[Bug] Fable 5 safety classifier false-positive on benign crypto/backend dev context with security-adjacent vocabulary

Resolved 💬 2 comments Opened Jun 10, 2026 by oracleseed Closed Jun 14, 2026

Bug Description
Subject: Fable 5 safety classifier false-positive on a crypto-trading-bot dev session

The Fable 5 cyber/bio safety pre-screen flagged a routine software-engineering session and auto-switched me to Opus 4.8. The work
was a Django cryptocurrency trading bot — no security tooling, no exploit/malware work, no biology. Nothing in my actual prompt
was security-related.

The likely triggers are benign, security-adjacent vocabulary present in the project context and in Claude Code's own injected
environment, not in my request:

  • My codebase context legitimately contains: AES-256-GCM encrypted credential storage, bearer tokens, RBAC roles, audit logs, a

file-vault "executable rejection" feature that inspects magic bytes (ELF/Mach-O/PE/shebang), "watchdog", "circuit breaker", and
"kill" (background processes).

  • Claude Code's own boilerplate injected into context includes the standard security-policy text with phrases like "exploit

development," "credential testing," and "C2 frameworks." This appears in every session regardless of task and seems like a strong
contributor to the false positive.

Impact: unexpected mid-session model switch with no task-relevant cause. The fallback worked gracefully (no hard refusal), but the
flag itself was wrong.

Requests:

  1. Reduce false positives where security-adjacent vocabulary appears in benign dev contexts (encryption, auth, vaults are everyday

backend work).

  1. Consider excluding Claude Code's own injected system/agent boilerplate from the classifier's input, since it contains dual-use

security terms in every session.

Environment Info

  • Platform: darwin
  • Terminal: Apple_Terminal
  • Version: 2.1.170
  • Feedback ID: 32fcf045-dda0-4f0e-9970-9cd74d4c1f27

Errors

[]

View original on GitHub ↗

This issue has 2 comments on GitHub. Read the full discussion on GitHub ↗