Interacting with LLMs on the Web
Server-side Operated (chatbot)
Client-side Operated (1)
Client-side Operated (2)
AI Agent: client-side
AI Agent: server-side
AI Agent examples
- Voice-based assistants
- Browser-embedded chatbot
- LLM-powered Web Extension API
- “Deep Research” agents
- Browser “operators”
- WebApp Test frameworks
What do AI Agents change?
- Intermediate user & browser
- From "do what I say" to "do what I mean"
- Non-deterministic
- Robot or User Agent?
Emerging needs from AI Agents
- Dedicated protocol (MCP) to interact with content and services
- Simplified version of content (text or markdown)
- AI Agent sitemap
- "Need human user" signal (e.g. CATPCHA)
New risks with AI Agents
- Security:
- “hallucinations",
- interpreted content breaking out of the sandbox (prompt injection)
- Privacy:
- Another party in the mix (possibly using client/server itself)
- Ecosystem:
- User intent diluted
- Monetization currently tightly coupled with user attention
Seeking input
- How should W3C help structure a conversation on AI Agents?
- Is this space too fast moving still or are we already late?
- Who should the Team get in touch with on the topic?