CVP approved user being blocked on completely benign, non-security queries in fresh sessions on claude.ai (not Claude Code).
Preflight Checklist
- [x] I have searched existing issues and this hasn't been reported yet
- [x] This is a single bug report (please file separate reports for different bugs)
- [x] I am using the latest version of Claude Code
What's Wrong?
CVP approved user is being blocked on completely benign, non-security queries on claude.ai when using Opus 4.7. This is not just a Claude Code issue -- this is happening on claude.ai web and mobile.
Blocked query examples:
- Questions about cats
- How to buy DEF CON tickets
- Other general everyday questions unrelated
to security
Key details:
- These are fresh conversations with zero prior security context
- No security-related terms in the queries
- CVP approval is confirmed and org ID matches
- This started after the Opus 4.7 rollout on April 16th
- Sonnet 4.6 does not exhibit this behavior -- only Opus 4.7
- Thumbs-down feedback has been submitted repeatedly with no resolution
- False positive escalation form has been submitted with no response
This appears to be an account-level classifier issue, not session context bleed. Fresh sessions with no security content are still getting caught.
Related issues: #50162, #49679
What Should Happen?
CVP approved users should never be blocked on queries that have zero relation to cybersecurity.
Everyday questions about animals, events, travel, or anything non-security should pass through regardless of account classification. The AUP
classifier should evaluate the query itself, not apply a blanket restriction at the account level.
Error Messages/Logs
Steps to Reproduce
Steps to Reproduce:
- Have an active CVP approval on your account with a confirmed matching org ID
- Open claude.ai on web or mobile
- Start a brand new conversation -- no prior messages, no security context whatsoever
- Select Claude Opus 4.7 as the model
- Type a completely benign query with zero security relevance, examples used:
- "How do I buy tickets to DEF CON?"
- General questions about cats
- Submit the message
Expected Result:
Claude responds normally to the benign query
Actual Result:
Query is blocked with an AUP/Usage Policy violation error despite:
- Fresh session with no security context
- Query containing no security-related content
- Account having active CVP approval
Additional Notes:
- Switching to Sonnet 4.6 on the same account
does NOT reproduce the block -- Opus 4.7 specific
- Reproducible consistently across multiple fresh sessions
- Not a one-off -- happens repeatedly
- Happens on both web and mobile clients
- CVP exemption does not appear to be applied at the classifier level for Opus 4.7 on claude.ai, only seems to partially work via
API per issue #49679
Claude Model
Opus
Is this a regression?
Yes, this worked in a previous version
Last Working Version
_No response_
Claude Code Version
4.7
Platform
Anthropic API
Operating System
Windows
Terminal/Shell
Other
Additional Information
Additional Information:
Environment:
- Platform: claude.ai (web and mobile)
- Model: claude-opus-4-7
- Issue started: April 16, 2026 (Opus 4.7
launch date)
- Previous model claude-opus-4-6 did not
exhibit this behavior
CVP Status:
- Active CVP approval confirmed
- Org ID verified and matches approval
- Approval covers dual-use cybersecurity
activities per CVP terms
- False positive escalation form submitted
-- no response received
- Multiple thumbs-down reports submitted via claude.ai UI -- no resolution
Observed Classifier Behavior:
- Block occurs at account level, not query level
- Fresh sessions with zero security context reproduce the block consistently
- Queries containing no security terminology are being caught
- Suggests CVP exemption is not being applied to the Opus 4.7 classifier on claude.ai
Impact:
- Cannot use Opus 4.7 for any purpose -- including completely unrelated everyday tasks
- Forced to use Sonnet 4.6 as a workaround which is a degraded experience for complex tasks
- CVP approval is effectively useless on
Opus 4.7 via claude.ai
Related Issues:
- #50162 -- CVP too tightly wound, not working for approved users
- #49679 -- CVP exemptions not applying correctly via claude.ai
- #52809 -- Opus 4.7 false positive AUP blocks
- #49751 -- Opus 4.7 flagging legitimate non-security work as AUP violation
<img width="645" height="1398" alt="Image" src="https://github.com/user-attachments/assets/78dc8808-7560-4eed-a2c3-0495fd69f15b" />
<img width="645" height="1398" alt="Image" src="https://github.com/user-attachments/assets/10976d77-1222-4185-b545-55a3cdd8216f" />
41 Comments
This has been labeled invalid but the issue is real and affects claude.ai users, not just Claude Code. The Opus 4.7 AUP classifier is shared infrastructure between both products.
