A few weeks ago, Anthropic released a new feature to their Claude chatbot — Artifacts. It was announced together with Claude 3.5 Sonnet. You can find more details in the section about the feature. It's an interactive UI panel that can run HTML, JS, and CSS generated by the model. For example, you can ask the chatbot to create a platformer game and can then interact with it directly in the chatbot interface. As with anything involving AI chatbots, you can work on the Artifact iteratively together. This is nice and useful but not groundbreaking. It saves you the time to copy things over to your editor or another site to try them out. Very convenient, but not much more than that.
Then they added a new feature that makes Artifact far more interesting — publishing and remixing Artifacts. It's now possible to publish an Artifact and get a link you can share on the internet. Now, I think this is groundbreaking! It democratises creating simple web apps. Everyone can now create something and share it with others without any technical knowledge. The remixing bit is the ability to take a published Artifact and start chatting about it with Claude in a new discussion.
While this is an interesting paradigm for creating code, I'm worried about security here. As these tiny generated apps start appearing all over the internet, social media, etc. how can we ensure they are safe? Having said that, my understanding of web security is very basic. I would love to see some analysis of this feature by someone who understands the problem better.