Claude Code fails to respect .claudeignore and .gitignore files, allowing the AI to read sensitive .env files containing passwords, API keys, and tokens even when explicitly blocked. Multiple GitHub issues report this security vulnerability, with developers struggling to prevent access to secrets. While permission settings in settings.json may work, the configuration is complex and error-prone. The issue has been reported since November 2025 but remains unresolved, creating potential security risks especially for AI agents vulnerable to prompt injection attacks.
Sort: