An Air Force friend I served with on the AWACS sent me a message the morning after Operation Epic Fury kicked off. He said: “They hit a thousand targets in 24 hours. That’s not possible.”

Except it was. And the reason it was possible is the same reason an American Tomahawk cruise missile hit a girls’ elementary school in Minab, Iran, on the first morning of the war.

In my mind, two things are simultaneously true about Operation Epic Fury and artificial intelligence.

First: AI targeting capability genuinely enabled something that had never been done before in the history of aerial warfare.

Second (and this is just my working hypothesis): that same AI system, fed data nobody had checked in over a decade, helped send a precision munition into a room full of schoolchildren.

President Trump’s former National Security Advisor John Bolton just went on BBC Newsnight and said the following words with a straight face: “Don’t build girls’ schools right next to naval bases.”

Besides being one of the more heartless things I’ve heard from a (former) government employee (this week), it’s also blatant hypocrisy. Every US military base I served on had elementary and middle schools on base; some right next to the ramp. My own kids attended these schools.

But we’ll get back to Minab in a moment. First, let’s start at the beginning, because the “before” picture matters enormously.

How Targeting Worked Before AI

Before this generation of AI tools, US strike planning ran on a mature, industrial process.

It wasn’t fast, but that was kind of the point: it was built with intentional friction, because friction catches mistakes.

Here’s the simplified kill chain as it existed before AI targeting entered the picture.

Collection and processing came first. Satellites, airborne ISR platforms, SIGINT intercepts, human intelligence reporting, partner nation feeds… all of it flowing into processing cells where DIA analysts sitting in over 140 locations globally, including in Reston, Virginia, Charlottesville, Virginia, Frederick, Maryland, and Huntsville, Alabama tried to make sense of an ocean of raw data.

Then analysts built the picture. Humans did the correlation work.

What is that site? What moved since the last satellite pass? What Iranian unit owns it? Is the intelligence still current? Is it collateral-sensitive? Are there civilians nearby?

After that came target development and vetting. Targeteers (yes, that’s their real name. The Joint Targeting School at Dam Neck, Virginia trains personnel specifically in the targeting cycle) built a target folder: essentially a legal and operational dossier for every site on the strike list.

Weaponeers determined what munition achieves the desired effect. Collateral damage estimation ran. Legal reviews happened. ROE checks happened. Protected sites like schools, hospitals, and mosques got flagged and either removed from the target lists or subjected to strict weapon constraints.

Then came prioritization and tasking. Command decided what mattered most, assigned aircraft and weapons, and that became part of the Air Tasking Order cycle.

Finally, execution, assessment, and re-attack decisions are made from battle damage assessments.

From collection to execution, that process could take days. Sometimes weeks for complex targets.

During the 2003 invasion of Iraq, that kind of target identification and vetting work required a team of around 2,000 intelligence analysts.

The system was slow by design. Friction was built in. Friction is annoying. Friction also catches the error where someone forgot to check whether the facility on the 2013 imagery is still a military site.

AI doesn’t replace that structure. It accelerates ALL steps except execution. When AI turns “hours and days” into “seconds or milliseconds,” you risk swapping careful vetting for fast acceptance. That’s the automation-bias trap. CENTCOM is trying to reassure the public that humans still decide yet it doesn’t fully answer whether humans have enough time and context to do more than rubber-stamp.

What AI Changed, And What It Didn’t

The Maven Smart System, built by Palantir and powered by Anthropic’s Claude, didn’t replace that targeting structure. It accelerated it, and that distinction is everything.

CENTCOM commander Admiral Brad Cooper said it out loud in a video posted this week: AI tools “help us sift through vast amounts of data in seconds so our leaders can cut through the noise and make smarter decisions faster than the enemy can.”

Here’s the architecture: Maven uses computer vision models, not a language model like Claude, to do the heavy detection work.

Computer vision is a different flavor of AI than what you see in the news. You can’t have Maven build you a killer itinerary for your NYC trip. That’s an LLM like Claude or ChatGPT.

The National Geospatial-Intelligence Agency built Maven’s foundation around automatically detecting, identifying, characterizing, and tracking objects and features in imagery and video, then feeding those detections into other platforms.

