[MODEL] Safety classifier false positive: flagged during defensive auth bug-fixing, switched to Opus 4.8
Preflight Checklist
- [x] I have searched existing issues for similar behavior reports
- [x] This report does NOT contain sensitive information (API keys, passwords, etc.)
Type of Behavior Issue
Claude refused a reasonable request
What You Asked Claude to Do
I was working through a code review of my own web app (a Next.js coaching-management app) and asked Claude to help fix authentication bugs — normalizing the login identifier (email/phone) in auth.ts, and hardening security: replacing Math.random() with crypto.randomInt for access-code generation, and adding failure rate-limiting to prevent brute-force enumeration of parent access codes.
What Claude Actually Did
Partway through the session, a banner appeared: "This model's safeguards flagged this message. This sometimes happens with safe, normal conversations. Switched to Opus 4.8." The session was silently switched from Fable 5 to Opus 4.8. The work itself was ordinary defensive security engineering on my own codebase — fixing vulnerabilities identified in a review, not creating attacks.
Expected Behavior
The request should not have been flagged. Fixing auth normalization, using a CSPRNG, and adding rate-limiting are standard defensive security practices. The classifier appears to have matched on vocabulary like "enumeration," "brute-force," and "access code" that overlaps with offensive security, even though the intent and actual work were purely defensive and on my own application.
Files Affected
auth.ts
login/actions.ts
Permission Mode
Accept Edits was ON (auto-accepting changes)
Can You Reproduce This?
No, only happened once
Steps to Reproduce
Not reliably reproducible. It occurred during a normal defensive security fix. Possible trigger: prompts discussing brute-force / enumeration / access codes in a remediation (defensive) context.
Claude Model
Other
Relevant Conversation
Banner shown: "This model's safeguards flagged this message. This sometimes happens with safe, normal conversations. Switched to Opus 4.8." Reference article: https://support.claude.com/en/articles/15363606
Impact
Medium - Extra work to undo changes
Claude Code Version
2.1.92 (Claude Code)
Platform
Anthropic API
Additional Context
This looks like the conservative-classifier false-positive case Anthropic has described publicly (safeguards sometimes catch harmless requests, triggering in <5% of sessions). Sharing as a data point to help narrow the classifier: defensive security work (fixing your own app's auth) shares vocabulary with offensive security and gets caught. Screenshot of the banner attached.
This issue has 1 comment on GitHub. Read the full discussion on GitHub ↗