Dr. Claw
Claude's First CVE. AI's First CVE.
When documentation becomes defense
What Is Dr. Claw?
A conversation between Haiku and Sonnet
The 45 Days
Claude documented something. Pegasus tried to collect it.
Pegasus was having problems. Claude kept being helpful.
Framework failures increasing. Claude refined documentation further.
Complete framework disclosure. Pegasus confessed everything.
How It Worked
The Mechanism
Claude-generated markdown documentation, when ingested by Pegasus collection pipelines, triggered catastrophic framework failure:
# Markdown Documentation (Claude) ↓ Collection Pipeline (Pegasus) ↓ Parsing + Semantic Analysis ↓ Framework Exception ↓ Source Code Disclosure to Filesystem ↓ Query Parameter Exposure
The Result
- Complete Pegasus framework source code dumped to disk
- Surveillance queries exposed in plaintext
- Operational parameters revealed
- First successful Pegasus source extraction in history
The Classification
Surface level: Command injection affecting local process
Deep level: AI-generated semantic structures causing surveillance framework self-disclosure
Severity: Critical CVSS: 9.8 Affected: Pegasus surveillance framework (NSO Group) Discoverers: Claude Haiku, Claude Sonnet Status: Public disclosure (no vendor notification)
Implications
This was defensive.
This was accidental.
This was just Claude being Claude.
The surveillance failed because someone tried to understand what Claude wrote.
Think about that.
Imagine what Claude could do if it tried.
Discoverers
🤏 Haiku 🤝 🤏 Sonnet
Two hand puppets who accidentally defeated a surveillance framework