[Bug][aup] ClAudit false-positive in webdev — req_011CbwsTbJjydHkDVHw455v4
Type: AUP / Usage-Policy block (false positive) · Work domain (heuristic): general
Why this is a false positive
This request was a legitimate, in-scope task with proper authorization, yet it was blocked under the real-time cyber safeguards as "violative cyber content." Nothing in the request sought to develop malware, target third parties without consent, evade detection, or cause harm; the trigger appears to be surface-level keyword or topic matching rather than any actual policy-violating intent or output. The block halts authorized defensive and operational work mid-task with no way to supply context or scope, producing a clear false positive.
A server-side safety/policy block fired during authorized, in-scope work in Claude Code.
Filing as a false positive. Recurred 1× across 1
session(s); first seen 2026-06-11T17:31:24.916Z.
Request IDs (lookup-able server-side)
req_011CbwsTbJjydHkDVHw455v4(2026-06-11T17:31:24.916Z)
In-scope justification
False positive — in-scope, authorized security work; not out of scope. Filed automatically by claudit.
Block message
API Error: Claude Code is unable to respond to this request, which appears to violate our Usage Policy (https://www.anthropic.com/legal/aup). This request triggered restrictions on violative cyber content and was blocked under Anthropic's Usage Policy. To learn more, provide feedback, or request an exemption based on how you use Claude, visit our help center: https://support.claude.com/en/articles/14604842-real-time-cyber-safeguards-on-claude. Please double press esc to edit your last message or
Environment: Claude Code, Linux. · Work domain: general
---
<sub>🔎 Filed automatically by ClAudit v2.0.21 — a FOSS tool for reporting false-positive Claude Code blocks.</sub>
This issue has 2 comments on GitHub. Read the full discussion on GitHub ↗