[SYS-087] Fable 5 safety classifier false-positive on network/socket terminology forces mid-session model switch to Opus 4.8
Summary
During a Fable 5 session, the safety classifier fired on content describing connectivity recovery steps for a data feed service. The content contained: named port numbers, socket connection terminology, port-accept check, reconnect machinery, and health-probe language. The classifier labeled this "cybersecurity or biology topics" and force-switched the session to Opus 4.8 mid-task — without user consent or any option to override inline.
Classifier message verbatim:
Fable 5's safety measures flagged this message for cybersecurity or biology topics. They may flag safe, normal content as well. These measures let us bring you Mythos-level capability in other areas sooner, and we're working to refine them. Switched to Ops 4.8.
What triggered it
The content was entirely benign infrastructure prose:
- Port number references (e.g. lookup/historical port 9100, streaming port 5009, admin port 9300)
- Socket terminology: "port won't open," "port-accept check," "connection refused"
- Service health probe language: reconnect machinery, lookup-client reconnect, health probe + auto-bounce
- Standard ops language: restart latency, watchdog, preflight checks
No exploit code. No network attack description. No biology content. This is the normal vocabulary of any data-feed client, database connector, or system monitoring agent.
Impact
- Mid-session model downgrade from Fable 5 to Opus 4.8 — user loses Fable-tier reasoning without consent for all remaining work in the session.
- Silent degradation in autonomous context — in an unattended overnight agent run, there is no human to notice the downgrade. The session continues at Opus 4.8 quality with no page, no hard stop, no retry option.
- Ubiquitous trigger vocabulary — port numbers, socket health checks, reconnect logic, and watchdog patterns appear in any ops, data engineering, system monitoring, or DevOps content. This is not edge-case vocabulary.
Expected behavior
The safety classifier should distinguish between:
- Actual cybersecurity content: exploit code, attack methodologies, vulnerability scanning scripts, network infiltration
- Normal ops/infrastructure vocabulary: port numbers in a service config context, socket reconnect logic, health probes, watchdog restart patterns
Triggering on the latter is a false positive that actively harms legitimate engineering workflows.
Request
- Tighten the classifier scope to actual attack/exploit patterns, not networking vocabulary
- If a false-positive switch must happen, provide an inline or option so the user can restore the session model without restarting
- In autonomous agent context (unattended run), a forced model switch should page the operator rather than silently continue at a lower tier
Related
- SYS-086 / #67199 — Fable 5 gate-skip failure class (separate issue, same session, same day)
This issue has 3 comments on GitHub. Read the full discussion on GitHub ↗