[Bug] Claude Fable 5 classifier false positive on standard refactoring commands with security-unrelated terminology
Bug Description
False positive — Claude Fable 5 classifier triggered on routine codebase refactoring
Session context: reviewing and refactoring a fintech platform codebase (BIPCircle, a multi-tenant stablecoin payment rail). No security research, no vulnerability analysis, no exploit development.
Trigger: a shell command running grep against a .refactor-manifest.json file, followed by a Python one-liner parsing that same JSON file with json.load(). Both commands were purely reading a refactoring manifest to understand code territory ownership during a planned refactor.
Expected behaviour: Fable 5 continues the session normally.
Actual behaviour: Fable 5 flagged the message for cybersecurity topics and fell back to Opus 4.8 mid-session.
There is no security content in this session. The commands are standard code navigation tools used during a refactoring workflow. The word "invariants" appears in the grep path (api/test/invariants) which may have triggered the classifier — if so, this is a significant false positive risk for any codebase using standard software engineering terminology.
Impact: mid-session capability drop from Fable to Opus during a complex architectural refactoring decision, without warning until after the fallback occurred.
Environment Info
- Platform: darwin
- Terminal: Apple_Terminal
- Version: 2.1.170
- Feedback ID: eb425326-a0c4-4f92-b7de-62c669a840ff
Errors
[]This issue has 1 comment on GitHub. Read the full discussion on GitHub ↗