Claude Gets a 'Staff Card' Now, From Anthropic

marsbitPublished on 2026-07-01Last updated on 2026-07-01

Abstract

"Claude now has an 'official position' as Anthropic introduces 'Claude Tag', an AI team member with its own identity in Slack. Unlike traditional AI assistants that borrow user permissions, Claude Tag operates with its own dedicated accounts and audit trails across systems like Slack, GitHub, and data warehouses—a model Anthropic calls 'agent identity'. This allows the AI to act as a shared colleague within a channel, learning from team context and even proactively addressing issues in 'eavesdrop mode'. The key shift is that permissions are tied to the channel, not individual users, enabling anyone in a channel (like a PM without repo access) to leverage Claude's capabilities. Anthropic reports using this internally, with AI generating most of their product team's code. As AI agents proliferate in enterprises, this dedicated identity model addresses the scaling and security challenges of managing non-human 'employees'."

From today onward, AI no longer borrows your work badge.

On June 23, Anthropic launched Claude Tag—an AI team member permanently residing in a Slack channel.

It doesn't use any human accounts or permissions; it has its own identity, its own account, and its own audit trail.

Anthropic calls this agent identity.

Three engineers and one PM are debugging in the same Slack channel. Someone @'s Claude, asking it to check the code repository, pull metrics from the data warehouse, and create a PR on GitHub.

So the question arises: whose permissions should the AI use?

The PM's? She doesn't have repo access. One of the engineers'? Maybe he doesn't have the necessary data warehouse permissions.

The answer is: none of the above.

When AI transitions from "a personal assistant for one person" to "a collaborative member of a team," the traditional permission model breaks down logically.

Anthropic's solution is: don't borrow anyone's permissions; issue the AI its own work badge.

An AI with a 'Staff Card' Joins Slack

Claude Tag is not a chatbot.

It's an AI colleague permanently residing in your Slack channel—with its own account, its own memory, and its own toolset.

There is only one Claude per channel, shared by everyone, and everyone can see what it's doing.

When you join, you don't need to explain the context from scratch, because it has already learned along the way from the team's conversations.

Even more impressive is the "Listen-Only Mode."

When activated, Claude monitors the channel on its own. If a thread goes unanswered or a problem isn't followed up on, it proactively steps in. No need to @ it.

For example, you open Slack on Monday morning, and Claude has already investigated the issue you left in the channel last Friday that no one picked up, waiting for your confirmation.

The AI's Own Work Badge

The core design of Claude Tag isn't a product feature; it's the permission architecture.

Anyone who has used AI assistants like ChatGPT knows they connect to your own Google Drive, GitHub, calendar, using your permissions.

But Claude Tag is multi-user—three to five people in a channel @ it in turn. Whose permissions should it use?

Anthropic's solution is called agent identity.

Claude has its own account in each system.

In Slack, it posts messages as the Claude App.

In GitHub, it creates PRs as the Claude GitHub App.

In your data warehouse, it queries using a service account configured by the administrator.

No human credentials are involved at any point.

Administrators define a baseline identity at the workspace level—Claude inherits this default configuration everywhere. Then, they can override it at the channel level:

The engineering channel gets GitHub and data warehouse access. The CRM tool is locked to the sales team's private channel. The legal channel has its own legal toolkit.

Private channels each have independent identities, while public channels share the workspace-level identity.

What Claude learns in the legal channel never appears in the engineering channel. What you discuss with Claude in DMs doesn't reach the team channels either, because DMs go through your personal claude.ai account.

Revoking permissions is simpler. Revoke one identity, and Claude is simultaneously disconnected from all access points. No need to audit dozens of user accounts one by one, because the AI never used them.

Currently, Claude Tag is in beta for Enterprise Edition ($125 per user/month) and Team Edition ($20 per user/month, annual billing) customers, with usage-based billing, using the Opus 4.8 model.

You Don't Have Repo Permissions, But the AI Does

For example, you are a product manager but don't have GitHub permissions and can't view code.

In this case, you just ask Claude in the engineering channel "why is this interface returning an error?" Claude then goes to investigate, because the channel's configuration gives Claude repo access.

Previously, this required walking over and tapping an engineer on the shoulder. Now, the AI goes to check for you.

In other words, permissions no longer follow the person; they follow the channel.

The engineering channel gives Claude repo access, so anyone in that channel can use Claude to check code—regardless of their own personal access.

Anthropic's assessment of this is: Counterintuitive, but necessary.

Counterintuitive, because it goes against a security professional's instincts.

Necessary, because in scenarios involving multi-person collaboration and increasing AI autonomy, the user-based permission model is logically untenable.

Of course, there are safeguards.

The Enterprise Edition supports RBAC, allowing administrators to decide who can @Claude and who cannot within a channel. Channel configurations can have caps set according to the least-privileged member.

Anthropic Does This Themselves

65% of the code produced by Anthropic's product team is generated by Claude, exceeding 80% as of May this year.

Engineers now merge eight times more code per day than in 2024.

"It feels like managing a team, not using a tool." This is what Boris Cherny said, and he hasn't written any code himself in half a year.

For the average worker, the feeling is more direct—

You say in the channel "this data looks wrong," and Claude goes off to check the data warehouse, locates the anomaly, writes the fix, and waits for your review. You didn't write a single line of code, but the task is done.

AI Bots Outnumber Employees 50 to 1. Who Manages Them?

Right now, many companies likely already have dozens of AI bots running. But who created them, who approved their permissions, whether they've "left the company"—probably no one can say for sure.

In large enterprises, the number of such non-human identities is 50 to 80 times that of human employees.

