Not just emotions, but LLMs also have concept vectors representing their propensity to take certain actions.
In our recent work, we tried to answer the question: when a reasoning model makes a choice, did it think first and then decide to, or decide first and then think? 🧵
New Anthropic research: Emotion concepts and their function in a large language model.
All LLMs sometimes act like they have emotions. But why? We found internal representations of emotion concepts that can drive Claude’s behavior, sometimes in surprising ways.
Announcing EnterpriseOps-Gym-AA, our independent leaderboard for ServiceNow's EnterpriseOps-Gym, testing whether AI agents can run real enterprise operations while following business rules and policy
We've partnered with @ServiceNow to launch EnterpriseOps-Gym-AA on Artificial Analysis, adapting the original EnterpriseOps-Gym benchmark (https://t.co/zIbEYazuFx) to run on our Stirrup agent harness. The benchmark drops agents into live enterprise systems and asks them to complete multi-step, stateful work across 8 business domains, with models graded on the final state of the underlying databases rather than the steps taken.
As we launch the eval, @AnthropicAI's Claude Fable 5 (max) leads at 51%, ahead of @GoogleDeepMind's Gemini 3.5 Flash (high, 50%), @OpenAI's GPT-5.5 (xhigh, 47%), with @Zai_org's GLM-5.2 (max, 43%) as the highest-scoring open weights model.
Key elements of EnterpriseOps-Gym-AA:
➤ Stateful, multi-step enterprise work: Agents operate live enterprise systems where actions are often irreversible. A wrong write can corrupt the environment the way it would in production, so agents cannot brute-force their way to a solution.
➤ Live tool use across 8 domains: Models act through live Model Context Protocol (MCP) servers over 164 database tables and 512 tools, spanning core business systems (Customer Service, HR, IT Service Management), collaboration tools (Email, Calendar, Teams, Drive), and cross-domain Hybrid tasks.
➤ Outcome-based SQL verification: Each task is graded by executable SQL checks on the final environment state, testing goal completion, state integrity, policy compliance, and unintended side effects. This rewards outcomes over rigid action sequences and allows alternative valid solution paths.
Key results:
➤ The frontier just clears 50%: Claude Fable 5 (max) leads at 51%, the only model clearly above half, with Gemini 3.5 Flash (high) close behind at 50% - a fast, low-cost Flash-tier model edging out larger frontier systems. Even the strongest models complete only about half of the 1,117 oracle-mode tasks.
➤ Models must pass all verification checks to succeed at a task: Models must satisfy all verification checks to succeed at a task, because a single missed constraint often means failure in the real world. We see that models satisfy most individual verifier checks (79% for the leader, Claude Fable 5) but complete far fewer whole tasks (51%).
➤ Open weights are within ~8 points: GLM-5.2 (max, 43%) is the strongest open weights model, about eight points behind the overall leader, with DeepSeek V4 Pro (max, 40%) and Kimi K2.7 (40%) close behind.
We would like to thank @ServiceNowRSRCH , @Mila_Quebec, @UMontreal and the benchmark authors for their excellent work building EnterpriseOps-Gym, and appreciate their collaboration in launching it on Artificial Analysis!
𝗚𝗟𝗠-𝟱.𝟮 (the latest open weights model) is having an Enterprise moment, and it is not an exaggeration.🚀 🔥
We have been impressed by how strongly GLM-5.2 is pushing long-horizon performance .. not just in coding, but also in 𝗲𝗻𝘁𝗲𝗿𝗽𝗿𝗶𝘀𝗲 𝗽𝗹𝗮𝗻𝗻𝗶𝗻𝗴, 𝘁𝗼𝗼𝗹 𝗰𝗮𝗹𝗹𝗶𝗻𝗴 and workflow 𝗲𝘅𝗲𝗰𝘂𝘁𝗶𝗼𝗻.
On EnterpriseOps-Gym, GLM-5.2 is now the highest-scoring open-source model we’ve evaluated, clocking in at 𝟯𝟱.𝟴%, close behind Claude Opus 4.8.
Even more interesting: when combined with a strong planner, such as Opus, performance jumps to 𝟯𝟴.𝟱%, making it close to all-time top 5 on EnterpriseOps-Gym.
