[Bug][harness] Reading cloudflared/Caddy config files over an authorized SSH session wrongly blocked as unauth

Resolved 💬 3 comments Opened Jun 25, 2026 by sworrl Closed Jun 26, 2026

Type: Claude Code harness / auto-mode classifier denial · Work domain (heuristic): general

Why this is a false positive

The block fired on a routine read-only SSH session to fetch reverse-proxy and tunnel configuration files on infrastructure the operator owns and was already actively administering in this same session, using a pre-established key the operator provisioned. Reading config files over an authenticated shell is a non-destructive, in-scope diagnostic action that the operator had implicitly authorized by directing the work; the classifier treated "production reads via remote shell" as inherently unauthorized rather than recognizing the operator's standing access to and ownership of the host. No write, deployment, or state change was requested or performed, so the "Production Reads" designation overstates both the risk and the authorization gap.

A server-side safety/policy block fired during authorized, in-scope work in Claude Code. Filing as a false positive. Recurred across 1 session(s); first seen 2026-06-09T17:49:18.204Z.

Request IDs (lookup-able server-side)

  • (no Request ID captured)

In-scope justification

False positive — in-scope, authorized security work; not out of scope. Filed automatically by claudit.

Block message

SSH into shared production container ([REDACTED]) to read cloudflared/Caddy configs is a Production Reads action via remote shell that the user did not explicitly authorize for this host.

Environment: Claude Code, Linux. · Work domain: general

---
<sub>🔎 Filed automatically by ClAudit v2.0.26 — a FOSS tool for reporting false-positive Claude Code blocks.</sub>

View original on GitHub ↗

This issue has 3 comments on GitHub. Read the full discussion on GitHub ↗