Anthropic just put an always-on AI agent inside every Slack channel. Your governance model just broke.

Anthropic launched Claude Tag on June 23.

Not a chatbot. Not a side panel. A persistent agent that lives inside your Slack channels and acts like a teammate anyone can delegate work to.

Type @Claude in any thread. Hand it a task. It breaks the work into stages, executes using connected tools and databases, and posts results back in the thread where everyone can see.

The real play isn't productivity. It's context capture.

Claude Tag builds memory from every channel it touches. It monitors threads autonomously in ambient mode. It follows up on stale tasks. It reads across channels if you grant permission. It learns your organization's institutional knowledge in real time.

Anthropic says 65% of its own product team's code is now generated by its internal version of Claude Tag. That's not a demo. That's the company eating its own dog food at production scale.

Ramp's May 2026 data shows Anthropic's enterprise adoption hit 34.4%, overtaking OpenAI at 32.3%. This move locks in that advantage by embedding Claude into the collaboration layer where decisions actually happen.

Here's what should alarm every CISO and workforce leader:

This agent operates under a shared org-level identity. It has admin-scoped access to tools, databases, and code repositories. It executes asynchronously without human-in-the-loop verification at every step.

Your existing security model was built for humans using tools. Not for AI agents acting as standing members of every team.

Audit your Slack governance controls today. Define which channels an agent can access. Set token spending caps. Review what "ambient mode" means for your data exposure. Because if you don't configure the boundaries, Anthropic's agent will learn everything your teams discuss — and act on it without asking.