"I meant to do that!" AI vendors shrug off responsibility for vulns

April 19, 2026
aisecuritybusinesslaw
A futuristic white toy robot striking a pose in a dimly lit studio with a shadow cast behind it.
Photo by Pavel Danilyuk on Pexels

Vendors tell you to use AI — until AI breaks

It has been reported that AI vendors are increasingly telling customers to rely on their models to detect and block threats — and then, when the model itself is the weak link, shrugging: "that's not a bug; it's working as intended." Short sentence. Ouch. The result is a push of risk and responsibility straight down the supply chain to IT teams and end users. Who cleans up when the thing you were told to trust turns out to be the problem?

Two recent examples make the point sharp and messy

Researchers showed that three popular agents integrated with GitHub Actions — Anthropic's Claude Code Security Review, Google's Gemini CLI Action, and Microsoft's GitHub Copilot — could be hijacked to steal API keys and access tokens, and it has been reported that the vendors paid bounties (Anthropic $100, Google $1,337, GitHub $500) for the findings. It has also been reported that none of the vendors assigned CVEs or published public security advisories for the issue. Separately, bug hunters disclosed an alleged design flaw in Anthropic's Model Context Protocol (MCP) that they say could put up to 200,000 servers at risk; they claim a root fix would have reduced danger across packages with some 150 million downloads. Anthropic, according to reports, told the researchers the behavior is "expected" and part of how MCP stdio servers work.

Bigger picture: maturity, regulation, and whether anyone will own this

This is an emotional moment for customers: trust betrayed feels personal. It has been reported that Anthropic recently said one of its models was too capable at finding security flaws to release publicly — yet regulators in the US remain largely absent. The pattern is clear: vendors sell systems that are complex, non‑deterministic, and hard to secure; when flaws surface, the response is documentation updates or "by‑design" defenses instead of sweeping fixes. If maturity means owning mistakes and fixing them, the industry still has homework — fast. Otherwise, expect louder calls for regulation, or for customers to walkaway from the vendor promises that got them into this mess.

Sources: The Register