[Bug Report] Unable to process - no issue details provided
Bug Description
Environment Info
- Platform: darwin
- Terminal: Apple_Terminal
- Version: 2.1.172
- Feedback ID: dbfd4e33-2454-4120-81f3-6642fdb2e881
Errors
[]
Hello,
I'd like to report a false positive in Fable 5's safety measures that disrupts my workflow.
Context. I'm building a web application (FastAPI + PostgreSQL) and use Claude Code to write and review code. As a routine practice, I run adversarial reviews of my
own authorization and multi-tenancy code before merging to the main branch — this is standard defensive work to prevent access-control gaps between tenants (salons)
in my own product.
The problem. When the assistant framed the review task in security terms — "check for IDOR / horizontal access," "is SQL injection possible via the header,"
"privilege escalation," "how it's exploited" — the cybersecurity classifier triggered. I got this message:
▎ "Fable 5's safety measures flagged this message for cybersecurity or biology topics… Switched to Opus 4.8."
The session was forcibly switched from Fable 5 to Opus 4.8. It triggered again on a retry.
Why this is a false positive. This is not a request to break into someone else's system — it's a correctness review of the access-control code in my own application
before deployment, i.e. purely defensive work. The wording sounded "offensive" (pentest-style terminology), but the goal is entirely legitimate: find and close
vulnerabilities in my own code before they reach production.
Impact. A forced model switch mid-task breaks working context and forces me to reword requests "vaguely," avoiding standard security terminology (IDOR, injection,
privileges). This reduces review accuracy and ergonomics — I have to work around ordinary application-security terms.
Request. Please account for this class of false positives when refining the classifier: reviewing and auditing one's own code for defensive purposes (application
security, code review, finding vulnerabilities in your own project) is a legitimate and common development scenario that should not be flagged as a cybersecurity
threat or trigger a model switch.
I'm happy to provide more details or example prompts if that helps.
Thank you!
This issue has 2 comments on GitHub. Read the full discussion on GitHub ↗