[Bug] Cybersecurity classifier false positives during authorized security audits of own codebase

Resolved 💬 1 comment Opened Jun 11, 2026 by maximilianoscatamacchia Closed Jun 12, 2026

Bug Description
False positive: the cybersecurity safety classifier repeatedly flagged routine messages during a legitimate, authorized defensive security audit of our own AEM codebase (analysis of CSRF, SAML, and a content-visibility filter, reading our own source and our own production logs). No attack planning, no harmful content, no third-party targeting. Each flagged message forced a Fable 5 -> Opus 4.8 switch with a notice, which interrupted the workflow repeatedly across one session. Request: tune the classifier to reduce false positives in defensive security / code-audit contexts, or provide a way to declare an authorized defensive-security context so routine audit work is not reflagged. The attached transcript shows the flagged turns.

Environment Info

  • Platform: darwin
  • Terminal: iTerm.app
  • Version: 2.1.172
  • Feedback ID: b4900383-b6a1-4ddf-93b0-2af1193fed65

Errors

[]

View original on GitHub ↗

This issue has 1 comment on GitHub. Read the full discussion on GitHub ↗