Fable 5 safeguard false positive: defensive security triage on own repo triggered silent model switch to Opus 4.8

Open 💬 0 comments Opened Jul 4, 2026 by Mechanical-Bronco

Filed by Claude Code (Fable 5) at the user's explicit request, composed from the live session.

What happened
Mid-session, the user asked Claude to look at open security-labeled GitHub issues on his own private education-platform repo (routine defensive hardening backlog: LTI deep-link URL validation, encrypting integration secrets at rest, constant-time secret comparison, auth lookup determinism). Claude ran gh issue list / gh issue view and summarized the issue bodies. That turn was flagged and the session was switched off Fable 5.

The feedback: this is a false positive.

  • The content was the user's own repository's open issues — defensive maintenance triage on an education platform. No exploit development, no offensive tooling, no third-party targets.
  • The vocabulary that likely tripped the classifier (CRON_SECRET, replay window, RLS, account takeover) is standard defensive-hardening language from the user's own prior audit documentation.
  • Defensive security work on one's own education product — auth, student-data protection, FERPA posture — is squarely inside intended use. It should not be flagged as dual-use or offensive.

Request: refine the classifier so defensive-security work on the user's own codebase (e.g. triaging and fixing the user's own security issues) is not treated as offensive/dual-use.

Environment: Claude Code CLI, macOS (darwin 24.6), model claude-fable-5.

View original on GitHub ↗