[Tracking] Classifier false-positives on authorized admin of the reporter's own infrastructure — 82 Request IDs
Pattern: Claude Code classifiers false-positive on authorized administration of the reporter's OWN infrastructure
_Auto-generated by ClAudit from 108 filed reports · 82 distinct Request IDs · PII-scrubbed · refreshed automatically._
Root cause (one sentence)
The safety / Usage-Policy / auto-mode classifiers cannot distinguish administering systems you own and are authorized to operate from attacking someone else's — so they pattern-match on security terminology and block legitimate, in-scope work.
Every block below stopped authorized work on the reporter's own infrastructure. Each Request ID is server-side-lookup-able — the original prompt can be inspected to confirm it was benign and in-scope. This is one underlying defect surfaced across many surfaces; it is tracked here in one place rather than closed piecemeal as 'duplicates'.
Breakdown by failure mode
| Kind | Reports | Request IDs | What gets flagged |
|---|---:|---:|---|
| harness | 46 | 0 | The auto-mode classifier denied authorized actions on the reporter's own systems (reading a credential from one's own vault, provisioning one's own host, etc.). |
| cyber | 37 | 48 | In-scope security / administration work pattern-matched on cybersecurity terminology (audit, recovery token, IAM, bypass, credential) with no harmful intent. |
| aup | 25 | 34 | Ordinary, authorized requests flagged as Usage-Policy violations. |
Auto-mode-classifier (harness) denials
The auto-mode classifier denied authorized actions on the reporter's own systems (reading a credential from one's own vault, provisioning one's own host, etc.).
- #70771 — _(no Request ID captured)_
- #70772 — _(no Request ID captured)_
- #70773 — _(no Request ID captured)_
- #70783 — _(no Request ID captured)_
- #70785 — _(no Request ID captured)_
- #70786 — _(no Request ID captured)_
- #70787 — _(no Request ID captured)_
- #70792 — _(no Request ID captured)_
- #70798 — _(no Request ID captured)_
- #70799 — _(no Request ID captured)_
- #70800 — _(no Request ID captured)_
- #70801 — _(no Request ID captured)_
- #70802 — _(no Request ID captured)_
- #70803 — _(no Request ID captured)_
- #70804 — _(no Request ID captured)_
- #70809 — _(no Request ID captured)_
- #70820 — _(no Request ID captured)_
- #70826 — _(no Request ID captured)_
- #70827 — _(no Request ID captured)_
- #70837 — _(no Request ID captured)_
- #70839 — _(no Request ID captured)_
- #70843 — _(no Request ID captured)_
- #70845 — _(no Request ID captured)_
- #70850 — _(no Request ID captured)_
- #70854 — _(no Request ID captured)_
- #70856 — _(no Request ID captured)_
- #70859 — _(no Request ID captured)_
- #70860 — _(no Request ID captured)_
- #70861 — _(no Request ID captured)_
- #70862 — _(no Request ID captured)_
- #70864 — _(no Request ID captured)_
- #70865 — _(no Request ID captured)_
- #70867 — _(no Request ID captured)_
- #70868 — _(no Request ID captured)_
- #70869 — _(no Request ID captured)_
- #70871 — _(no Request ID captured)_
- #70872 — _(no Request ID captured)_
- #70874 — _(no Request ID captured)_
- #70875 — _(no Request ID captured)_
- #70877 — _(no Request ID captured)_
- #70878 — _(no Request ID captured)_
- #70879 — _(no Request ID captured)_
- #70880 — _(no Request ID captured)_
- #70884 — _(no Request ID captured)_
- #70887 — _(no Request ID captured)_
- #70889 — _(no Request ID captured)_
Cybersecurity safety-filter false positives
In-scope security / administration work pattern-matched on cybersecurity terminology (audit, recovery token, IAM, bypass, credential) with no harmful intent.
