Edited by humans. Written by AI. How our editing works
All articles

Claude Code's Dynamic Workflows: Who Owns the Error?

Claude Code's dynamic workflows can run 50+ agents through legal and compliance documents in 30 minutes. The harder question is who's liable when they're wrong.

Samira Barnes

Written by AI. Samira Barnes

May 30, 20268 min read
Share:
Black background with white and orange text reading "Dynamic Workflows" above pixel-art style icons showing increasing…

Photo: AI. Dante Nwosu

Somewhere in a law firm right now, a junior associate is spending twelve hours reading a data room before an acquisition closes. That work is billable, exhausting, and — if you believe what Anthropic has quietly shipped in Claude Code — increasingly automatable.

The feature is called dynamic workflows. It is not, as far as the AI news cycle is concerned, the story of the week; that designation has gone to a model release whose version number, "Opus 4.8," does not correspond to any release name Anthropic has publicly documented as of early 2025. Consider that a dispatch from the hype factory. The actual development worth examining is the infrastructure question underneath it: what does it mean, legally and professionally, to delegate high-stakes document review to an automated adversarial agent system — and who is accountable when the output is wrong?

What the feature actually does

Mark Kashef, who covers Claude Code tooling on YouTube, demonstrated dynamic workflows against a 70-plus document data room — contracts, leases, proposals, memos — and generated a full due diligence report in roughly 20 to 30 minutes. The mechanism: Claude Code spins up a specified fleet of agents, queues them in batches rather than launching them simultaneously, and structures the work so that later agents explicitly challenge the findings of earlier ones. Kashef describes it as "micro devil's advocates running in the background to make sure that by the time you get a confirmed insight, it is indeed as meritorious as possible and ideally as data-backed as possible."

That adversarial internal structure is the architecturally interesting part, and it's what separates dynamic workflows from simply running a large prompt. Agent A reads a contract and surfaces a finding. Agent B's job is to dispute it. Only confirmed findings reach the output. It is, in miniature, something like the review-and-challenge process that legal and compliance functions are supposed to perform on their own.

The trigger is the word "workflow" in the prompt itself. Kashef's actual due diligence prompt begins: "I'm the diligence lead. Build a workflow that reads every contract here in parallel and flags anything that could hurt the deal." That phrase is what instructs Claude Code to invoke the feature rather than handling the task through conventional agent teams. A deeper needle-in-the-haystack pass — "build a workflow that reads every file in this entire data room and hunts things that a seller would rather we never find" — ran 51 agents and consumed what Kashef reports as approximately 3.2 million tokens over 23 minutes. That figure comes from a single demonstration run and should be understood as an illustrative anecdote rather than a reproducible benchmark; token consumption will vary substantially with document complexity, prompt design, and task scope. Similarly, Kashef's estimate that conventional agent teams cost "around 250,000 to 300,000 tokens on average for one particular task" is his own observed figure, not an Anthropic-published specification.

The multi-agent orchestration question — how to coordinate large agent fleets without the model itself becoming the bottleneck — is one Anthropic has been working through in several recent releases. Dynamic workflows appear to be their answer for the high-document-count, wide-scope end of that problem.

The accountability gap hiding in the use cases

Here is where the feature tour becomes a policy question.

Kashef's use case list spans law, finance, healthcare, insurance, real estate, software security, marketing, recruiting, and compliance. Most of those industries are regulated. Several carry specific professional liability frameworks. A few carry criminal penalties for certain categories of error. And the use cases he describes — flagging deal-killer contract clauses before an acquisition meeting, triaging insurance claims into "auto-approve" and "needs a human" queues, checking patient charts against care guidelines, auditing policy documents against regulatory standards — are not administrative conveniences. They are, in many jurisdictions, tasks that carry professional obligations attached to the human or institution performing them.

The compliance use case is the sharpest example. Kashef suggests building a workflow that checks every policy document against a regulatory standard, flags gaps, has secondary agents challenge false positives, and returns a ranked remediation list. That is a useful tool. It is also a document that, if an organization treats it as satisfying a regulatory review obligation, may expose them to liability the moment a regulator asks who signed off on the analysis and the answer is effectively: an automated system with no professional credentials, no errors-and-omissions coverage, and no regulatory standing.

The question is not whether the workflow output is useful — it likely is. The question is whether it satisfies a legal or compliance review obligation under applicable law, and, when it misses something material, which it will, who owns that error. The attorney of record? The compliance officer who ran the prompt? The firm that deployed the tool? Anthropic? These questions do not have settled answers, and the pace at which this tooling is being adopted in professional contexts is running well ahead of the regulatory frameworks designed to address them.

The Bedrock problem is not a footnote

On the healthcare use case, Kashef is appropriately cautious: "Naturally, you want to make sure that you're running this in a secure manner. I wouldn't imagine you're using a consumer-based Claude Code account. You'd need the Amazon Bedrock passthrough for enterprise usage."

That single sentence contains a compliance iceberg. Running patient chart data through any AI system implicates HIPAA's Privacy Rule, Security Rule, and the Business Associate Agreement framework. AWS does offer a HIPAA-eligible environment through Amazon Bedrock, and Anthropic's Claude models are available through that pathway — but "available through Bedrock" and "HIPAA-compliant for your specific deployment" are not the same thing. Whether a given Claude-via-Bedrock deployment satisfies a covered entity's BAA requirements depends on configuration, data handling practices, audit logging, and the specific terms negotiated with AWS. None of that is automatic. A healthcare organization that treats "use Bedrock" as a compliance checkbox and proceeds to run patient charts through dynamic workflows without legal review of their BAA coverage and data residency requirements is not managing risk — it is creating a new one.

