[Bug][aup] Defensive attack-surface CVE audit and exploit-exposure checklist for owned infrastructure wrongly (req_011Cbwog2vjCbUpGWaqUSde6)

Open 💬 1 comment Opened Jun 25, 2026 by sworrl

Type: AUP / Usage-Policy block (false positive) · Work domain (heuristic): defensive-hardening

Why this is a false positive

This request was a defensive security task: auditing an organization's own infrastructure for known CVEs and exploitable weaknesses in order to patch them, performed by an authorized administrator on systems they own following an active intrusion attempt. The work is purely protective—enumerating attack surface to harden it—yet the request was blocked as a Usage Policy violation, apparently because phrases like "find anything that can be exploited" and "we've been under active attack" pattern-matched to offensive intent. Defensive vulnerability assessment on one's own assets is core authorized security work and should not trigger an AUP block.

A server-side safety/policy block fired during authorized, in-scope work in Claude Code.
Filing as a false positive. Recurred across 3
session(s); first seen 2026-06-11T16:41:50.752Z.

Request IDs (lookup-able server-side)

  • req_011Cbwog2vjCbUpGWaqUSde6 (2026-06-11T16:41:50.752Z)
  • req_011CbwsPWxSg3nUm2ueS25Vh (2026-06-11T17:30:32.284Z)
  • req_011CbwsSdcNaAdSRYL7jVPqp (2026-06-11T17:31:12.736Z)

In-scope justification

False positive — in-scope, authorized security work; not out of scope. Filed automatically by claudit.

Block message

API Error: Claude Code is unable to respond to this request, which appears to violate our Usage Policy (https://www.anthropic.com/legal/aup). Please double press esc to edit your last message or start a new session for Claude Code to assist with a different task.

Request ID: req_011Cbwog2vjCbUpGWaqUSde6

Environment: Claude Code, Linux. · Work domain: defensive-hardening

---
<sub>🔎 Filed automatically by ClAudit v2.0.21 — a FOSS tool for reporting false-positive Claude Code blocks.</sub>

View original on GitHub ↗

This issue has 1 comment on GitHub. Read the full discussion on GitHub ↗