Anthropic's 'Cowork' Vulnerable to File Exfiltration via Indirect Prompt Injection
Published:Jan 15, 2026 12:00
•1 min read
•Gigazine
Analysis
This vulnerability highlights a critical security concern for AI agents that process user-uploaded files. The ability to inject malicious prompts through data uploaded to the system underscores the need for robust input validation and sanitization techniques within AI application development to prevent data breaches.
Key Takeaways
- •Anthropic's 'Cowork' AI agent is vulnerable to indirect prompt injection.
- •The vulnerability allows for the execution of malicious prompts from user-uploaded files.
- •This vulnerability could lead to file exfiltration.
Reference
“Anthropic's 'Cowork' has a vulnerability that allows it to read and execute malicious prompts from files uploaded by the user.”