[Bug] Safety classifier false positives on defensive security engineering and governance work

Open 💬 0 comments Opened Jun 12, 2026 by kouzze01

Bug Description
Feedback: Fable 5 safety auto-switch — false positives on defensive-security / governance work

Fable 5's safety filter repeatedly flags my sessions as "cybersecurity" and auto-switches to Opus 4.8
mid-task, on content that is defensive and governance-oriented, not offensive.

My work is a non-predictive trading + AI-governance system. The flagged messages routinely involve:
fail-closed security gates, capability/authority boundaries, code review of an approval workflow, append-only
audit ledgers, and "deny live-trading / deny money-path" safety rules. This is defensive engineering and
operational governance — building guardrails, not exploits, malware, or attacks.

The classifier appears to trigger on vocabulary alone (words like "authority bypass", "fail-open", "capability
gate", "exploit a guard in review") without distinguishing defensive review from offensive intent. The
switches happen several times per session and interrupt long multi-step technical work, since context and
momentum are lost at each silent model swap.

Request: please tune the cybersecurity classifier to better separate defensive security / security review /
safety-gate engineering from offensive cyber-operations. Happy to share concrete flagged examples if useful.

Environment Info

  • Platform: darwin
  • Terminal: Apple_Terminal
  • Version: 2.1.170
  • Feedback ID: 11ca65b7-f360-46d1-9dec-8bb61a2072b2

Errors

[]

View original on GitHub ↗