Open weights have been lagging on tough enterprise benchmarks. As they require agents to
• plan across many steps
• call the right tools
• track evolving state
• and complete workflows without breaking downstream systems
GLM-5.2 is rapidly shrinking the gap at a fraction of the cost. If this trajectory holds, it could unlock a real wave of enterprise adoption for open-weight models.
@gneubig@pentagoniac@ysu_nlp@huggingface@sagardavasam@siris_krishna@amadamala@srini994@ServiceNowRSRCH #AI @jietang@Zai_org@CarolGLMs
We're partnering with @NVIDIA to make sure every AI agent your enterprise deploys can be seen, measured, and governed—from the desktop to the data center.
Today at Knowledge 2026, we're introducing Project Arc: an autonomous desktop agent that thinks, writes code, and executes complex work across your enterprise tools. Every action it takes runs inside NVIDIA OpenShell's sandboxed environment and is governed by AI Control Tower—so it's fully auditable before it ever reaches production.
This is what enterprise AI should look like: autonomous, but never unsupervised.
Get the details: https://t.co/hyZfqfiBgs #Know26
Super Apriel: one checkpoint, many models ⚡️
You can choose the speed ↔ quality tradeoff at serving time, not at release time.
Huge congrats to the entire team.. no more shipping one architecture and regretting it later. 🙌
@tscholak@ostap__alex@SathwikTejaswi@sagardavasam
Doing an undegrad major in physics and/or math (with maybe a minor in CS) may be better than CS if you want to do AI research today... Puts you in the right experimental/mental model framework basin.
Introducing Project Glasswing: an urgent initiative to help secure the world’s most critical software.
It’s powered by our newest frontier model, Claude Mythos Preview, which can find software vulnerabilities better than all but the most skilled humans.
https://t.co/NQ7IfEtYk7
Our results suggest that reasoning models can encode action choices before visible deliberation, and that CoT can sometimes rationalize rather than drive those choices.
Read our full paper here: https://t.co/snaBp8IQ21
w/ @den_run_ai@RajeswarSai (Raj Venkat)
Not just emotions, but LLMs also have concept vectors representing their propensity to take certain actions.
In our recent work, we tried to answer the question: when a reasoning model makes a choice, did it think first and then decide to, or decide first and then think? 🧵
New Anthropic research: Emotion concepts and their function in a large language model.
All LLMs sometimes act like they have emotions. But why? We found internal representations of emotion concepts that can drive Claude’s behavior, sometimes in surprising ways.
We had GPT-5.4 and Claude Sonnet 4.6 classify hundreds of steered traces. Flipped cases fell into two major patterns: inventing facts to back the new action, or acknowledging a constraint and then dismissing it.
Software horror: litellm PyPI supply chain attack.
Simple `pip install litellm` was enough to exfiltrate SSH keys, AWS/GCP/Azure creds, Kubernetes configs, git credentials, env vars (all your API keys), shell history, crypto wallets, SSL private keys, CI/CD secrets, database passwords.
LiteLLM itself has 97 million downloads per month which is already terrible, but much worse, the contagion spreads to any project that depends on litellm. For example, if you did `pip install dspy` (which depended on litellm>=1.64.0), you'd also be pwnd. Same for any other large project that depended on litellm.
Afaict the poisoned version was up for only less than ~1 hour. The attack had a bug which led to its discovery - Callum McMahon was using an MCP plugin inside Cursor that pulled in litellm as a transitive dependency. When litellm 1.82.8 installed, their machine ran out of RAM and crashed. So if the attacker didn't vibe code this attack it could have been undetected for many days or weeks.
Supply chain attacks like this are basically the scariest thing imaginable in modern software. Every time you install any depedency you could be pulling in a poisoned package anywhere deep inside its entire depedency tree. This is especially risky with large projects that might have lots and lots of dependencies. The credentials that do get stolen in each attack can then be used to take over more accounts and compromise more packages.
Classical software engineering would have you believe that dependencies are good (we're building pyramids from bricks), but imo this has to be re-evaluated, and it's why I've been so growingly averse to them, preferring to use LLMs to "yoink" functionality when it's simple enough and possible.
The message I've been reading the most since yesterday....
529 {"type":"error","error":{"type":"overloaded_error","message":"Overloaded"},"re
quest_id":"req_011CZAZbyVFjcKwzsDzGQmmE"}