Overview
- Gartner advises enterprises to block AI-centric browsers such as OpenAI’s Atlas and Perplexity’s Comet, citing significant cybersecurity and privacy risks.
- Analysts warn that persistent AI sidebars and autonomous agents can exfiltrate data from open tabs to vendor clouds and make opaque decisions that organizations cannot easily audit.
- Researchers highlight concrete attack paths, including indirect prompt-injection and fake AI sidebars created via extensions, which can trick users into revealing credentials.
- Consumer guidance stresses limiting these browsers to low-risk tasks and avoiding passwords or financial information, given error-prone automation and manipulation risks.
- Google details a control architecture for Chrome agents featuring a separate ‘user alignment critic’ model with veto power, scoped ‘Agent Origins’ data access, required user consent for sensitive actions, and a U.S. rollout of Gemini in Chrome, while OpenAI’s security chief calls prompt injection an unsolved problem.