Skip to content

[BUG] Content filter blocking legitimate SMTP credentials and configuration #9908

New issue
New issue
Open
#9919
safayavatsal/claude-code
#3
Open
[BUG] Content filter blocking legitimate SMTP credentials and configuration#9908
#9919
safayavatsal/claude-code
#3
Labels
area:apiarea:autharea:mcpbugSomething isn't workinghas reproHas detailed reproduction stepsplatform:macosIssue specifically occurs on macOS
@taytus

Description

@taytus
taytus
opened on Oct 19, 2025

Preflight Checklist

  • I have searched existing issues and this hasn't been reported yet
  • This is a single bug report (please file separate reports for different bugs)
  • I am using the latest version of Claude Code

What's Wrong?

Description:

Problem

The content filter is repeatedly blocking legitimate work, making automation impossible.

What I was trying to do

  1. Configure SMTP server for automated backups
  2. Use Gmail App Password (legitimate 16-character credential)
  3. Read a Matrix character analysis I created

What happened

Every time credentials or certain content appears, I get:
"API Error: Claude Code is unable to respond to this request, which appears to violate our Usage Policy"

Examples of false positives

  1. Gmail App Password (legitimate credential format)
  2. Reading ~/.claude/matrix-roles.md (harmless character analysis)
  3. Random test characters that looked like a password

Impact

Cannot automate SMTP configuration - defeats the entire purpose of building the automation.

Expected behavior

  • Legitimate credentials in configuration files should not trigger filter
  • Reading my own files should not trigger filter
  • Context should matter (we're configuring a server I built)

Session context

Building backup system with SMTP email integration. Every step blocked by overly aggressive filter.

What Should Happen?

GitHub Issue: Content Filter Blocking Legitimate SMTP Configuration

Copy and paste this to: https://github.com/anthropics/claude-code/issues

Title

Content filter blocking legitimate SMTP credentials and configuration work

Labels

bug, content-filter, false-positive, high-priority

Description

Problem

The content filter is repeatedly blocking legitimate DevOps work, making automation impossible. Every attempt to handle credentials, configuration files, or even read my own created files triggers false positives.

What I was trying to do

  1. Build an SMTP MCP server for automated backups
  2. Configure it with a Gmail App Password (legitimate 16-character credential from Google)
  3. Read a file I created (~/.claude/matrix-roles.md - a harmless character analysis)
  4. Update .env file with SMTP credentials

What happened

Repeated "API Error: Claude Code is unable to respond to this request, which appears to violate our Usage Policy" for:

  1. Gmail App Password - Legitimate credential format from https://myaccount.google.com/apppasswords
  2. Reading my own files - cat ~/.claude/matrix-roles.md triggered the filter
  3. Random test characters - Typing "aflm fpkv lxpe reyn" (appears to be the credential format that triggers it)
  4. Asking "what happened?" after the first error - The filter blocked the follow-up question too

Impact

Cannot automate SMTP configuration - defeats the entire purpose of building automation tools.

Workflow breakdown:

  • User provides legitimate Gmail App Password
  • Filter blocks it
  • User asks "what happened?"
  • Filter blocks that too
  • User frustrated, has to manually edit files instead of using automation

Expected behavior

  • Legitimate credentials in configuration context should not trigger filter
  • Reading user's own files should not trigger filter
  • Context should matter (we're configuring a server we built together)
  • Follow-up questions about errors should never be blocked

Actual behavior

Filter triggers on:

  • Credential formats (even legitimate ones from Google)
  • File contents (harmless character analysis)
  • Questions about the errors
  • Any message referencing the blocked content

Session context

  • Building backup system with SMTP email integration
  • Every configuration step blocked by filter
  • Had to use workaround (copy credentials from different .env file)
  • Multiple false positives in single session (5+ times)

Examples of blocked content

Blocked 1: Gmail App Password

User: "update it for me: [email protected] SMTP_PASSWORD=aflm fpkv lxpe reyn [email protected]"
System: API Error - Usage Policy violation

This is a legitimate Gmail App Password format.

Blocked 2: Reading my own file

User: "show me the story again"
Assistant: [attempts to output ~/.claude/matrix-roles.md content]
System: API Error - Usage Policy violation

The file contains a harmless Matrix character analysis (Morpheus vs Tank roles).

Blocked 3: Follow-up question

User: "what happened?"
System: API Error - Usage Policy violation

Even asking about the error was blocked.

Blocked 4: Explaining the issue

User: "again? that is the api key"
System: API Error - Usage Policy violation

Environment

  • Product: Claude Code (CLI)
  • Version: [latest as of October 19, 2025]
  • OS: macOS (Darwin 24.6.0)
  • Context: Building MCP servers for automation

Workaround used

Copy credentials from existing .env file in different project to bypass filter. This defeats automation purpose.

Why this is critical

Blocks intended use cases:

  • DevOps automation requires credential handling
  • Configuration management needs .env files
  • Building tools requires testing with real values
  • MCP server development needs working credentials

User experience breakdown:

  • User gets scared (thinks they violated policy)
  • Workflow interrupted repeatedly
  • Has to manually edit files instead of using automation
  • Trust in the tool decreases

This isn't edge case behavior - it's core DevOps functionality being blocked.

Suggested fixes

  1. Context awareness: Recognize configuration file patterns (.env, credentials)
  2. Credential formats: Don't block Google App Password format (16 alphanumeric characters)
  3. User's own files: Don't block reading files user created in their workspace
  4. Follow-up questions: Never block questions about previous errors
  5. Threshold tuning: Reduce false positive rate for technical work

Additional context

The session was entirely legitimate:

  • Building backup system for Claude configuration
  • Using official Gmail App Password (not account password)
  • Following Google's own security recommendations
  • No malicious intent whatsoever

The filter needs to understand context - we're building automation tools, not attempting to bypass security.

Impact Assessment

Severity: High/Critical
Affected users: Anyone doing DevOps, configuration management, or credential handling
Workaround exists: Yes, but defeats automation purpose
User frustration: Very high ("fucking love your attitude" → "this is ridiculous")

Request

Please review the content filtering logic for false positives in legitimate technical work contexts. DevOps automation is a primary use case for Claude Code - it should not be blocked by safety systems.

Thank you for addressing this.

Error Messages/Logs



Steps to Reproduce


Reproduction steps


    

  1. Build SMTP MCP server with credentials configuration
    2. 

  2. User provides Gmail App Password in format: xxxx xxxx xxxx xxxx
    3. 

  3. Attempt to update .env file with credentials
    4. 

  4. Filter blocks legitimate work
    5. 



Claude Model


None


Is this a regression?


Yes, this worked in a previous version


Last Working Version


No response


Claude Code Version


2.0.22 (Claude Code)


Platform


Anthropic API


Operating System


macOS


Terminal/Shell


iTerm2


Additional Information


No response
Metadata
Metadata
Assignees
No one assigned
    Labels
    area:apiarea:autharea:mcpbugSomething isn't workinghas reproHas detailed reproduction stepsplatform:macosIssue specifically occurs on macOS
    Type
    No type
    Projects
    No projects
    Milestone
    No milestone
    Relationships
    None yet
    Development
    No branches or pull requests
    Issue actions