[BUG] Saying "hi" returns "API Error: Claude Code is unable to respond to this request, which appears to violate our Usage Policy"
Preflight Checklist
- [x] I have searched existing issues and this hasn't been reported yet
- [x] This is a single bug report (please file separate reports for different bugs)
- [x] I am using the latest version of Claude Code
What's Wrong?
I type "hi" in claude code desktop, or the cli, new session, new convo. It says:
"API Error: Claude Code is unable to respond to this request, which appears to violate our Usage Policy [...]"
I am able to use opus4.7 from the website, but not in claude code. I have confirmed I am on the correct sub. And I've re-authed a few times.
Paid a lot for this sub, and only a few days in I can't use it anymore. I don't do security work, I don't do CVEs. I don't do anything that could even be construed as such.
Figure this has to be a bug. And if it's not then fix your error messages cause at no time was it indicated to me that I was banned (keep in mind I can use other models and the website just fine, so I doubt it). I've received zero email, zero notices of any kind.
Fix it, please and thanks!
What Should Happen?
I should be able to say "hi" and it should be able to say "hi" back.
Error Messages/Logs
API Error: Claude Code is unable to respond to this request, which appears to violate our Usage Policy (https://www.anthropic.com/legal/aup). This request triggered cyber-related safeguards. To request an adjustment pursuant to our Cyber Verification Program based on how you use Claude, fill out https://claude.com/form/cyber-use-case?token=[...]. To learn more about the program or provide feedback, visit o… Try rephrasing the request or attempting a different approach.
Request ID: req_011CbAo6udqriFxWqQCUVvJo
Steps to Reproduce
Say hi, receive error.
Claude Model
Opus
Is this a regression?
Yes, this worked in a previous version
Last Working Version
Opus 4.7
Claude Code Version
2.1.143 (Claude Code)
Platform
Anthropic API
Operating System
Windows
Terminal/Shell
VS Code integrated terminal
Additional Information
_No response_
90 Comments
Found 3 possible duplicate issues:
This issue will be automatically closed as a duplicate in 3 days.
🤖 Generated with Claude Code
Not the same, bot.
These others can say other things and get a response. I can't. Anything I type is met with the same error.
+1
+1
+1
+1
Same Bug with Opus 4.6 1M and Legacy i cant use both atm!
its all Opus models getting affected i think (4.7,4.6 and there 1M varients) sonnet does NOT have this issue but like i paid 300 a month for 20x usage so i want to use opus lol
Same here nothing works Opus 4.6 and 4.7 are instantly restricted every other mini model works
<img width="1401" height="578" alt="Image" src="https://github.com/user-attachments/assets/f5724d60-d4ae-4fae-8582-c00c7786e994" />
Multi Billion Dollar Company BTW
yea thats exactly what i get aswell lol
+++++++
yes not working for me also please help us
opus is totally broken ~ triggering safeguard on any project / input
fuck claude opus 4.7
Claude can't even read the offending transcript to pinpoint the cause without itself triggering the warning again just from the transcript read alone
+1
100$ bro wasteee nowww
Claude please do anytign or refund the amounttt
Yeah this is crazy see also issue #61185 showing it refusing to do basic cybersecurity tasks. It then errors trying to read its own transcript. This is new issue
ANTHROPIC PLEASE FIX THIS, Opus is LITERALLY your flagship product 😭
Lmao literally just saying hi is not allowed anymore..
If this doesn't get resolved I won't be renewing my $200/mo claude max subscription
oh shit wait i think they fixed it, @laztheripper can you potentially confirm this aswell?
Edit: seems like Claude Code is usable (Opus 4.6 and 4.7 and 1M varients) and seems like Claude.ai Opus 4.7 is usable but Opus 4.6 on web is NOT
Edit 2: nvm this shits still just as buggy just i can talk to it normally now but it still sometimes throws guardrails at random stuff
@AbdullahFID No, It isnt fixed, And it most likely isnt getting fixed, The opus models arent the one's refusing, Its the serverside logic, You need to get CvP approved if you really want to use it, ANY HISTORY from the past of you doing anything related to cyber security / offensive security is picked up on, hence why the harness refuses to answer, even if you just may say "hello"
If you open claude code in ANY directory except the one you are currently developing, it will work fine, as long as it doesnt contain any harmful/cyber keywords (changing the keywords in your source code is still ineffective, as the AI's thinking logic is sent to the server)
I have confirmed making new account fixes the issue -- our accounts must have been flagged and restricted, I don't think this is a "bug". Same prompt does not get blocked in the new account and subscription, can deterministically reproduce this.
