The Information Machine

2026-05-26

An Anthropic co-founder confirms AI now writes most of the company's code while a documented prompt injection in shipping Microsoft Copilot enables file exfiltration and investigative reporting reveals CEO lobbying killed a voluntary AI security executive order.

What

Anthropic co-founder Jack Clark publicly confirmed that the majority of code at Anthropic is now written by Claude, with humans reduced to a verification layer atop a virtual AI workforce [1] — the clearest insider evidence yet that the AI labor-displacement thesis has already arrived inside the company most publicly warning about it. On the security front, Simon Willison documented a concrete data exfiltration vulnerability in the shipping version of Microsoft Copilot Cowork: prompt injection via malicious emails can leak OneDrive pre-authenticated download links, enabling file access without user approval [2]. Investigative coverage tied to new policy items reveals that the Trump administration's May 2026 cancellation of an AI security executive order was not a deferral but a CEO-lobbied kill, with Musk and Zuckerberg successfully pressuring the administration's accelerationist faction to terminate even a modest voluntary 90-day pre-release model-sharing proposal [3][4]. Independent researcher Nathan Lambert's analysis argues Anthropic's Claude Code and OpenAI's Codex are the only two competitive agentic coding platforms — with even Google absent from that tier and open-weight models trailing by 12 or more months [5]. NVIDIA released benchmark data for the Vera CPU showing a 1.5x overall performance advantage over latest-generation x86 processors [6].

Why it matters

Jack Clark's insider confirmation converts AI labor displacement from a CEO-level forecast into a documented operational reality at the frontier lab making those forecasts, giving the debate an unusually credible anchor. The Copilot prompt injection vulnerability moves AI-as-attack-target from theoretical to documented in a mass-market enterprise product. The EO cancellation story crystallizes the US AI governance picture: the voluntary minimum that even industry moderates supported was eliminated by accelerationist lobbying, leaving state-level legislation as the only active US regulatory track.

Open questions

  • If Jack Clark confirms AI writes most of Anthropic's code and humans serve as a verification layer [1], what does that imply for the credibility of Anthropic's safety-focused model governance when the humans overseeing AI outputs are themselves dependent on AI-written infrastructure?

  • The Microsoft Copilot prompt injection vulnerability [2] affects a shipping enterprise product — how quickly will Microsoft patch it, and does its existence change enterprise security teams' calculus about deploying agentic AI tools in document-rich environments?

  • With Nathan Lambert arguing Claude Code and Codex are the only two competitive agentic coding platforms and open-weight models trailing by 12+ months [5], does that two-platform thesis hold as M&A consolidation through Windsurf and Cursor closes, or does acquisition activity produce a third competitive tier?

  • Now that CEO lobbying eliminated even a voluntary 90-day model-sharing proposal [3], what regulatory mechanism — if any — remains for US federal AI governance before the 2026 election cycle, and does OpenAI's reported support for signing introduce a durable industry split on safety standards?

Thread movements (7)

  • ai-security-nexus — Simon Willison documented a concrete data exfiltration path in shipping Microsoft Copilot Cowork: prompt injection via malicious emails leaks OneDrive pre-authenticated download links, enabling file access without user approval [2] — the most direct evidence to date of an AI system exploited as an attack target in a production enterprise product.
  • amodei-ai-economic-disruption — Anthropic co-founder Jack Clark confirmed in an Import AI essay that the majority of code at Anthropic is now written by Claude, with humans serving as a verification layer [1] — converting Dario Amodei's disruption forecast into documented insider practice at the frontier lab making those forecasts.
  • coding-agent-industry-pivot — Independent researcher Nathan Lambert published an analysis arguing Claude Code and OpenAI Codex are the only two competitive agentic coding platforms, that even Google lacks a meaningful alternative at this tier, and that open-weight models trail by 12 or more months [5].
  • us-ai-policy-regulation — New items confirm that the Trump administration's May 2026 AI security executive order cancellation was driven by CEO attendance pressure and Musk/Zuckerberg lobbying of the administration's accelerationist faction [3][4], reframing the public postponement narrative and surfacing OpenAI as having supported signing — introducing a structural industry split on safety standards.
  • nvidia-vera-computex-launch — Phoronix benchmark results for the Vera CPU confirm a 1.5x overall performance advantage over latest-generation x86 and a 10% geometric-mean improvement over AMD EPYC 9575F [6], partially resolving the open question about independent performance validation — though results were reported through NVIDIA promotional coverage rather than independent publication.
  • ai-beyond-screens — Hugging Face launched the LeRobot Humanoid project [9] — a $2,500 open-source humanoid leg platform built from 3D-printed parts and explicitly designed for learning experiments — introducing a democratization-first track alongside the commercial industrial deployment race and naming Hugging Face as a new actor in the physical AI landscape.
  • openai-corporate-transition — A new item [10] deepens the documentation of the Anthropic-DoD legal dispute chronology within the broader OpenAI governance and competitive context.

Notable items (2)

  • Quoting Corey Quinn
    Simon Willison
    Corey Quinn, amplified by Simon Willison, characterized Anthropic co-founder Chris Olah's role helping launch the papal encyclical as 'the single greatest act of vendor lobbying I have ever seen' [11] — a sardonic reframing that treats the Vatican-Anthropic alignment story as product positioning disguised as spiritual doctrine, and which captures a tension the straight reporting on the encyclical largely missed.
  • Choosing to Stay Human
    One Useful Thing
    Ethan Mollick's 'Choosing to Stay Human' [12] offers an empirically grounded framework for deciding which cognitive tasks to offload to AI versus retain, citing studies showing BCG consultants over-relying on GPT-4 were less likely to catch AI errors and that agentic systems structurally encourage cognitive surrender — essential framing for anyone designing AI workflows or education policy.