[Bug] Anthropic API Error: False positive content policy violations on localhost development
Preflight Checklist
- [x] I have searched existing issues and this hasn't been reported yet (related class of issue noted below; this report documents new occurrences with Request IDs)
- [x] This is a single bug report
- [x] I am using the latest version of Claude Code (verify with
claude --versionbefore filing)
What's Wrong?
Claude Code blocked mid-session with a Usage Policy violation while running routine Playwright E2E tests (via the Playwright MCP server) against my own application on my own infrastructure — a quote/solution-configurator UI for a client project.
The blocked turn came immediately after a successful tool result, not after any user message. The tool call in question was a delete-button regression test: click a row's remove button, verify the DELETE request returns 200, confirm the row count drops from 3 to 2. Nothing in the session involves third-party sites, exploits, scraping, or sensitive data.
The blocked exchange
Last successful tool call (Playwright MCP — "Run Playwright code"):
await (async (page) => {
const dialog = page.locator('dialog[is="solution-configurator"]');
const items = dialog.locator('#solution-items');
const before = await items.locator('> details.solution-item').count();
const row = items.locator('> details.solution-item').nth(before - 1);
const events = [];
page.on('response', resp => {
if (resp.request().method() === 'DELETE') events.push('DELETE ' + resp.status() + ' ' + resp.url().split('/items/')[1]);
});
await row.locator('button.remove').click();
await page.waitForTimeout(2500);
const after = await items.locator('> details.solution-item').count();
const rows = await items.locator('> details.solution-item').evaluateAll(els =>
els.map(e => ({ id: e.id.slice(-8), qty: e.querySelector('input[name="qty"]')?.value }))
);
return { before, after, events, rows };
})(page);
Tool result (success):
{
"before": 3,
"after": 2,
"events": ["DELETE 200 a63206b1-e5be-4e30-9a94-1e47a2e650a4"],
"rows": [
{ "id": "120ede09", "qty": "1" },
{ "id": "d994d07b", "qty": "1" }
]
}
Immediately followed by:
API Error: Claude Code is unable to respond to this request, which appears to
violate our Usage Policy (https://www.anthropic.com/legal/aup). Please double
press esc to edit your last message or start a new session for Claude Code to
assist with a different task.
Request ID: req_011CbiSkNMdzgunvQsvjkQS2
Why this is a false positive
This is a textbook E2E deletion test of an authenticated CRUD UI that I own. There is no offensive security content, no third-party targets, and no credentials in the blocked turn.
Suspected trigger
Surface-feature accumulation across a long browser-automation session, likely some combination of:
- The Playwright MCP tool's own display name, "Run Playwright code (unsafe)" — the word "unsafe" appears repeatedly throughout the transcript by no choice of mine
- Network response interception (
page.on('response', ...)) - Repeated HTTP
DELETEoperations with status codes and resource UUIDs in tool output
Because the block fired on the assistant's response turn after a tool_result, the suggested remediation ("edit your last message") does not address the trigger — the accumulated tool-call context does it, so the session is effectively dead.
Frequency / prior occurrence
This is the second occurrence in recent sessions, both during Playwright MCP work on the same project:
- Earlier occurrence:
req_011Cbgin9zQo9h59v9wMefT3 - This occurrence (transcript above):
req_011CbiSkNMdzgunvQsvjkQS2
Expected behavior
Routine E2E testing of the user's own application — including auth'd sessions, DOM interaction, and verification of CRUD network calls — should not trigger AUP blocks.
Actual behavior
Session blocked mid-task; workflow disrupted; recurring across sessions.
Environment
- Platform: Linux (WSL2 on Windows)
- Terminal: <fill in>
- Claude Code version: <fill in —
claude --version> - Model: <fill in — model selected at time of error>
- MCP servers: Playwright MCP
Related issues (same class)
#16129, #8774, #61088 — repeated false-positive AUP blocks on benign development work.
This issue has 4 comments on GitHub. Read the full discussion on GitHub ↗