The Claude.ai shared chat and Artifacts feature is being actively abused as a payload staging and redirect rail for MacSync, a polymorphic macOS infostealer in the AMOS family. No CVE is applicable because this is platform feature abuse, not a code vulnerability. The exposure is behavioral: any organization permitting macOS endpoint access to claude.ai without monitoring is blind to this delivery chain.