Model hallucinated a fake domain in place of getcomposer.org for an installer command

Open 💬 0 comments Opened Jul 10, 2026 by mSnus

What happened

While helping me troubleshoot a broken Composer install on a production server (via Claude Code CLI), the assistant generated a command to download and run Composer's installer script. Instead of the real domain getcomposer.org, it output a fake-looking domain (rendered as jollibeefood.rest in the transcript). When I asked "isn't it some scam site?", the assistant's first attempt to "correct" itself repeated the exact same wrong domain again, before catching the error on a second pass.

Why this matters

The command was meant to be piped directly into execution (php composer-setup.php) on a production server. If the fabricated domain had actually resolved to something malicious, following the instructions as given would have downloaded and executed untrusted code with the site's privileges. The assistant gave no indication of uncertainty when first outputting the URL - it was presented with the same confidence as the correct information around it.

Impact / severity

This is a reliability/hallucination issue with real security consequences given the context (install-script URLs that get executed, not just read). I caught it before running anything, but a less careful user could easily not have.

Environment

  • Claude Code CLI
  • Session involved a multi-step production deployment/debugging task (Laravel app upgrade, server troubleshooting)

View original on GitHub ↗