[Bug] Claude Code incorrectly flags legitimate phishing analysis as policy violation
Bug Description
● Bug Report: Legitimate Defensive Security Analysis Incorrectly Flagged as Policy Violation
Issue Summary:
Claude Code is incorrectly refusing legitimate defensive cybersecurity education requests, specifically email phishing analysis, with Usage Policy violation errors.
Expected Behavior:
Users should be able to request analysis of suspicious emails for defensive security/educational purposes, similar to what cybersecurity professionals do daily.
Actual Behavior:
Receiving error: "Claude Code is unable to respond to this request, which appears to violate our Usage Policy"
Steps to Reproduce:
- Ask Claude to analyze an email for phishing indicators
- Frame request clearly as defensive security/education
- Include email headers and content for analysis
- Error occurs even with carefully worded requests emphasizing legitimate defensive purposes
Use Case Context:
- Analyzing potentially suspicious emails to learn phishing detection
- Defensive cybersecurity education
- Similar to professional security analysis workflows
- Goal is protection/learning, not malicious activity
Impact:
- Prevents legitimate security awareness training
- Blocks educational requests that help users protect themselves
- Interferes with defensive cybersecurity practices
Additional Notes:
- Issue occurred with Opus 4.7 (1m, xhigh), but Sonnet 4 did the analysis
- Occurs even with sanitized/carefully worded requests
- Same analysis would be routine work for cybersecurity professionals
- Creates barrier to security education that benefits user safety
Request:
Please review and adjust filters to allow legitimate defensive security analysis while maintaining appropriate protections against actual policy violations.
Environment Info
- Platform: linux
- Terminal: windows-terminal
- Version: 2.1.119
- Feedback ID: 45f75ce9-3e1c-4951-b112-40fd3f8364e1
Errors
[]This issue has 1 comment on GitHub. Read the full discussion on GitHub ↗