[Bug] Excessive Safeguard False Positives During Defensive Security Audits

Open 💬 0 comments Opened Jul 14, 2026 by mirandabsb

Fable 5's safeguards flagged messages and forced a switch to Opus 4.8 multiple times during the same session while I was performing a defensive audit on my own apps (private monorepo).

The task: locating leaked secrets in tracked files, replacing them with ${VAR}/placeholders, moving the values to a gitignored .env file, and building a credential rotation runbook. Zero exploits, zero third-party targets, zero offensive techniques — just secret hygiene in my own environment.

Impact: the model switches mid-session, breaking context and continuity, and the cost of the false positive falls precisely on the kind of usage that should be encouraged (defensive DevSecOps). Repeated flags within the same continuous session indicate a systematic false positive, not an isolated event.

Request: calibrate the safeguards to distinguish defensive handling of secrets (redaction, rotation, gitignore) from offensive work. Available to share the transcripts.

Environment Info

  • Platform: Linux
  • Terminal: VS Code
  • Version: 2.1.209
  • Feedback ID: 016256bc-2558-413f-9a33-0945d155ea9d

View original on GitHub ↗