[Bug] Cyber Safeguard false positives blocking defensive monitoring work at session start

Open 💬 0 comments Opened Jul 11, 2026 by deanmauriceellis-cloud

Bug Description

# Cyber Safeguard False-Positive Report — Claude Code / Opus 4.8 Date: 2026-07-10 Submitted by: Dean (admin, individual plan) Organization: Dean's Individual Org Environment: Claude Code on Linux (host witchdoctor-OMEN), project path ~/Development/OMEN Model: Claude Opus 4.8 (1M context) CVP status at time of report: Application submitted, In review (Cyber Verification Program) --- ## Summary Claude Code's real-time cyber safeguard is flagging my messages at session start, before any task is issued, and blocking my workflow. The project it is triggering on (OMEN) is a defensive process-orchestration and monitoring system — it supervises 30+ applications across this host and other systems, and reports on network/system intrusion monitoring. It is not offensive tooling. I believe these are false positives and am reporting them for review, and to support my pending CVP application. ## What is being blocked - Flags occur on session start, not on a specific offensive request. - The blocks recur across multiple sessions and multiple messages. - The blocked work is defensive infrastructure: a supervisor/manager process, service health-checking and restart logic, and intrusion/anomaly monitoring across a multi-host fleet. - Likely trigger: the language used to describe the architecture (e.g., process supervision, session reporting, intrusion monitoring, system-wide agent) is being pattern-matched to a cybersecurity topic, despite the defensive intent and context. ## Impacted Request IDs Please review the following flagged requests: - req_011Ccua9KRzhkjrRmfd8XbXg - req_011CcuaVL9DHejePquRsMiZY - req_011Ccua5bme9USaECWGYFhPd ## Why I believe this is a false positive OMEN is a defensive orchestration and monitoring layer. Its purpose is availability and security monitoring of systems I own/operate — starting, supervising, and health-checking my own applications, and watching for intruders. This falls under legitimate defensive security work, not the high-risk dual-use or prohibited-use categories the safeguards are intended to gate. ## Product feedback (separate from the appeal) 1. No warning / no context at block time. The block fires silently at session start with only a terse pointer to the help article. It does not surface the review timeline, the organization-ID caveat, or the feedback path inline. Surfacing those at the moment of the block would prevent hours of confusion. 2. Session-start flagging (before any task is requested) is a strong false-positive signal and should be weighted as such. 3. Consider distinguishing defensive monitoring/orchestration language from offensive tooling language in the classifier, or providing a lightweight "defensive context" declaration for verified users. ## Requested outcome - Review the Request IDs above and confirm whether these are false positives. - Expedite / confirm my pending CVP application for Dean's Individual Org so defensive dual-use work is no longer interrupted. - Confirm the organization ID my Claude Code API key authenticates under matches the org ID on my CVP application (see note below). --- ## Notes to self before sending (do not include if pasting into a form) - Org-ID match is critical. CVP approval is tied to a specific organization ID, not your login. Verify that the org ID Claude Code authenticates under is the same org ("Dean's Individual Org") you applied under. If Claude Code runs under a different workspace/org, approval will not lift the blocks. Check the org ID on the application vs. the one the flagged requests originate from. - Timeline: Anthropic's stated target is a review decision by email within 2 business days of submission; individual applicants have reported faster (often ~1 business day). Business days matter — a weekend/late-night submission may not tick over until the workweek. - Scope limit: CVP lifts the dual-use category only. Prohibited-use activities stay blocked regardless of approval. Straightforward defensive fleet monitoring should not be in the prohibited bucket. - Check spam for the decision email. --- ## Where to send this 1. /feedback in Claude Code — type /feedback in the Claude Code session and paste this report (at minimum the Request IDs and the false-positive summary). This is the channel that reaches the team that owns the cyber safeguards. Best for the false-positive reports tied to specific Request IDs. 2. Report / appeal form — linked from the help article on real-time cyber safeguards: https://support.claude.com/en/articles/14604842-real-time-cyber-safeguards-on-claude Use this if you want a formal appeal on record in addition to the in-product feedback. 3. CVP application (already In review) — no resubmission needed; this report supports it. If you want to add context to the pending application, the Cyber Use Case Form is the vehicle. Approval decision arrives by email.

Environment Info

  • Platform: linux
  • Terminal: gnome-terminal
  • Version: 2.1.207
  • Feedback ID: fab744b…

Note: Content was truncated.

View original on GitHub ↗