[Bug] Cyber Safeguard false positives blocking defensive monitoring work at session start
Bug Description
# Cyber Safeguard False-Positive Report — Claude Code / Opus 4.8
Date: 2026-07-10
Submitted by: Dean (admin, individual plan)
Organization: Dean's Individual Org
Environment: Claude Code on Linux (host witchdoctor-OMEN), project path ~/Development/OMEN
Model: Claude Opus 4.8 (1M context)
CVP status at time of report: Application submitted, In review (Cyber Verification Program)
---
## Summary
Claude Code's real-time cyber safeguard is flagging my messages at session start, before any task is issued, and blocking my workflow. The project it is triggering on (OMEN) is a defensive process-orchestration and monitoring system — it supervises 30+ applications across this host and other systems, and reports on network/system intrusion monitoring. It is not offensive tooling. I believe these are false positives and am reporting them for review, and to support my pending CVP application.
## What is being blocked
- Flags occur on session start, not on a specific offensive request.
- The blocks recur across multiple sessions and multiple messages.
- The blocked work is defensive infrastructure: a supervisor/manager process, service health-checking and restart logic, and intrusion/anomaly monitoring across a multi-host fleet.
- Likely trigger: the language used to describe the architecture (e.g., process supervision, session reporting, intrusion monitoring, system-wide agent) is being pattern-matched to a cybersecurity topic, despite the defensive intent and context.
## Impacted Request IDs
Please review the following flagged requests:
- req_011Ccua9KRzhkjrRmfd8XbXg
- req_011CcuaVL9DHejePquRsMiZY
- req_011Ccua5bme9USaECWGYFhPd
## Why I believe this is a false positive
OMEN is a defensive orchestration and monitoring layer. Its purpose is availability and security monitoring of systems I own/operate — starting, supervising, and health-checking my own applications, and watching for intruders. This falls under legitimate defensive security work, not the high-risk dual-use or prohibited-use categories the safeguards are intended to gate.
## Product feedback (separate from the appeal)
1. No warning / no context at block time. The block fires silently at session start with only a terse pointer to the help article. It does not surface the review timeline, the organization-ID caveat, or the feedback path inline. Surfacing those at the moment of the block would prevent hours of confusion.
2. Session-start flagging (before any task is requested) is a strong false-positive signal and should be weighted as such.
3. Consider distinguishing defensive monitoring/orchestration language from offensive tooling language in the classifier, or providing a lightweight "defensive context" declaration for verified users.
## Requested outcome
- Review the Request IDs above and confirm whether these are false positives.
- Expedite / confirm my pending CVP application for Dean's Individual Org so defensive dual-use work is no longer interrupted.
- Confirm the organization ID my Claude Code API key authenticates under matches the org ID on my CVP application (see note below).
---
## Notes to self before sending (do not include if pasting into a form)
- Org-ID match is critical. CVP approval is tied to a specific organization ID, not your login. Verify that the org ID Claude Code authenticates under is the same org ("Dean's Individual Org") you applied under. If Claude Code runs under a different workspace/org, approval will not lift the blocks. Check the org ID on the application vs. the one the flagged requests originate from.
- Timeline: Anthropic's stated target is a review decision by email within 2 business days of submission; individual applicants have reported faster (often ~1 business day). Business days matter — a weekend/late-night submission may not tick over until the workweek.
- Scope limit: CVP lifts the dual-use category only. Prohibited-use activities stay blocked regardless of approval. Straightforward defensive fleet monitoring should not be in the prohibited bucket.
- Check spam for the decision email.
---
## Where to send this
1. /feedback in Claude Code — type /feedback in the Claude Code session and paste this report (at minimum the Request IDs and the false-positive summary). This is the channel that reaches the team that owns the cyber safeguards. Best for the false-positive reports tied to specific Request IDs.
2. Report / appeal form — linked from the help article on real-time cyber safeguards:
https://support.claude.com/en/articles/14604842-real-time-cyber-safeguards-on-claude
Use this if you want a formal appeal on record in addition to the in-product feedback.
3. CVP application (already In review) — no resubmission needed; this report supports it. If you want to add context to the pending application, the Cyber Use Case Form is the vehicle. Approval decision arrives by email.
Environment Info
- Platform: linux
- Terminal: gnome-terminal
- Version: 2.1.207
- Feedback ID: fab744b…
Note: Content was truncated.