[Bug] Overly aggressive cybersecurity content filter flags legitimate defensive security work
Bug Description
❯ A legitimate defensive security task got flagged as a cybersecurity topic and switched the model from
Fable 5 to Opus 4.8. The work was a refactoring of an internal academy-management web app:
server-side data fetching, RLS, authentication guards, rate-limiting, and PII protection — all
defensive.
Likely triggers were defensive-context terms such as "brute-force protection", "SQL injection
vulnerability report", "open redirect prevention", "timingSafeEqual", and "attackers vs defenders" (a
red-team/blue-team review framing). This is a false positive — no offensive or harmful intent.
Please refine so defensive security work isn't interrupted.
Environment Info
- Platform: darwin
- Terminal: Apple_Terminal
- Version: 2.1.172
- Feedback ID: bae9627c-f0aa-4c82-838f-177eb29167f2
Errors
[]This issue has 2 comments on GitHub. Read the full discussion on GitHub ↗