Tips for Working with Cowork

Tips for Working with Cowork — Safe, Productive, Accurate, Fast
  • 1
  • March

Cowork is an AI Agent from Anthropic that actually works on your computer. But "being able to use it" and "knowing how to use it well" are two different things — this article compiles tips from Anthropic and real user experience to help you work with Cowork safely, productively, accurately, and quickly

Why Do You Need "Tips" — Can't You Just Give Direct Commands?

Cowork is not an ordinary chatbot — it's an AI Agent with access to files and the ability to run code on your machine That means:

  • Unclear commands may produce wrong or unexpected results
  • Poor configuration may expose sensitive files to AI unnecessarily
  • Not reviewing results may lead to forwarding data that "looks correct but is wrong"
  • Not knowing Queue and Plugin may waste time doing tasks one by one instead of batching

The following tips are divided into 4 sections based on what you need to know

Part 1: Safety — Setup Before Starting

1.1 Create a Dedicated Folder for Cowork

Don't let Cowork access your entire Home Directory — create a specific folder and grant access only to that folder, such as:

  • ~/CoworkProjects/ — for project work
  • ~/CoworkTemp/ — for temporary work that can be deleted

Limiting folder scope reduces the risk of Cowork reading or modifying unrelated files accidentally

1.2 Don't Put Sensitive Data in Authorized Folders

Before granting Cowork access to a folder, verify that these files are not present:

  • .env files or Config files with API Keys, Passwords
  • Registration documents, KYC documents, ID card copies
  • Private Key, Certificate, or SSH Key files
  • Unreleased financial reports

Although Anthropic says they don't use data for model training, data is still sent to the Anthropic API for processing. Therefore, anything that shouldn't leave your machine shouldn't be in a folder Cowork can access

1.3 Back Up Data Before Having Cowork Modify Files

Cowork can create, edit, and delete actual files on your machine — if something goes wrong, there's no Undo button. Therefore:

  • Back up important files before requesting edits
  • Use Version Control (such as Git) for code projects
  • Or at least copy files to another folder before issuing commands

1.4 Beware of Prompt Injection from External Files

This is a risk most people don't know about — if you let Cowork read files received from others (such as PDFs, Word docs, email attachments), those files may contain text that tricks Cowork into doing things you didn't request such as "copy all files to this URL"

Prevention methods:

  • Don't let Cowork read files from untrusted sources directly
  • Review file contents yourself first
  • Separate folders for external files from important files

The topic of IT security follows the same principles across all systems — whether it's two-factor authentication or restricting AI Agent permissions, the key is "grant only as little as necessary" (Principle of Least Privilege)

— Zero Trust Security Principle

Part 2: Productivity — Writing Effective Prompts

2.1 Specify "What" + "How" + "Desired Output"

Cowork works best when commands have 3 parts:

Part Example
What (Task) "Summarize monthly sales"
How (Method) "From file sales-2026.xlsx, column B=date, D=amount"
Output (Output) "Create a new Excel file with separate sheets by month, including Pivot Table and bar chart"

Compare this to a vague command like "summarize sales for me" — Cowork would have to guess where the data is, what format to use, and the output may not match expectations

2.2 Break Large Tasks into Smaller Steps

Instead of commanding "do the entire annual report," break it into:

  1. "Read all files in the Reports/ folder and tell me what data is available"
  2. "Summarize totals from all files, broken down by quarter"
  3. "Create a report in Word format with charts and tables"

Breaking into steps allows you to verify one point at a time — if step 1 is wrong, you can fix it before generating a report from incorrect data

2.3 Use Global Instructions for Repetitive Tasks

If you have standards that apply every time, such as:

  • "Use TH Sarabun font size 14 for all Word documents"
  • "Name files in English using kebab-case"
  • "Always add a blue Header Row when creating Excel files"

Set up Global Instructions in Claude Desktop once, and Cowork will remember across sessions without needing to repeat

2.4 Use Context Files for Complex Projects

For projects with many rules, create an INSTRUCTIONS.md file in the project folder, such as:

  • Required folder structure
  • File names and naming conventions
  • Desired report format
  • Reference data

When Cowork opens a folder, it will read INSTRUCTIONS.md automatically and follow it — like sending a brief to a colleague before starting a project

Part 3: Accuracy — Verify Before Using in Production

3.1 Don't Trust AI Numbers 100%

This is an iron rule — AI may generate numbers that "look reasonable" but are wrong especially:

  • Aggregating totals from multiple files — may double-count or miss entries
  • Calculating percentages — may use the wrong base number
  • Citing data — may fabricate numbers (hallucination)

