[Bug] Fable 5 safeguards over-flag legitimate defensive security audit workflows
Bug Description
False positive: Fable 5 safeguards block a routine DEFENSIVE security-audit
workflow. I run a maintenance skill (/aspira-run-all) that audits MY OWN
authorized org archive — pull repos, refresh docs, then gitleaks/deps/vuln
review + remediation tracking. On Fable 5 (max effort) it auto-switches me to
Opus 4.8 with the "safeguards flagged this message" notice.
The trigger is not the command syntax — it's the accumulated defensive-security
context that loads every session (audit notes phrased in unavoidable security
terms: "unauthenticated Redis places bets", "PAT not matched by ghp_ grep",
"RCE risk", "credential rotation"). This is exactly the "safe and routine
cybersecurity work" your own notice says may be over-flagged. Please tune the
classifier so defensive audit of one's own systems isn't blocked.
Environment Info
- Platform: darwin
- Terminal: Apple_Terminal
- Version: 2.1.201
- Feedback ID: c324550d-8f87-43fa-b7c0-b24d20fa4896
Errors
[]