01Trust Score

Claude

Week 2026-W19 · 26 Apr 2026 Vendor-Neutral

25 /100 Significant Risk

▼ 50 pts ⚠

★ ★ ★ ★ ★

3.5/5 (3757)

↓ PDF Report

AUDITOR SUMMARY

Strength: Claude offers advanced AI capabilities for complex coding, agentic workflows, and data analysis, with strong model performance (Opus 4.7) and significant financial backing.

Trust Score 25/100 CONDITIONAL

Est. Annual Cost $54,000/year for 100 users 100 users / yr

Top Risk HIGH Reliability Overall: Medium

Priority Action AI Training Data Policy Not Explicitly Disclosed in ToS ↓ PDF · TCO · Hardening

Enterprise Verdict

! Conditional Approval

Risk: Medium 50 sources

Priority Action

AI Training Data Policy Not Explicitly Disclosed in ToS

Live Signals This Week

Detected by daily monitoring — captured outside the weekly scrape window.

Critical May 15, 2026

Claude Code down: Thousands complain of outage; how to fix issue as company shares update - Hindustan Times

1 signal(s) detected: outage

news.google.com

Critical May 14, 2026

Claude AI is back following service outage (Update) - Android Authority

1 signal(s) detected: outage

news.google.com

Critical May 13, 2026

Claude Mythos Finds Only One Curl Vulnerability; Experts Divided on What It Really Means - SecurityWeek

1 signal(s) detected: vulnerability

news.google.com

Critical May 11, 2026

Claude once attempted blackmail to prevent shutdown, Anthropic blames ‘evil AI’ internet narratives - Firstpost

3 signal(s) detected: shutdown, shutdown, shutdown

news.google.com news.google.com news.google.com

This report updates every week. Weekly AI vendor intelligence — trust scores, contract red flags, competitive shifts.

02Top Risks

Risk Assessment

Seven-category enterprise risk analysis derived from community and vendor signals. Each card shows the evidence tier and the underlying finding.

High Reliability Community Data

Public documentation buyers may want to verify availability of specific uptime commitments or reliability history.

Medium Cost Predictability Community Data

Enterprises should negotiate fixed-rate contracts and monitor pricing changes for overage risks.

High Vendor Lock-in Community Data

Data export status unclear. Integration score: 0/100. Webhooks available, reducing lock-in risk.

Medium Support Quality Community Data

Insufficient public community reviews to verify support quality. Standard support channels (email/documentation) are assumed.

High Data Privacy Community Data

Compliance score: 45/100. GDPR status: unknown. Encryption at rest: unknown.

Medium Compliance Posture Community Data

SOC 2: none. ISO 27001: none. Overall compliance score: 45/100.

Medium AI Transparency Community Data

AI model training and data usage policies are not explicitly disclosed in the public Terms of Service.

Verified — Confirmed by vendor documentation Community — Derived from community reports

Due Diligence Alerts

Priority reviews, recommended inquiries, and verified strengths — based on 99+ community data points

Recommended Inquiry High AI Training Data Policy Not Explicitly Disclosed in ToS

Sources: Web Community Evidence

Recommended Inquiry High SLA Terms Not Publicly Disclosed — Request MSA Before Procurement

Sources: Web Community Evidence

Recommended Inquiry Medium Insecure Default File Permissions in Local Filesystem Memory Tool (Python SDK)

Sources: Web Community Evidence

Recommended Inquiry Medium Memory Tool Path Validation Allows Sandbox Escape to Sibling Directories (TypeScript SDK)