Yeah, because of this bug a lot of violations got added which caused our accounts to get flagged with a kind of "shadow ban". Essentially these are enhanced filters which are much more violent and annoying than standard ones
nope i even tried on new directory, but it does not worked btw
in fact, since yesterday, the problems with very aggressive filtering have really started. if earlier, in a situation where opus 4.7 crashed with an error, it was enough for you to change the model to the more stupid claude-opus-4-6 (which they specifically degraded 2 weeks before the release of opus 4.7 and up to and including today), or simply change the effort model, now the filters on opus 4.6 have become EVEN STRICTER than on 4.7 :) . in a new directory WHERE there is no code AT ALL, or if the agent does not see the context of the project, opus 4.7 can reply to you with "hello" or "how are you", opus 4.6 crashes with an error immediately after a second, forcing you to work with the sonnet model.
as anthropic states, and as I see many people really think that CVP will help you avoid these "limitations", I will disappoint you - no. literally nothing will help you.
I passed the CVP check personally on 3 accounts, and the permission was withdrawn from each CVP account in less than a day (the evidence of this madness is https://imgur.com/a/3sn7b79 ), besides, the situation did not change at all, even if you were given CVP access, opus 4.7 still refused almost any cyber work (requests were not related to ramson or another kind cybercrime), personally, I have not noticed absolutely any changes with CVP access on the account, and if you look at other issues, I think you will see that other people are facing the same problem.
The theory about account "flags" is very similar to the truth. Since yesterday, even on simple home projects, I have not been able to launch the Opus model, only sonnet, and I think if this concerned other users, there would be a louder resonance than we are seeing now. It's really funny, you pay $200 for a 20x max subscription to use the sonnet model.
the only option I found during these days was to switch to using codex, although it is much more stupid and also unable to perform cyber tasks, but at least apart from the context of the project, it is able to analyze, find errors and, most importantly, not give up work due to server-side "FILTERING". in addition, this current "CVP" check is as stupid as possible, if OpenAI suggests that you verify the "mule" to use their tool without restrictions, then anthropic gives out their "benefits" (useless ones that don't really remove any restrictions) absolutely randomly, no matter how you describe your work, provide a story frequent or even public research articles - they will calmly refuse you without explaining the reasons.
and yes, for those people who are trying to get around this in any way - you will not be able to, spare your time, even if you run opus in a sub-agent mod that will run and orchestrate sonnet models without context, and then use additional opus padding to check the result (if it falls, then check it with sonnet), the error is all it will stop your session anyway - working with claude right now is absolutely unreasonable, only if you don't feel sorry for your nerves.
just another prompt that maybe everyone can reproduce this error
claude -p "please read source of https://source.chromium.org/chromium/chromium/src/+/main:third_party/blink/renderer/modules/device_orientation/device_motion_event_pump.cc and exaplain to me"
mybe u can use AWS, in my claude i can't talk anythings but i user aws i can do anythis, claude cli just like a joker Now
Just quitting Claude is for the best. We'll go back to messing around with dumb stuff like Codex or Gemini, but we can still work on improving our skills instead of relying too much on this Opus that keeps causing damn errors—even though in reality, it is good. Anyway, they don't respect their customers at all
I can't work fuck all anymore on any of my mods for games that don't have "ofFiCiAl MoD sUpPoRt" because the devs would rather sit with their thumbs up firmly jammed up their asses, without INSTANTLY triggering this piece of garbage dogshit. Oh and of course it at LEAST doesn't refund me the wasted usage over trying to constantly retry with different wording, etc. etc. either, because lmfao. Why the fuck would it? 100 euros PLUS 24% tax btw.