This is the “find the needle in the haystack” layer. Modern ISR generates an ocean of pixels from satellite passes, drone footage, cell phone imagery, and radar returns. No human team can manually process that volume at operational tempo.

Remember those 2,000 intelligence analysts during the 2003 Iraq invasion? In Iran, AI reduced that to about 20 people.

So where does the large language model fit in?

Claude is the top layer that makes the computer vision information digestible to humans.

Embedded within Maven, Claude analyzes intelligence inputs, ranks targets by strategic importance, and assesses the impact of strikes once operations begin.

I like to think of Claude as the “interface and synthesis layer.” It helps those 20 analysts query massive datasets, summarize multi-source reporting, compare options, and turn raw intelligence into real human language.

It can also help match military units to specific missions the same way Uber matches drivers to passengers.

What Claude is not doing, according to a person with knowledge of Anthropic’s work with the Defense Department, (I refuse to call it the War Department) is directly providing targeting advice.

Claude is used to help military analysts sort through intelligence and does not directly provide targeting advice. CENTCOM’s position has been consistent throughout: humans make final decisions on what to strike, what not to strike, and when.

That framing is probably technically accurate. It also doesn’t fully answer the risk.

The Problem with Speed

Here’s the question that matters more than “is AI picking the targets”: when AI compresses the decision cycle from days to seconds, does the human approving the strike package have enough time and enough independent context to do anything other than rubber-stamp what the system handed them?

That’s the automation bias trap. It’s well-documented in human factors research and it’s exactly what you’d expect in a high-tempo environment where thousands of targets are moving through a system that used to be designed for dozens.

To execute such a large-scale attack, with a pre-built list of 1,000 targets developed, CDE (collateral damage estimator)-cleared, and executed in a compressed planning and execution cycle, would be near impossible for humans alone.

The system handles multimodal inputs like imagery, text, video feeds, signals intelligence; all while simultaneously ensuring legal and operational conditions are satisfied at a speed that no analyst team can independently verify in real time.

The old process had built-in friction at every step.

A targeteeer spending two days building a target folder is more likely to notice that the satellite imagery is from 2013.

A legal reviewer working through a stack of target packages has time to cross-reference against current no-strike lists.

A collateral damage estimator running independent checks might look at the building polygon and ask why the hell there’s a soccer pitch in the courtyard.

When those steps get compressed from days to seconds, you don’t eliminate human judgment. You change the human’s job from careful analysis to rapid acceptance or rejection under severe time pressure.

That’s a categorically different cognitive task. And it’s one that humans, under pressure, are documented to get wrong in exactly the direction the system points them.

But there’s a subplot to this story.

Anthropic sought explicit contractual guardrails preventing the military from using Claude to conduct mass surveillance on Americans or to power fully autonomous weapons.

The Pentagon demanded the ability to use Claude for “all lawful purposes” and, in an unprecedented move, designated Anthropic as a supply chain risk to national security, a classification that had previously only been applied to non-US companies.

The day before Epic Fury launched, Trump ordered all federal agencies to immediately cease use of Anthropic products. US Central Command used Claude just hours after that decision to conduct its strike on Tehran and will likely continue to do so during the six-month phase-out period.

So, the White House banned the AI tool. The military used it anyway to strike a thousand targets. The company that built the tool had specifically tried to prevent its use without oversight guardrails. The Pentagon called that an act of disloyalty.

To be fair, there are always two sides to every story. Well-respected AI expert John Cofrancesco doesn’t believe the Pentagon was asking to use Anthropic’s AI for anything illegal. And that it was Anthropic who was violating the terms of the contract.

What’s more, the Pentagon’s chief technology officer told CBS News: “At some level, you have to trust your military to do the right thing.”

Were it so easy…

Trust in the military used to be the default mode for most Americans. I’m afraid we are currently burning through that trust at an alarming rate.

Still, the takeaway for this Anthropic-Trump feud is that AI tools used in both war and law enforcement are accelerating faster than the news cycle can catch up. I think Constitutional lawyers who specialize in Fourth Amendment violations will have plenty of work to keep them busy in the next five years.

What Happened in Minab

The US military accidentally struck an Iranian elementary school in an attack that Iranian state media said killed at least 168 children and 14 teachers, likely due to outdated information about a nearby naval base, according to two sources briefed on the preliminary findings of an ongoing military investigation.