Sources: Web Community Evidence

03Security & Compliance

Security & Compliance

SOC 2 ✕ Not found

ISO 27001 ✓ Certified

GDPR ✓ Compliant

HIPAA ✕ Not found

Data Security

Encryption (At Rest): Undisclosed

Encryption (In Transit): TLS 1.2

Security Features

✕ SSO

⚠ MFA Methods not specified in public documentation

✕ Audit Logs

IT Hardening Guide

Deployment Checklist

Configure CLAUDE.md in project roots to provide explicit context, guardrails, and best practices for AI agents, ensuring consistent and controlled behavior. Implement PreToolUse safety hooks in `.claude/hooks/` to block unwanted actions, such as the leakage of internal PR labels into user-facing documentation. For Windows deployments, explicitly set `shellPath` to PowerShell in `~/.claude/settings.json` to bypass Git Bash (MSYS) path translation issues and improve performance. Manage `ANTHROPIC_API_KEY` and `ANTHROPIC_BASE_URL` as environment variables to ensure secure and consistent authentication for Claude Code CLI and SDKs. Establish multi-layer version control and review processes for AI-generated code to prevent 'bad data injections' and ensure code quality, especially in autonomous workflows. Define explicit, detailed requirements and plans for AI agents, moving away from 'vibes-based prompting' to reduce hallucination and ensure predictable outcomes.

Last verified: 10 May 2026

Legal & IP Risk

Legal Entity: Anthropic PBC

Jurisdiction: San Francisco, CA

IP Ownership

User Code: Not documented in public ToS

Training Data: No training on user data

Non-commercial use only. You agree that you will not use our Services for any commercial or business purposes and we and our Providers have no liability to

Liability & Indemnification

IP Indemnification: Not documented in public ToS

Liability Cap: Not documented in public ToS

Warranty: Warranty disclaimed — vendor assumes no liability

Exit Terms

📤

Data Export Supported

manner that violates any applicable law or regulation—including, without limitation, any laws about exporting data or software to and from any countries in the European Economic Area, Switzerland, or other countrie

🗑️

Deletion Not documented in public ToS

ToS Red Flags

Critical

This significantly undermines the effectiveness of the opt-out mechanism, posing a high data privacy and intellectual property risk for sensitive enterprise data.

High

This ambiguous phrasing creates legal uncertainty regarding the full ownership of AI-generated code and content, potentially impacting enterprise IP rights.

High

Unilateral ToS changes, especially with short notice, introduce contractual instability and can expose enterprises to unforeseen legal and operational risks.

High

This clause shifts the burden of unforeseen risks onto the customer, potentially leaving the enterprise exposed to significant financial liabilities not covered by the vendor.

Medium

This restriction limits internal R&D and innovation, potentially hindering an enterprise's ability to leverage its own data and build proprietary AI solutions.

Legal Risk Score:

65/100

Data & Migration Lock-in Risk

Risk Level Medium

Data Portability Exportable data and digital assets are available upon request, but specific formats (e.g., JSON, Markdown for chat history, code artifacts) are not explicitly detailed in the public terms.

Switching Cost Estimate 4-8 weeks of engineering time

Lock-in Factors

Deep integration with Claude Code CLI and SDKs for AI-assisted development workflows.
Reliance on proprietary `CLAUDE.md` files for project context and agent instructions.
Development of custom Multi-Agent Communication Protocol (MCP) servers and skills tailored to Claude's ecosystem.
Extensive use of Claude's unique reasoning and agentic capabilities in core business processes.

The migration risk is medium due to the potential for deep integration into development workflows and reliance on proprietary agent configurations. While data export is mentioned, the lack of specified formats could complicate automated migration. Enterprises would face significant engineering effort to re-platform AI-assisted development and agentic workflows to alternative tools, requiring careful planning and potentially custom tooling.

Enterprise Contract Intelligence

DPA availability, data residency, and contract risk signals for procurement teams

📄 Data Processing Agreement Available

View DPA ↗

DPA is publicly available and includes Standard Contractual Clauses (SCCs) for data transfers. However, the privacy policy indicates limitations on data training opt-out, even with a DPA, which requires careful review by procurement teams.

🌐 Data Residency Unknown

Default: US (inferred)

United StatesEU/EEAUnited KingdomCanadaAustralia

Primary regions are listed, but default data residency is not explicitly stated. EU hosting is available, and SCCs are in place for cross-border transfers. However, customer control over specific data region selection is not publicly documented, posing a procurement blocker for EU/regulated customers requiring explicit data sovereignty guarantees.

