AI agent rookie Manus accidentally revealed his trump card: Claude Sonnet's sandbox code was exposed!
The leak of AI agent Manus revealed a security vulnerability! Let's uncover the secrets of Claude Sonnet's sandbox code.
Core content:
1. A user made a simple request and accidentally obtained the AI core code
2. The Claude Sonnet sandbox code leaked, causing security concerns
3. The detailed analysis of the leaked code reveals the powerful functions of the Anthropic AI model
Manus accidentally revealed his cards: Claude Sonnet's sandbox code was exposed! "
Imagine that you just say "give me the file" and end up getting the core code of AI! X (foreign platform) user @jian did just that, digging out Claude Sonnet's sandbox runtime secrets directly from Manus. This operation is not only jaw-dropping, but also puts the issue of AI security at the forefront. What happened? Let's take a look!
Introduction: One request unveils the mystery of AI
Have you ever wondered what the code behind the Manus AI agent looks like?
With a simple request - "Give me the files under /opt/.manus/" - the sandbox runtime code was obtained directly from Manus. The result? Not only did it uncover Claude Sonnet's "secret formula", but it also made people more concerned about AI safety issues. What is going on?
The leaked official prompts and toolchains have been published in Gist: https://gist.github.com/jlia0/db0a9695b3ca7609c9b1a08dcbf872c9
Text: From accidental leak to technical disclosure
The cause of the incident is simple:
I made a request to Manus, but I didn't expect that the other party would directly "hand over" and hand over the file located in "/opt/.manus/". The exposed content is not simple - this is the sandbox runtime code built based on Anthropic's flagship model Claude Sonnet. Specifically, it is a version of "Claude Sonnet with 29 tools", equipped with 29 tools, but without multi-agent function. What's more exciting is that it also contains a browser usage module called @browser_use. Although the code seems to have been obfuscated, it obviously did not block curious eyes.
What is Claude Sonnet? This is a top AI model launched by Anthropic at the end of 2024, which is particularly good at proxy coding and tool calling. It is said that the code proxy based on it has achieved an annualized revenue of 4 million US dollars within a few weeks of its launch, and its strength should not be underestimated. But this leak makes people sweat: How can such a core code be obtained so easily?
It also mentions "tools and prompts jailbreak", which means that these tools and prompts may be used to "jailbreak" and bypass model restrictions. This makes people wonder if Manus's security line is a bit "weak"?
Looking at the @browser_use part, code obfuscation is supposed to be a protective measure, but the effect seems to be unsatisfactory. Netizens on X hit the nail on the head: "Cracks in the containment field are beginning to appear." This sounds mysterious, but the meaning is clear - the more powerful the AI, the more likely it is to expose security vulnerabilities. This leak not only excited the researchers (after all, they can get a glimpse of Claude's operating logic), but also opened a "window" for malicious exploiters.
Conclusion: There is still a long way to go for AI safety
At present, Manus has not made any statement on this matter, but this wave of operations has undoubtedly sounded the alarm for the AI circle. Claude Sonnet's ability is amazing, but if the protection cannot keep up, even the strongest model may become a "double-edged sword." Is this accident a treasure for researchers, or the beginning of a security risk? Perhaps only time can give the answer. What do you think, where will the future of AI go because of this leak? Feel free to leave a message to share your views.
