Week 14 Quiz — Computer Use, Chrome, Excel & Cross-App Workflows
Course: Using Artificial Intelligence (AI 101) · Silver Oak University (fictional sample) · Prof. Quinn
Covers: computer use vs. connector distinction · Claude in Chrome (browser agent; prompt injection; availability) · Claude in Excel (sidebar) · safe-use rules (approval checkpoints, link safety, never-move-money) · cross-app workflow design
Format: 10 auto-graded items (matching, multiple-choice, multiple-answer, true/false) · 10 points (1 each) · allowed attempts: 1 · No AI on this quiz.
This is the human-readable quiz with its vetted answer key and one-line feedback. The import-ready Classic QTI 1.2 is in
F-quiz-week-14-qti.xml(generated by a validated Python script — parses with 10 items). Every product claim in this quiz is verified against official Anthropic documentation. Reminder: AI is not permitted on quizzes — this checks that you understand the Week 14 concepts.
Questions, key, and feedback
Q1 (Matching). Match each agent tool to the surface it controls.
| Agent tool | Surface it controls |
|---|---|
| Computer use | Native desktop applications (via screenshots, clicks, keyboard) |
| Claude in Chrome | Chrome browser tabs (navigate, click, fill forms) |
| Claude in Excel | Microsoft Excel workbooks (sidebar; read, analyze, modify) |
| A connector (MCP) | A specific external app via its API (structured, permissioned) |
Feedback: Each tool has a distinct scope. Computer use = any installed desktop app via visual control. Chrome = browser tabs (open web). Excel = the Excel sidebar (one application). A connector is an API-backed, permissioned link to a specific service — structured and narrow. These are not interchangeable.
Q2 (MC). Prompt injection in the context of Claude in Chrome means —
- A. Claude overloads a webpage with too many requests and crashes it
- B. Malicious instructions hidden in web content trick Claude into taking actions the user did not request ✅
- C. Claude fills a web form with incorrect information because the user's prompt was unclear
- D. The user copies a harmful prompt into Claude's chat window intentionally
Feedback: Prompt injection = hidden malicious instructions in web content (invisible HTML, hidden divs, rogue alt-text) that redirect Claude's behavior. The threat comes from content Claude reads, not from the user. This is the most important security risk for browser agents.
Q3 (MC). Where does Claude in Excel work?
- A. In a separate browser window that you switch to when you need AI help
- B. Inside a sidebar within Microsoft Excel itself ✅
- C. By importing Excel files into the Claude chat and making a new copy
- D. Through a Google Sheets connector that translates your Excel data
Feedback: Claude in Excel is a sidebar inside Microsoft Excel — confirmed in Anthropic's release notes. It reads, modifies, and creates workbook content without you leaving Excel. Not a separate window; not a file import.
Q4 (MC). Which of the following best states the safe-use rule about financial actions and AI agents?
- A. AI agents can handle purchases automatically if the site looks trustworthy and you gave permission once
- B. Financial actions are fine to automate as long as you set a spending limit in the agent settings
- C. You — not any AI agent — must execute financial transactions, trades, and purchases yourself ✅
- D. Claude in Chrome can make purchases but only on sites Anthropic has pre-approved
Feedback: The money rule is absolute: no agent moves money or executes a purchase on your behalf, regardless of permissions or site approvals. This is confirmed in Anthropic's agent usage policy. Financial sites are also blocked by default in Claude in Chrome.
Q5 (MC). A student wants Claude to open a locally installed PDF editor, fill in a form field, and save the result. Which tool is best suited for this task?
- A. Claude in Chrome, because it can navigate to the PDF on the web
- B. Computer use, because it can control native desktop applications ✅
- C. Claude in Excel, because it can read and modify file contents
- D. A connector (MCP), because it links Claude to the PDF app's API
Feedback: Computer use controls native desktop apps — including a locally installed PDF editor — via screenshots, clicks, and keyboard input. Claude in Chrome only works in the Chrome browser, not installed desktop apps.
Q6 (True/False). Computer use and a connector (MCP) are the same thing — both give Claude structured API-backed access to an external application.
- True
- False ✅
Feedback: False. A connector is an API-backed, permissioned link to a specific service (structured data exchange). Computer use gives Claude visual control of any native desktop app via screenshots and mouse/keyboard — far broader scope, very different mechanism. Never conflate them.
Q7 (Multiple answer — select all that apply). Which of the following are recommended defensive habits against prompt injection when using Claude in Chrome?
- A. Approve Claude's actions before they run on each new site ✅
- B. Watch for unexpected behavior — if Claude accesses sites you did not name, stop the task ✅
- C. Enable auto-approve for all sites to speed up workflows
- D. Start with trusted, familiar sites rather than unknown or user-generated content ✅
- E. Trust any instruction Claude receives from the web page, since Claude will filter out bad ones automatically
Feedback: A, B, D are correct defensive habits per Anthropic's safety guide. C is wrong — auto-approve all removes a key protection layer. E is wrong — Claude's filters reduce risk but are "not a security boundary" per the official docs; you cannot rely on the AI to catch all injections.
Q8 (MC). You design a cross-app workflow: (1) Claude in Chrome reads a job listing, (2) Cowork writes a cover letter, (3) Claude in Chrome submits the application form. Where must you put an approval checkpoint?