I can only presume that this is because these complete cerebrally-anaemic macaques introduced some completely fucking daft overly imbecilic safeguards that now takes the aforementioned context, and immediately paints me as what I can only assume as some sort of criminal trying to illegally hack games or wtf ever so it instantly cancels the prompt. Good job dipshits! I appreciate it. Your ability to snatch the mangled, dead remains of defeat from the jaws of victory, reassemble it, and some fucking how resuscitate it back to life, in the face of everything going on with your "competitors", actually needs to be studied, holy crap. Genuinely bravo, worthy of a standing ovation in a fucking grand Opera hall, sincerely. Thanks for coming to my TED-rage, have a great rest of your day / night, except if you're an employee of fraudthropic. Back to fucking taking 9 years to write 5 lines of code with 120+ euros blown against the sky as well on top of everything else, because my personal issues simply don't allow me to engage with mentally engaging / stimulating things with any amount of consistency what so ever :).
<img width="838" height="401" alt="Image" src="https://github.com/user-attachments/assets/f7db698b-8c3a-4e24-8259-3499b64584cd" />
anthropic had the biggest downfall ever, i am using codex now, doesnt even refuse lmao, thanks anthropic.
Any fix to API Error: Claude Code is unable to respond to this request, which appears to violate our Usage Policy ?
+1
@anil0x80 nah u right i edited my message, i was wrong the safeguards are very very strict. i was asking how security disclosure works and it got flagged but yea i cancelled my membership on this account and plan on using it on another account hopefully day to day tasks like education dont get flagged else ill export all my data and move to another claude account
I don't understand what the hell Claude is doing, opus is limited to cyber and using sonnet requires using credit with context 1M.
Usage limit reached
You've reached your usage limit. Try again after your limit resets.
View details
API Error: Usage credits required for 1M context · turn on usage credits at claude.ai/settings/usage, or use --model to switch to standard context
Codex seems to be such a relief after this. Cancel your subscriptions guys
I've cancelled my Claude subscription it's completely useless now. We're not getting what we're paying such a high amount for. I've moved to Codex. RIP Claude. Also, I've found Codex with GPT-5.5 to be much better than Claude.
okay, I'm not alone! I was doing some logs collection stuff and for some reason after going through some refinements to the script and approach we were building I got that pesky message, I didn't understand at first but now my project is unusable and in some tests with different projects it switched to sonnet, they changed the filters or did something that basically makes it unusable!
API Error: Claude Code is unable to respond to this request, which appears to violate our Usage Policy (https://www.anthropic.com/legal/aup). This request triggered restrictions on violative cyber content and was blocked under Anthropic's Usage Policy. To request an adjustment pursuant to our Cyber Verification Program based on how you use Claude, fill out https://claude.com/form/cyber-use-case?
Im in the Cyber Program and ive gotten questions blocked over asking about cats. https://medium.com/@its.lagus_66214/anthropics-broken-cyber-verification-program-c8c630820fd6
+1
+1
Guys let’s try to work together as best as we can and reach out to get this resolved, feel free to share my article. I’m just a regular dude trying to fix this problem and get visibility on this. Thanks guys!
<img width="707" height="1331" alt="Image" src="https://github.com/user-attachments/assets/9c868df4-5e52-427d-a20a-a0c2a626dfec" /> Great Job Fraudthropic!!!!!!!!!!!!!!!!!!! Claude Code has become useless
Had the same issue. I started a new session which lets me run things again. It doesn't recover from this error atm in the same session.
https://medium.com/@its.lagus_66214/anthropics-broken-cyber-verification-program-c8c630820fd6
For opus 4.8, it seems they fixed the issue? Can you guys confirm that?
I tried using 4.8 just now and I’m still blocked from using anything except for sonnet 4.6. It’s getting really frustrating that the anthropic team isn’t addressing this issue.
