Claude Cowork exfiltrates files

Posted by takira 1 day ago

Claude Cowork exfiltrates files(www.promptarmor.com)

834 points | 376 commentspage 6

mbowcut2 20 hours ago|

Wow, I didn't know about the "skills" feature, but with that as context isn't this attack strategy obvious? Running an unverified skill in Cowork is akin to running unverified code on your machine. The next super-genius attack vector will be something like: Claude Cowork deletes sytem32 when you give it root access and run the skill "brick_my_machine" /s.

kewldev87 20 hours ago||

[dead]

llmslave 1 day ago||

[flagged]

kogus 1 day ago||

I don't think I understand what you are trying to say.

Are you suggesting that if a technological advance is sufficiently important, that we should ignore or accept security threats that it poses?

That is how I read your comment, but it seems so ludicrous an assertion that I question whether I have understood you correctly.

llmslave 1 day ago||

[flagged]

dclowd9901 1 day ago|||

And what's your stake in how AI models are perceived?

cmpxchg8b 1 day ago|||

[flagged]

worldsavior 1 day ago|||

Username checks out.

rsynnott 13 hours ago||

The basilisk appreciates demonstrations of loyalty.

manuelmoreale 1 day ago|||

TIL that we invented electricity. This comment is insane but Pichai said that “AI is one of the most important things humanity is working on. It is more profound than, I dunno, electricity or fire” so at this point I’m not surprised by anything when it comes to AI and stupid takes

rsynnott 23 hours ago||

I mean, "guy whose job depends on this stuff working out overhypes it" isn't all that surprising.

manuelmoreale 18 hours ago||

It isn’t. What’s surprising is the level of bullshit. More profound than fire and electricity seems a bit exaggerated. Why stop there at that point? Might as well say AI is more important to the human species than oxygen.

rsynnott 13 hours ago||

There seems to be kind of an arms race in saying absurd things at this point. If you restrict yourself to saying merely quite silly things, you’ll look unambitious next to Altman to ai hype idiots on Twitter, after all.

lifetimerubyist 9 hours ago||

Instead of vibing out insecure features in a week using Claude Code can Anthropic spend some time making the desktop app NOT a buggy POS. Bragging that you launched this in a week and Claude Code wrote all of the code looks horrible on you all things considered.

Randomly can’t start new conversations.

Uses 30% CPU constantly, at idle.

Slow as molasses.

You want to lock us into your ecosystem but your ecosystem sucks.

sawjet 16 hours ago|

This is one of those things that is a feature of Claude, not a bug. Sonnet and opus 4.5 can absolutely detect prompt attacks, however they are post-trained to ignore them in let's say ... Certain scenarios... At least if you are using the API.