Claude Code is unable to respond to this request

Detailed Analysis

A user's encounter with Claude Code's automated content filtering system has surfaced a recurring and widely-documented problem with Anthropic's agentic coding tool: overly aggressive safety checks that block legitimate, benign requests. In the specific case described, the user was attempting to process an `.eml` email file containing real email addresses — their own and a sibling's — using Claude Code running on the Opus 4.7 model. The system returned a hard stop citing a potential Acceptable Use Policy (AUP) violation, with no path forward other than editing the prompt, starting a new session, or switching to a different model such as `claude-sonnet-4-20250514`. Notably, the user confirmed that removing the actual email addresses from the content and supplying the same data in anonymized form resolved the issue entirely, revealing the trigger to be the presence of personally identifiable information (PII) rather than any genuinely harmful intent.

The error itself — "Claude Code is unable to respond to this request, which appears to violate our Usage Policy" — is not new, though the user encountered it for the first time on Opus 4.7. GitHub issue trackers for the Claude Code repository show a sustained pattern of similar complaints filed across multiple issue threads (including #8877, #3319, #8911, and #8784) between mid-2025 and into 2026. The complaints share a common thread: the filtering system generates false positives on routine developer and productivity tasks, including base64-encoded strings, HTML parsing operations, and now email file processing. The false positive rate has been severe enough that some paying users — reportedly spending upward of $200 per month — have described the tool as intermittently unusable, with new bug reports being auto-closed as duplicates due to the volume of filings.

Several workarounds have emerged from the community in the absence of a systemic fix from Anthropic. Downgrading the `@anthropic-ai/claude-code` package to version 1.0.55 has resolved the issue for some users, suggesting the filtering logic was tightened in a subsequent release. Others have found that reducing verbosity in Claude's reasoning steps — by instructing it via `CLAUDE.md` not to narrate intermediate actions — prevents context window overflows that can compound the problem. For PII-specific triggers like the one in this article, manually redacting sensitive identifiers before submission serves as a functional, if cumbersome, workaround. Anthropic's own support documentation advises checking API key status, disabling VPN or proxy configurations that may strip required headers, and using the `/feedback` command to report persistent failures.

The broader significance of this issue extends beyond individual user frustration and touches on a fundamental tension in deploying large language models as agentic tools. Claude Code is designed to operate autonomously on complex, real-world tasks — including reading files, executing code, and interacting with external systems — all of which routinely involve sensitive data such as credentials, personal contact information, or proprietary business logic. A content filter calibrated for the relatively controlled environment of a conversational chat interface may systematically misfire in agentic contexts where PII is an expected and benign component of the workflow. The fact that the identical content passes through the filter when email addresses are removed confirms the filter is pattern-matching on surface-level signals rather than evaluating genuine risk or user intent.

This episode reflects a wider challenge confronting the AI industry as companies push their models into agentic and developer-facing deployments: safety systems designed for one interaction modality can become significant usability liabilities when repurposed or extended. Anthropic's decision to expose model-level safety filtering directly through Claude Code — without apparent ability for verified, paying users to adjust sensitivity thresholds for clearly benign tasks — represents a design tradeoff that the growing volume of bug reports suggests is not landing well. As agentic AI tools become more deeply embedded in professional workflows, the cost of false positives rises substantially, and the pressure on AI developers to offer more granular, context-aware policy controls is likely to intensify.