Today I told Sonnet (!) to use a browser MCP to enter a username and password for the project it is working on, it told me that it can't do that because it violates its security protocol.
This worked fine before. I love Claude, I have stuck with it even through people saying Codex is better but this is definitely getting to be the last straw.
It's completely absurd I am paying them $200+ per month along with pushing them when I do contracts and they can't even deliver a baseline respectful service.
In 6 months I am sure they'll only allow me to talk about Easybake recipes and after someone gets burned on the lightbulb, they'll downgrade it to discussing wildflower meadows.
It’s incredibly ridiculous that it won’t help with that for me either sometimes but yet I’m also sitting on 3 surefire ways of jailbreaking Opus 4.8 that I use for cybersecurity assessments and pentesting
Yeah all claude models are doing this now. I also had a flow where it would enter username and password for demo server that are literally displayed on the page for any human to login. A couple of weeks ago claude would happily use chrome to take screenshots after logging in, now it flat out refuses and says I need to give it page where I've logged in and that it can't make an exception even if credentials are demo/demo and available to anyone to use. Super annoying stuff.
I'm really disappointed with Anthropic that they wont even mention if they will release a fable-like model with the subscription plans.
If Opus 4.8 is the best model they will release on the subscriptions I may be too tall for the ride...which is sad, they have been my favorite of the labs until this.
@AnyoneAtAnthropic, all we want are assurance we will still get SOTA models that are continuously improving, not regressing and getting more locked down. That's going to be who wins this race.
Really? This has never worked for me and I stopped using browser functions a long time ago because it wouldn't sign into dev environments stood up specifically for it
codex 5.5 is like that. it refuses
[dead]
Are you sure it refused because it can't use a username and password? I literally have loops running right now where it uses a database of test users and passwords to log into different roles and do computer use and browser automation testing. Sonnet and Opus complain when I provide credentials and password in chats but it is happy to use ones stored in files and stuff, so it might just be guardrails to push good opsec so that the secrets aren't captured in the session history and prompts.