diff --git a/backend/app/services/safety/content/filter.py b/backend/app/services/safety/content/filter.py
index b6585df..bef8964 100644
--- a/backend/app/services/safety/content/filter.py
+++ b/backend/app/services/safety/content/filter.py
@@ -7,7 +7,7 @@ Filters and sanitizes content for safety, including PII detection and secret sca
 import asyncio
 import logging
 import re
-from dataclasses import dataclass, field
+from dataclasses import dataclass, field, replace
 from enum import Enum
 from typing import Any, ClassVar
 
@@ -254,6 +254,7 @@ class ContentFilter:
         self._lock = asyncio.Lock()
 
         # Load default patterns based on configuration
+        # Use replace() to create a copy of each pattern to avoid mutating shared defaults
         for pattern in self.DEFAULT_PATTERNS:
             if pattern.category == ContentCategory.PII and not enable_pii_filter:
                 continue
@@ -263,7 +264,7 @@ class ContentFilter:
                 continue
             if pattern.category == ContentCategory.INJECTION and not enable_injection_filter:
                 continue
-            self._patterns.append(pattern)
+            self._patterns.append(replace(pattern))
 
         # Add custom patterns
         if custom_patterns: