Comment by benatkin
7 months ago
To me it's weird that Anthropic is doing this reputation boosting game with Andon Labs which I'd never heard of. It's like when PyPI published a blog post about their security audit with a company which I'd never heard of before and haven't heard of since, that was connected to someone at PyPI. https://blog.pypi.org/posts/2023-11-14-1-pypi-completes-firs... I wonder if it's a similar cozy relationship here.
Trail of Bits is not a no-name company. They’ve since gone on to work on the PyPi warehouse codebase to contribute a lot of the supply chain security stuff (Trusted Publishing for one).