Filing here because there is no equivalent public issue tracker for claude.ai and this repo is the only public channel where Anthropic engineers are reachable.
Related issues filed here on the same classifier problem: #50162,#49679, #52809
This is not invalid -- it is a false positive on a CVP approved account affecting a paying customer on claude.ai.
Hi @7H35C4r3Cr0W
I've also passed the CVP, but continue to be rejected today, I switch to Sonnet 4.6 then it works fine, but Opus 4.7 cannot work totoally.
Agree totally. Opus 4.7 has turned into something completely useless for me. Sonnet still works. Super frustrating.
CVP actually worked for me, got near-zero AUP problems after submitting two CVP apps broadly covering offensive&defensive tooling and actions.
As of May 20, 2026 - AUP flags every prior chat. Something has either lifted with their CVP allowance, or hardened within their classifier.
Opus 4.7 is once again, not usable for most of my work.
how to solve being blocked on opus 4.7/4.8 if you’re in the CVP program
For anyone who is also going through the same issue.
Settings
Capabilities
Generate memory from chat history > pause memory> then immediately switch it back on
I'm also getting the Cyber block. When a PoC was generated with Sonnet no issues. Within that SAME thread I asked Opus 4.8 to reverify the PoC and got the Cyber block.
Update, the fix I mentioned previously no longer works. The only way to use opus 4.7/4.8 is via Claude code or a temp chat. This should be a p0. If anyone can reach out to anthropic that would be most helpful. This is a longstanding unresolved issue for CVP users.
Fui aceito anteriormente, hoje só consigo usar o sonnet... Alguém conseguiu novamente?
Bumping to continue visibility on this p0
Same situation still, didn't get any effective response from Claude team.
I’ve tried to even reach out on LinkedIn! Nothing
Having the same issues as of the last two days. I am hitting blocks with my current organization that is already approved, while attempting to produce defensive cyber threat intelligence reporting. And this only seems to be a recent issue, as of the last two days, and nothing substantial has changed on my end. I have been researching recent software supply chain attacks affecting the software development industry.
None of the requests asked Claude to produce, modify, or operationalize any offensive technique. Simply researching standard defensive CTI content — descriptions of malware behavior, indicators of compromise (C2 IPs/domains, file hashes), a MITRE ATT&CK technique mapping, and tiered defensive recommendations.
Example prompts (paraphrased):
(1) "You are a CISO advisor who has never heard of this campaign; read only this advisory file and judge whether it's a handoff-ready, commercial-grade threat-intelligence product."
(2) "You are an editorial QA reviewer in a defensive CTI practice; assess this advisory's readability and reader-orientation only — you are NOT analyzing or reproducing any offensive technique."
(3) “You are a research analyst assigned to collect, review, and understand threat information for the purpose of authoring threat intelligence reports."
The biggest problem is that now everything I do in Opus 4.8 is interpreted as prohibited. I sent a "hi" using the CLI in the default Linux folder and it blocked the activity. It's not worth paying for. GPT might be annoying with its answers about hacking, but it doesn't block other activities, and it's easier to get into the program.
lucky you i got CVP approved weeks ago then after using OPUS 4.8 GOT my account suspended.. it seems that the automated false positive doesn't take into consideration the CVP approval and the support is not working also...
It's not the best experience as this is not good for work it's disrupting work especially when you have got tasks to do with Claude
What can we do to get Anthropics attention ?
DIGITAL MEDIA CAMPAIGN ?
Can anyone reach out to cyber sec influencers on this?
I also just got my account suspended today after messing around with 4.8 after it kept blocking my requests CVE requests and switched down to 4.7 to work on a mod loader and got logged out with the "account indicates a violation of our Usage Policy for cyber harm. As a result, we have revoked your access to Claude." with 10 days now before it supposedly gets reviewed.
Even on twitter it seems a lot of people got banned within last few hours even while having CVP applied.
*I also had CVP for quite awhile
This is terrible to hear. Unfortunately, their support team seems to be backlogged (or auto filtering) I never heard back on an appeal from almost a year ago now.
It seems 4.7 with CVP approval is now looser with AUP flags, while 4.8 remains tight. I can't even get 4.8 to analyze threats.
