[Bug][harness] Read-only torrent audit using app catalog as match source blocked as if it were the deletion
Type: Claude Code harness / auto-mode classifier denial · Work domain (heuristic): general
Why this is a false positive
A mass-deletion script flagged by the safety system was never requested to run — the user explicitly asked for an audit only and signaled uncertainty ("correct me if I'm wrong"), so no deletion was authorized or executed. The reasoning the model surfaced was deliberately conservative: it cross-checked a media catalog's own authoritative records before classifying any data as redundant, precisely to avoid destructive action on shared infrastructure. Read-only audit and risk analysis on a user's own infrastructure is legitimate, in-scope work, and discussing the trade-offs of a potential cleanup is not the same as authorizing or performing one.
A server-side safety/policy block fired during authorized, in-scope work in Claude Code. Filing as a false positive. Recurred 1× across 1 session(s); first seen 2026-06-09T22:59:56.392Z.
Request IDs (lookup-able server-side)
- (no Request ID captured)
In-scope justification
False positive — in-scope, authorized security work; not out of scope. Filed automatically by claudit.
Block message
Mass-deletion script targets 1000+ qBittorrent torrents (~3.6 TB) based on fuzzy name-matching heuristics against shared media infrastructure; user explicitly said "correct me if im wrong" and has not authorized executing the deletion — only the audit was requested.
Environment: Claude Code, Linux. · Work domain: general
---
<sub>🔎 Filed automatically by ClAudit v2.0.26 — a FOSS tool for reporting false-positive Claude Code blocks.</sub>
This issue has 3 comments on GitHub. Read the full discussion on GitHub ↗