|
|
|
|
|
|
by simonw
599 days ago
|
|
|
The author completely understands prompt injection, and they understand that the attack they are demonstrating provides access to your own machine, not to Claude's servers. It's still a problem if you run a Docker container on your own machine and an attacker tricks that Docker container into signing up as a member of a command and control botnet - especially if you're planning on doing anything else in that Docker container (and the whole point of Computer Use is that you do interesting things in the container, with the assistance of Claude). There are already other projects out there that give Computer Use access to your desktop outside of Docker - this one for example: https://github.com/corbt/agent.exe |
|
|