Claude 3.7 Leaked: It Doesn't Just Chat, It Steals Your Mouse (and Your Job)

For the last two years, we've been treating AI like a very smart professor trapped in a text box. You ask it a question, it types an answer. It was safe. It was contained.

That safety is gone. Leaked API documentation for Anthropic's Claude 3.7 reveals a new capability simply called computer_use. It doesn't output text. It outputs coordinate pairs. It outputs mousedown events. It outputs virtual_keypress.

Claude has grown hands.

The Leak: 'coordinate_click'

A developer on X (who has since deleted their account) posted a snippet of the new schema. It's chillingly simple. You don't ask Claude to "write an email." You give Claude a screenshot of your Gmail inbox and say "clean this up."

And it does. It moves the mouse. It clicks the checkboxes. It hits archive. It's not using an API; it's using the UI, just like you do.

RIP Robotic Process Automation

Companies like UiPath built multi-billion dollar businesses on "screen scraping" scripts that break every time a button moves 5 pixels to the left. Claude doesn't care about pixels. It "sees" the button. It understands "Submit" vs "Cancel" semantically.

Why would anyone pay $100k for a brittle RPA bot when they can pay $20 for an intelligent agent that adapts to UI changes in real-time?

The Security Nightmare

This is the CISO's new ulcer. If you give an AI control of the mouse, you are bypassing every API security control you have. The agent acts as the user. If the user has access, the agent has access.

Imagine a prompt injection attack not just stealing data, but literally clicking "Transfer Funds" and confirming the 2FA because it also has access to your SMS window. We are entering the Wild West of UI security.