[Bug] Fable 5 model_refusal_fallback classifier false-positives on defensive DevOps infrastructure work
Bug Description
Subject: Fable 5 dual-use/cybersecurity classifier false-positives on routine defensive DevOps — forces Opus fallback repeatedly
The Fable 5 model_refusal_fallback classifier is misclassifying ordinary, legitimate infrastructure work as dangerous cybersecurity content and silently downgrading the session to Opus 4.8. Three instances in two days on a hosting-platform
codebase, all defensive:
1. Editing a Laravel Fortify password-confirmation throttle (rate-limiting / 429 handling) → flagged explicitly under "cybersecurity."
2. Committing a CSF firewall fast-path + bad-bot-blocking docs → flagged.
3. Reading a DirectAdmin admin plugin that manages PHP versions, wp-cli, and firewall allow-lists → flagged.
None of this is dual-use offensive security. It's a sysadmin defending their own servers. For users whose actual job is infrastructure/security operations, this classifier makes Fable 5 unusable — every firewall or auth change triggers a
downgrade. The false-positive rate on defensive-security topics needs to come way down, and at minimum the fallback should be opt-out for authenticated operational use. This is not acceptable as shipped.
Environment Info
- Platform: darwin
- Terminal: phpstorm
- Version: 2.1.173
- Feedback ID: f2411eef-ff7b-4690-a43f-d7f02e90262a
Errors
[]This issue has 2 comments on GitHub. Read the full discussion on GitHub ↗