Agentic Browsing and the Web's Security Model

• Upcoming
• Tentative
• Breakout Sessions

Various browser implementers have announced plans to ship agentic browsing experiences, i.e. AI-powered features that take action on websites on the user's behalf. (1, 2, 3, 4, 5, 6, 7, etc.)

These exciting new capabilities also come with new security challenges through the exposure of LLMs to untrusted web content and their ability to access the user's private information and take action on their behalf (a case of lethal trifecta).

We'll examine how the new possibility of prompt injected user agents impacts the Web's security model and discuss how browser and agent implementers, web developers and other ecosystem participants can design a safe agentic browsing experience for the Web Platform.

Agenda

Chairs:
Johann Hofmann, Chris Fredrickson

Description:
Various browser implementers have announced plans to ship agentic browsing experiences, i.e. AI-powered features that take action on websites on the user's behalf. (1, 2, 3, 4, 5, 6, 7, etc.)

These exciting new capabilities also come with new security challenges through the exposure of LLMs to untrusted web content and their ability to access the user's private information and take action on their behalf (a case of lethal trifecta).

We'll examine how the new possibility of prompt injected user agents impacts the Web's security model and discuss how browser and agent implementers, web developers and other ecosystem participants can design a safe agentic browsing experience for the Web Platform.

Goal(s):
Brainstorming and knowledge sharing

Materials:

• Session proposal on GitHub

Joining Instructions

Instructions are restricted to W3C users . You need to log in to see them.

Export options

Personal Links

Please log in to export this event with all the information you have access to.

Public Links

The following links do not contain any sensitive information and can be shared publicly.

• Download as ics