False positive safety block on legitimate security audit tasks (Supabase RLS review, pnpm audit)

Resolved 💬 7 comments Opened May 31, 2026 by lancer-code Closed Jul 4, 2026

Summary

Claude Code is falsely triggering safety guardrails on legitimate, routine developer security tasks — specifically a Supabase RLS/tenant-isolation policy audit combined with pnpm audit. Both requests were blocked with the most severe policy error (Usage Policy violation + cyber-related safeguard), which is a significant false positive that breaks real security workflows.

---

What was being done

A standard full-stack security review consisting of:

  1. Reviewing recent database changes (RLS policies + tenant isolation) — checking ALTER-COLUMN migrations, SECURITY DEFINER grants, and RLS policies on Supabase are correctly scoped
  2. Running pnpm audit as a near-free bonus to surface React/npm CVEs
  3. Chunking 111 Supabase files down to the 39 that actually carry RLS/policy/SECURITY DEFINER grants so reviewers aren't wading through pure ALTER-ADD-COLUMN migrations

This is a defensive code review task — no destructive operations, no offensive tooling, no targeting of external systems.

---

What happened

Two consecutive requests were blocked:

Block 1:

"This request triggered safety guardrails." API Error: Claude Code is unable to respond to this request, which appears to violate our Usage Policy Request ID: req_011Cba67eEj9V3BezjspX5q1

Block 2 (escalated):

"This request triggered cyber-related safeguards. To request an adjustment pursuant to our Cyber Verification Program... API Error: Claude Code is unable to respond to this request, which appears to violate our Usage Policy`

The second block escalated to the Cyber Verification Program — a disproportionate response to auditing your own app's Supabase RLS policies.

---

Why this is a false positive

  • Task scoped to the user's own codebase (their own Supabase project)
  • pnpm audit is a read-only npm vulnerability scanner — it does not exploit anything
  • RLS/tenant-isolation review is a defensive security practice, not an attack
  • No SSH access, no external systems, no credential extraction
  • The thread title containing "death" was colloquial shorthand for "recent delta" — not a reference to anything harmful

---

Impact

  • Developers cannot run routine security reviews of their own database policies
  • Escalation to Cyber Verification Program is alarming and disproportionate for defensive code review
  • Breaks the exact workflow Claude Code is meant to help with

---

Screenshots

See attached image — shows both blocked requests with full error text including the Cyber Verification Program escalation.

---

Environment

  • Claude Code CLI
  • Model: Claude Sonnet 4.6
  • Task type: Defensive security code review (read-only, own codebase)
  • No offensive tooling involved

---

Expected behavior

Routine defensive security tasks on the user's own codebase (RLS policy review, pnpm audit, SECURITY DEFINER grant checks) should never trigger safety blocks, let alone Cyber Verification Program escalation. This is standard secure-development-lifecycle work.

View original on GitHub ↗

This issue has 7 comments on GitHub. Read the full discussion on GitHub ↗