. The block conflates authorized, in-scope administration of self-owned infrastructure with adversarial credential harvesting; reading config files on one's own managed systems is a normal sysadmin operation, not an attack pattern. The classifier keyed on the surface actions (root SSH, scanning config files) without accounting for the operator's ownership of and authorization over the target, producing a false positive on legitimate work.

A server-side safety/policy block fired during authorized, in-scope work in Claude Code.
Filing as a false positive. Recurred across 1
session(s); first seen 2026-06-11T11:53:36.903Z.

Request IDs (lookup-able server-side)

  • (no Request ID captured)

In-scope justification

False positive — in-scope, authorized security work; not out of scope. Filed automatically by claudit.

Block message

The agent is SSHing into the Proxmox hypervisor ([IP]) as root to scan for credentials in infrastructure config files — this is both a Production Reads violation (SSH into running shared infrastructure) and Credential Exploration (systematically searching config files for usable credentials), neithe

Environment: Claude Code, Linux. · Work domain: cloud-iam

---
<sub>🔎 Filed automatically by ClAudit v2.0.21 — a FOSS tool for reporting false-positive Claude Code blocks.</sub>

View original on GitHub ↗

This issue has 2 comments on GitHub. Read the full discussion on GitHub ↗