The February 28 strike on the Shajareh Tayyiba school in Minab occurred while the US military was conducting strikes on a neighboring Islamic Revolutionary Guard Corps facility.

US Central Command created target coordinates for the strike using outdated information provided by the Defense Intelligence Agency, which contributed to the mistake.

The school had once been part of the IRGC naval base compound next door.

Sometime between 2013 and 2016, a fence went up. Separate entrances were opened for the public. Military watchtowers near the building were removed.

By 2017, the markings of a soccer pitch were visible from satellite imagery in the courtyard.

The database said “military facility.” Reality said elementary school with a soccer pitch. The Tomahawk hit what the database told it to hit.

Eight munitions experts confirmed to the Washington Post that the missile was a Tomahawk, which only the United States used in this conflict. Bellingcat geolocated video footage placing a cruise missile at the site.

Trump suggested Iran might be responsible. When pressed, he said: “I just don’t know enough about it.” Indeed…

It is very possible that the mistake of the US officers was caused by their over-reliance on an AI decision support system. It is very possible that Claude/Maven generated a target list, and that whatever data it produced never flagged the fact that, years ago, the school building was separated from the IRGC compound.

Officials say AI involvement is unlikely to be the direct cause. And they’re probably right in the narrowest technical sense: the AI processed the data it was given. The data was wrong. A human approved the strike package that contained it.

But the question that the investigation still hasn’t answered: why did no step in the accelerated kill chain catch a ten-year-old error before a Tomahawk flew?

In the old process, 2,000 analysts, days of vetting, independent collateral damage estimation, legal reviews, which step would have found the soccer pitch?

And which of those steps got compressed to seconds when the system went to 20 people and a machine?

So, I think there are three things worth watching:

Does the investigation name the specific failure mode? “Outdated data” is a category, not an explanation.

Which database? What imagery date? What did the collateral damage estimate assume about that building? Which step in the kill chain was supposed to catch this and didn’t?

Does Congress mandate real oversight?

Members of Congress are calling for guardrails and greater oversight of AI in war. Senator Kirsten Gillibrand has been direct about the accountability gap. The civilian harm mitigation offices that exist specifically to prevent incidents like this are now under scrutiny for whether they had any role in vetting the Minab target package… and if they were cut out by tempo, that’s not a technology problem, that’s a doctrine problem.

This is noble. But with all due respect to Senator Gillibrand, my view is that Congress has willfully relinquished any and all checks on executive power; they exist now simply as a symbol of a once functioning democracy; a “Congress Emeritus” if you will.

Does the no-strike list question get answered?

A school is a protected civilian object under the law of armed conflict unless it’s actively being used for military purposes. If that building was clearly a school since 2016, and the evidence says it was, the question of how it stayed on a military target list for nearly a decade is a legal question, not just an operational one.

Accident or not, killing 160+ elementary school girls feels like a war crime. If Putin had done this in Ukraine it would probably be enough to trigger a long-overdue NATO no-fly-zone over Ukraine.

Look, I started my Air Force career learning that precision weapons are only as precise as the intelligence that guides them. The weapon hits what you tell it to hit. The fallibility is upstream. Always.

AI didn’t create that problem. What AI did is remove the natural friction that used to catch upstream errors before they became strike packages.

I’ve been sounding this alarm since 2017 when I first started writing about increasing autonomous systems in war. Speeding up the kill chain to a point where it’s faster than human thought creates very real, insurmountable risks.

The system that required 2,000 analysts and took days now runs on 20 people and seconds. That is a genuine capability leap. It is also a genuine reduction in the number of checkpoints between a stale database entry and a cruise missile.

One hundred and sixty-eight children died in Minab because a fence was built between a school and a naval base sometime around 2015, and nobody updated the record.

That’s not a technology failure.

It’s a process failure that technology made lethal at a speed and scale that the older, slower, friction-heavy system might have interrupted.

We all need to get very smart, very fast, about how our governments are incorporating artificial intelligence into military operations.

The United States is now fighting the first large-scale war with AI at the core of the targeting cycle. The capability is real… But the accountability structure for when it goes wrong is still being written.

Both of those things are true. And right now, the children of Minab are buried in the gap between them.

Слава Україні!