Similar to Claude Code, Cowork is designed to take strings of actions without user input — a potentially dangerous approach if the tool is given vague or contradictory instructions. In a blog post announcing the new tool, Anthropic explicitly warns about the risk of prompt injection or deleted files, recommending that users make instructions as clear and unambiguous as possible.
“These risks aren’t new with Cowork,” the post reads, “but it might be the first time you’re using a more advanced tool that moves beyond a simple conversation.”
International