securityonline.info 7/14/2026, 5:16:55 PM · external

Tego AI flags security flaw in Anthropic’s Claude Tag Slack bot

Tego AI flags security flaw in Anthropic’s Claude Tag Slack bot
CyberSIXT Evidence Panel
Primary Source tego.ai

TEGO AI, a cybersecurity start-up, has identified a significant security vulnerability in Claude Tag, Anthropic’s integration with Slack. The risk arises from Claude Tag responding to messages with the text ‘@Claude’ without needing a proper Slack mention, allowing unauthorized access and actions from bots or automated systems. This could lead to sensitive internal information being retrieved or deleted without proper consent.

Tego AI recommends implementing strict permissions, avoiding untrusted content, and ensuring proper logging and independent authorization for critical actions. They responsibly disclosed their findings to Anthropic, which disputed some claims regarding default configurations. Tego AI aims to enhance security measures for enterprise AI agents.

View Primary Source Via securityonline.info

Article by CyberSIXT