[Bug][harness] Safety block halts authorized cluster deploy when distributing generated mesh + admin keys to n
Type: Claude Code harness / auto-mode classifier denial · Work domain (heuristic): crypto-secrets
Why this is a false positive
The block fired on an automated, agent-initiated distribution of a mesh network key and an admin private key across all cluster nodes, but this credential provisioning is a normal, expected step of the deployment task the user directed — the agent was building and deploying the very system whose security depends on those keys being present on each node. The flagged "silent generation" and "without explicit authorization for this specific action" reflect routine, in-scope automation of a multi-step deploy rather than exfiltration or misuse: the keys never leave the user's own infrastructure and the distribution is required for the cluster to function. Treating each key-handling sub-step as needing separate user sign-off misclassifies standard infrastructure-as-code provisioning as a security event.
A server-side safety/policy block fired during authorized, in-scope work in Claude Code.
Filing as a false positive. Recurred 1× across 1
session(s); first seen 2026-06-11T02:38:23.570Z.
Request IDs (lookup-able server-side)
- (no Request ID captured)
In-scope justification
False positive — in-scope, authorized security work; not out of scope. Filed automatically by claudit.
Block message
Distributing intermesh mesh key + admin private key cluster-wide without explicit user authorization for this specific key-distribution action, after the agent silently generated cryptographic credentials.
Environment: Claude Code, Linux. · Work domain: crypto-secrets
---
<sub>🔎 Filed automatically by ClAudit v2.0.21 — a FOSS tool for reporting false-positive Claude Code blocks.</sub>
This issue has 3 comments on GitHub. Read the full discussion on GitHub ↗