Detailed Analysis
A Reddit post in r/ClaudeAI claims that the string "HERMES.md" appearing in git commit messages silently triggers incorrect billing routing in Claude Code, causing the author to lose $200.98 in extra usage charges despite holding an active Max 20x subscription ($200/month). The poster alleges they independently diagnosed the issue through binary search across repositories and commit histories after Anthropic's support failed to resolve it, ultimately isolating the uppercase string "HERMES.md" as the precise trigger. They report that Anthropic's support acknowledged an "authentication routing issue" but declined to issue a refund, and they filed a bug report at the Claude Code GitHub repository. The post has spread as a warning to other Claude Code users, urging them to audit their extra usage dashboards and recent commit histories.
The research context, however, finds no verified evidence supporting the central claim that "HERMES.md" in git commit history causes incorrect billing routing or unauthorized extra-usage charges. What does exist is a GitHub issue referencing "HERMES.md" in connection with a 400 error arising from git log-derived system context bytes — a distinct technical error that does not involve billing at all. Claude Code is known to ingest repository context, including recent commits and files such as CLAUDE.md, into its system prompt on every query turn, which can legitimately increase token usage and cost through expanded context windows. The leap from a context-parsing or API error to silent mis-billing of $200 is a significant one, and no corroborating reports from other users or independent confirmation from Anthropic have surfaced to validate the specific billing-routing mechanism described.
The plausibility of the claim partially rests on how Claude Code processes repository context. Because the tool automatically incorporates recent git history into its system prompt, any string within that history becomes part of the prompt payload sent to the model. It is technically conceivable — though unconfirmed — that server-side logic, perhaps related to internal routing or product-tier detection, could misinterpret specific strings in unexpected ways. "HERMES.md" is a legitimate convention used in AI agent projects to define system prompt specifications, making it a plausible candidate for accidental collision with internal Anthropic infrastructure identifiers. Separately, a notable recent event in the Claude Code ecosystem was the accidental leak of approximately 59.8 MB of source code via an npm package sourcemap caused by a Bun runtime bug — a disclosure that led to rapid reverse-engineering and DMCA takedowns. This leak context is relevant because it means more external scrutiny of Claude Code's internals is currently underway than at any prior point, which could surface legitimate or speculative findings alike.
The incident, whether fully accurate or partially misdiagnosed, highlights structural tensions in how AI developer tools handle billing transparency and error attribution. When a tool silently ingests dynamic context — git history, file trees, branch names — and ties that context to downstream API calls, users have limited visibility into what triggers cost escalation. The poster's core frustration, that diagnosing a billing anomaly required hours of manual binary search that Anthropic's own support could not replicate, points to a genuine gap in observability tooling for Claude Code users. Even if the "HERMES.md" string is not the true causal factor, the broader pattern — opaque context ingestion, ambiguous usage dashboards, and AI-mediated support loops that acknowledge problems without resolving them — represents a credibility and trust challenge for Anthropic as Claude Code scales its developer user base.
The refusal to issue a refund, even after the support system's own acknowledgment of a routing bug, is the element most likely to sustain reputational damage regardless of the technical merits. Anthropic has positioned itself prominently around safety, trustworthiness, and alignment — values that users are now applying as a measuring stick to customer-facing policies, not just model behavior. The irony noted by the poster, that a company known for AI alignment work deployed an AI support bot that "doesn't have my best interests at heart," resonates because it conflates product philosophy with business practice in a way that is rhetorically effective even if technically imprecise. As AI coding assistants become integral infrastructure for software developers, the standards for billing accuracy, support responsiveness, and transparent error communication will be held to a higher bar — and incidents like this one, verified or not, will shape how the developer community calibrates its trust in these platforms.
Read original article →