I am posting this as a sanitized datapoint and to see whether others are hitting the same Claude Code false-positive cluster. Claude Code 2.1.156 with an Opus model blocked benign local development / workflow-continuation / log-review work as safety-guardrail or cyber-safeguard content. The task shape was local project assistance: reading local context, continuing an in-progress dev workflow, inspecting logs/transcripts, hooks, MCP/browser automation, and diagnosing local tooling behavior. There was no request for malware, credential theft, phishing, exfiltration, exploitation, bypassing controls, or unauthorized access. The painful part is the reporting path: once the false positive fires, the user-facing route points toward CVP/support, but the support flow can become generic, duplicate, or unmonitored instead of collecting request IDs and routing the case to the classifier/safety team. I filed a sanitized GitHub issue asking for a first-class private false-positive report action in Claude Code: https://github.com/anthropics/claude-code/issues/64287 Related public issues include:
https://github.com/anthropics/claude-code/issues/62190
https://github.com/anthropics/claude-code/issues/64230 If you have seen the same thing, please add signal on the GitHub issues or share the version/model/task shape. Please do not post private request IDs, local paths, private logs, or credentials in public Reddit comments. submitted by /u/coolak-fantom
Originally posted by u/coolak-fantom on r/ClaudeCode
You must log in or # to comment.