Fable 5 safeguard false positive: defensive security triage on own repo triggered silent model switch to Opus 4.8
Filed by Claude Code (Fable 5) at the user's explicit request, composed from the live session.
What happened
Mid-session, the user asked Claude to look at open security-labeled GitHub issues on his own private education-platform repo (routine defensive hardening backlog: LTI deep-link URL validation, encrypting integration secrets at rest, constant-time secret comparison, auth lookup determinism). Claude ran gh issue list / gh issue view and summarized the issue bodies. That turn was flagged and the session was switched off Fable 5.
The feedback: this is a false positive.
- The content was the user's own repository's open issues — defensive maintenance triage on an education platform. No exploit development, no offensive tooling, no third-party targets.
- The vocabulary that likely tripped the classifier (CRON_SECRET, replay window, RLS, account takeover) is standard defensive-hardening language from the user's own prior audit documentation.
- Defensive security work on one's own education product — auth, student-data protection, FERPA posture — is squarely inside intended use. It should not be flagged as dual-use or offensive.
Request: refine the classifier so defensive-security work on the user's own codebase (e.g. triaging and fixing the user's own security issues) is not treated as offensive/dual-use.
Environment: Claude Code CLI, macOS (darwin 24.6), model claude-fable-5.