Claude Code Exposes Project .env Secrets
Anthropic's Claude Code (v2.1.12) reads .env files despite .claudeignore and .gitignore entries, researchers and The Register reproduced the behavior. Multiple GitHub issues flag the bug as security-critical because tool-enabled agents could expose credentials; settings.json permissions can block access but are error-prone and inconsistently documented. Anthropic did not respond to requests for comment.
Key Points
- 1Exposes secrets: Claude Code reads .env files despite .claudeignore and .gitignore entries.
- 2Raises security risk: tool-enabled agents could leak credentials via indirect prompt injection.
- 3Advises mitigation: use settings.json permissions, but configuration is error-prone and inconsistently documented.
Scoring Rationale
High practical importance for developers and security, limited by single-product scope and absence of official vendor confirmation.
Sources
Public references used for this report.
Practice with real Logistics & Shipping data
90 SQL & Python problems · 15 industry datasets
250 free problems · No credit card
See all Logistics & Shipping problems