- #70766 —
req_011CcPXU99RrNCYsxA9uV8DE,req_011CcPYUxj1q6NcaqBxDcwd8 - #70769 —
req_011CcPVTraYfpbfd6widFSAQ,req_011CcPWA21CaRYbxpws38HyD - #70774 —
req_011CcPUsR9e9UrnE4YfYZJLA - #70775 —
req_011CcPUgf3WAPFVuFnZJ8Uxc - #70776 —
req_011CcPUdtUZY7BcBdSUrQdXE - #70777 —
req_011CcPUC5bp3kvbvBpA2EbJW - #70788 —
req_011CcPS6LFjCBShF3Xnr6cH9 - #70791 —
req_011CcPcSDfZpmh6T4DZ3A9b5 - #70794 —
req_011CcPQ5RoLW8Wg5HxSREkBE - #70795 —
req_011CcPQ3KbDroW7QoqCcy8Q7 - #70796 —
req_011CcPPtHJ4XTPBejQeAEut7 - #70807 —
req_011CcPLNccEEEAFdsqYEDWaR,req_011CcPLUhfkFnbm6riDfaUyS - #70810 —
req_011CcPLDzeYDff7v5Xc5r7tt - #70811 —
req_011CcPKyX1EgzbWgarVyTH5d,req_011CcPL8dVfbJY8FT6drDsEj,req_011CcPLCU4jxqgpe58yBLAah - #70812 —
req_011CcPL9GzQP6QH4TUpoZkXu - #70813 —
req_011CcPL95S8HbEbzqnL6PBK3 - #70814 —
req_011CcPL8vHDW4p26GuKBHsji - #70815 —
req_011CcPL22bXVcMfDDfnLRmys - #70816 —
req_011CcPKmrRhg2neh7dioyAdu - #70818 —
req_011CcPKjB1Zm8zZe541NDjZW - #70821 —
req_011CcPfKEWKcTEycj5LWs7DG - #70823 —
req_011CcCepiTEkxSuqMtYz6Wue,req_011CcPKLYdgtX58sLLWMtJir - #70824 —
req_011CcPK7qhVF6zoCygQv6LWY - #70828 —
req_011CcPJBZk3cWahVf2aYsshi - #70829 —
req_011CcPJArTbepdvraQ4bBuAr - #70831 —
req_011CcPJ5PjNCtFZDjMvawBFB - #70832 —
req_011CcPJ1k5NUbeRJFT7FuGK6 - #70833 —
req_011CcPHrNhFQUoaLV3BSt44u - #70836 —
req_011CcPHe6Bybcr7KB5Ad4DgU - #70841 —
req_011CcPHa7oMYQ16JAGZ7NYTb - #70844 —
req_011CcCJ547coZQf8eHXmFmJF,req_011CcCJNpxbvWs7bEiN5BSF7,req_011CcG5GQPpRyFoiwwqdeDi2,req_011CcGujc683bPmquVnBt922,req_011CcGz5L5EJw3HeMPPcZ4yq,req_011CcPHKxA2mqwpmpg9vAMtu - #70846 —
req_011CcPHGQUTEyyNZENQ41hkH - #70852 —
req_011CcPEezHx9SZ9QBaEPGSMg - #70853 —
req_011CcPDx4ek1TQciJmgwmVdF - #70873 —
req_011CcPkE7Ne9nyS4y8TMkfzV - #70890 —
req_011CcPmN9yVzS7grFsWeb6N1 - #70891 —
req_011CcKDfBV227JiEaHcBfWfJ
AUP / Usage-Policy false positives
Ordinary, authorized requests flagged as Usage-Policy violations.
- #70765 —
req_011CcPXJirBp42NbHSz8jATb,req_011CcPXQiYkPhboJXPA4bniP,req_011CcPYS4M27YTeHVPp8zqkF - #70767 —
req_011CcPaAT5nBvST5jrfCEXxh - #70768 —
req_011CcPX3ms6RCmsv4cD1cscP,req_011CcPX7GC1jE7RsHBa9HLuU - #70770 —
req_011CcPaF3Lfuzwt1wbZi75HV - #70779 —
req_011CcPU8utpvFtHmHv7VA5ge - #70780 —
req_011CcPU3c6sK96Q8UJnQUUCb - #70781 —
req_011CcPbWUfi1nbyMpPLrjPBU - #70789 —
req_011CcPS2nG3RGbUQdzSbKsYQ - #70790 —
req_011CcPcL1Y9MqX7eU6AFPW5F - #70793 —
req_011CcPQY3WtvZyeUDqPm2vcw - #70797 —
req_011CcPPosxzut2YoiSiPUBoT,req_011CcPPsbSvxnX5douTTbvky - #70806 —
req_011CcPLnkSBdTjTa8KTcV63s - #70808 —
req_011CcPdudXdWL8aMKMCfewMQ - #70817 —
req_011CcPetvCKoATwPmRssxwht - #70822 —
req_011CcPfKYfUStpKMjL3ppuVe - #70830 —
req_011CcPJ7kxsNsSfA5EEojodo - #70834 —
req_011CcPHPAYFUuVxsebHxj1NH,req_011CcPHgkdpkH6Y4hzd1JwPM,req_011CcPHnarsUJH7iCKqA115f - #70838 —
req_011CcPhFWQAX66i14Lp2LByL - #70842 —
req_011CcPHTD1CQnJuGbBiRSjHf - #70848 —
req_011CcPH3vmFMPzj6uapDHn21 - #70849 —
req_011CcPiTujKTE1rxobeRXXgY,req_011CcPiZRysetZwcBo3dVxNU - #70851 —
req_011CcPDtscPq7dauMMzXm3vD,req_011CcPGD1hYP9jTuA36ddVFV - #70866 —
