The newly launched general AI agent product, Manus, has attracted a large number of users vying for invitation codes. While its performance has garnered significant attention, the technology behind Manus has also piqued considerable interest.
Besides numerous teams attempting to replicate Manus, a user named jian recently cracked the Manus system. By simply requesting Manus to output the files in the “/opt/.manus/” directory, jian successfully obtained some crucial information and runtime code.
According to jian's published findings, Manus isn't a standalone model but is built upon Claude Sonnet and equipped with 29 tools to assist tasks, though multi-agent functionality isn't implemented. Furthermore, Manus utilizes the open-source project called browser_use, although the related code might be obfuscated.
The Manus team subsequently responded to this incident. Manus's co-founder and chief scientist, Ji Yichao, stated that users can directly access the sandbox, with each session having an isolated sandbox. The code within the sandbox is solely for receiving commands and is therefore only lightly obfuscated. Ji Yichao also emphasized that Manus's tool design isn't secretive, resembling common academic approaches. Additionally, Manus does use open-source code and plans to open-source more in the future.
When addressing the underlying model used by Manus, Ji Yichao mentioned that the team employed Claude and different fine-tuned versions of Qwen. They obtained the Claude 3.5 Sonnet v1 version during the initial development phase and are currently internally testing Claude 3.7, anticipating its potential updates.
Leaked file location: https://gist.github.com/jlia0/db0a9695b3ca7609c9b1a08dcbf872c9
Leak process: https://manus.im/share/lLR5uWIR5Im3k9FCktVu0k?replay=1
