Prompt Injection Risk: Claude 4.7 Agentic Tool Expansion
Anthropic's published system prompt diff between Claude Opus 4.6 and 4.7 reveals significant expansions in agentic tool access, autonomous browsing capabilities, and child safety guardrails — changes with direct security implications for prompt injection and excessive agency risks. The new `tool_search` mechanism and acting-before-asking posture increase the attack surface for adversarial inputs targeting agentic Claude deployments. Transparency in publishing these changes is notable, but the expanded autonomous capabilities warrant scrutiny from defenders.