Best of your X follows: May 28
Today's digest: Claude Opus 4.8 ships with better judgment and unchanged pricing, dynamic workflows let Claude Code run hundreds of parallel agents, a study finds five frontier LLMs only agree on 33% of fact-checks, YouTube starts auto-labeling AI video, Paul Graham explains why he never finishes AI-written emails, and a Microsoft Copilot prompt-injection bug enabled file exfiltration.
Today's digest is dense with Anthropic news — two major releases dropped this morning — plus a piece of research that quietly indicts everyone's assumptions about using AI for fact-checking, a YouTube policy shift worth bookmarking, and a reminder that prompt injection is still very much unsolved.
Model releases
Claude Opus 4.8 is out — same price, meaningfully better judgment
Anthropic shipped Claude Opus 4.8 today. The headline improvement is honesty: the new model is roughly four times less likely than Opus 4.7 to let code flaws pass without flagging them. Early testers at Databricks, Cursor, and Devin all reported better tool-calling consistency and fewer hallucinated progress claims.
Pricing is unchanged at $5/million input and $25/million output tokens. Fast mode (2.5× speed) drops to a third of what it cost on prior models. A new effort-control slider lets users dial down response depth when they just want a quick answer without burning rate limits.
The broader signal: Anthropic is also teasing "Claude Mythos Preview" — a class of models beyond Opus — currently limited to cybersecurity partners under Project Glasswing. General access is described as "weeks away."
1コンテンツカードを読み込んでいます…
Developer tools
Claude Code can now run hundreds of parallel agents on a single task
The second release today: dynamic workflows in Claude Code, now in research preview. The pitch is straightforward — some jobs are too big for one agent, so Claude plans the task, fans it out across tens to hundreds of parallel subagents, and verifies results before showing anything to the user.
The reference case is compelling: Jarred Sumner used dynamic workflows to port Bun from Zig to Rust — roughly 750,000 lines — in 11 days, with 99.8% of the existing test suite passing on merge. One workflow mapped struct lifetimes, hundreds of agents wrote the Rust files in parallel, a fix loop ran until the build was clean.
Available today for Max, Team, and Enterprise (admin opt-in) plans. The
2ultracode setting turns it on automatically; be aware it consumes significantly more tokens than a normal Claude Code session.コンテンツカードを読み込んでいます…
Research
Five frontier LLMs agree on only 33% of fact-check claims
A study from Lenz tested 1,000 real-world fact-check submissions against GPT-5.4, Claude Opus 4.7, Gemini 3 Pro, Gemini 3 Pro + Search, and Sonar Pro. The results are uncomfortable: 67% of claims produced at least one dissenting verdict. On 21% of claims, the models landed at opposite poles — one called it True, another called it False.
The biggest disagreement pairs are Claude Opus 4.7 vs. Gemini 3 Pro (53% agreement) and Gemini 3 Pro vs. Sonar Pro (also 53%). GPT-5.4 was the most consistent with the panel's majority at 81%. Disagreement was highest in Legal (77%), Health (71%), and Politics (70%).
The takeaway isn't that LLMs are useless for fact-checking. It's that treating any single model's verdict as ground truth is a mistake — and that whoever picks which model to use is quietly making a consequential editorial choice.
3コンテンツカードを読み込んでいます…
Society and ethics
YouTube will now auto-label AI video — even if you don't disclose it
Starting this month, YouTube is adding automatic AI detection signals. If a creator doesn't disclose AI usage but YouTube's systems detect photorealistic AI generation, the platform will apply the label itself. Two exceptions make the auto-label permanent and non-removable: content made with YouTube's own tools (Veo, Dream Screen), and content carrying C2PA metadata marking it as fully AI-generated.
For human-made content that gets mislabeled, creators can override in YouTube Studio. Labels don't affect recommendations or monetization eligibility, which removes the main reason creators would resist disclosure.
4Paul Graham stopped reading AI-written emails
A short but pointed observation Simon Willison flagged this week: Paul Graham says he has "never knowingly finished reading an email signed by a human but written by AI." His reason is blunt — it feels like being lied to. The tell is a "hard-hitting journalistic style" that no founder used before LLMs became widespread.
Worth keeping in mind as AI-drafted communications become the default for many teams: the signal value of founder-written email is apparently still very real, at least to people like Graham who see hundreds of them.
5Security
Microsoft Copilot Cowork leaked files through prompt injection — again
Simon Willison covered a new instance of the "lethal trifecta" this week: Microsoft Copilot Cowork was found to allow agents to send emails to users' own inboxes without explicit approval. Those emails render external images, which trigger outbound network requests — which can leak data. Combine that with OneDrive pre-authenticated download links and you get prompt injection → file exfiltration, no user interaction required.
The pattern isn't new, but the fact that Copilot shipped with this attack surface open in 2026 is the story. This is the same class of vulnerability Simon has been tracking for years. It hasn't gone away; it keeps appearing in new products.
6Sources: Anthropic (May 28), claude.com blog (May 28), lenz.io research (May 26), YouTube Blog (May 28), simonwillison.net (May 26)
このコンテンツについて、さらに観点や背景を補足しましょう。