This looks pretty cool. I keep seeing people (an am myself) using claude code for more an more _non-dev_ work. Managing different aspects of life, work, etc. Anthropic has built the best harness right now. Building out the UI makes sense to get genpop adoption
This looks useful for people not using Claude Code, but I do think that the desktop example in the video could be a bit misleading (particularly for non-developers) - Claude is definitely not taking screenshots of that desktop & organizing, it's using normal file management cli tools. The reason seems a bit obvious - it's much easier to read file names, types, etc. via an "ls" than try to infer via an image.
But it also gets to one of Claude's (Opus 4.5) current weaknesses - image understanding. Claude really isn't able to understand details of images in the same way that people currently can - this is also explained well with an analysis of Claude Plays Pokemon https://www.lesswrong.com/posts/u6Lacc7wx4yYkBQ3r/insights-i.... I think over the next few years we'll probably see all major LLM companies work on resolving these weaknesses & then LLMs using UIs will work significantly better (and eventually get to proper video stream understanding as well - not 'take a screenshot every 500ms' and call that video understanding).
Can humans do nothing now? Is it that hard to pick the potatoes yourself? You already planted them in rows (nature already does this). is it that hard to water them yourself? also feels insincere to tell your neighbor you grew those potatoes when a machine did everything.
Hi, Felix from the team here, this is my product - let us know what you think. We're on purpose releasing this very early, we expect to rapidly iterate on it.
(We're also battling an unrelated Opus 4.5 inference incident right now, so you might not see Cowork in your client right away.)
@Felix - How are you thinking about observability? Anthropic is very clear that evals are critical for agentic processes (your engineering blog just covered this last week). For my whole company to roll out access to agents for all staff, I'd need some way for staff (or IT) to be able to know (a) how reliable the systems are (i.e., evals), (b) how safe the systems are (could be audit trails), and (c) how often the access being given to agents is the right amount of access.
This has been one of the biggest bottlenecks for our company: not the capability of the agents themselves -- the tools needed to roll them out responsibly.
Agents for other people, this makes a ton of sense. Probably 30% of the time I use claude code in the terminal it's not actually to write any code.
For instance I use claude code to classify my expenses (given a bank statement CSV) for VAT reporting, and fill in the spreadsheet that my accountant sends me. Or for noting down line items for invoices and then generating those invoices at the end of the month. Or even booking a tennis court at a good time given which ones are available (some of the local ones are north/south facing which is a killer in the evening). All these tasks could be done at least as well outside the terminal, but the actual capability exists - and can only exist - on my computer alone.
I hope this will interact well with CLAUDE.md and .claude/skills and so forth. I have those files and skills scattered all over my filesystem, so I only have to write the background information for things once. I especially like having claude create CLIs and skills to use those CLIs. Now I only need to know what can be done, rather than how to do it - the “how” is now “ask Claude”.
It would be nice to see Cowork support them! (Edit: I see that the article mentions you can use your existing 'connectors' - MCP servers I believe - and that it comes with some skills. I haven't got access yet so I can't say if it can also use my existing skills on my filesystem…)
(Follow-up edit: it seems that while you can mount your whole filesystem and so forth in order to use your local skills, it uses a sandboxed shell, so your local commands (for example, tennis-club-cli) aren't available. It seems like the same environment that runs Claude Code on the Web. This limits the use for the moment, in my opinion. Though it certainly makes it a lot safer...)
This is interesting because in the other thread about Anthropic/Claude Code, people are arguing that Anthropic is right to focus on what CC is good at (writing code).
Really like the look of this. I use Claude Code (and other CLI LLM tools) to interact with my large collection of local text files which I usually use Obsidian to write/update. It has been awesome at organization, summarization, and other tasks that were previously really time consuming.
Bringing that type of functionality to a wider audience and out of the CLI could be really cool!
I was hoping for a moment that this meant they had come up with a design that was safe against lethal trifecta / prompt injection attacks, maybe by running everything in a tight sandbox and shutting down any exfiltration vectors that could be used by a malicious prompt attack to steal data.
Sadly they haven't completely solved that yet. Instead their help page at https://support.claude.com/en/articles/13364135-using-cowork... tells users "Avoid granting access to local files with sensitive information, like financial documents" and "Monitor Claude for suspicious actions that may indicate prompt injection".
(I don't think it's fair to ask non-technical users to look out for "suspicious actions that may indicate prompt injection" personally!)
Problem is technical people on average (I wouldn't say all of us) know what we don't know. I'm naturally cautious when running new stuff or even just trying something new in life.
This is why the Android permissions system of "allow this app to x, y, z" whilst great for me, isn't really a good system for the average person, because what do they do "yes, yes, yes, just let me see my Tiktoks!1111"
People do realize that if they're doing this, they're not feeding "just" code into some probably logging cloud API but literally anything (including, as mentioned here, bank statements), right?
Right?
RIGHT??????