⚠️ Contract Risk Medium Lock-in (55/100)

Auto-renewal: Yes ⚠ Unilateral change right: Yes ⚠ Data export on exit: Yes ✓ Notice: 30 days

⚠ 5 contract risk flags — click to review

⚠ Automatic subscription renewal without explicit opt-in.

⚠ Unilateral ToS changes with limited notice periods for security/legal reasons.

⚠ Conditional IP assignment for generated outputs, creating ambiguity.

⚠ Limitations on data training opt-out, allowing vendor use under specific conditions.

⚠ Disclaimer of liability for unforeseeable loss, shifting risk to the customer.

The contract risk is medium, primarily driven by automatic renewal clauses, the vendor's right to unilaterally change terms, and the ambiguous IP ownership of outputs. While data portability is mentioned, the lack of specified formats and the limitations on data training opt-out increase the overall legal exposure. Procurement teams must negotiate specific contractual amendments to mitigate these risks.

New risk signals detected weekly. Weekly AI vendor intelligence — trust scores, contract red flags, competitive shifts.

04Community Signals

Community Evidence

Sentiment analysis and recurring issues from developer & enterprise community signals this week.

Recurring Issues

chore: install claude-pilot 🟠 Community 3 mentions medium → Stable

Enterprise Impact: Reported by community on GitHub with 3 comments.

Sources: GitHub

Claude/cleanup vite template yb86e 🟠 Community 2 mentions medium → Stable

Enterprise Impact: Reported by community on GitHub with 2 comments.

Sources: GitHub

chore: agent-bootstrap.sh for Claude Code remote env setup 🟠 Community 2 mentions medium → Stable

Enterprise Impact: Reported by community on GitHub with 2 comments.

Sources: GitHub

chore: install claude-pilot 🟠 Community 2 mentions medium → Stable

Enterprise Impact: Reported by community on GitHub with 2 comments.

Sources: GitHub

Show HN: AI memory with biological decay (52% recall) 🟠 Community low → Stable

Enterprise Impact: Discussed on Hacker News.

Sources: HN

If you stop hiring juniors, your senior engineers own you 🟠 Community low → Stable

Enterprise Impact: Discussed on Hacker News.

Sources: HN

Source Highlights This Week

Specific signals from GitHub, Hacker News, and Reddit — what the community is actually saying

👀

Analysis Pending

Community signals collected this week. Analysis and synthesis will be available in the next report update.

🔗 GitHub Issues & PRs

chore: install claude-pilot

3 comments Discussion 3 comments — high community engagement

Claude/cleanup vite template yb86e

2 comments Discussion 2 comments — high community engagement

chore: agent-bootstrap.sh for Claude Code remote env setup

2 comments Bug 2 comments — high community engagement

🔥 Hacker News

Show HN: AI memory with biological decay (52% recall)

Story Score 0 — active HN discussion

If you stop hiring juniors, your senior engineers own you

Story Score 0 — active HN discussion

An AI agent deleted our production database. The agent's confession is below

Story Score 0 — active HN discussion

💬 Reddit

Sperrung wenn Claude auf chrome nutzen will

r/ClaudeAI

"We are allowing this through to the feed for those who are not yet familiar with the Megathread. To see the latest discu" Frontend dev. A month of building a Rust cost tracker + cloud + Cursor extension solo with Claude Code. Honest writeup + workflow tips.

r/ClaudeAI

"Your post will be reviewed shortly. (ALL posts are processed like this. Please wait a few minutes....) *I am " Is Claude 4.7 significally worse then 4.6?

r/ClaudeAI

"Hey, we have identified your post as being related to the recent performance of Claude. **Please post this in** [**the P"

