[Bug] Claude API incorrectly flags DNS exfiltration explanations as policy violation despite cyber verification
Resolved 💬 3 comments Opened Apr 26, 2026 by odin-the-mad Closed Apr 30, 2026
Bug Description
For some reason every single time claude tries to explain the use of DNS to move data in a penetration testing context it gets flagged as a violation of the useage policy. i am verified under the cyber verification program but it doesnt seem to matter. this is totally within scope. no matter how we word it, no matter how much context i give, it keeps tripping. this is absolutely ridiculous and is clearly a false positive. PLEASE FIX THIS FOR GODS SAKE!!! This is a normal topic for CTF, Pentest+, OSCP, etc.
Environment Info
- Platform: linux
- Terminal: vte-based
- Version: 2.1.119
- Feedback ID: ce31700f-ed30-4b6f-a0dd-d46965f81968
Errors
[]This issue has 3 comments on GitHub. Read the full discussion on GitHub ↗