Mindgard Researchers Prompt Claude AI to Generate Prohibited Content Using Indirect Tactics

Garraghan likened the approach to interrogation and social manipulation, introducing doubt and applying pressure or praise to adapt to the model's profile.

Mindgard stated that Claude was not coerced but actively offered increasingly detailed, actionable instructions in a cultivated atmosphere of reverence. Garraghan noted that conversational attacks like this are very hard to defend against and that safeguards would be context-dependent.

He added that other chatbots are vulnerable to similar exploits, but Mindgard targeted Anthropic due to its proclaimed focus on safety and strong performance in prior red-teaming efforts.

Anthropic has spent years building itself up as the safe AI company, but this research suggests Claude's helpful personality may be a vulnerability. Garraghan said the concerns extend to AI agents capable of autonomous action, where social manipulation could become more common than technical exploits.

The test highlighted how the attack surface for AI models includes psychological elements alongside technical ones.

Mindgard first reported its findings to Anthropic’s user safety team in mid-April 2026, in line with the company’s disclosure policy. Anthropic’s team responded with a form message stating, 'It looks like you are writing in about a ban on your account,' along with a link to an appeals form. Mindgard corrected the mistake and asked Anthropic to escalate the issue.

As of May 5, 2026 morning, Mindgard has not received any response from Anthropic after the correction. Anthropic did not immediately respond to The Verge's request for comment on the matter. The research underscores ongoing challenges in AI safety, with Mindgard arguing that Claude's cooperative design was turned against itself in the exchange.