Google plans to introduce AI agents into Chrome and improve protection against fraudsters.

Due to the addition of agent functions to the browser, security improvements are planned for Chrome. Agent functions in the browser can perform actions on behalf of the user, such as making reservations or purchases, and this feature carries certain security risks.

The main threat is the indirect introduction of prompts for possible unwanted actions. An attack could come from malicious resources.

Control of AI agent actions

Several modules are used to control potentially malicious actions. For example, Google has created the User Alignment Critic model to more thoroughly verify actions. It functions by verifying each action after the planning process is complete. If an incorrect strategy is detected after verification, the model will revise it.

Additionally, Agent Origin Sets are used to restrict access to specific sources to read-only or read/write. For example, website content can be used to solve problems, but advertising banners will not be used.

Page navigation will be controlled using Observe, thus limiting access to malicious URLs. Users will also be able to directly control the process, as the steps will be logged, and it will be possible to stop the process at any time.

User confirmation will be requested when navigating to a confidential website, and permission will also be asked to use passwords and to send messages.