Back to home

AI browser extensions

Are AI browser extensions safe?

Claude, ChatGPT, Codex and Gemini can now read and act inside your browser. That's genuinely useful, and it's a new attack surface. Here's what each one can access, the documented risks, and how to check what it really sees.

Why an AI extension is different from a normal one

A normal extension does one narrow thing. An AI browser agent reads the page you’re on and can act on it - click, type, navigate, submit - usually under a permission that reads “read and change all your data on all websites.” That makes the instructions it follows the security boundary. If a web page can smuggle in instructions the agent obeys - prompt injection - your logged-in sessions are the thing it acts against. Each page below breaks down exactly what that means for one tool.