Connectors — Giving Co-Work Access to Your World
Connect Co-Work to your apps with the right permissions and the right trust model — because access is not the same as trust.
What you'll learn
What Connectors Are (and Are Not)
Connectors are MCP-based integrations that give Co-Work direct access to your tools. No code required. You authenticate through an OAuth flow — the same "log in with Google" pattern you have used hundreds of times — and Co-Work gains the ability to read from and write to that application. Approximately 50 to 70 native connectors are available at launch, covering everything from Google Workspace and Notion to Salesforce and Slack.
Understanding what connectors are not is just as important. Connectors are not skills (reusable instruction sets), not plugins (bundled capabilities), and not the same as third-party automation tools like Zapier. They are the raw integration layer — the plumbing that lets Co-Work reach into your actual tools and operate them.
Brooke Wright uses this analogy to distinguish the three layers: "If Plugins are cookbooks and Skills are recipes, Connectors are the kitchen utensils." This is a community-coined analogy by Brooke Wright, not official Anthropic terminology. The analogy is useful: skills define what to do, connectors provide the instruments to do it with. Plugins bundle both into department-level packages.
The Permission Trust Model
Connecting an app to Co-Work is not a single binary decision. Every connector involves a permission level — read, write, or execute — and those three levels carry fundamentally different risk profiles. Think of it the same way you think about giving a new employee access to your tools.
| Level | What It Allows | Risk | Guardrail Required |
|---|---|---|---|
| Read | Co-Work can see data — emails, events, files — but cannot change anything | Low | None beyond standard global instructions |
| Write | Co-Work can create and modify — draft emails, create documents, add calendar events | Medium | Review-before-send rule in global instructions |
| Execute | Co-Work can take actions — send emails, delete files, post to Slack | High | Explicit approval required for every irreversible action |
The practical rule: start everything at read permission. Test that Co-Work can access the data you expect. Only then upgrade to write, and only after your global safety guardrails are in place. Execute permission — the ability to send things and take irreversible actions — requires your safety guardrails to be rock solid.
When you connect Gmail, grant read permission and draft permission only — not send permission. Test that Co-Work can read your inbox accurately. Run a week of draft-and-review workflows before you consider enabling send. "Never send emails without my explicit approval" must be in your global instructions before you grant any send permission. This is not optional.
Connector Data Privacy
This section comes directly from official Co-Work documentation, and it is often omitted from community content. Read it carefully before connecting any app that handles sensitive data.
Data you send through connectors flows through Claude's systems. When you ask Co-Work to check your Gmail and summarize your inbox, your email content passes through Anthropic's systems as part of the request. The same applies to calendar data, documents, and anything else a connector surfaces.
The practical implication: do not connect applications that contain regulated data — HIPAA-covered health information, PCI-DSS payment card data, financial records subject to SOX — until you have read Module 16 and understand the compliance boundary. Co-Work is not certified for these use cases. Module 16 covers what Co-Work can and cannot do in regulated contexts in full.
The data-flows-through-Claude's-systems note comes directly from official Co-Work connector documentation. It is consistently absent from community tutorials because it is inconvenient, not because it is unimportant. Connect your Google Calendar freely. Think carefully before connecting financial systems, HR systems, or any application containing customer PII at scale.
The Five Essential Connectors for Most Learners
You do not need every available connector. For most knowledge workers and small business operators, five connectors cover the majority of automation use cases in Modules 5 through 12:
- Gmail — email triage, draft creation, thread monitoring, inbox summarization. Start with read + draft only.
- Google Calendar — event reading, scheduling analysis, conflict detection. Read permission is sufficient for most tasks.
- Google Drive — document reading, file creation, output storage. Required for saving task output to Drive folders.
- Notion (if you use it) — note creation, database updates, project page management. Use for output storage from research and content tasks.
- Slack (if you use it) — channel monitoring, draft message creation. Never grant post-without-confirmation permission in early use.
Connect one at a time. Test each with a read-only task before building any automation on top of it. A connector that appears connected may not have the correct OAuth scope — the only way to know is to test.
Chrome as the API-Less Alternative
Some apps you need do not have native connectors and do not expose clean APIs. For those cases, Co-Work can control Chrome browser — navigating to websites, reading content, filling in forms — the same way a human would. Paul calls this the Chrome alternative; it is documented in official Co-Work capabilities.
When to use Chrome instead of a native connector:
- The app you need is not in the native connector library
- The task involves reading public web data (competitor prices, news, job postings)
- The app has no MCP server available and Zapier does not integrate with it
Chrome automation is slower than API connectors and fragile when a site's UI changes. Use it for low-frequency tasks — competitive research, occasional social monitoring, one-off web lookups — not high-frequency automated tasks that run daily. For those, find an API-based solution first.
Zapier MCP: The Long Tail
If your app is not in the native connector library and Chrome is too fragile for your use case, Zapier MCP extends Co-Work's reach to over 8,000 applications. The setup involves creating a Zapier MCP server, selecting the tools you need, and pasting the server URL into Co-Work's connector settings. Jack Roberts covers this process in detail in the Skills course.
Two things to factor in before choosing Zapier MCP: it requires a Zapier subscription (factor into your automation ROI), and the data privacy note from above applies here as well — data flowing through Zapier also flows through Zapier's systems, not just Anthropic's. For apps handling sensitive data, consult Module 16 before proceeding.
Connect three apps and run a task that pulls from two of them simultaneously. This is the first time the automation formula actually starts to feel real.
- Connect Gmail — Settings → Connectors → Gmail → Authenticate. Grant read + draft permission only (no send). Test: "What emails did I receive today?" Verify the results are accurate before proceeding.
- Connect Google Calendar — same flow. Grant read permission. Test: "What is on my calendar this week?" Verify events match your actual calendar.
- Connect one more app you use regularly — Notion, Slack, Linear, Google Drive, or another from the library. Test with a simple read operation first.
- Run your first multi-connector task: "Look at my calendar for tomorrow and my emails from the last 24 hours. Give me a one-paragraph briefing on what I need to be prepared for."
Success criteria: Co-Work produces a coherent briefing pulling from at least two connected sources simultaneously. This is your first taste of the automation formula — and the seed of the morning briefing you will build in Module 5.