[Bug] Anthropic API Error: False positive content policy violations on localhost development

Resolved 💬 4 comments Opened Jun 4, 2026 by steveAllen0112 Closed Jul 10, 2026

Preflight Checklist

  • [x] I have searched existing issues and this hasn't been reported yet (related class of issue noted below; this report documents new occurrences with Request IDs)
  • [x] This is a single bug report
  • [x] I am using the latest version of Claude Code (verify with claude --version before filing)

What's Wrong?

Claude Code blocked mid-session with a Usage Policy violation while running routine Playwright E2E tests (via the Playwright MCP server) against my own application on my own infrastructure — a quote/solution-configurator UI for a client project.

The blocked turn came immediately after a successful tool result, not after any user message. The tool call in question was a delete-button regression test: click a row's remove button, verify the DELETE request returns 200, confirm the row count drops from 3 to 2. Nothing in the session involves third-party sites, exploits, scraping, or sensitive data.

The blocked exchange

Last successful tool call (Playwright MCP — "Run Playwright code"):

await (async (page) => {
  const dialog = page.locator('dialog[is="solution-configurator"]');
  const items = dialog.locator('#solution-items');
  const before = await items.locator('> details.solution-item').count();
  const row = items.locator('> details.solution-item').nth(before - 1);

  const events = [];
  page.on('response', resp => {
    if (resp.request().method() === 'DELETE') events.push('DELETE ' + resp.status() + ' ' + resp.url().split('/items/')[1]);
  });

  await row.locator('button.remove').click();
  await page.waitForTimeout(2500);
  const after = await items.locator('> details.solution-item').count();
  const rows = await items.locator('> details.solution-item').evaluateAll(els =>
    els.map(e => ({ id: e.id.slice(-8), qty: e.querySelector('input[name="qty"]')?.value }))
  );
  return { before, after, events, rows };
})(page);

Tool result (success):

{
  "before": 3,
  "after": 2,
  "events": ["DELETE 200 a63206b1-e5be-4e30-9a94-1e47a2e650a4"],
  "rows": [
    { "id": "120ede09", "qty": "1" },
    { "id": "d994d07b", "qty": "1" }
  ]
}

Immediately followed by:

API Error: Claude Code is unable to respond to this request, which appears to
violate our Usage Policy (https://www.anthropic.com/legal/aup). Please double
press esc to edit your last message or start a new session for Claude Code to
assist with a different task.

Request ID: req_011CbiSkNMdzgunvQsvjkQS2

Why this is a false positive

This is a textbook E2E deletion test of an authenticated CRUD UI that I own. There is no offensive security content, no third-party targets, and no credentials in the blocked turn.

Suspected trigger

Surface-feature accumulation across a long browser-automation session, likely some combination of:

  • The Playwright MCP tool's own display name, "Run Playwright code (unsafe)" — the word "unsafe" appears repeatedly throughout the transcript by no choice of mine
  • Network response interception (page.on('response', ...))
  • Repeated HTTP DELETE operations with status codes and resource UUIDs in tool output

Because the block fired on the assistant's response turn after a tool_result, the suggested remediation ("edit your last message") does not address the trigger — the accumulated tool-call context does it, so the session is effectively dead.

Frequency / prior occurrence

This is the second occurrence in recent sessions, both during Playwright MCP work on the same project:

  • Earlier occurrence: req_011Cbgin9zQo9h59v9wMefT3
  • This occurrence (transcript above): req_011CbiSkNMdzgunvQsvjkQS2

Expected behavior

Routine E2E testing of the user's own application — including auth'd sessions, DOM interaction, and verification of CRUD network calls — should not trigger AUP blocks.

Actual behavior

Session blocked mid-task; workflow disrupted; recurring across sessions.

Environment

  • Platform: Linux (WSL2 on Windows)
  • Terminal: <fill in>
  • Claude Code version: <fill in — claude --version>
  • Model: <fill in — model selected at time of error>
  • MCP servers: Playwright MCP

Related issues (same class)

#16129, #8774, #61088 — repeated false-positive AUP blocks on benign development work.

View original on GitHub ↗

This issue has 4 comments on GitHub. Read the full discussion on GitHub ↗