Data from Ramp in May 2026 shows that 34.4% of US businesses are already using paid Claude subscriptions, surpassing OpenAI's 32.3%.

And once Claude settles into a channel for half a year, accumulating the entire team's context and work habits, switching to a different AI means starting from zero.

More and more teams will encounter the problem from the beginning—whose permissions should be used?

Anthropic's answer is already given: use no one's; the AI has its own work badge.

References:

https://claude.com/blog/agent-identity-access-model

This article is from the WeChat public account "Xin Zhi Yuan" (New Wisdom Era), Author: ASI Revelations

Related Questions

QWhat is Claude Tag, and how does it differ from traditional AI assistants?

AClaude Tag is an AI team member that resides permanently within a Slack channel, created by Anthropic. Unlike traditional AI assistants that borrow a user's permissions to access systems, Claude Tag has its own identity, account, and audit trail. This means it operates independently with its own set of permissions, making it a shared collaborator within a team channel.

QWhat is 'agent identity' according to the article, and why is it significant?

A'Agent identity' is Anthropic's term for the permission architecture where Claude Tag has its own accounts in systems like Slack, GitHub, and data warehouses. This is significant because in a multi-user team setting, it eliminates the logical problem of deciding which human user's permissions an AI should use. It allows the AI to act autonomously with permissions defined at the channel level.

QHow does the permission model for Claude Tag work in a team channel?

APermissions for Claude Tag are attached to the Slack channel, not individual users. Administrators define a baseline identity for the AI at the workspace level. These permissions can be overridden at the channel level. For example, an engineering channel can grant Claude Tag access to GitHub and data warehouses, allowing anyone in that channel, even users without repo access, to query code through the AI.

QWhat are some of the operational benefits of using Claude Tag mentioned in the article?

AThe article highlights several benefits: Claude Tag can work autonomously in 'eavesdropping mode' to follow up on unanswered threads. It maintains shared memory and context for the entire team in a channel. Anthropic's own product team reportedly generates 65-80% of its code with Claude, increasing engineer output. It simplifies permission revocation, as disabling the AI's single identity disconnects it from all systems at once.

QWhat problem in enterprise AI management does Claude Tag's 'agent identity' aim to solve?

AIt solves the growing problem of managing numerous non-human AI identities within large companies. These identities can outnumber human employees by 50-80 times, making it difficult to track their creation, permissions, and deactivation. The 'agent identity' model centralizes control, providing clear audit trails and allowing administrators to manage AI permissions separately from human user accounts.

Related Reads

Why 2026 could redefine Ethereum, Solana, Base and Avalanche

Blockchain infrastructure is undergoing a major coordinated transformation, driven by institutional demand for reliability, compliance, and predictable settlement. Over $30 billion in Real-World Assets (RWA) on-chain has exposed network weaknesses. Major blockchains are responding with foundational upgrades, moving beyond incremental speed improvements. Ethereum's "Glamsterdam" upgrade, planned for H1 2026, will significantly increase gas limits and introduce features like PBS (pre-blocked state) for enhanced settlement and parallel execution. Solana's "Alpenglow," targeting a mainnet launch in H2 2026, focuses on reducing finality time dramatically and freeing network resources to improve reliability. Beyond speed, compliance is critical. Base's "Beryl" upgrade in Q3 2026 will introduce a standardized, regulatory-compliant token framework (B20). Avalanche's "Octane" upgrade aims to boost transaction processing and reduce costs for enterprise applications. Even Bitcoin is evolving with the potential activation of OP_CAT by late 2026/early 2027. The competition is shifting. While technical upgrades are widespread, institutions will ultimately allocate capital based on proven execution, operational resilience, and regulatory compatibility during market stress. Ethereum currently leads in tokenized assets, while networks like Base and Solana are strengthening their institutional offerings. The blockchain that best delivers reliable, compliant, and uninterrupted service is poised to attract the greatest share of future institutional capital.

ambcrypto21m ago

Why 2026 could redefine Ethereum, Solana, Base and Avalanche

ambcrypto21m ago

Tiger Research: Take RWA Tokenization Overseas First

This article discusses the strategic choices facing financial institutions in jurisdictions lacking mature regulatory frameworks for Real-World Asset (RWA) tokenization. With the market growing rapidly, institutions must choose between waiting for local legislation, using regulatory sandboxes, or—the recommended priority—expanding into overseas markets to gain early experience. Successfully launching cross-border RWA tokenization requires meticulous preparation across six key areas: establishing an overseas base (e.g., Hong Kong, Singapore, the U.S.), securing necessary licenses, defining the tokenized asset (with bonds being simpler than non-standard assets), defining the target investor scope, deciding on settlement currencies/payment flows, and designing operational requirements like custody and on-chain governance. The article outlines two primary strategic paths: a direct "onshore" path and a "native on-chain" path. The direct path involves setting up a legal entity and obtaining licenses in a mature jurisdiction like Hong Kong, Singapore, or the U.S., leveraging existing platforms (e.g., DigiFT, Securitize) for efficiency. The alternative native on-chain path involves partnering with compliant, decentralized platforms (e.g., Ondo, Plume Nest) that use structures like offshore SPVs to facilitate tokenization and access DeFi liquidity, offering speed and broader reach but with greater structural complexity. The core argument is that institutions should not wait for perfect domestic regulation. A detailed hypothetical case study illustrates the multi-step, 6-12 month process of launching an overseas tokenized bond. The key takeaway is that the essence of a tokenization business lies not in the technology but in successfully executing the entire sales and operational process. The market is moving forward, and the time to act is now.

marsbit32m ago

Tiger Research: Take RWA Tokenization Overseas First

marsbit32m ago

Trading

Spot
活动图片