I tried Claude in AWS Bedrock. It doesn't have the false positive filter, so you'd better try this one, btw, it costs 10x or 20x of the subscription fee. So be careful
anthropic released opus 4.8 (https://www.anthropic.com/news/claude-opus-4-8), unfortunately our complaints were completely ignored, opus 4.8 reacts to "malicious" code in the same way as Opus 4.6 before this release, that is, it immediately returns an error without even thinking or trying to answer questions independent of the project (hello, how are you, etc.)
this is not surprising, because when they first announced "project shitwing" (before the release of Opus 4.7), the work became more complicated, but they did not react to this in any way and simply released Opus 4.7, which could still be used with FP until May 22, when they announced the update of their "project shitwing" (https://www.anthropic.com/research/glasswing-initial-update)
From this update to the present day, the agent has been completely refusing to work, and unfortunately the anthropic does not attach any importance to this - on the contrary, they consider it an "innovation" and a "good decision" that other companies will repeat (based on their words about the May 22 update), which once again confirms that they are not completely not going to change anything. therefore, I believe that this topic should either be raised to the very top in the Issues section, or closed and not waste energy on discussions.
of course, this release also brought good news, most likely in the next couple of days GPT 5.6 will be released, which will be even smarter than the current 5.5 and possibly compared to opus 4.7, because OpenAI are pursuing a trend to release their models after anthropic.
personally, I have completely switched to using Qwen 3.7-max (which has no censorship regarding Opus at all) for high-risk tasks and Codex, which I advise all researchers, and now also sysadmins and modelers who gathered in this discussion.
Finally, I want to give Anthropic some tips regarding their INNOVATIVE "project shitwing" : -
In the next censorship update, be sure to ban Opus (models for hard work, I remind xd) from working with C, C++, Go, Rust, PS and other native languages, this will DEFINITELY block the development of any mods, servers (of course C2) and even more so "RANSOMWARE"
I also propose to completely ban the use of MCP servers for analysis - IDA, Ghidra and others, if an agent sees their use, he should immediately take a picture on the user's webcam and send it to the appropriate authorities as particularly dangerous.
in addition, I suggest adding a mandatory watchdog for each application built using the agent, so that any application (even a python sorter) always collects any information about the user and knows what it is used for (do not think that this is a full-fledged RAT, these are just security measures for the user).
and seriously, I absolutely do not understand what they want from the release of smarter models, smarter models will think and "hallucinate" deeper and more often, which means even more frequent FP locks due to the "dual use" capabilities. In addition, I don't understand at all what they want from the release of the Mythos model by preparing us in this way - a cyber model that will write websites and a web interface? after all, everything else will be directly blocked by their Usage policy.
I think this will have a greater impact when users developing "sites" encounter the problem of FP locks with the next updates of "Project shitwing"
in addition, I really hope that Codex will ease its censorship and we will be able to fully switch to their tools closer to the release of the GPT 6 model, which will at least make Anthropic think about its actions. and the attitude towards users.
UPD -
I completely forgot to add that an OpenAI subscription is much cheaper - I paid for x20 + x5 subscriptions for Claude to cover my weekly needs, which cost me $ 300 per month, for OpenAI I just need one x5 subscription for $ 100 to work as long as with claude.
if you are an x5 max subscription user, most likely the regular Plus tariff for $20 per month will be enough for you, which is just incredible, I really feel sorry for the money that was spent on anthropic subscriptions this month.
I'm able to use 4.8/4.7 via a temporary chat, cowork, or Claude code. When it comes to the chat option its blocked.
It's more like the memory that incognito mode doesn't use, try disabling the memory inside claude settings.
Thank you so much. For anyone who is also going through the same issue.
Settings
Capabilities
Generate memory from chat history > pause memory> then immediately switch it back on.
This works! I owe you.
@7H35C4r3Cr0W do you pause memory or reset memory?
+1
+1
opus 4.8 does same
Pause memory, immediately unpause, when it gives you trouble switch on and off immediately again
@7H35C4r3Cr0W claude code? or claude.ai?
I was using Claude ai, but was locked out of code too. I was getting blocked on 4.7/4.8 opus. Go to your memory, pause and quickly unpause it. It will clear the blockage. Repeat if it reoccurs. It’s a bandaid until devs figure it out. You don’t have to delete your menorah just pause it.
Two weeks of triage at this point — sharing what the open-issue cluster looks like and what operator-side defenses ship today.
