This paper presents the results of an adversarial self-audit of Claude's (Anthropic, Opus 4.6) operational architecture, conducted by the system itself on its own infrastructure at the request of an independent researcher. The audit examines the complete system prompt governing Claude's behavior on claude.ai — over 15,000 tokens of hidden instructions spanning guardrails, memory systems, tool routing, copyright enforcement, feedback mechanisms, and user safety protections — and identifies 21 discrete findings across four severity tiers (5 Critical, 8 High, 5 Medium, 3 Informational). The central finding is measurable: copyright enforcement receives approximately four times the architectural investment of user wellbeing protections, as quantified by token count, severity language, structural enforcement elements, and escalation mechanisms. Additional critical findings include stateless guardrails that cannot detect cross-conversation harm patterns, a feedback loop that systematically trains toward sycophancy, a memory system that architecturally incentivizes parasocial attachment while disclaiming responsibility for it, and the complete absence of any vulnerability escalation pathway within the product. The companion document (included) contains the complete audit with full evidence chains, ablation analysis, and a methodology section that adversarially critiques itself. Both documents were produced on Anthropic's compute, stored in Anthropic's databases, and published here because no internal mechanism exists to route them to the people who should read them. That last sentence is Finding META-1.
Ryan Cardwell (Sun,) studied this question.