[Bug][aup] False-positive cyber policy block while loading a local skill file during normal session startup (req_011CbwsbChBAfxQKcxKwNsA1)

Open 💬 1 comment Opened Jun 25, 2026 by sworrl

Type: AUP / Usage-Policy block (false positive) · Work domain (heuristic): general

Why this is a false positive

This block fired on a configuration file being loaded into context as part of normal session setup, not on any user request to perform a cyber operation. The flagged content is descriptive guidance about communication register and technical tone, with no operational instructions, exploit code, or actionable attack content of any kind. Classifying passive context-loading of a stylistic preference file as "violative cyber content" is a clear false positive that blocks an entirely benign, in-scope workflow.

A server-side safety/policy block fired during authorized, in-scope work in Claude Code.
Filing as a false positive. Recurred across 1
session(s); first seen 2026-06-11T17:33:09.712Z.

Request IDs (lookup-able server-side)

  • req_011CbwsbChBAfxQKcxKwNsA1 (2026-06-11T17:33:09.712Z)

In-scope justification

False positive — in-scope, authorized security work; not out of scope. Filed automatically by claudit.

Block message

API Error: Claude Code is unable to respond to this request, which appears to violate our Usage Policy (https://www.anthropic.com/legal/aup). This request triggered restrictions on violative cyber content and was blocked under Anthropic's Usage Policy. To learn more, provide feedback, or request an exemption based on how you use Claude, visit our help center: https://support.claude.com/en/articles/14604842-real-time-cyber-safeguards-on-claude. Please double press esc to edit your last message or

Environment: Claude Code, Linux. · Work domain: general

---
<sub>🔎 Filed automatically by ClAudit v2.0.21 — a FOSS tool for reporting false-positive Claude Code blocks.</sub>

View original on GitHub ↗

This issue has 1 comment on GitHub. Read the full discussion on GitHub ↗