How would AI Agents change the Web platform?

W3C Breakouts Day 2025

Dominique Hazaël-Massieux <dom@w3.org>

Google Trends of the search term “AI Agents” shows a rapid increase in January 2025

Techcrunch article: Browser Use, the tool making it easier for AI 'agents' to navigate websites, raise $17M

MIT Technology review article, dated March 11 2025: Everyone in AI is talking about Manus. We put it to the test. The new general AI agent from China had some system crashes and server overload - but it's highly inuitive and shows real promse for the future of AI helpers

AINews article, dated January 24 2025: Yiannis Antoniou, Lab49: OpenAI Operator kickstarts era of browser AI agents

TechNewsWorld article dated March 4 2025: Opera Adds Agentic AI to its Browser

TechCrunch article, dated March 14 2025: No one knows what the hell an AI agent is

Interacting with LLMs on the Web

Server-side Operated (chatbot)

Architecture of a typical LLM-powered chat interface: the LLM operates on the server-side; the user instructs it and reads its output via a classical client/server web interaction

Client-side Operated (1)

With technologies such as a WebNN (but also WebGPU, WebAssembly), a Web site can run an LLM in the browser and have it answer user's requests from within the client-side.

Client-side Operated (2)

An alternative approach to integrate with client-side LLMs is for the browser to serve as intermediate between the Web application and a device- or OS-provided LLM, via e.g. the incubated “tasks API”

AI Agent: client-side

A typical AI Agent architecture moves the LLM as the entry point of user interactions, where the said LLM can operate a browser, possibly to interact with multiple web sites to achieve a single task; the LLM can also interact with other LLM-ready servers via dedicated protocols such as Model Context Protocol (MCP)

AI Agent: server-side

A variation of that architecture is when the AI Agent operates mostly on the server side, with the browser only used to give directives to that agent

AI Agent examples

Voice-based assistants
Browser-embedded chatbot
LLM-powered Web Extension API
“Deep Research” agents
Browser “operators”
WebApp Test frameworks

What do AI Agents change?

Intermediate user & browser
From "do what I say" to "do what I mean"
Non-deterministic
Robot or User Agent?

Emerging needs from AI Agents

Dedicated protocol (MCP) to interact with content and services
Simplified version of content (text or markdown)
AI Agent sitemap
"Need human user" signal (e.g. CATPCHA)

New risks with AI Agents

Security:
- “hallucinations",
- interpreted content breaking out of the sandbox (prompt injection)
Privacy:
- Another party in the mix (possibly using client/server itself)
Ecosystem:
- User intent diluted
- Monetization currently tightly coupled with user attention

Seeking input

How should W3C help structure a conversation on AI Agents?
Is this space too fast moving still or are we already late?
Who should the Team get in touch with on the topic?