Close Menu
Daily Guardian
  • Home
  • News
  • Politics
  • Business
  • Entertainment
  • Lifestyle
  • Health
  • Sports
  • Technology
  • Climate
  • Auto
  • Travel
  • Web Stories
What's On

Silverstein Properties Becomes One of the First Commercial Landlords to Offer Workplace Analytics Powered by OfficeSpace Software as a Building Amenity

July 14, 2026

‘Such a horrific lie’: Roommate speaks out after apparent swatting hoax

July 14, 2026

U.S. FDA approves new breast cancer drug that could slow disease significantly

July 14, 2026

What to do if you lose power or air conditioning in a heat wave blackout

July 14, 2026

AGNT, Inc. to Announce Second Quarter 2026 Results on August 4, 2026

July 14, 2026
Facebook X (Twitter) Instagram
Finance Pro
Facebook X (Twitter) Instagram
Daily Guardian
Subscribe
  • Home
  • News
  • Politics
  • Business
  • Entertainment
  • Lifestyle
  • Health
  • Sports
  • Technology
  • Climate
  • Auto
  • Travel
  • Web Stories
Daily Guardian
Home » Tego AI Finds Claude Tag Slack Integration Can Trigger Unauthorized Enterprise Actions
Press Release

Tego AI Finds Claude Tag Slack Integration Can Trigger Unauthorized Enterprise Actions

By News RoomJuly 14, 20263 Mins Read
Tego AI Finds Claude Tag Slack Integration Can Trigger Unauthorized Enterprise Actions
Share
Facebook Twitter LinkedIn Pinterest Email

TEL AVIV, Israel, July 14, 2026 (GLOBE NEWSWIRE) — Tego AI, a cybersecurity company, published new research identifying a potentially critical security weakness in Claude Tag, Anthropic’s native integration between Claude and Slack. Researchers observed Claude Tag responding to messages containing the literal text “@Claude” without requiring a genuine structural Slack mention. As a result, content delivered through bots, webhooks, automated feeds, or other external sources could potentially be interpreted as instructions.

The research demonstrated the potential impact through a connected internal organizational resource. Bot-generated messages instructed Claude Tag to retrieve internal information, publish it into Slack, and subsequently delete the original resource using the organization’s configured connection.

The video below demonstrates the observed behavior and its potential impact on connected organizational systems.

https://www.youtube.com/embed/WLraBvCQxM8 

“Our research raises a fundamental question for every organization deploying enterprise AI agents: who is actually authorized to instruct the agent?” said Tal Melamed, CTO and Co-Founder of Tego AI. “Organizations need controls that validate the origin and purpose of sensitive actions before an agent is allowed to execute them.”

The research also identified broader concerns involving untrusted automated content becoming an indirect instruction channel, connected applications and MCP servers expanding the potential impact, administrative access to stored channel information outside Slack’s native membership model, and limited visibility through existing history, compliance, and audit interfaces.

“A safety classifier can be an important defense, but it should not be the final authorization boundary for enterprise actions,” Melamed added. “Sensitive operations require deterministic controls that remain effective even when the model misunderstands a request, trusts the wrong identity, or makes an incorrect decision.”

Tego AI recommends applying least-privilege permissions to Claude Tag connections, preferring read-only access, avoiding channels that ingest untrusted external content, restricting administrative access, retaining relevant Slack logs, and introducing independent runtime authorization for sensitive actions.

Tego AI responsibly disclosed the findings to Anthropic. Anthropic classified the submission as informative and disputed that literal “@Claude” text or bot-generated messages initiate Claude Tag sessions under the product’s default configuration. Tego AI’s full report documents the observed behavior, supporting evidence, security implications, and disclosure timeline.

Read the full technical report, including supporting evidence and the disclosure timeline: https://www.tego.ai/blog/tego-ai-finds-anthropics-claude-tag-slack-integration-can-trigger-unauthorized-enterprise-actions

About Tego AI

Tego AI is a cybersecurity company developing runtime security and control technology for enterprise AI agents. Its platform helps organizations monitor agent activity and stop unauthorized or risky actions before agents access sensitive data or connected systems.
Tego AI currently operates in stealth. This is the company’s second public security disclosure. According to Tego AI, it has identified additional security issues across other major AI agent platforms, with further disclosures planned.

Contact

CTO
Tal Melamed
Tego AI
[email protected]

A photo accompanying this announcement is available at https://www.globenewswire.com/NewsRoom/AttachmentNg/b8057080-4eb9-498e-9e15-8279fef502d5

Share. Facebook Twitter Pinterest LinkedIn Tumblr Email

Keep Reading

Silverstein Properties Becomes One of the First Commercial Landlords to Offer Workplace Analytics Powered by OfficeSpace Software as a Building Amenity

AGNT, Inc. to Announce Second Quarter 2026 Results on August 4, 2026

Global Infrastructure Partners Agrees to Acquire Summit Ridge Energy

MKS Inc. Named in U.S. News & World Report’s 2026-2027 Best Companies to Work For

CRRC Connects Four Continents in a 24-Hour Soccer Relay for Green Mobility

Clairol Introduces “Clairol Dared Me,” a New Campaign Giving Women the Nudge They Need to Say “Yes” to Color

Crypto News: Pepeto Crypto Presale Closes Another Stage Ahead of Schedule, Powered by EVM Layer 2 Technology

Triple One Metals Identifies Drill Targets in Emerging Newfoundland Copper-Gold Belt

Global Advanced Municipal Water Treatment Technologies Market Report Examines Growth, Innovation and Competitive Trends Through 2030

Editors Picks

‘Such a horrific lie’: Roommate speaks out after apparent swatting hoax

July 14, 2026

U.S. FDA approves new breast cancer drug that could slow disease significantly

July 14, 2026

What to do if you lose power or air conditioning in a heat wave blackout

July 14, 2026

AGNT, Inc. to Announce Second Quarter 2026 Results on August 4, 2026

July 14, 2026

Latest News

SpaceXAI’s Grok programming tool was uploading its users’ entire codebase to cloud storage

July 14, 2026

Global Infrastructure Partners Agrees to Acquire Summit Ridge Energy

July 14, 2026

MKS Inc. Named in U.S. News & World Report’s 2026-2027 Best Companies to Work For

July 14, 2026
Facebook X (Twitter) Pinterest TikTok Instagram
© 2026 Daily Guardian Canada. All Rights Reserved.
  • Privacy Policy
  • Terms
  • Advertise
  • Contact

Type above and press Enter to search. Press Esc to cancel.

Go to mobile version