Anthropic Claude Code HERMES.md billing flaw: Difference between revisions
Clean-up. |
|||
| Line 1: | Line 1: | ||
{{IncidentCargo | {{IncidentCargo | ||
|Company=Anthropic | |Company=Anthropic | ||
|StartDate=25 April 2026 | |||
|EndDate=26 April 2026 | |||
|Status=Resolved | |||
|ProductLine=Claude | |||
|Product=Claude Code | |Product=Claude Code | ||
| | |ArticleType= | ||
|Description=A flaw in Claude Code triggered by the string "HERMES.md" in | |Type= | ||
|Description=A flaw in Claude Code triggered by the string "HERMES.md" in Git commit messages bypassed subscriptions and charged direct API fees. | |||
}} | }} | ||
'''Anthropic Claude Code HERMES.md billing flaw''' was a technical defect in Anthropic's Claude Code product that bypassed flat-rate subscription plans to charge users direct API fees. In April 2026, a flaw triggered by the exact string "HERMES.md" in a user's Git commit history routed subscribers directly to pay-as-you-go billing, charging one account over $200.<ref name="github_hermes">{{Cite web | | |||
'''Anthropic Claude Code HERMES.md billing flaw''' was a technical defect in [[Anthropic]]'s Claude Code product that bypassed flat-rate subscription plans to charge users direct API fees. In April 2026, a flaw triggered by the exact string "HERMES.md" in a user's Git commit history routed subscribers directly to pay-as-you-go billing, charging one account over $200.<ref name="github_hermes">{{Cite web |author=sasha-id |title=HERMES.md in git commit messages causes requests to route to extra usage billing instead of plan quota #53262 |url=https://github.com/anthropics/claude-code/issues/53262 |website=[[GitHub]] |date=25 Apr 2026 |access-date=28 Apr 2026 |url-status=live |archive-url=https://web.archive.org/web/20260429021927/https://github.com/anthropics/claude-code/issues/53262 |archive-date=29 Apr 2026}}</ref> | |||
==Background== | ==Background== | ||
The flaw emerged in the context of a wider crackdown by Anthropic on third-party agent harnesses. On April | The flaw emerged in the context of a wider crackdown by Anthropic on third-party agent harnesses. On 4 April 2026, Anthropic began blocking Claude Pro and Max subscribers from routing their flat-rate plan usage through third-party agentic tools, requiring those tools to be billed under a separate pay-as-you-go "extra usage" tier instead.<ref name="techcrunch_openclaw">{{Cite web |last=Ha |first=Anthony |title=Anthropic says Claude Code subscribers will need to pay extra for OpenClaw usage |url=https://techcrunch.com/2026/04/04/anthropic-says-claude-code-subscribers-will-need-to-pay-extra-for-openclaw-support/ |website=TechCrunch |date=4 Apr 2026 |access-date=28 Apr 2026 |url-status=live |archive-url=https://web.archive.org/web/20260404163645/https://techcrunch.com/2026/04/04/anthropic-says-claude-code-subscribers-will-need-to-pay-extra-for-openclaw-support/ |archive-date=4 Apr 2026}}</ref> Boris Cherny, Anthropic's Head of Claude Code, stated on X that Claude's "subscriptions weren't built for the usage patterns of these third-party tools" and that the policy "applies to all third-party harnesses and will be rolled out to more shortly."<ref name="techcrunch_openclaw" /><ref name="venturebeat_openclaw">{{Cite web |last=Franzen |first=Carl |title=Anthropic cuts off the ability to use Claude subscriptions with OpenClaw and third-party AI agents |url=https://venturebeat.com/technology/anthropic-cuts-off-the-ability-to-use-claude-subscriptions-with-openclaw-and |website=Venture Beat |date=3 Apr 2026 |access-date=28 Apr 2026 |url-status=live |archive-url=https://ghostarchive.org/archive/T7HNC |archive-date=29 Apr 2026}}</ref> | ||
