[Bug] Fable 5 cybersecurity classifier produces false positives on legitimate infrastructure administration and PDF processing tasks
Bug Description
Repeated false positives from the Fable 5 cybersecurity classifier within a single legitimate development session.
I'm building an invoice-processing project. Over one session the classifier flagged my messages twice and auto-switched from Fable 5 to Opus 4.8 both times. Neither message was about offensive security:
The first was routine self-administration of my own servers — verifying network isolation between my dev and prod boxes (SSH into machines I own, checking my own iptables rules, confirming DROP rules block dev→prod, testing the proxy path). It looks like reconnaissance in form, but it's me verifying my own firewall works as intended, not probing third-party systems.
The second had nothing to do with security at all — it was a technical comparison of pdfplumber vs pdftotext for extracting text from PDF invoices: word coordinates, line grouping, table reconstruction. The only plausible triggers I can see are (a) document-processing vocabulary that overlaps with prompt-injection terminology (discussion of verifying the model didn't hallucinate a value, avoiding "field is top-right" prompt patterns) and (b) the session being already flagged from the earlier infrastructure work, raising sensitivity for everything after.
The auto-switch preserved my context and task both times, which is the right fallback. But the second flag suggests the whole session got marked "sensitive" and then nudged benign follow-up messages over the threshold. It would help if the classifier distinguished self-administration of one's own infrastructure from third-party reconnaissance, and didn't let earlier flags inflate sensitivity for clearly unrelated, benign topics like PDF text extraction later in the same session.
Environment Info
- Platform: darwin
- Terminal: vscode
- Version: 2.1.170
- Feedback ID: 4794de4e-2fae-4e2d-8d07-32493a82b966
Errors
[]This issue has 1 comment on GitHub. Read the full discussion on GitHub ↗