"Clonable class in secure context" inspection triggers if a class implements Cloneable. The name of the inspection implies that it is only applied to classes which are in a "secure context".
How does IntelliJ decide if a class is in a secure context?
How do I tell IntelliJ whether a class is in a secure context or not?
You are only supposed to run the inspection on the "secure context" (by using a scope). Perhaps the description of this inspection could be improved. See here for more explanation:
- https://www.securecoding.cert.org/confluence/display/java/OBJ07-J.+Sensitive+classes+must+not+let+themselves+be+copied
- http://cwe.mitre.org/data/definitions/498.html