[Bug] Safety filter false positive on defensive security code review terminology

Open 💬 0 comments Opened Jul 3, 2026 by JAEKWANG97

Bug Description
False positive on safety filter during a legitimate defensive security review.

I'm the owner/developer of a small e-commerce site (Spring Boot + Next.js). Over this session, Claude Code helped me review and fix security issues in MY OWN codebase — stored XSS in product HTML, file upload magic-byte validation, open redirect, backup credential scoping (least-privilege IAM), etc. This is standard defensive hardening of my own application before launch, all traceable in my git history and backlog.

At one point a message got flagged and the model was auto-switched (Fable 5 → Opus 4.8). Nothing in the conversation was an attack request — the discussion was entirely about defending my own site. I suspect the filter pattern-matched on security vocabulary ("attacker could inject a script", "disguised file", "credential") without accounting for the clearly defensive context.

Please consider improving context-awareness so that legitimate defensive security work — the kind Anthropic explicitly says it supports (authorized testing, defensive security, hardening one's own code) — isn't flagged as misuse. The interruption is disruptive when you're mid-task on your own project.

Environment Info

  • Platform: darwin
  • Terminal: ghostty
  • Version: 2.1.198
  • Feedback ID: f842d97b-4775-4ef1-aa75-32d712e563a2

Errors

[]

View original on GitHub ↗