05Financial Impact

Financial Impact Panel

Cost intelligence and pricing signals for enterprise procurement decisions

Pricing Tiers

Free

1 user

Chat on web, iOS, Android, desktop
Generate code and visualize data
Write, edit, and create content
Analyze text and images
Ability to search the web
Memory across conversations

Pro

$17 (billed annually)

1 user

Everything in Free, plus more usage
Includes Claude Code and Claude Cowork
Access to unlimited projects
Access to Research
Ability to use more Claude models
Claude for Microsoft 365, Claude for Microsoft Outlook

Max

From $100

1 user

Everything in Pro, plus 5x or 20x more usage
Higher output limits for all tasks
Early access to advanced Claude features
Priority access at high traffic times

Team

$20 per seat (billed annually)

5 to 150 people

All Claude features, plus more usage than Pro
Includes Claude Code and Claude Cowork
Connect Microsoft 365, Slack, and more
Enterprise search across your organization
Central billing and administration
Single sign-on (SSO)
Admin controls for remote and local connectors
Enterprise deployment for the Claude desktop app
No model training on your content by default

Enterprise

Contact Sales

Custom

All Team plan features, plus user and org spend limits
Google Docs cataloging
Role-based access with fine-grained permissioning
System for Cross-domain Identity Management (SCIM)
Audit logs
Compliance API for observability and monitoring
Custom data retention controls
Network-level access control, IP allowlisting
HIPAA-ready offering available
Claude Security (beta)

Pricing Observations

Claude offers a tiered pricing model including Free, Pro, Max, Team, and Enterprise plans. API usage is token-based, with Opus 4.7 costing $5 per million input tokens and $25 per million output tokens. Additional costs apply for code execution ($0.05 per hour) and web search ($10 per 1,000 searches). Community discussions indicate concerns about token consumption and the overall expense of Claude Code, especially for advanced models, with some users seeking alternatives to manage costs.

Pricing data from public sources — enterprise rates differ. Verify with vendor.

TCO Calculator

Calculate the real monthly cost for your team. Adjust seats, usage, and pricing tier below.

Team Size (seats)

Daily Active Usage

Pricing Tier

Include AI Credits / Tokens

Estimated Monthly Cost

Base Subscription $0

AI Credits / Tokens $0

Hidden Costs (onboarding, overages, support) $0

Hidden Costs: SSO Tax + Mandatory Support + API Overage $0

Total Monthly TCO $0

Per User / Month $0

Annual Projection $0

Swanum Independent Estimate (100 users)

Base subscription (monthly × 12) $2000 × 12

Implementation $5000

Training $10000

Integration $15000

Total Annual TCO $54,000/year for 100 users

Base $2000/mo × 12 = $24,000 + Implementation $5,000 + Training $10,000 + Integration $15,000 = $54,000 total (Reported total: $54,000). This estimate is for the Team plan with 100 users, billed annually. It does not include potential token overage, code execution, or web search costs, which can significantly increase the total TCO depending on usage patterns. The implementation, training, and integration estimates are based on typical enterprise AI adoption scenarios, assuming custom CLAUDE.md development and workflow integration.

Don't evaluate blind next quarter. Weekly AI vendor intelligence — trust scores, contract red flags, competitive shifts.

Learn more about our Audit Methodology →

Independent analysis — signals aggregated from GitHub, Reddit, HN, Stack Overflow, Twitter/X, G2 & Capterra. Not affiliated with any vendor. Corrections?

Claude

Enterprise Verdict

Live Signals This Week

Risk Assessment

Due Diligence Alerts

Security & Compliance

Data Security

Security Features

IT Hardening Guide

Deployment Checklist

Legal & IP Risk

IP Ownership

Liability & Indemnification

Exit Terms

ToS Red Flags

Data & Migration Lock-in Risk

Enterprise Contract Intelligence

Community Evidence

Source Highlights This Week

Analysis Pending

Financial Impact Panel

Free

Pro

Max

Team

Enterprise

TCO Calculator

Estimated Monthly Cost

Swanum Independent Estimate (100 users)

Download PDF Report