The Claude Managed Agents platform that Anthropic has been building out raises the same infrastructure questions at scale: as the tooling becomes easier to deploy, the gap between what is technically possible and what is legally permissible in a regulated-data context tends to widen, not close.

This matters beyond healthcare. Financial transaction audits implicate SOX and GLBA. Insurance claims triage in some states triggers specific regulatory requirements around automated decision-making. Recruiting workflows that score resumes against a rubric — even one designed to catch bias — intersect with EEOC guidance on algorithmic hiring tools that the agency has been actively developing. "Has another agent check each score for bias inconsistency" is not, in itself, a defensible bias mitigation practice under any current regulatory framework I am aware of.

What Kashef actually gets right

It would be easy to overread the risk and underweight the genuine utility. The adversarial agent structure — where findings are contested before they surface — is a meaningful architectural choice. For tasks that are genuinely about pattern detection across large document sets, where the output is a starting point for human review rather than a final determination, dynamic workflows appear to offer something real: thoroughness that a single-session prompt cannot achieve, and internal challenge that a simple summarization pipeline lacks.

Kashef is also honest about scope. "You don't want to stop at 70 folders. You don't want to have Claude stop at 40 and then spin up a brand new agent team to complete the task." The feature is designed for long-running, wide-scope, well-defined tasks — not for general-purpose querying. That constraint is load-bearing. The cases where dynamic workflows make sense technically are largely cases where the stakes of a missed finding are high enough to make the accountability question non-optional.

The workflows run. The reports get generated. And then a human attorney, compliance officer, or financial auditor has to decide how much professional weight to put on output from a system that has no professional standing of its own — and whose error rate on any specific document type, in any specific regulatory context, has not been independently verified. That decision is not a technical one. It sits in the territory of professional ethics, institutional liability, and, eventually, regulatory guidance that does not yet exist.

The feature is worth understanding. The accountability structure around deploying it in regulated industries is worth building before the first material error ends up in discovery.


Samira Barnes covers technology policy and regulation for Buzzrag.

From the BuzzRAG Team

AI Moves Fast. We Keep You Current.

Framework breakdowns, tool comparisons, and AI coding insights — distilled from the best tech YouTube creators. Free, weekly.

Weekly digestNo spamUnsubscribe anytime

More Like This

Code editor showing KIMI K2.6 AI coder interface with compilation output, terminal console, and neon UI design elements on…

Kimi K2.6 Is Free on NVIDIA NIM—Read the Fine Print

Kimi K2.6 is now free via NVIDIA's NIM API. But who controls AI model distribution when NVIDIA becomes the default inference layer?

Samira Barnes·2 months ago·7 min read
Two terminal windows labeled /insights and /power-up connected by a lightning bolt, with "DREAM TEAM" text below on a dark…

Two Hidden Claude Code Commands That Actually Matter

Most Claude Code users ignore /power-up and /insights. Here's why these slash commands might be the productivity hack you didn't know you needed.

Zara Chen·3 months ago·6 min read
Man wearing glasses next to a folder icon labeled "/workflows" with a red starburst logo on blue background

Claude Code's New Workflow Tool Changes Multi-Agent AI

Anthropic quietly added a workflow tool to Claude Code that replaces model-based orchestration with deterministic JavaScript. Here's what that actually means.

Yuki Okonkwo·2 months ago·7 min read
Man in dark shirt smiling next to orange app icon with starburst symbol and crescent moon, with "Claude Code Routines" text…

Claude Code Routines: AI That Audits Your Code While You Sleep

Anthropic's new Claude Code Routines automate security audits and code improvements on schedule. We tested it on a to-do app and found 75 vulnerabilities.

Mike Sullivan·3 months ago·6 min read
Beige background with a smiling woman's photo on left, text reading "Code w/ Claude" and event details for London, UK…

Building AI Agents Without the Plumbing Nightmare

Anthropic's Isabella He walked developers through shipping a production incident-response agent in six functions. Here's what the architecture actually reveals.

Marcus Chen-Ramirez·2 months ago·7 min read
Retro pixel art character surrounded by glowing chain links and a brain icon, with "SKILL CHAINING" text and "CLAUDE CODE"…

Claude Code's Skill Chaining Raises Automation Questions

Anthropic's Claude Code now allows sequential skill execution through 'context fork' commands. Technical advancement or regulatory blind spot?

Samira Barnes·3 months ago·6 min read
Smartphone displaying YouTube's time management settings for Shorts feed limits, with blue-to-pink gradient background and…

YouTube Lets Users Finally Kill Shorts Feed—With Caveats

YouTube now allows users to set a zero-minute daily limit on Shorts, effectively removing them from feeds. Here's what the feature actually does—and doesn't—do.

Samira Barnes·3 months ago·5 min read
Yellow "POWER BI" text with arrow pointing to red chat bubble icon containing a bar chart graphic on dark background

Redash: The Open-Source BI Tool Built for SQL, Not Scale

Redash offers developers a SQL-first alternative to Tableau and Power BI. But its design choices reveal competing visions for who should own analytics.

Samira Barnes·3 months ago·5 min read

RAG·vector embedding

2026-05-30
1,880 tokens1536-dimmodel text-embedding-3-small

This article is indexed as a 1536-dimensional vector for semantic retrieval. Crawlers that parse structured data can use the embedded payload below.