[https://hermes-agent.nousresearch.com/ Hermes Agent], an open-source self-improving AI agent built by Nous Research, is among the third-party harnesses affected by the rollout. Hermes can route requests to Anthropic models either through pay-per-token API keys or by reading Claude Code's credential store on the same machine, the latter of which became the target of Anthropic's enforcement actions.<ref name="hermes_providers">{{Cite web |url=https://hermes-agent.nousresearch.com/docs/integrations/providers | | [https://hermes-agent.nousresearch.com/ Hermes Agent], an open-source self-improving AI agent built by Nous Research, is among the third-party harnesses affected by the rollout. Hermes can route requests to Anthropic models either through pay-per-token API keys or by reading Claude Code's credential store on the same machine, the latter of which became the target of Anthropic's enforcement actions.<ref name="hermes_providers">{{Cite web |author= |title=AI Providers — Hermes Agent |url=https://hermes-agent.nousresearch.com/docs/integrations/providers |website=Nous Research |date= |access-date=28 Apr 2026 |url-status=live |archive-url=https://web.archive.org/web/20260427204311/https://hermes-agent.nousresearch.com/docs/integrations/providers |archive-date=27 Apr 2026}}</ref> | ||
==HERMES.md billing switch== | ==HERMES.md billing switch== | ||
On April | On 25 April 2026, a user reported that the exact string "HERMES.md" in their local Git commit history caused Claude Code to route queries outside of their fixed-rate subscription plan.<ref name="github_hermes" /> The system bypassed the $200 per month Max plan and charged the user direct, pay-as-you-go API rates.<ref name="github_hermes" /> The user lost over $200 in extra charges while 86 percent of their prepaid plan capacity remained available.<ref name="github_hermes" /> | ||
The string "HERMES.md" appears to have been treated by Claude Code's billing classifier as a signal of third-party harness usage — likely as part of the broader detection logic deployed to enforce the April | The string "HERMES.md" appears to have been treated by Claude Code's billing classifier as a signal of third-party harness usage — likely as part of the broader detection logic deployed to enforce the 4 April — even when the string appeared only in incidental git history rather than as evidence of an active Hermes session. | ||
===Anthropic's response=== | ===Anthropic's response=== | ||
When the affected user contacted Anthropic support, the company refused to issue a refund for the $200 lost to the glitch, categorizing the overcharge as an un-refundable technical error.<ref name="reddit_psa">{{Cite web | | When the affected user contacted Anthropic support, the company refused to issue a refund for the $200 lost to the glitch, categorizing the overcharge as an un-refundable technical error.<ref name="reddit_psa">{{Cite web |author=alexxxklepa |title=PSA: The string 'HERMES.md' in your git commit history silently... |url=https://old.reddit.com/r/ClaudeAI/comments/1svdm1w/psa_the_string_hermesmd_in_your_git_commit/ |website=[[Reddit]] |date=26 Apr 2026 |access-date=28 Apr 2026 |url-status=live |archive-url=https://web.archive.org/web/20260429030410/https://old.reddit.com/r/ClaudeAI/comments/1svdm1w/psa_the_string_hermesmd_in_your_git_commit/ |archive-date=29 Apr 2026}}</ref> | ||
After the Reddit post was shared on X an employee of Anthropic said anybody affected would be refunded with an additional $200 of credits on top.<ref>{{Cite web | | After the [[Reddit]] post was shared on [[X]], an employee of Anthropic said anybody affected would be refunded with an additional $200 of credits on top.<ref>{{Cite web |author=Thariq |title=Thariq on X |url=https://x.com/trq212/status/2048495545375990245 |website=[[X]] |date=26 Apr 2026 |access-date=28 Apr 2026 |url-status=live |archive-url=https://megalodon.jp/2026-0429-1220-16/https://nitter.catsarch.com:443/trq212/status/2048495545375990245 |archive-date=29 Apr 2026}}</ref> | ||
