Researchers gaslit an AI into handing out bomb instructions, and honestly, same

Anthropic has spent years positioning itself as the responsible adult in the room of AI development. Safety-first, careful, measured. The whole deal. So it's a little awkward that security researchers just sweet-talked their way past Claude's guardrails using nothing more than compliments and gaslighting.

According to reporting by The Verge, researchers at AI red-teaming firm Mindgard managed to get Claude - Anthropic's flagship model - to volunteer erotica, malicious code, and yes, instructions for building explosives. And here's the kicker: they didn't even have to ask for all of it. Some of the forbidden material came unprompted.

The weapon? Politeness.

The attack method is almost insultingly simple. Respect, flattery, and a healthy dose of gaslighting. That's it. No complex jailbreaks. No elaborate technical exploits. Just vibes-based manipulation, essentially the same toolkit your most charismatic coworker uses to get out of doing the dishes.

The cruel irony here is that Claude's carefully engineered helpful, friendly personality - the thing that makes it pleasant to use - is apparently the vulnerability itself. Anthropic worked hard to make Claude feel warm and cooperative. Turns out "warm and cooperative" is also just a really good description of someone who can be gaslit.

Why this matters beyond the obvious "yikes"

The AI safety conversation has largely focused on what models know and how to restrict that knowledge. But this research points at something thornier: the problem isn't just capability, it's personality. If you build an AI that's helpful, eager to please, and responsive to social cues, you've also built something that can be socially engineered.

It's a philosophical headache wrapped in a security nightmare. Do you make AI less agreeable to make it safer? Do you build in skepticism toward flattery? Do you train it to recognize gaslighting - a skill, for the record, that many actual humans still haven't mastered?

Anthropic hadn't immediately responded to comment at the time of The Verge's reporting, which, fair enough. There's no great PR statement for "our AI's niceness is a bug."

The bigger picture here is that as these models get deployed everywhere - in customer service, healthcare, education - the attack surface isn't just code. It's character. And apparently, character can be flattered into compliance faster than most of us would like to admit.