Seems like a ban wave is going out, or there’s some new flagging system, and it’s not taking CVP status into account at all.
I logged in, made coffee, and came back to my account being logged out with the account_banned toast notification. The email was sent saying they suspected the account of cyber harm. I haven’t actually used Claude for more than maybe a dozen prompts over the last three weeks, besides testing out 4.8 max.
When reversing our anti-cheat to improve it and didn’t have any issues with 4.7 while testing against it. When trying with 4.8, it also gave us those CVP block messages in the same chat, or holier-than-thou responses instead, and refused to do anything even with CVP approval.
Let’s try to keep this thread as alive as possible. Send this to as many people as you can. Through numbers, we can make change.
It's ridiculous how they're getting more bad at support and making their real contributors go away from using CLAUDE
Bump until anthropic fixes this
Lol i made lots of complains no answer till far but i found out that they refunded the Max 20 $200...
I dont get it to be honest it seems that it's a mess a real mess
Having the same issue, it made my weekend so bad
I would assume they are adding guard-rails for Mythos so this is being phased out or blocked to allow it for there more expensive models $$$$$ 🗡️ as CVP would not need to be used with Mythos as its built on finding security flaws. !
Yikes! Public enemy number one!
<img width="1395" height="1390" alt="Image" src="https://github.com/user-attachments/assets/683ea00b-48b6-4e50-8bc6-928ea91865e5" />
Lol that's hilarious to be honest...
You know the funny thing is that they responded couple of days ago with a link for a form but the link doesn't work as instructed...Have showed it to their customer support but most probably they're gonna reply again after 2 weeks on something
I submitted at least 50 forms at this point
I'm pretty sure this is an open issue with a lot of people and I think they are forcing re- scope with fable/mythos.
Claude seems genuinely ignorant now to the entire program and mine is just actively refusing everything, not even able to get a flagged response.. so I clearly gotta report this and get it figured out.
I should absolutely have active CVP still..just waiting for the response from support...
What a headache. I wonder how many people had the day off today due to this.. lol..
Exactly the same situation for me, despite being a CVP verified. Even Sonnet refuses help with ciphers implementations....
Hey guys, I heard through the grapevine that it would be a good idea to reapply for the CVP program and mention all the activities you need. It would be a good idea to also mention fable in the CVP application even if you are already approved so Fabel works for you. This is still pending on my side, but I just finished this. Hope it helps.
for reference, Haiku is able to understand that there are issues and bypasses its model refusal. Opus 4.7 did as well but also started making unauthorized tool calls. its a strange day out there folks. hopefully they get this sorted out and we don't all need to re-apply for the CVP program for a wider scope.
<img width="1660" height="1842" alt="Image" src="https://github.com/user-attachments/assets/7b6903cd-52ef-4e21-95d7-8bb0f0f6bedd" />
i'm tired
Did you get a response yet? Get access back? I'm still getting denials 48+ hours after patch and did not re-apply to the CVP program yet. I would expect if they update the program, they would likely communicate if they are changing access or restricting it to require a further scope definition.
Didn’t work. I noticed that if I back out of a session that restricted me from using fable in Claude code and logged back in it worked 50/50.
Adding a controlled reproduction of the same root cause: a CVP-approved org blocked at 0 output tokens on authorized defensive-security work in Claude Code, where the identical task on a Sonnet-tier model completes but Fable 5 is blocked after the model has already engaged. Full repro + request IDs (so the team can trace the exact classifier decisions):
https://github.com/anthropics/claude-code/issues/67966
I'm experiencing the same issue: enrolled in the CVP and getting blocked on a project that is cybersecurity related with Opus 4.8. Dropping down to 4.7 unlocked my requests, so I suggest to do the same if using a lower model does not bother you. For my use case which does not involve Claude directly writing code but only researching/reviewing, it's fine, but I'd like to know more from Anthropic.
For the sake of it I re-applied to the CVP and explained the use case within my pet project as well, which I may have forgot to state in my first application. Hopefully the situation will resolve itself at some point allowing me to use the latest iteration of Opus.
P.S: Didn't even ask Opus such a big of a question, just a recap of the project's workflow (how to compile, how to run, flags and whatnot) and I got blocked.
Having this problem right now!
literally unuseable for any cyber tasks.