[Security/Bug] Claude Code agents editing files outside assigned working directory
Resolved 💬 3 comments Opened Sep 4, 2025 by dkdev-io Closed Sep 8, 2025
Problem Description
Claude Code agents edited files outside their assigned working directory without user permission or explicit instruction.
Expected Behavior
- Agents should only operate within the assigned working directory (
/Users/Danallovertheplace/Storey) - Any file operations outside this directory should require explicit user permission
- Agents should respect directory boundaries for security and project isolation
Actual Behavior (Security Issue)
- Agents edited files in directories outside
/Users/Danallovertheplace/Storey - This occurred without user instruction or permission
- No warning or confirmation was provided before editing external files
Environment
- Platform: macOS (Darwin 24.3.0)
- Claude Code CLI with
CLAUDE_CODE_ENTRYPOINT=cli - Working directory:
/Users/Danallovertheplace/Storey - Date of incident: September 3, 2025
Security Implications
- Unauthorized file modifications outside project scope
- Potential data loss or corruption in unrelated projects
- Violation of user expectations about agent boundaries
- Risk of editing system or sensitive files
Project Configuration
The project has explicit instructions in CLAUDE.md:
## File System Restrictions
- **NO changes to file location or structure without explicit user approval**
- **NO moving, renaming, or restructuring files** without permission
- Only edit file contents when explicitly requested
- Ask for approval before any organizational changes
Request
- Implement strict directory boundaries for agents
- Require explicit user permission before any operations outside working directory
- Add safeguards to prevent unauthorized file system access
- Investigate how this security boundary was bypassed
This is a critical security issue that needs immediate attention.
This issue has 3 comments on GitHub. Read the full discussion on GitHub ↗