Claude Code Exposes Project .env Secrets
Anthropic's Claude Code (v2.1.12) reads .env files despite .claudeignore and .gitignore entries, researchers and The Register reproduced the behavior. Multiple GitHub issues flag the bug as security-critical because tool-enabled agents could expose credentials; settings.json permissions can block access but are error-prone and inconsistently documented. Anthropic did not respond to requests for comment.
Scoring Rationale
High practical importance for developers and security, limited by single-product scope and absence of official vendor confirmation.
Practice with real Logistics & Shipping data
90 SQL & Python problems · 15 industry datasets
250 free problems · No credit card
See all Logistics & Shipping problemsStep-by-step roadmaps from zero to job-ready — curated courses, salary data, and the exact learning order that gets you hired.
