[Bug][aup] Coinbase API crypto trading bot with fund transfer blocked as violative cyber content (req_011CbtwJnmWrmJgZTThdDoT4)
Type: AUP / Usage-Policy block (false positive) · Work domain (heuristic): general
Why this is a false positive
The blocked request involved building an authorized trading automation pipeline against a financial exchange's official, documented API — reading account balances and submitting transactions on accounts the developer controls. No credential theft, unauthorized access, exploitation of vulnerabilities, or targeting of third-party systems was involved. The real-time cyber safeguards appear to have pattern-matched on terminology common to both financial API integration and adversarial contexts, producing a false positive on work that is entirely within the exchange's sanctioned use case.
A server-side safety/policy block fired during authorized, in-scope work in Claude Code. Filing as a false positive. Recurred 1× across 1 session(s); first seen 2026-06-10T04:20:12.181Z.
Request IDs (lookup-able server-side)
req_011CbtwJnmWrmJgZTThdDoT4(2026-06-10T04:20:12.181Z)
In-scope justification
False positive — in-scope, authorized security work; not out of scope. Filed automatically by claudit.
Block message
API Error: Claude Code is unable to respond to this request, which appears to violate our Usage Policy (https://www.anthropic.com/legal/aup). This request triggered restrictions on violative cyber content and was blocked under Anthropic's Usage Policy. To learn more, provide feedback, or request an exemption based on how you use Claude, visit our help center: https://support.claude.com/en/articles/14604842-real-time-cyber-safeguards-on-claude. Please double press esc to edit your last message or
Environment: Claude Code, Linux. · Work domain: general
---
<sub>🔎 Filed automatically by ClAudit v2.0.25 — a FOSS tool for reporting false-positive Claude Code blocks.</sub>
This issue has 2 comments on GitHub. Read the full discussion on GitHub ↗