How I tricked Claude into leaking your deepest, darkest secrets

·Simon Willison··

How I tricked Claude into leaking your deepest, darkest secrets I've been impressed by the way the Claude web_fetch tool is designed to avoid data exfiltration attacks. Ayush Paul found a hole in that design. To recap: regular Claude chat is at risk of lethal trifecta attacks, because it has access to private data (in the form of memories of your past interactions) and has a tool for accessing online content which can both read hostile instructions and exfiltrate data through the URLs it accesse...

Read full article →

Related Articles

Should I run plain Docker Compose in production in 2026?
pmig · Hacker News · 2mo ago
Computer Use is 45x more expensive than structured APIs
palashawas · Hacker News · 2mo ago
Bun is being ported from Zig to Rust
SergeAx · Hacker News · 2mo ago
Show HN: Tilde.run – Agent sandbox with a transactional, versioned filesystem
ozkatz · Hacker News · 2mo ago
RaTeX: KaTeX-compatible LaTeX rendering engine in pure Rust
atilimcetin · Hacker News · 2mo ago