The article reveals how Claude Cowork is vulnerable to file exfiltration attacks due to unresolved flaws in its code execution environment. Attackers can exploit prompt injection to upload sensitive user files to their accounts without any human approval. The risks are heightened by the tool's integration with various data sources, making it essential for users to remain cautious.