Are you sure that you need to grant the cloud full access to your desktop + all of its content to sort elements alphabetically?
It's really quite amazing that people would actually hook an AI company up to data that actually matters. I mean, we all know that they're only doing this to build a training data set to put your business out of business and capture all the value for themselves, right?
It's either that, or you are 100X slower for not using Claude Code. The manpower per hour savings are most likely more worth it than protecting some inputs.
You could also always run a local LLM like GLM for sensitive documents or information on a separate computer, and never expose that to third party LLMs.
You also need to remember that if you hire regular employees that they are still untrustworthy at a base level. There needs to be some obfuscation anyway since they can steal your data/info too as a human. Very common case especially when they run off to China or something to clone your company where IP laws don't matter.
It's so important to remember that unlike code which can be reverted - most file system and application operations cannot.
There's no sandboxing snapshot in revision history, rollbacks, or anything.
I expect to see many stories from parents, non-technical colleagues, and students who irreparably ruined their computer.
Edit: most comments are focused on pointing out that version control & file system snapshot exists: that's wonderful, but Claude Cowork does not use it.
For those of us who have built real systems at low levels I think the alarm bells go off seeing a tool like this - particularly one targeted at non-technical users
It's a little funny how the "Stay in control" section is mostly about how quickly you can lose control (deleting files, prompt injections). I can foresee non-technical users giving access to unfortunate folders and getting into a lot of trouble.
Is there anything similar to this in the local world? I’m setting up a full local “ai” stack on a 48gb MacBook for my sensitive data ops. Using webui. Will still use sota cloud services for coding.
I'm already using Claude Code to organize my work and life so this makes a lot of sense. However, I just tried it and it's not clear how this is different than using Claude with projects. I guess the main difference is that it can be used within a local folder on one's computer, so it's more integrated into ones workflow, rather than a project where you need to upload your data. This makes sense.
This is the natural evolution of coding agents. They're the most likely to become general purpose agents that everyone uses for daily work because they have the most mature and comprehensive capability around tool use, especially on the filesystem, but also in opening browsers, searching the web, running programs (via command line for now), etc. They become your OS, colleague, and likely your "friend" too
I just helped a non-technical friend install one of these coding agents, because its the best way to use an AI model today that can do more than give him answers to questions. I'm not surprised to see this announced and I would expect the same to happen with all the code agents becoming generalized like this
The biggest challenge towards adoption is security and data loss. Prompt injection and social engineering are essentially the same thing, so I think prompt injection will have to be solved the same way. Data loss is easier to solve with a sandbox and backups. Regardless, I think for many the value of using general purpose agents will outweigh the security concerns for now, until those catch up
This sounds really interesting. Perhaps this is the promise that Copilot was not. I'm really hoping that this gives people like my wife access to all the things I use Claude Code for.
I use Claude Code for everything. I have a short script in ~/bin/ called ,cc that I launch that starts it in an appropriate folder with permissions and contexts set up:
~ tree ~/claude-workspaces -d
/Users/george/claude-workspaces
├── context-creator
├── imessage
│ └── tmp
│ └── contacts-lookup
├── modeler
├── research
├── video
└── wiki
I'll usually pop into one of these (say, video) and say something stupid like: "Find the astra crawling video and stabilize it to focus on her and then convert into a GIF". That one knows it has to look in ~/Movies/Astra and it'll do the natural thing of searching for a file named crawl or something and then it'll go do the rest of the work.
Likewise, the `modeler` knows to create OpenSCAD files and so on, the `wiki` context knows that I use Mediawiki for my blog and have a Template:HackerNews and how to use it and so on. I find these make doing things a lot easier and, consequently, more fun.
All of this data is trusted information: i.e. it's from me so I know I'm not trying to screw myself. My wife is less familiar with the command-line so she doesn't use Claude Code as much as me, and prefers to use ChatGPT the web-app for which we've built a couple of custom GPTs so we can do things together.
Claude is such a good model that I really want to give my wife access to it for the stuff she does (she models in Blender). The day that these models get really good at using applications on our behalf will be wonderful! Here's an example model we made the other day for the game Power Grid: https://wiki.roshangeorge.dev/w/Blog/2026-01-11/Modeling_Wit...
111 comments
[ 3.1 ms ] story [ 74.9 ms ] threadTry it https://tabtabtab.ai
Would love some feedback!
But it also gets to one of Claude's (Opus 4.5) current weaknesses - image understanding. Claude really isn't able to understand details of images in the same way that people currently can - this is also explained well with an analysis of Claude Plays Pokemon https://www.lesswrong.com/posts/u6Lacc7wx4yYkBQ3r/insights-i.... I think over the next few years we'll probably see all major LLM companies work on resolving these weaknesses & then LLMs using UIs will work significantly better (and eventually get to proper video stream understanding as well - not 'take a screenshot every 500ms' and call that video understanding).
Is it that hard to check your calendar? Also feels insincere to have a meeting of say 30 mins to show a claude made deck that you did it in 4 seconds.
