[Bug] AUP Classifier False Positives on Legitimate RMM/Remote Desktop Vocabulary

Resolved 💬 3 comments Opened Jun 6, 2026 by Rangizingo Closed Jul 12, 2026

Bug Description
I'm building a commercial IT management platform (Blanco IT Solutions) with Claude Code. Project includes a custom RMM agent with remote desktop/screen control (like TeamViewer/ConnectWise ScreenConnect), deployed to real business clients. Project is 70+ sessions old, months of continuous development. The AUP classifier intermittently blocks requests with "unable to respond to this request, which appears to violate our Usage Policy." This is a false positive triggered by legitimate RMM/remote-control vocabulary in context: screen capture, remote input, unattended access, credential sync, agent fleet management, ICE/WebRTC signaling, command channels. This is standard IT management software vocabulary identical to ConnectWise, Datto, NinjaRMM, and every other RMM vendor. The classifier appears to pattern-match these terms against malware/RAT signatures. The block is intermittent and probabilistic. Retrying or /clear (reducing context size) often resolves it. Longer context windows with more accumulated RC-related discussion increase trip frequency. Impact: Blocks paid development work mid-session. No workaround besides retry/clear/rephrase. Particularly bad during remote-control feature sprints where every prompt contains trigger vocabulary. Reproduction: Work on WebRTC-based remote desktop code with terms like "screen capture," "unattended lock-screen access," "keystroke forwarding," "agent command channel," "credential cache" in context.

Environment Info

  • Platform: darwin
  • Terminal: iTerm.app
  • Version: 2.1.161
  • Feedback ID: 3b6e1b4f-8f88-45e4-8572-e271b2a96761

Errors

[]

View original on GitHub ↗

This issue has 3 comments on GitHub. Read the full discussion on GitHub ↗