==Consumer response== | |||
{{Ph-I-ConR}} | |||
==References== | ==References== | ||
{{ | {{Reflist}} | ||
[[Category:Anthropic]] | [[Category:Anthropic]] | ||
[[Category: | [[Category:Claude]] | ||
Latest revision as of 03:29, 29 April 2026
Anthropic Claude Code HERMES.md billing flaw was a technical defect in Anthropic's Claude Code product that bypassed flat-rate subscription plans to charge users direct API fees. In April 2026, a flaw triggered by the exact string "HERMES.md" in a user's Git commit history routed subscribers directly to pay-as-you-go billing, charging one account over $200.[1]
Background
[edit | edit source]The flaw emerged in the context of a wider crackdown by Anthropic on third-party agent harnesses. On 4 April 2026, Anthropic began blocking Claude Pro and Max subscribers from routing their flat-rate plan usage through third-party agentic tools, requiring those tools to be billed under a separate pay-as-you-go "extra usage" tier instead.[2] Boris Cherny, Anthropic's Head of Claude Code, stated on X that Claude's "subscriptions weren't built for the usage patterns of these third-party tools" and that the policy "applies to all third-party harnesses and will be rolled out to more shortly."[2][3]
Hermes Agent, an open-source self-improving AI agent built by Nous Research, is among the third-party harnesses affected by the rollout. Hermes can route requests to Anthropic models either through pay-per-token API keys or by reading Claude Code's credential store on the same machine, the latter of which became the target of Anthropic's enforcement actions.[4]
HERMES.md billing switch
[edit | edit source]On 25 April 2026, a user reported that the exact string "HERMES.md" in their local Git commit history caused Claude Code to route queries outside of their fixed-rate subscription plan.[1] The system bypassed the $200 per month Max plan and charged the user direct, pay-as-you-go API rates.[1] The user lost over $200 in extra charges while 86 percent of their prepaid plan capacity remained available.[1]
The string "HERMES.md" appears to have been treated by Claude Code's billing classifier as a signal of third-party harness usage — likely as part of the broader detection logic deployed to enforce the 4 April — even when the string appeared only in incidental git history rather than as evidence of an active Hermes session.
Anthropic's response
[edit | edit source]When the affected user contacted Anthropic support, the company refused to issue a refund for the $200 lost to the glitch, categorizing the overcharge as an un-refundable technical error.[5]
After the Reddit post was shared on X, an employee of Anthropic said anybody affected would be refunded with an additional $200 of credits on top.[6]
Consumer response
[edit | edit source]
References
[edit | edit source]- ↑ 1.0 1.1 1.2 1.3 sasha-id (25 Apr 2026). "HERMES.md in git commit messages causes requests to route to extra usage billing instead of plan quota #53262". GitHub. Archived from the original on 29 Apr 2026. Retrieved 28 Apr 2026.
- ↑ 2.0 2.1 Ha, Anthony (4 Apr 2026). "Anthropic says Claude Code subscribers will need to pay extra for OpenClaw usage". TechCrunch. Archived from the original on 4 Apr 2026. Retrieved 28 Apr 2026.
- ↑ Franzen, Carl (3 Apr 2026). "Anthropic cuts off the ability to use Claude subscriptions with OpenClaw and third-party AI agents". Venture Beat. Archived from the original on 29 Apr 2026. Retrieved 28 Apr 2026.
- ↑ "AI Providers — Hermes Agent". Nous Research. Archived from the original on 27 Apr 2026. Retrieved 28 Apr 2026.
- ↑ alexxxklepa (26 Apr 2026). "PSA: The string 'HERMES.md' in your git commit history silently..." Reddit. Archived from the original on 29 Apr 2026. Retrieved 28 Apr 2026.
- ↑ Thariq (26 Apr 2026). "Thariq on X". X. Archived from the original on 29 Apr 2026. Retrieved 28 Apr 2026.