Information

Agentic Browsing and the Web's Security Model
  • Past
  • Confirmed
  • Breakout Sessions

Meeting

Event details

Date:
Japan Standard Time
Status:
Confirmed
Location:
Floor 4 - 401
Participants:
Ugur Acar, Isaac Ahouma, Nayef Alawadhi, Joel Antoci, Adam Argyle, Kevin Babbitt, David Baron, Christian Biesinger, Arnar Birgisson, Alan Buxey, Rick Byers, Marcos Caceres, Tim Cappalli, Giovanni Cerrato, Irene Chang, Serena Chen, RYO CHINEN, Ioana Chiorean, Ari Chivukula, Emilio Cobos Álvarez, Devlin Cronin, Bin Da, Kevin Dean, Andrew Dekker, Heather Flanagan, Luis Flores, Mark Foltz, Chris Fredrickson, Mason Freed, Keith Freeman, Sam Goto, Ilya Grigorik, Yi Gu, Shubham Gupta, Keeley Hammond, Tatsuya HAYASHI, Johann Hofmann, Wenson Hsieh, Ningxin Hu, Lu Huang, Jasper Hugo, Tatsuya Igarashi, Fershad Irani, Jan Jaeschke, Nidhi Jaju, Nic Jansma, Eiji Kitamura, Luke Klimek, Rob Kochman, Gustavo Kok, Ege Korkan, Emily Lauber, Philippe Le Hegaret, Leo Lee, Mingyu Lei, Vladimir Levin, lin li, Christian Liebel, Robert Liu, Rogerio Matsui, Stephen McGruer, Penelope McLachlan, Michal Mocny, Yuki Morota, Nour Nabil, Hiroki Nakagawa, Mark Nottingham, SHUNJI OTSUKA, Vinod Panicker, SANG UI PARK, Daniel Pelegero, Nicolas Pena Moreno, Simon Pieters, Abrar Rahman Protyasha, Chris Pryor, Sushanth Rajasankar, Ruoxi Ran, Andrew Rayskiy, Ashwany Rayu, Noam Rosenthal, Leonard Rosenthol, Hiroyuki Sano, Antonio Sartori, Vincent Scheib, Wendy Seltzer, Amir Sharif, Shunya Shishido, Ali Spivak, Keita Suzuki, Phillis Tang, Markus Tavenrath, Martin Thomson, Sami Tikkala, Nicola Tommasi, Kunihiko Toumura, Takashi Toyoshima, Kouhei Ueno, Tom Van Goethem, Daniel Veditz, Andrew Wafaa, Yoav Weiss, Michael Wilson, Pavan Yanamadala, Darwin Yang, Lei Zhao, Ling Zhong, Tarek ZIADE, Aram Zucker-Scharff
Big meeting:
TPAC 2025 (Calendar)

Various browser implementers have announced plans to ship agentic browsing experiences, i.e. AI-powered features that take action on websites on the user's behalf. (1, 2, 3, 4, 5, 6, 7, etc.)

These exciting new capabilities also come with new security challenges through the exposure of LLMs to untrusted web content and their ability to access the user's private information and take action on their behalf (a case of lethal trifecta).

We'll examine how the new possibility of prompt injected user agents impacts the Web's security model and discuss how browser and agent implementers, web developers and other ecosystem participants can design a safe agentic browsing experience for the Web Platform.

Agenda

Chairs:
Johann Hofmann, Chris Fredrickson

Description:
Various browser implementers have announced plans to ship agentic browsing experiences, i.e. AI-powered features that take action on websites on the user's behalf. (1, 2, 3, 4, 5, 6, 7, etc.)

These exciting new capabilities also come with new security challenges through the exposure of LLMs to untrusted web content and their ability to access the user's private information and take action on their behalf (a case of lethal trifecta).

We'll examine how the new possibility of prompt injected user agents impacts the Web's security model and discuss how browser and agent implementers, web developers and other ecosystem participants can design a safe agentic browsing experience for the Web Platform.

Goal(s):
Brainstorming and knowledge sharing

Materials:

Minutes

 Read minutes

Export options

Personal Links

Please log in to export this event with all the information you have access to.

Public Links

The following links do not contain any sensitive information and can be shared publicly.

Feedback

Report feedback and issues on GitHub.