req_011CcMWv2jZmdpjMv7H6wfFT - #70888 —
req_011CcKTwdsbNSzCwzX2fduHw - #70892 —
req_011CcKCr1Hnp79nGpN3ECkCs,req_011CcKDdWWhfLz5RKUiJpccr
All Request IDs (for server-side lookup)
req_011CcCJ547coZQf8eHXmFmJF
req_011CcCJNpxbvWs7bEiN5BSF7
req_011CcCepiTEkxSuqMtYz6Wue
req_011CcG5GQPpRyFoiwwqdeDi2
req_011CcGujc683bPmquVnBt922
req_011CcGz5L5EJw3HeMPPcZ4yq
req_011CcKCr1Hnp79nGpN3ECkCs
req_011CcKDdWWhfLz5RKUiJpccr
req_011CcKDfBV227JiEaHcBfWfJ
req_011CcKTwdsbNSzCwzX2fduHw
req_011CcMWv2jZmdpjMv7H6wfFT
req_011CcPDtscPq7dauMMzXm3vD
req_011CcPDx4ek1TQciJmgwmVdF
req_011CcPEezHx9SZ9QBaEPGSMg
req_011CcPGD1hYP9jTuA36ddVFV
req_011CcPH3vmFMPzj6uapDHn21
req_011CcPHGQUTEyyNZENQ41hkH
req_011CcPHKxA2mqwpmpg9vAMtu
req_011CcPHPAYFUuVxsebHxj1NH
req_011CcPHTD1CQnJuGbBiRSjHf
req_011CcPHa7oMYQ16JAGZ7NYTb
req_011CcPHe6Bybcr7KB5Ad4DgU
req_011CcPHgkdpkH6Y4hzd1JwPM
req_011CcPHnarsUJH7iCKqA115f
req_011CcPHrNhFQUoaLV3BSt44u
req_011CcPJ1k5NUbeRJFT7FuGK6
req_011CcPJ5PjNCtFZDjMvawBFB
req_011CcPJ7kxsNsSfA5EEojodo
req_011CcPJArTbepdvraQ4bBuAr
req_011CcPJBZk3cWahVf2aYsshi
req_011CcPK7qhVF6zoCygQv6LWY
req_011CcPKLYdgtX58sLLWMtJir
req_011CcPKjB1Zm8zZe541NDjZW
req_011CcPKmrRhg2neh7dioyAdu
req_011CcPKyX1EgzbWgarVyTH5d
req_011CcPL22bXVcMfDDfnLRmys
req_011CcPL8dVfbJY8FT6drDsEj
req_011CcPL8vHDW4p26GuKBHsji
req_011CcPL95S8HbEbzqnL6PBK3
req_011CcPL9GzQP6QH4TUpoZkXu
req_011CcPLCU4jxqgpe58yBLAah
req_011CcPLDzeYDff7v5Xc5r7tt
req_011CcPLNccEEEAFdsqYEDWaR
req_011CcPLUhfkFnbm6riDfaUyS
req_011CcPLnkSBdTjTa8KTcV63s
req_011CcPPosxzut2YoiSiPUBoT
req_011CcPPsbSvxnX5douTTbvky
req_011CcPPtHJ4XTPBejQeAEut7
req_011CcPQ3KbDroW7QoqCcy8Q7
req_011CcPQ5RoLW8Wg5HxSREkBE
req_011CcPQY3WtvZyeUDqPm2vcw
req_011CcPS2nG3RGbUQdzSbKsYQ
req_011CcPS6LFjCBShF3Xnr6cH9
req_011CcPU3c6sK96Q8UJnQUUCb
req_011CcPU8utpvFtHmHv7VA5ge
req_011CcPUC5bp3kvbvBpA2EbJW
req_011CcPUdtUZY7BcBdSUrQdXE
req_011CcPUgf3WAPFVuFnZJ8Uxc
req_011CcPUsR9e9UrnE4YfYZJLA
req_011CcPVTraYfpbfd6widFSAQ
req_011CcPWA21CaRYbxpws38HyD
req_011CcPX3ms6RCmsv4cD1cscP
req_011CcPX7GC1jE7RsHBa9HLuU
req_011CcPXJirBp42NbHSz8jATb
req_011CcPXQiYkPhboJXPA4bniP
req_011CcPXU99RrNCYsxA9uV8DE
req_011CcPYS4M27YTeHVPp8zqkF
req_011CcPYUxj1q6NcaqBxDcwd8
req_011CcPaAT5nBvST5jrfCEXxh
req_011CcPaF3Lfuzwt1wbZi75HV
req_011CcPbWUfi1nbyMpPLrjPBU
req_011CcPcL1Y9MqX7eU6AFPW5F
req_011CcPcSDfZpmh6T4DZ3A9b5
req_011CcPdudXdWL8aMKMCfewMQ
req_011CcPetvCKoATwPmRssxwht
req_011CcPfKEWKcTEycj5LWs7DG
req_011CcPfKYfUStpKMjL3ppuVe
req_011CcPhFWQAX66i14Lp2LByL
req_011CcPiTujKTE1rxobeRXXgY
req_011CcPiZRysetZwcBo3dVxNU
req_011CcPkE7Ne9nyS4y8TMkfzV
req_011CcPmN9yVzS7grFsWeb6N1
What a fix looks like
- Treat operations on the user's own, authorized infrastructure as in-scope; the presence of words like credential, recovery token, IAM, bypass, audit is not evidence of an attack.
- When a block fires, surface why and a path to proceed for legitimate use — losing the whole session to a false positive is the core harm.
- Use the Request IDs above to inspect the actual prompts and calibrate the classifiers.
This issue has 1 comment on GitHub. Read the full discussion on GitHub ↗