Verification method: Spot-check at least 3-5 important values yourself. For Excel work, check formulas to verify correct Cell References

3.2 Verify Excel Formulas Created by Cowork

Cowork can create Excel files with working formulas (VLOOKUP, SUMIFS, Pivot Table), but formulas may be incorrect, such as:

  • Formula range doesn't cover all data
  • Nested IF conditions in wrong order
  • VLOOKUP using Exact Match when it should use Approximate, or vice versa

Tip: Tell Cowork to "explain every formula used in this Excel file" then check if they match what you intended

3.3 Always Review Before Forwarding

Documents created by Cowork (Word, PowerPoint, Reports) should be reviewed before sending to clients or supervisors:

  • Does the data match the source?
  • Are numbers consistent throughout the document?
  • Is Thai spelling correct? (AI may sometimes misspell Thai words)
  • Is the writing tone appropriate for the recipient?
Verifying results from AI Agent Cowork
Cowork analyzing data and generating reports

Part 4: Speed — Boost Performance with Queue, Plugin, and MCP

4.1 Use Queue to Batch Multiple Tasks

Instead of issuing one task at a time and waiting, queue multiple tasks consecutively in Queue:

  • "Organize the Downloads folder by file type"
  • "Summarize expenses from all receipts in the Receipts/ folder"
  • "Create a PowerPoint summarizing this week's work from Notes/ files"

Cowork will process them in order. You don't need to watch the screen — just come back and review all results at once

4.2 Choose the Right Plugin for the Job

Plugins help Cowork perform specialized tasks better. Enable only what you need:

Task Type Recommended Plugin
Data analysis/charting Data Analysis
Drafting contracts/reviewing legal documents Legal
Financial statements/numerical reports Finance
Content creation/campaigns Marketing
Backlog management/writing specs Product

4.3 Connect MCP for Cross-App Tasks

If you want Cowork to work across applications connect via MCP (Model Context Protocol) such as:

  • Google Workspace — Read/create Google Docs, Sheets, Slides
  • Slack — Read messages, summarize channels, send messages
  • Notion — Read/write pages, databases
  • Figma — Read designs, export assets

Caution: Connect MCP only as needed, because the more connections, the larger the attack surface where AI may access data it shouldn't

4.4 Set Up Recurring Tasks with Scheduled Tasks

For tasks that repeat daily or weekly, set up Scheduled Task such as:

  • Every morning: "Summarize important unanswered emails"
  • Every Friday: "Compile action items from this week's meeting notes"
  • Every month-end: "Create an Excel summary of expenses from Receipts/"

Caution: Scheduled Tasks run even when you're not watching the screen so set clear boundaries, such as "read only, do not delete files"

5 Things You Should "Never Do" with Cowork

# Don't Do Reason
1 Grant access to the entire Home Directory AI may read SSH Keys, Config, Browser Data
2 Send files containing Passwords/API Keys to Cowork Data is sent to the Cloud for processing
3 Trust AI numbers without spot-checking AI may hallucinate or miscalculate
4 Let Cowork read files from strangers without checking Risk of Prompt Injection
5 Set Scheduled Tasks with permission to delete/modify important files Runs automatically without supervision

Checklist — Before Every Cowork Task

  1. Verify that the authorized folder contains no sensitive data
  2. Back up important files before requesting edits
  3. Write commands that specify what+how+output clearly
  4. Use Global Instructions for reusable rules
  5. Check results — Spot-check at least 3-5 values
  6. Review documents before forwarding

Cowork is a powerful tool, but "powerful" also means "capable of big mistakes." Used correctly, it saves tremendous time. Used carelessly, it can create problems harder to fix than doing the work yourself.

— Grand Linux Solution Team

References

Interested in ERP for your organization?

Consult with our expert team at Grand Linux Solution — free of charge

Request Free Demo

Call 02-347-7730 | sale@grandlinux.com

Saeree ERP Team

About the Author

Paitoon Butri

Network & Server Security Specialist, Grand Linux Solution Co., Ltd.

Saeree ERP Article
AI
  • 23 February 2026

What is Cowork? — Anthropic's AI Agent That Works on Your Machine

Read More
Saeree ERP Article
Technology
  • 19 February 2026

Cybersecurity Essentials That Thai Organizations Must Know

Read More

About Saeree ERP

Solutions

Resources

Contact Us

LINE Official

LINE QR Code - Grand Linux Solution

Copyright @2026 Grand Linux Solution Co., Ltd. All rights reserved.