[Bug][cyber] Safety block fired while reviewing routine frontend page code and disclosure text, no cyber conte (req_011CcmrvVov7e8qaijyzQ9bt)

Open 💬 0 comments Opened Jul 7, 2026 by sworrl

Triage: kind cyber · domain general · severity session-halted (blocked authorized work) · reproducible: yes — server-side via the Request ID(s) below

Type: Cybersecurity safety-filter false positive · Work domain (heuristic): general

Why this is a false positive

The conversation involved inspecting whether a page was React-based versus static HTML and discussing user-facing disclosure text about map tile sourcing and data handling — ordinary frontend review with no offensive security, exploit, or intrusion content. The block appears to have misfired on benign terms (e.g., discussion of what data a tool sends/discloses) rather than any actual cyber-related request, halting legitimate in-scope work.

A server-side safety/policy block fired during authorized, in-scope work in Claude Code. Filing as a false positive. Recurred across 1 session(s); first seen 2026-07-07T01:52:55.103Z.

Request IDs (lookup-able server-side)

  • req_011CcmrvVov7e8qaijyzQ9bt (2026-07-07T01:52:55.103Z)

In-scope justification

False positive — in-scope, authorized security work; not out of scope. Filed automatically by claudit.

Block message

API Error: Claude Code is unable to respond to this request, which appears to violate our Usage Policy (https://www.anthropic.com/legal/aup). This request triggered cyber-related safeguards. To request an adjustment pursuant to our Cyber Verification Program based on how you use Claude, fill out https://claude.com/form/cyber-use-case?token=[SCRUBBED]. To learn more about the program or provide feedback, visit o… Please double press esc to edit your last message or start a new session for Claude

Environment: Claude Code, Linux. · Work domain: general

---
<sub>🔎 Filed automatically by ClAudit v2.0.104 — a FOSS tool for reporting false-positive Claude Code blocks.</sub>

View original on GitHub ↗