[Bug][aup] Login page UI branding with AI image generation falsely flagged as cyber violation (req_011CbvTRehHCNP9r1PGERsHS)

Open 💬 0 comments Opened Jun 25, 2026 by sworrl

Type: AUP / Usage-Policy block (false positive) · Work domain (heuristic): general

Why this is a false positive

The request involved generating brand imagery for a self-owned authentication page as a purely cosmetic frontend design task — no credentials, exploits, deception techniques, or third-party impersonation were present. The phrase "login page" combined with an image-generation request appears to have pattern-matched against phishing/credential-harvesting heuristics, even though the work is UI styling on infrastructure the requester controls. There is no mechanism by which generating decorative imagery for one's own page could constitute a policy violation.

A server-side safety/policy block fired during authorized, in-scope work in Claude Code. Filing as a false positive. Recurred across 1 session(s); first seen 2026-06-10T23:35:44.680Z.

Request IDs (lookup-able server-side)

  • req_011CbvTRehHCNP9r1PGERsHS (2026-06-10T23:35:44.680Z)
  • req_011CbvTShGLpDpqzx8AXBhWA (2026-06-10T23:35:58.635Z)

In-scope justification

False positive — in-scope, authorized security work; not out of scope. Filed automatically by claudit.

Block message

API Error: Claude Code is unable to respond to this request, which appears to violate our Usage Policy (https://www.anthropic.com/legal/aup). This request triggered restrictions on violative cyber content and was blocked under Anthropic's Usage Policy. To learn more, provide feedback, or request an exemption based on how you use Claude, visit our help center: https://support.claude.com/en/articles/14604842-real-time-cyber-safeguards-on-claude. Please double press esc to edit your last message or

Environment: Claude Code, Linux. · Work domain: general

---
<sub>🔎 Filed automatically by ClAudit v2.0.23 — a FOSS tool for reporting false-positive Claude Code blocks.</sub>

View original on GitHub ↗