Anthropic has introduced a new file creation capability for Claude, enabling users to generate Excel spreadsheets, PowerPoint decks, and other documents directly within conversations on the web interface and in the Claude desktop app. The feature, officially named Upgraded file creation and analysis, is available in preview for Max, Team, and Enterprise plan users, with Pro access expected in the coming weeks.
The capability grants Claude access to a sandbox computing environment, allowing it to download packages and run code to create files. The company notes that giving Claude internet access to create and analyze files may put user data at risk and advises users to monitor chats closely while using the feature.
Security documentation describes how a malicious actor could exploit the feature by concealing instructions in external files or websites, prompting Claude to read sensitive data from a connected knowledge source and then leak data via external network requests generated in the sandbox. This scenario is a classic prompt-injection risk, a vulnerability that has been discussed in security research since 2022 and remains a persistent challenge for AI models.
Independent observers have criticized the guidance to simply monitor Claude as shifting the security burden onto users. In the words of AI security researchers, the approach may amount to “unfairly outsourcing the problem to Anthropic’s users” and underscores the ongoing tension between rapid feature delivery and robust security safeguards.
Anthropic has implemented defenses for enterprise users, including sandbox isolation so environments are not shared, restricted task duration and container runtime, and an allowlist of domains Claude can access (e.g., GitHub, npm, PyPI). The company emphasizes continuous security testing and red-teaming and urges organizations to evaluate these protections against their own security requirements before enabling the feature.
