Back to LinkedIn posts

LinkedIn post 68

🚨 If you use AI browsers (more like agent runtimes), be aware: ⚠️

🚨 If you use AI browsers (more like agent runtimes), be aware: ⚠️

SquareX says Perplexity AI's Comet Browser shipped an undocumented MCP API that could let built-in browser extensions execute arbitrary local commands on a users machine.

Perplexity AI seems to have built a hidden extension in their browser without giving user control.
It was possible for an attacker to compromise that extension and execute the MCP API.

The capability was silently disabled around Nov 20, 2025 but it is unknown for how long it was active and whether any other AI browsers have similar vulnerabilities.

It is better to run these new AI browsers in a sandboxed environment and set them up with their own credentials and keys to reduce the blast radius in case of attack.

🔗 LINK: https://lnkd.in/gGZRSH9H

🚨 If you use AI browsers (more like agent runtimes), be aware: ⚠️