Back to feed
Dev.to
Dev.to
6/22/2026
Browsers shipped a security model for humans. Agents are asking us to keep using it.

Browsers shipped a security model for humans. Agents are asking us to keep using it.

Short summary

Browser security was architected assuming a human user at the keyboard with intentional actions. AI agents now driving browsers replace that human while keeping the same security mechanisms intact—fundamentally breaking assumptions around same-origin policy, permission dialogs, and user gestures. Four commercial agent-browser products expose these gaps; the W3C WebMCP proposal attempts to address them.

  • Browser security assumes human intent; agents replace humans but inherit the same security model
  • Key mechanisms (same-origin policy, user gestures, permission dialogs) fail when agents read cross-origin instructions
  • Four major products (Anthropic Computer Use, Google Mariner, OpenAI Operator, Perplexity Comet) ship with these vulnerabilities

Generated with AI, which can make mistakes.

Is this a good recommendation for you?

Explore more