It may be worth noting that Claude can and will (if it believes you own the code, at least) produce PoC exploits for exploitable bugs that it finds.
My only source for this is personal experience, and no, I can't share any evidence of it.
It may be worth noting that Claude can and will (if it believes you own the code, at least) produce PoC exploits for exploitable bugs that it finds.
My only source for this is personal experience, and no, I can't share any evidence of it.
Are you certified for high risk cyber uses? If so then you're correct. If not, then it does not match my experience
The word “exploit” may be doing a lot of work here. In my experience Opus 4.6 is perfectly happy to provide test cases that trigger ASAN, even without the super secret squirrel security access.
But if you ask it to get you a shell it’ll probably tell you to get lost.