[Bug] Anthropic API Error: False positive cyber content block on legitimate local security review
Bug Description
I am a paying Claude Code subscriber. I work on a LOCAL, private project and asked
Claude Code to run a security and performance review of MY OWN code. This is a
defensive, fully legitimate task — Claude Code even ships a built-in
/security-review command for exactly this purpose.
Instead, the session was killed mid-task with:
"API Error: Claude Code is unable to respond to this request, which appears to
violate our Usage Policy... This request triggered restrictions on violative
cyber content..."
Request ID: req_011Cbjev9K12MQPctjxZDVmg
Key problems:
- FALSE POSITIVE. I write no malware, no exploits, no offensive tooling. I review
my own local project for vulnerabilities — the exact workflow Anthropic itself
promotes for defensive security.
- TOKEN WASTE. Claude burns through a large amount of (paid) tokens doing the
review, and only then fails with the block. The work is lost, the tokens are
billed, the result is nothing. Worse: Claude sometimes writes insecure code
itself, then gets blocked while trying to FIX it.
- BROKEN APPEAL PATH. The official false-positive report form
(https://claude.com/form/cyber-block-false-positive-report-cvp-rejection-appeal)
does not load at all. There is no working way to appeal.
- KNOWN, WIDESPREAD ISSUE. This is extensively reported by other users in the
anthropics/claude-code issue tracker, e.g.:
- #60366 — typing "hi" triggers the block
- #62191 — typing a single "." triggers the block
- #43703 — security-related FILENAMES alone trigger it
- #61185 — even WRITING a markdown audit report (no execution) triggers it
- #63751, #64405, #61185 — one false positive poisons the ENTIRE session;
every subsequent message is blocked and the user pays for context rebuilds
- #61941 — defensive QA tests against the user's OWN localhost are blocked
- #61646, #61625, #61638 — classifier fires on technical vocabulary
(debugger, profiler, kill, ps aux, threat modeling) instead of intent
- #49679 — even a GRANTED Cyber Use Case Exemption does not propagate to
Claude Code
- also #61653, #61056, #59540, #57123, #50162, #46575
This makes the product unusable for anyone doing legitimate defensive security
work. Unless this is fixed — or at minimum the appeal form starts working and
tokens consumed by falsely blocked sessions stop being billed — I will have to
cancel my subscription, as will many others judging by the issue tracker.
Please: (a) review request req_011Cbjev9K12MQPctjxZDVmg as a false positive,
(b) fix the appeal form, (c) tune the classifier so that reviewing one's own
local code for vulnerabilities is not treated as "violative cyber content".
Environment Info
- Platform: linux
- Terminal: vte-based
- Version: 2.1.165
- Feedback ID: 8ac0e748-26f4-4527-aeb2-d3d02a7527e2
This issue has 6 comments on GitHub. Read the full discussion on GitHub ↗