[Bug] Fable 5 safety classifier false-positive on benign crypto/backend dev context with security-adjacent vocabulary
Bug Description
Subject: Fable 5 safety classifier false-positive on a crypto-trading-bot dev session
The Fable 5 cyber/bio safety pre-screen flagged a routine software-engineering session and auto-switched me to Opus 4.8. The work
was a Django cryptocurrency trading bot — no security tooling, no exploit/malware work, no biology. Nothing in my actual prompt
was security-related.
The likely triggers are benign, security-adjacent vocabulary present in the project context and in Claude Code's own injected
environment, not in my request:
- My codebase context legitimately contains: AES-256-GCM encrypted credential storage, bearer tokens, RBAC roles, audit logs, a
file-vault "executable rejection" feature that inspects magic bytes (ELF/Mach-O/PE/shebang), "watchdog", "circuit breaker", and
"kill" (background processes).
- Claude Code's own boilerplate injected into context includes the standard security-policy text with phrases like "exploit
development," "credential testing," and "C2 frameworks." This appears in every session regardless of task and seems like a strong
contributor to the false positive.
Impact: unexpected mid-session model switch with no task-relevant cause. The fallback worked gracefully (no hard refusal), but the
flag itself was wrong.
Requests:
- Reduce false positives where security-adjacent vocabulary appears in benign dev contexts (encryption, auth, vaults are everyday
backend work).
- Consider excluding Claude Code's own injected system/agent boilerplate from the classifier's input, since it contains dual-use
security terms in every session.
Environment Info
- Platform: darwin
- Terminal: Apple_Terminal
- Version: 2.1.170
- Feedback ID: 32fcf045-dda0-4f0e-9970-9cd74d4c1f27
Errors
[]This issue has 2 comments on GitHub. Read the full discussion on GitHub ↗