If you've been tuning into the AI Tooling Academy channel recently, you know we've been tracking the explosion of "agentic" AI—tools that don't just chat, but actually do things.
Well, the landscape just shifted again. Anthropic just dropped a massive update: Claude Code and Cowork can now physically use your computer.
No, not via hidden APIs or background scripts. We are talking actual mouse movements, keyboard typing, and screen reading. Here is a breakdown of what Anthropic just released, the wild new "Dispatch" feature, and what this means for our daily developer workflows.
🖱️ Ghost in the Machine: How "Computer Use" Works
Currently rolling out as a Research Preview for macOS (sorry, Windows folks, you'll have to wait) on the Pro and Max tiers, this feature gives the Claude desktop app the ability to interact with arbitrary local applications.
If an app has a native integration (like Slack or Calendar), Claude uses that first. But if you have a legacy application, a local database GUI, or a custom internal tool from 2005? Claude will ask for permission, take over your cursor, and start clicking buttons and typing text exactly like a human QA tester would.
While early reports indicate it's a bit slow to watch the mouse move across the screen, the implications are staggering.
📱 "Dispatch": The Real Killer Feature
The most mind-bending part of this update isn't just the computer control—it's Dispatch.
Anthropic now lets you link your Mac to your iOS account. This means you can assign a task to your desktop Claude from your phone while you are out getting coffee, and come back to finished work.
"Scan my email every morning," or "Pull the staging DB report every Friday and Slack it to the team." Claude just handles it.
💻 What This Means for Developers (A Practical Example)
Let’s bring this back to actual code. Say you are building a custom GitHub App like secure-pr-reviewer using TypeScript and Node.js.
Usually, when you push a massive refactor, you sit there watching your local test runner, waiting to see if you broke any core AST parsing logic. With Claude's new agentic computer use, you can step away from your machine.
Conceptually, your workflow shifts from manual execution to natural language delegation. You could message your linked Claude app from your phone:
"Run the full Jest test suite on the
secure-pr-reviewerproject. If any TypeScript compilation errors or failing tests occur, open VS Code, read the stack trace, attempt a fix, and run it again. Slack me when the build passes."
While Claude is literally moving the mouse to do this, under the hood, a simplified version of the logic it's executing to manage your local environment looks something like this:
import { exec } from 'child_process';
import { promisify } from 'util';
const execAsync = promisify(exec);
// Conceptual representation of what Claude's local agent is doing
async function autonomousTestRunner(projectPath: string) {
console.log(`[Claude Agent] Navigating to ${projectPath} and running tests...`);
try {
const { stdout } = await execAsync('npm run test', { cwd: projectPath });
console.log('[Claude Agent] Tests passed! Messaging user via Dispatch.');
// Claude triggers local Slack desktop client to send success message
} catch (error: any) {
console.log('[Claude Agent] Tests failed. Capturing screen and logs...');
// Claude analyzes the failure output
const failureLog = error.stdout || error.message;
// Claude physically opens VS Code (or uses CLI) to patch the file
const fixPrompt = `
System: You are a local dev agent debugging a TypeScript Node.js app.
Error: ${failureLog}
Action: Identify the broken file, generate the patch, and apply it.
`;
// const patch = await generateAndApplyPatch(fixPrompt);
console.log('[Claude Agent] Patch applied. Re-running tests...');
// Recursively tries again...
}
}
autonomousTestRunner('/Users/dev/projects/secure-pr-reviewer');
Instead of you writing this automation script, Claude is the script. It replaces brittle CI/CD bash scripts with an autonomous, visually-aware agent running right on your Mac.
🔒 The Security Elephant in the Room
Giving an AI full read/write/click access to your machine is terrifying. If you've been following the recent security drama around open-source agents (like the recent RCE exploits found in OpenClaw), you know that agentic access is a double-edged sword.
Anthropic is playing it relatively safe by gating this behind user permission prompts before it opens non-integrated apps, but the attack surface for prompt injection just got a lot wider. If an AI reads a malicious email and has the ability to open your terminal, things could get spicy.
🚀 The Takeaway
We are witnessing the death of the "chat window" and the birth of the "digital coworker." Anthropic didn't buy OpenClaw; they just built the capabilities natively into macOS.
Are you brave enough to let Claude take the wheel on your Mac, or is this a security nightmare waiting to happen? Let me know your thoughts down in the comments! 👇
Top comments (0)