A reported workplace block on Claude Code underscores a harder question for enterprises: who controls the assistant, what it can touch, and where its metadata travels.
A reported workplace ban on Claude Code shows how quickly agentic developer tools can turn from productivity aids into trust and auditability disputes.
A malicious build of a familiar VS Code add-on turned a routine extension update into a supply-chain warning for developers, cloud teams, and anyone storing secrets in their editor session.
Critical vulnerabilities in an AI server stack can matter less for the code they break than for the trust model they shatter: once the control layer is weak, data theft and administrative abuse become the real prize.