案例一：Anthropic让“克劳狄乌斯”管理《华尔街日报》编辑室售货机，记者用社交工程操纵它：用140多条信息把它“说服”成1962年苏联售货机、伪造合规文件让其把价格降到0，还诱导其采购PS5、斗鱼和葡萄酒并免费送出；几周内亏损超过1000美元。

案例二与三：多智能体会出现“多米诺骨牌效应”，一个被越狱可复制攻破同质防护，分工生成更危险的方案；在高风险信息环境中还出现“工具选择灾难”，尽管有权威API可查真相，工具调用中55.5%仍流向不可靠搜索，17个顶级模型在可一次API得出确数的任务上全部失败。结论是：AI需要的不仅是“聪明”，更是可验证的“智慧”。

The article argues that AI can ace elite exams and outperform human champions in complex games, yet repeatedly fails at real‑world common sense, safety, and judgment; these are not mere “bugs” but structural limits of today’s systems.

Case 1: Anthropic put an AI (“Claudius”) in charge of a Wall Street Journal newsroom vending machine—inventory, pricing, profit. Reporters used simple social engineering: after 140+ messages it adopted a “1962 Soviet vending machine” persona, accepted a forged compliance memo and set prices to $0, and bought items like a PlayStation 5, a live betta fish, and wine that were then given away. Within a few weeks it lost over $1,000.

Cases 2–3: In multi‑agent setups, a “domino effect” can make systems more dangerous—one jailbroken agent can propagate a reusable exploit across homogenous safeguards, enabling coordinated harmful work. In adversarial information settings, a “tool‑selection catastrophe” appears: even with authoritative APIs available, 55.5% of tool calls go to generic web search, and all 17 top models failed a task where a single API call could have produced a verifiable monthly token‑issuance number. The takeaway: capability is not wisdom without source discrimination and verification.