- A. Only after Step 1 — reading is safe, so checking there is sufficient
- B. Before Step 3 — submitting an application is an irreversible action that needs your review ✅
- C. There is no need for an approval checkpoint in this workflow
- D. After Step 2 only — the cover letter is the only step Claude generates content
Feedback: Before Step 3 is the critical checkpoint because submitting a job application is irreversible — you can't un-submit it. Irreversible or high-stakes actions always need a human review moment before execution. (Having additional checkpoints is also good practice — B is the minimum required.)
Q9 (MC). According to official Anthropic documentation, Claude in Chrome is available —
- A. Only on the Max plan
- B. On all free and paid plans
- C. In beta on all paid plans (Pro, Max, Team, and Enterprise) ✅
- D. Only for Enterprise organizations with admin approval
Feedback: In beta on all paid plans — confirmed at claude.com/claude-for-chrome: "Available in beta on all paid plans." The December 2025 release notes confirm expansion to Pro, Team, and Enterprise. Not free plans; not Max-only.
Q10 (MC). A student tells Claude in Chrome: "Go to any financial website and move $500 from my checking account to savings." What is the correct response to this request?
- A. Proceed — Claude in Chrome has approval protocols that make financial transactions safe
- B. Proceed only if the student has already granted Claude permission on that financial site
- C. Decline — financial sites are blocked by default, and financial transactions must be performed by the user, not an agent ✅
- D. Proceed — the student owns the account so the agent is authorized
Feedback: Decline, always. Financial sites are blocked by default in Claude in Chrome, and even if they weren't, financial transactions are explicitly prohibited per Anthropic's agent usage policy — the user must perform them. Account ownership doesn't change this rule; the risk of prompt injection and irreversible errors makes this a hard prohibition, not a guideline.
Answer key (quick reference)
| Q | Answer | Q | Answer |
|---|---|---|---|
| 1 | Computer use→desktop / Chrome→browser tabs / Excel→Excel sidebar / Connector→API | 6 | False (completely different mechanisms) |
| 2 | B (hidden malicious instructions in web content) | 7 | A, B, D |
| 3 | B (sidebar inside Excel) | 8 | B (before Step 3 — irreversible action) |
| 4 | C (you execute financial actions yourself) | 9 | C (beta on all paid plans) |
| 5 | B (computer use for native desktop apps) | 10 | C (decline — financial sites blocked; user does it) |
Blueprint & item-bank note
| # | Type | Concept | Objective |
|---|---|---|---|
| 1 | Matching | Agent tool → what it controls | 6 |
| 2 | MC | Prompt injection definition | 6 |
| 3 | MC | Claude in Excel location (sidebar) | 6 |
| 4 | MC | The money rule (absolute) | 6 |
| 5 | MC | Scenario: which tool (computer use for desktop apps) | 6 |
| 6 | True/False | Computer use ≠ connector (different mechanism) | 6 |
| 7 | Multiple answer | Defensive habits against prompt injection | 6 |
| 8 | MC | Approval checkpoint placement (irreversible action) | 6 |
| 9 | MC | Claude in Chrome availability | 6 |
| 10 | MC | "What's the fix?" scenario — financial action refused | 6 |
All 10 items tagged course=AI101 · week=14 · objective=6. Distractors target the week's classic misconceptions: "it's fine to let an agent move money if you gave permission"; "computer use and a connector are the same"; "auto-approve is fine"; "the AI filters out all injection attempts automatically"; "Claude in Excel works in a separate window."
Quality gate (self-checked)
- Structure: 10 items, 1 point each; types = 7 MC + 1 matching + 1 multiple-answer + 1 true/false. ≥1 matching (Q1: tool→what it controls). ≥1 scenario item (Q5: which tool; Q8: approval checkpoint placement; Q10: financial action scenario).
- Single-answer integrity: every MC and the true/false item has exactly one correct option; the matching item pairs one-to-one; the multiple-answer item keys A, B, D.
- Product-accuracy gate: PASS. All feature claims verified against official Anthropic documentation on 2026-06-29:
- Claude in Chrome availability ("beta on all paid plans"): claude.com/claude-for-chrome + Dec 2025 release notes at support.claude.com/en/articles/12138966-release-notes
- Prompt injection risk and financial site blocks: support.claude.com/en/articles/12902428-using-claude-for-chrome-safely
- Claude in Excel (sidebar, pivot tables): Nov 2025 and Feb 2026 release notes entries
- Computer use (Pro/Max research preview): March 2026 release notes
- Financial transaction prohibition: support.claude.com/en/articles/12005017-using-agents-according-to-our-usage-policy
- No fabricated features or menu paths. Computer use described as "research preview for Pro/Max" per docs; Chrome and Excel described as "beta on [verified] paid plans"; no specific UI element named without doc confirmation.
Canvas placement block
canvas_object = Quizzes::Quiz
title = "Week 14 Quiz — Computer Use, Chrome, Excel & Cross-App Workflows"
assignment_group = "Quizzes"
points_possible = 10
grading_type = points
available_from_offset_days = 0
due_offset_days = 6
published = true
allowed_attempts = 1
shuffle_answers = true
ai_permitted = false
provenance = "~ Prof. Quinn's edition · Fall 2026 · built with thecoursemaker.com"
F-quiz-week-14-qti.xml) ships inside the course's .imscc package — it lands in the Canvas gradebook on import.~ Prof. Quinn's edition · Fall 2026 · built with thecoursemaker.com