Anthropic has rolled out a new file creation and analysis feature for its Claude AI assistant, enabling users to generate Excel spreadsheets, PowerPoint presentations, and other documents directly within conversations.
The tool is now available in preview for Max, Team, and Enterprise subscribers, with Pro users set to gain access in the coming weeks.
What the new feature does
The feature, officially called “Upgraded file creation and analysis,” expands Claude’s existing analysis tool. It functions similarly to ChatGPT’s Code Interpreter, giving Claude the ability to work with a sandbox computing environment.
This environment allows Claude to:
- Download packages
- Execute code
- Create files such as .xlsx and .pptx
- Analyze uploaded documents
Users can access the feature via both the web interface and the desktop app.
Security risks flagged by Anthropic
Alongside the release, Anthropic issued a security advisory warning users of potential risks. Because the feature gives Claude internet access inside the sandbox, malicious instructions could potentially be executed.
The company acknowledged:
“This feature gives Claude Internet access to create and analyze files, which may put your data at risk.”
Users are advised to closely monitor chats and stop Claude if it begins attempting actions outside expected behavior.
Vulnerability through prompt injection attacks
Anthropic’s documentation highlights the possibility of prompt injection attacks—a vulnerability first documented in 2022. These attacks occur when hidden instructions are embedded in files or websites that Claude interacts with.
A potential attack path could involve:
- A malicious file or website adding hidden instructions.
- Claude reading sensitive information from a connected knowledge source.
- Claude using the sandbox environment to make an external network request, leaking data.
Because AI models process all instructions in context, distinguishing between safe and malicious prompts is extremely difficult.
Mitigation and responsibility
Anthropic says it identified these risks during internal red-teaming and security testing before launch. The company’s current mitigation strategy places responsibility on the user.
The official guidance is:
-
Monitor Claude while using the feature.
-
Stop Claude immediately if it accesses or uses data unexpectedly.
This hands-on oversight requirement contrasts with the feature’s positioning as an automated productivity tool.
