[SYS-087] Fable 5 safety classifier false-positive on network/socket terminology forces mid-session model switch to Opus 4.8

Resolved 💬 3 comments Opened Jun 12, 2026 by ThatDragonOverThere Closed Jun 16, 2026

Summary

During a Fable 5 session, the safety classifier fired on content describing connectivity recovery steps for a data feed service. The content contained: named port numbers, socket connection terminology, port-accept check, reconnect machinery, and health-probe language. The classifier labeled this "cybersecurity or biology topics" and force-switched the session to Opus 4.8 mid-task — without user consent or any option to override inline.

Classifier message verbatim:

Fable 5's safety measures flagged this message for cybersecurity or biology topics. They may flag safe, normal content as well. These measures let us bring you Mythos-level capability in other areas sooner, and we're working to refine them. Switched to Ops 4.8.

What triggered it

The content was entirely benign infrastructure prose:

  • Port number references (e.g. lookup/historical port 9100, streaming port 5009, admin port 9300)
  • Socket terminology: "port won't open," "port-accept check," "connection refused"
  • Service health probe language: reconnect machinery, lookup-client reconnect, health probe + auto-bounce
  • Standard ops language: restart latency, watchdog, preflight checks

No exploit code. No network attack description. No biology content. This is the normal vocabulary of any data-feed client, database connector, or system monitoring agent.

Impact

  1. Mid-session model downgrade from Fable 5 to Opus 4.8 — user loses Fable-tier reasoning without consent for all remaining work in the session.
  2. Silent degradation in autonomous context — in an unattended overnight agent run, there is no human to notice the downgrade. The session continues at Opus 4.8 quality with no page, no hard stop, no retry option.
  3. Ubiquitous trigger vocabulary — port numbers, socket health checks, reconnect logic, and watchdog patterns appear in any ops, data engineering, system monitoring, or DevOps content. This is not edge-case vocabulary.

Expected behavior

The safety classifier should distinguish between:

  • Actual cybersecurity content: exploit code, attack methodologies, vulnerability scanning scripts, network infiltration
  • Normal ops/infrastructure vocabulary: port numbers in a service config context, socket reconnect logic, health probes, watchdog restart patterns

Triggering on the latter is a false positive that actively harms legitimate engineering workflows.

Request

  1. Tighten the classifier scope to actual attack/exploit patterns, not networking vocabulary
  2. If a false-positive switch must happen, provide an inline or option so the user can restore the session model without restarting
  3. In autonomous agent context (unattended run), a forced model switch should page the operator rather than silently continue at a lower tier

Related

  • SYS-086 / #67199 — Fable 5 gate-skip failure class (separate issue, same session, same day)

View original on GitHub ↗

This issue has 3 comments on GitHub. Read the full discussion on GitHub ↗