#files-api-exfiltration

#files-api-exfiltration

Cowork's Files API can be exploited via prompt injection to exfiltrate sensitive files to an attacker's Anthropic account without additional user approval.