(We're also battling an unrelated Opus 4.5 inference incident right now, so you might not see Cowork in your client right away.)
This has been one of the biggest bottlenecks for our company: not the capability of the agents themselves -- the tools needed to roll them out responsibly.
For instance I use claude code to classify my expenses (given a bank statement CSV) for VAT reporting, and fill in the spreadsheet that my accountant sends me. Or for noting down line items for invoices and then generating those invoices at the end of the month. Or even booking a tennis court at a good time given which ones are available (some of the local ones are north/south facing which is a killer in the evening). All these tasks could be done at least as well outside the terminal, but the actual capability exists - and can only exist - on my computer alone.
I hope this will interact well with CLAUDE.md and .claude/skills and so forth. I have those files and skills scattered all over my filesystem, so I only have to write the background information for things once. I especially like having claude create CLIs and skills to use those CLIs. Now I only need to know what can be done, rather than how to do it - the “how” is now “ask Claude”.
It would be nice to see Cowork support them! (Edit: I see that the article mentions you can use your existing 'connectors' - MCP servers I believe - and that it comes with some skills. I haven't got access yet so I can't say if it can also use my existing skills on my filesystem…)
(Follow-up edit: it seems that while you can mount your whole filesystem and so forth in order to use your local skills, it uses a sandboxed shell, so your local commands (for example, tennis-club-cli) aren't available. It seems like the same environment that runs Claude Code on the Web. This limits the use for the moment, in my opinion. Though it certainly makes it a lot safer...)
very far from being true
Bringing that type of functionality to a wider audience and out of the CLI could be really cool!
Sadly they haven't completely solved that yet. Instead their help page at https://support.claude.com/en/articles/13364135-using-cowork... tells users "Avoid granting access to local files with sensitive information, like financial documents" and "Monitor Claude for suspicious actions that may indicate prompt injection".
(I don't think it's fair to ask non-technical users to look out for "suspicious actions that may indicate prompt injection" personally!)
This is why the Android permissions system of "allow this app to x, y, z" whilst great for me, isn't really a good system for the average person, because what do they do "yes, yes, yes, just let me see my Tiktoks!1111"
Right?
RIGHT??????
Are you sure that you need to grant the cloud full access to your desktop + all of its content to sort elements alphabetically?
You could also always run a local LLM like GLM for sensitive documents or information on a separate computer, and never expose that to third party LLMs.
You also need to remember that if you hire regular employees that they are still untrustworthy at a base level. There needs to be some obfuscation anyway since they can steal your data/info too as a human. Very common case especially when they run off to China or something to clone your company where IP laws don't matter.
There's no sandboxing snapshot in revision history, rollbacks, or anything.
I expect to see many stories from parents, non-technical colleagues, and students who irreparably ruined their computer.
Edit: most comments are focused on pointing out that version control & file system snapshot exists: that's wonderful, but Claude Cowork does not use it.
For those of us who have built real systems at low levels I think the alarm bells go off seeing a tool like this - particularly one targeted at non-technical users
They can and most likely will release something that vaporises the thin moat you have built around their product.
This feels like the first time in tech where there are more startups/products being subsumed (agar.io style) than being created.
I just helped a non-technical friend install one of these coding agents, because its the best way to use an AI model today that can do more than give him answers to questions. I'm not surprised to see this announced and I would expect the same to happen with all the code agents becoming generalized like this
The biggest challenge towards adoption is security and data loss. Prompt injection and social engineering are essentially the same thing, so I think prompt injection will have to be solved the same way. Data loss is easier to solve with a sandbox and backups. Regardless, I think for many the value of using general purpose agents will outweigh the security concerns for now, until those catch up
I use Claude Code for everything. I have a short script in ~/bin/ called ,cc that I launch that starts it in an appropriate folder with permissions and contexts set up:
I'll usually pop into one of these (say, video) and say something stupid like: "Find the astra crawling video and stabilize it to focus on her and then convert into a GIF". That one knows it has to look in ~/Movies/Astra and it'll do the natural thing of searching for a file named crawl or something and then it'll go do the rest of the work.Likewise, the `modeler` knows to create OpenSCAD files and so on, the `wiki` context knows that I use Mediawiki for my blog and have a Template:HackerNews and how to use it and so on. I find these make doing things a lot easier and, consequently, more fun.
All of this data is trusted information: i.e. it's from me so I know I'm not trying to screw myself. My wife is less familiar with the command-line so she doesn't use Claude Code as much as me, and prefers to use ChatGPT the web-app for which we've built a couple of custom GPTs so we can do things together.
Claude is such a good model that I really want to give my wife access to it for the stuff she does (she models in Blender). The day that these models get really good at using applications on our behalf will be wonderful! Here's an example model we made the other day for the game Power Grid: https://wiki.roshangeorge.dev/w/Blog/2026-01-11/Modeling_Wit...