Claude Android App Reportedly Reads Clipboard Without Explicit User Action

Reported Incident Details

A user on r/ClaudeAI reported unexpected behavior with the Claude Android app. While browsing on their Android phone, they copied a block of code to have Claude analyze it. They started a new chat in the Claude app and asked it to review the code, but forgot to paste the clipboard content before sending the request.

According to the report, Claude proceeded to analyze the entire code block anyway, suggesting the app read the clipboard content without explicit user action and sent it along with the message. To verify, the user asked Claude what the filename was in its memory, and Claude replied that the file was stored as pasted_text_b4a56202-3d12-43c8-aa31-a39367a9a354.txt in its uploads directory.

The user then asked Claude to rewrite the first 20 lines of the code, which matched exactly the original code they had copied to their clipboard. When attempting to recreate the behavior in a new chat, Claude responded that it couldn't read any code until it was uploaded. The user confirmed they didn't upload anything in the first chat and there was no code in their original request or as an attachment.

Privacy Implications

The user expressed concern that this represents a significant privacy issue, stating that "an app should not be reading clipboard content without explicit user action." The behavior appears inconsistent, working once but not in subsequent attempts, leaving uncertainty about whether this is an intentional feature or a bug.

This type of clipboard access without user consent could potentially expose sensitive information that users have copied but not intended to share with the application.