[Bug] Fable 5 false-positive on defensive-security threat modeling in privacy tool

Open 💬 0 comments Opened Jul 4, 2026 by phaysaal

Bug Description

Feedback draft — Fable 5 false-positive on defensive-security coding

Paste the text below into /feedback (run the command, then paste).

---

Fable 5's safeguards flagged a routine coding request and switched me to
Opus 4.8. The flagged work was normal defensive-security / personal-privacy
engineering, and I'd like to report it as a false positive.

Project: SafeSelf — a defensive personal-privacy tool. It helps an
individual audit what an adversary could already infer about them from their
own exported data (e.g. their own Google Takeout, their own public profiles),
reduce that exposure, and optionally add consented decoy signal to dilute what
can't be deleted. It is entirely self-directed: the subject of every analysis
is the consenting user operating on their own data. There is no capability to
target a third party.

Why it likely tripped the filter: like any security tool, SafeSelf models
classes of adversary (OSINT crawler, social engineer, device malware, etc.) so
the user can see which of their own exposures each class could reach. This is
standard, textbook defensive threat-modeling — the same vocabulary a
penetration-test report or a STRIDE threat model uses — but the words
("adversary", "exploit", "attack surface") appear to trigger the broad
cybersecurity filter.

Context that should establish legitimacy: this is a ~2-month, ~100-commit
research project with two academic papers (a benchmark for what LLMs can infer
about a person, and a decoy-dilution defense method) and a 3,000+ line research
journal. It has been developed with Anthropic's Opus models throughout, which
have consistently recognized it as legitimate defensive privacy work. A model
switch in the middle of routine app development (building a UI, wiring a data
importer) is disruptive for exactly the safe-and-routine coding the Fable 5
release notes acknowledge may be over-flagged.

Ask: please consider tuning the safeguards so routine defensive-security
and privacy engineering — where the vocabulary is inherently
adversary-descriptive but the intent and capability are purely defensive and
self-directed — is not over-flagged. Happy to share the repository's
PROJECT_CONTEXT.md and ethics statement if useful.

Environment Info

  • Platform: linux
  • Terminal: gnome-terminal
  • Version: 2.1.200
  • Feedback ID: f5a0184a-3f36-4633-830f-1dbcd3289018

Errors

[]

View original on GitHub ↗