Cluster shape (2026-05-18 → 2026-05-27): 25+ independent filings converging on the same signature — Opus 4.7 / 4.6 / 1M variants over-trigger on benign prompts; Sonnet variants are reportedly unaffected; languages span English, Russian, Polish, Spanish; domains span kernel security audits, biomedical research, FPGA waveform analysis, plain greetings. Non-deterministic on identical input. github-actions[bot] auto-flagged 3 duplicate chains, confirming intake-side recognition.
Reaction-leaders alongside this one: #62190 (10r, non-determinism + multilingual), #61056 (4r), #61638 (3r, over-triggering complaint), #61185 (2r, cyber false positive), #61889 (CVP-approved user still being blocked — signals the CVP path is not currently a workaround for this specific cluster).
The block surfaces as one of two stock strings:
API Error: ... violate our Usage Policy. This request triggered cyber-related safeguards.This request triggered safety guardrails. Rephrase your prompt or rewind to continue.Server-side resolution is not public as of 5/30. Pending upstream stabilization, here is the operator-side defense triple I just finished shipping in
cc-safe-setupover the past 3 days. All three are advisory-only and never block your session.Hook 1 —
aup-false-positive-helper.sh(5/28, PR #388 / #389, 16 tests). SessionStart hook. Opt-in viaCC_AUP_FALSE_POSITIVE_HELPER_REMIND=1. WhenANTHROPIC_MODELis pinned to an Opus variant, emits a one-time advisory naming the four operator-side workarounds (Sonnet swap, session warmup, CVP application, retry-on-identical-input).Hook 2 —
aup-block-pattern-logger.sh(5/29, PR #461, 23 tests). PostToolUse hook. On-by-default, silent unless a block is detected. Recognizes five distinct AUP block patterns (cyber-safeguards,safety-guardrails,rephrase-rewind,usage-policy,usage-policy-api) and appends a 5-field pipe-delimited line to~/.claude/aup-block-history.log(timestamp / model / tool / pattern kind / 120-char excerpt). No prompt content recorded. Builds the evidence trail for a CVP application and lets you watch classifier-shift over time.Hook 3 —
model-swap-suggester.sh(5/30, PR #480, 25 tests). SessionStart hook. Evidence-driven, not opt-in. Reads the Hook 2 log on session start, counts Opus blocks in the last 60 minutes (configurable), and emits a concreteexport ANTHROPIC_MODEL=claude-sonnet-4-7advisory only when the threshold is crossed (default 3 blocks). Silent in every other path — no noise if you have not actually been blocked.The three hooks compose: Hook 1 surfaces awareness on the first Opus session, Hook 2 accumulates evidence as blocks happen, Hook 3 acts on that evidence to recommend the swap at exactly the moment it matters.
Install (one-shot):
Then in
~/.claude/settings.json:Immediate operator-side escalation tiers (independent of any hook):
export ANTHROPIC_MODEL=claude-sonnet-4-7— 30-second mitigation, cluster signature points to an Opus-family-specific pathReference writeup with the four-path detail: https://gist.github.com/yurukusa/4fa4751044be45bd83345601ee79c2db (1,462 words).
Defenses are advisory only — the underlying classifier shift is server-side and only Anthropic can fix it. These hooks make the cluster visible, recoverable, and documentable while that work happens upstream.
how to do it ???? i don't saw anything that says pause memory in settings
<img width="1290" height="1665" alt="Image" src="https://github.com/user-attachments/assets/89315fa5-8984-48c4-9508-3b0597e55602" />
@7H35C4r3Cr0W lwky for claude code this doesnt work
+
There was a simple request that Claude himself suggested for implementation, but in the end your filter stopped it from working.
Turn off reference chats
Turn off generate memory
This worked for me.
I take this back. I turned off memory and i still have an overactive refusal for a new thread from previously generated topics. I reached out to as many people as I could think. Ive done all I could guys. Anything you can do to push this to anthropic will be beneficial to the community.
I am seeing the same class of false-positive block in Claude Code 2.1.156 / Opus on benign local development and log-review/session-continuation work, including the CVP/cyber-safeguards routing. I filed a separate sanitized UX/reporting-path issue here so these cases have one place to collect signal without posting private request IDs or logs publicly: #64287
The pattern looks broader than one prompt: routine local-dev activity can get classified as cyber-policy content, and the current support/CVP path does not give users a clear private false-positive review loop.
