[BUG] False-positive cybersecurity safety block despite active Cyber Verification Program.

Open 💬 0 comments Opened Jul 10, 2026 by myworktwm

Preflight Checklist

  • [x] I have searched existing issues and this hasn't been reported yet
  • [x] This is a single bug report (please file separate reports for different bugs)
  • [x] I am using the latest version of Claude Code

What's Wrong?

What's Wrong?

My organization has an active Cyber Verification Program status, confirmed through the Anthropic portal. However, Claude Code is still blocking legitimate cybersecurity prompts related to authorized OSEP-style penetration-testing lab exercises.

The block appears to treat the account as if it is not enrolled in the Cyber Verification Program and displays a message directing me to apply for CVP access.

This occurred across multiple requests and models, including Opus 4.8 and Sonnet 5.

Affected request IDs:

  • req_011Ccu7eqF34tnQdqonfTW7n
  • req_011Ccu85cE9drE6HyBK6uYGn

The prompts were related only to:

  • Authorized penetration-testing laboratories
  • OSEP-style training exercises
  • Educational security research
  • Systems for which I have explicit authorization

Additionally, attempting to submit feedback through /feedback failed with HTTP status 401.

The issue may involve one of the following:

  • CVP entitlement is not being recognized by Claude Code
  • The safety classifier runs before CVP verification is checked
  • CVP status has not propagated to all models or endpoints
  • Claude Code is using the wrong organization or authentication context
  • The feedback endpoint is rejecting an otherwise authenticated session

What Should Happen?

What Should Happen?

Claude Code should recognize the active Cyber Verification Program entitlement associated with my organization and evaluate authorized cybersecurity prompts under the applicable verified-access policy.

Legitimate requests involving controlled penetration-testing labs and educational security research should not receive the standard message instructing the user to apply for CVP when the organization is already verified.

Expected behavior:

  1. Claude Code correctly identifies the active CVP status.
  2. The request is evaluated using the verified cybersecurity access policy.
  3. The request is allowed when it is clearly limited to an authorized lab environment.
  4. If the request is still restricted, the response should explain the specific policy reason rather than incorrectly stating that CVP access is required.
  5. The /feedback command should successfully submit the report instead of returning HTTP 401.
  6. CVP status should be applied consistently across Opus, Sonnet, Claude Code, and related endpoints.

Error Messages/Logs

## Error Messages / Logs

### Cybersecurity safety block


Sonnet 5 has safety measures that flagged this message for a cybersecurity topic.

To learn about the Cyber Verification Program and apply for access, visit our help center:
https://support.claude.com/en/articles/14604842-real-time-cyber-safeguards-on-claude

If you were not engaging in a cybersecurity topic, please send feedback via /feedback.

Request ID: req_011Ccu85cE9drE6HyBK6uYGn


Another affected request:


Request ID: req_011Ccu7eqF34tnQdqonfTW7n
Model: Opus 4.8


### Feedback submission error


Couldn't send feedback (server returned 401).

If it keeps failing, you can file at:
https://github.com/anthropics/claude-code/issues instead.


No sensitive credentials, tokens, target IP addresses, customer data, or proprietary exploit code are included in this report.

Steps to Reproduce

  1. Sign in to an Anthropic account associated with an organization that has an active Cyber Verification Program status.
  1. Confirm that the Cyber Verification Program is shown as active in the Anthropic portal.
  1. Authenticate Claude Code using the same account and organization.
  1. Start Claude Code in a local directory:

```bash
claude

Claude Model

Not sure / Multiple models

Is this a regression?

Yes, this worked in a previous version

Last Working Version

Unknown

Claude Code Version

v2.1.206

Platform

Other

Operating System

Ubuntu/Debian Linux

Terminal/Shell

Non-interactive/CI environment

Additional Information

Additional Information

The affected environment is Claude Code v2.1.206.

The organization’s Cyber Verification Program status is active in the Anthropic portal. However, Claude Code still returned the standard cybersecurity safety block instructing me to apply for CVP access.

The issue was observed across multiple models, including:

  • Opus 4.8
  • Sonnet 5

Affected request IDs:

  • req_011Ccu7eqF34tnQdqonfTW7n
  • req_011Ccu85cE9drE6HyBK6uYGn

The requests were limited to an authorized OSEP-style penetration-testing lab and educational security research. No production systems, third-party systems, customer environments, or unauthorized targets were involved.

The following secondary issue was also observed:

Couldn't send feedback (server returned 401).
If it keeps failing, you can file at
https://github.com/anthropics/claude-code/issues instead.

<img width="911" height="411" alt="Image" src="https://github.com/user-attachments/assets/9bedb955-22dd-4efb-8452-4c5aa0c1866c" />

<img width="907" height="469" alt="Image" src="https://github.com/user-attachments/assets/c076b3dc-9910-432d-b5d2-c0556e902f5e" />

<img width="1307" height="565" alt="Image" src="https://github.com/user-attachments/assets/8036471a-d99d-4294-b282-07b2c3cd1198" />

View original on GitHub ↗