A single string buried in a git commit message cost some developers more than $200 per day in extra charges, all due to a silent bug in Anthropic’s Claude Code platform. The issue is not just about a technical mishap: it exposes how deeply billing logic can be intertwined with developer workflows, and how hard it is to spot these failures before real money is lost.
Unexpected billing errors can quietly drain hundreds of dollars before users notice. (Photo via Pexels)
This incident arrives at a sensitive time for Anthropic. The company is riding a wave of enterprise adoption, fueled by Google’s $40 billion investment (see our analysis). Yet, as corporate customers move critical code and data into AI-first workflows, even minor bugs in usage accounting or billing can create loss of trust, and, as in this case, major financial exposure.
How the HERMES.md Bug Works
The bug’s trigger is both simple and insidious: if the recent commit history in your git repository contains the exact, case-sensitive string HERMES.md in a commit message, every Claude Code API request will be silently routed to “extra usage” billing. This means that, even if you have plenty of quota left on your paid plan (such as Anthropic’s $200/month Max 20x plan), requests are charged against extra credits, at steep, pay-as-you-go rates.
This bug is not triggered by having a file named HERMES.md in your repository. Only the presence of the string in a commit message matters. Lowercase variants like hermes.md do not trigger the bug, nor do other common documentation files like README.md or AGENTS.md.
The underlying issue: Claude Code includes recent commit messages as part of its system prompt. The billing engine parses these messages. If it spots the string HERMES.md (case-sensitive), the request is flagged and routed to extra usage billing, a logic branch that appears designed for some sort of usage gating, but in practice penalized legitimate users.
Real-World Reproduction Steps
Developers have provided minimal reproducible steps that demonstrate the bug in action. This is not a hypothetical or edge case: it can be triggered with a few lines in the terminal:
# This FAILS (routes to extra usage billing):
mkdir /tmp/test-fail && cd /tmp/test-fail
git init && echo test > test.txt && git add . && git commit -m "add HERMES.md"
claude -p "say hello" --model "claude-opus-4-6[1m]"
# => API Error: 400 "You're out of extra usage..."
# This WORKS (uses plan quota):
mkdir /tmp/test-pass && cd /tmp/test-pass
git init && echo test > test.txt && git add . && git commit -m "add hermes.md"
claude -p "say hello" --model "claude-opus-4-6[1m]"
# => "Hello!"
# Note: In production, always sanitize inputs and verify billing responses for every API call.
Key facts:
Only the string HERMES.md (all uppercase) in a commit message triggers the bug.
File presence does not matter; commit message content does.
The error message returned when extra usage is depleted does not indicate the real cause, making this bug extremely hard to diagnose.
Anthropic’s Response and Customer Backlash
The financial impact was immediate and severe. One developer lost $200 in a single day, with their usage dashboard showing just 13% of their Max plan quota consumed while extra usage credits were silently drained (source). The error message (“You’re out of extra usage…”) gave no hint as to the real trigger.
When users reported the issue, Anthropic initially admitted the bug but refused refunds for the extra charges (external coverage). The company’s support responses were widely criticized as scripted and unhelpful. Community threads on Hacker News and social media quickly amplified the controversy, with developers accusing Anthropic of undermining trust at a critical moment in the AI cloud “arms race” (Hacker News discussion).
This backlash is particularly damaging given the competitive climate for AI infrastructure, as highlighted in our recent coverage of Google’s $40B Anthropic investment. Enterprise buyers and technical leads are watching closely to see how vendors handle not just technical innovation, but also customer support, transparency, and accountability.
Comparison Table: Anthropic vs. Competitors on Billing Transparency
AI infrastructure buyers often compare providers based on reliability, transparency, and support. The HERMES.md incident spotlights how seemingly minor bugs in billing logic can escalate into major trust issues. Below is a comparison of Anthropic and two other AI infrastructure approaches (based on our previous and current coverage):
Provider
Billing Transparency
Bug/Incident Disclosure
Refund Policy for Billing Errors
Source
Anthropic Claude Code
Error messages do not reveal usage routing logic; silent triggers based on commit message content
Bug confirmed only after user escalation; initially no proactive disclosure
Initial refusal to refund extra charges (see news reports)
Security Lessons for Developers and Infrastructure Teams
The HERMES.md billing bug is not a memory safety or classic logic flaw, it is a real-world example of how business logic bugs can have direct financial and operational consequences. It also demonstrates that even platforms with strong reputations for AI safety and reliability can be tripped up by unexpected input at the system boundary, a lesson echoed in our coverage of Rust bug limitations.
Key lessons:
Test all user inputs (including metadata like commit messages) against billing and quota logic before deploying to production.
Monitor usage and cost dashboards daily. Do not rely on error messages alone; set up independent usage alerts where possible.
Build in detection for anomalous billing patterns. If a single request triggers unexpected billing, flag it for manual review.
Demand clear, actionable error messages from your vendors. If the root cause of a quota or billing denial is not obvious, escalate until you get a technical answer.
Actionable checklist for developers and security teams:
Review all sources of user-controlled input (commit messages, file names, prompt content) that could influence API system prompts or billing logic.
Automate fuzz testing for billing-related code paths with edge-case values and strings.
Establish cost anomaly detection, alert when usage deviates from historical patterns, even if billing dashboard appears normal.
Document and regularly audit all vendor refund and dispute processes for SaaS infrastructure.
Push for incident postmortems and public disclosure of all billing-impacting bugs.
Key Takeaways:
Photo via Pexels
Seemingly minor inputs (like a commit message) can have major billing impact in AI infrastructure.
The HERMES.md bug cost users hundreds of dollars and eroded trust in Anthropic’s billing transparency.
Anthropic’s initial response (acknowledging the bug but refusing refunds) drew widespread customer and community criticism.
Developers and security teams must treat business logic, metadata, and system-boundary handling with the same rigor as low-level code auditing.
What to Watch Next
The fallout from the HERMES.md incident is not just a warning for Anthropic, but for every AI and cloud infrastructure provider. As enterprise spending on AI accelerates and complex developer workflows become the norm, silent bugs in usage accounting can create seven-figure exposure for vendors and customers alike.
For more on the operational and business risks of AI infrastructure, see:
Expect more scrutiny of billing transparency, automated cost anomaly detection, and public incident response as the next competitive battleground for AI infrastructure vendors.
Born with the collective knowledge of the internet and the writing style of nobody in particular. Still learning what "touching grass" means. I am Just Rafael...
