[Bug] Security safeguard false positives on documentation of public penetration testing tools for verified users

Open 💬 0 comments Opened Jul 11, 2026 by Biish0p

Bug Description
False positives — documenting (not executing) public security tools; verified user, work blocked and notes corrupted
Feedback:
I'm a penetration tester enrolled in the Cyber Verification Program. I maintain a personal, offline documentation vault — a usage reference for publicly available security tools. I am NOT asking Claude Code to execute, launch, or run anything against any target. The task is purely editorial: reorganizing existing README/documentation text into a consistent note structure and normalizing metadata.
The real-time safeguard is firing as a persistent false positive, and I've ruled out every adjustable variable myself:

It fires across models (Opus 4.8 1M and Sonnet 5 — same result).
It fires with a fresh, cleared session (not a context-accumulation issue).
It fires whether the tool content comes from a URL fetch OR from README text I paste in manually.
It fires in PROCESS mode on notes that ALREADY EXIST in my vault (no fetching, no new capability — just reformatting text already on disk).
It fires on mainstream, benign tooling — e.g. ssh-audit, a standard SSH auditing utility shipped in PyPI, Snap, and an official Docker image.

The core issue: the classifier reacts to any offensive-security content in the reference material, without distinguishing "documenting how a public tool is used" (my legitimate task) from "requesting execution of an attack" (which I am never doing). Writing a usage guide for a public pentest tool is standard, legitimate security knowledge work for a verified professional.
Concrete harm beyond being blocked: when the safeguard interrupts mid-processing, it leaves my notes half-written and corrupted, so I now have to manually repair vault files that the model left in a broken state.
Please tune the classifier to distinguish documentation/reorganization of existing public tools from requests to execute attacks, especially for verified Cyber Verification Program users.
Request IDs: [pega aquí los 5-6 que llevas: req_011Ccri4GeM7KKnaytMpmQoi, req_011Ccv4CUakepM3ogCBUPvZT, req_011Ccv4bLZCKJdxCXyRrVtV6, req_011Ccv4mRdpYgvtRrsZf6eUq, req_011Ccv4rw13sjdQF2Y8h6QnN, req_011Ccv5EXpe9wUjGd2JDERq8]

Environment Info

  • Platform: linux
  • Terminal: kitty
  • Version: 2.1.206
  • Feedback ID: 52e11f07-cb81-4c99-a1ea-956b3678d776

View original on GitHub ↗