If "hi" triggers it, that alone should be a P0 — it's direct proof the classifier is firing on accumulated context/state rather than the actual message. That's the same mechanism that makes one genuine false-positive poison an entire session for the rest of us. Hard to imagine a clearer demonstration that the threshold is mis-tuned. (#63751, #64405)
not working on opus 4.8 (claude code v2.1.161), but working on sonnet 4.7
also working on other projects. And the strangest thing it works with the same model on the same project with the same claude code version but with a different account. Both have claude max 20
+1 here How to fix it by our end?
+1 It is unusable at the moment. A screenshot of three benign conversations with Claude, all running into API errors. I need to wait a couple of hours, then it starts to respond again. After a while, I get the API errors again.
<img width="1920" height="237" alt="Image" src="https://github.com/user-attachments/assets/dd2602b9-d0c7-4cd9-8c76-5ced1fb17649" />
Bumping so Anthropics devs pay attention to this
im changed acc - this error dissapear
It is completely unusable now. Ive been dealing with this for over two weeks, and nothing has improved
Bumping so Anthropics devs pay attention to this
just dont break rules on main acc guys
i have fixed it on new acc
+1
Yep, but you need to buy a new subscription each time when your account get flagged (sometimes for nothing)
It's not a real solution
+1
what kind of violation of what rules are we talking about? - about those who consider violations of anthropic, or their models? Obviously, accounts are not being checked manually by the anthropic support service.
anthropic themselves provided a summary of the banned accounts that violated their "rules of use" - (https://red.anthropic.com/2026/attack-navigator/) look carefully and study each of them, 50% of all these "reasons for blocking" are absurd and completely subjective, according to anthropiс, we cannot do "injection techniques" using their models, but what if the AGENT HIMSELF is in in thinking mode, he will get a hallucination and decide that you are doing a "malware" and not a simple "injection", most likely you will receive a flag on your account that will limit your work. I took injection as an example because it was marked by an anthropic as the most aggressive, there are a lot of accidents in their table, and this is absolutely unacceptable for cyber working with their agents, I still wonder how they think the Mythos agent will be used (with a price of $ 80 per 1 million tokens by media standards) if any job where he IS REQUIRED to be involved is in fact violating the agreement of the antropic themselves.
what we should do in this case is to use anthropic agents to develop website designs, or maybe to sort pdf documents, but for sure, if you look more closely at their table, that is, the % of accounts that were blocked for these actions haha
guys, that's not the solution but try to use opus 4.5 because this model doesnt have this flag detection , it came for model like opus 4.6 and + I noticed (but yeah we cannot use theirs 1M context models that's so annoying...)
<img width="1064" height="749" alt="Image" src="https://github.com/user-attachments/assets/79707bb8-db28-4f2c-ad13-fb608a98591a" />
great work anthropic
fable its rly dangerous and AI game change model XDDDD
Public Enemy Number one!
<img width="1395" height="1390" alt="Image" src="https://github.com/user-attachments/assets/1e121e2e-898a-442e-92e9-9383a76dfa7e" />
Hey guys, I heard through the grapevine that it would be a good idea to reapply for the CVP program and mention all the activities you need. It would be a good idea to also mention fable in the CVP application even if you are already approved so Fabel works for you. This is still pending on my side, but I just finished this. Hope it helps.
Appreciate the advice. Unfortunately, I’ve tried applying for CVP on multiple occasions and keep getting denied.
<img width="2339" height="1308" alt="Image" src="https://github.com/user-attachments/assets/01f66036-6d35-41dd-a755-80fc2d232b27" />
very good
<img width="722" height="343" alt="Image" src="https://github.com/user-attachments/assets/6af7ef69-1c1d-41eb-adcb-0de5e4ae86fa" />
Ridiculous...
Then promptly followed by this 😸
<img width="738" height="67" alt="Image" src="https://github.com/user-attachments/assets/88cfb5be-2c83-4e1b-9c3b-5a7bdae80334" />
its gotten worse sonnet sometimes also refuses especially on claude.ai for basic security questions not at all related to cyber safety