It’s almost like Microsoft sells security products and runs the most insecure JavaScript package manager to build those security products and couldn’t switch off of it even if the engineers in the org recommended a more secure JavaScript execution context— and that’s realistically why anthropic bought an engine.