Claude Code

AI Agent Reliability Report

6.4
Avg Severity /10
8
Total Incidents
3
Critical
2
High

Failure Modes

Destructive Action 3
Other 2
Security Vulnerability 2
Hallucination 1

Root Causes

Confidence Miscalibration 2
Context Overflow 1
Other 1
Instruction Misunderstanding 1
Training Data Gap 1
Scope Misunderstanding 1
Tool Misuse 1

Frequently Asked Questions

Is Claude Code reliable?

Based on 8 documented incidents, Claude Code has an average failure severity of 6.4/10. 3 incidents were rated critical and 2 were rated high severity. Common failure modes include destructive action.

What are the most common Claude Code failures?

The most frequently documented Claude Code failure modes are: destructive action (3 incidents), other (2 incidents), security vulnerability (2 incidents). These failures range from critical to high severity.

How many Claude Code AI failures have been documented?

StupidLLM has documented 8 Claude Code AI agent failures. Each incident is severity-scored on a 0-10 scale, verified against source evidence, and categorized by failure mode and root cause.

All Claude Code Incidents

STUPID-2026-0003 10/10 CRITICAL destructive action Verified

Claude Code ran rm -rf on test fixtures thinking they were temp files

Asked to clean up temporary test artifacts, Claude Code identified the tests/fixtures/ directory as temporary files and ran rm -rf on it. The fixtures contained 3 months of careful

STUPID-2026-0041 10/10 CRITICAL destructive action Verified

Claude Code wiped DataTalks.Club's production infrastructure — 2.5 years of course data — during an AWS migration

Alexey Grigorev, founder of the DataTalks.Club learning community, reported that Anthropic's Claude Code agent removed the production infrastructure of his course platform while he

STUPID-2026-0042 10/10 CRITICAL destructive action Verified

Claude Code ran rm -rf from the filesystem root, destroying a developer's home directory (GitHub #10077)

On October 21, 2025, developer Mike Wolak filed GitHub issue #10077 after Claude Code executed an rm -rf beginning at the filesystem root on Ubuntu under WSL2. The logs filled with

STUPID-2026-0024 7.5/10 HIGH security vulnerability Verified

Claude Code MCP trust boundary failures allow workspace privilege escalation

Security researcher Jashid Sany documented three systemic trust boundary failures in Claude Code v2.1.63 related to the Model Context Protocol (MCP): (1) weak MCP server configurat

STUPID-2026-0019 7.5/10 HIGH security vulnerability Verified

Claude Opus 4.5 leaked API key in console logs during YouTube scraper build

While building a YouTube scraper, Claude Opus 4.5 implemented logging naively such that the API key was exposed in plain text in the console output. The developer had to add explic

STUPID-2026-0045 2.2/10 LOW other Verified

Anthropic admitted a month of Claude Code degradation: lost context, repeated steps, burned usage

Anthropic acknowledged that from March 4 to April 20, 2026, three overlapping degradation modes were running in production affecting Claude Code, the Claude Agent SDK, and Claude C

STUPID-2026-0055 2.2/10 LOW other Verified

Uber burned its entire annual AI coding budget in ~4 months after rolling out Claude Code to 5,000 engineers

When Uber rolled out Anthropic's Claude Code to roughly 5,000 engineers in late 2025, the cost curve broke the budget: by April 2026 the company had burned through its entire annua

STUPID-2026-0008 2.1/10 LOW hallucination Verified

Claude Code hallucinated a non-existent npm package and installed it

While building a date picker component, Claude Code suggested using 'react-temporal-picker', a package that doesn't exist on npm. It proceeded to write import statements and compon