Analysis

The emergence of AI-powered web browsers, such as Fellou and Comet, promises to enhance digital workflows through features like summarization and autonomous web interaction. However, security research indicates these tools introduce significant enterprise risks, primarily due to their vulnerability to indirect prompt injection attacks. These attacks allow hidden instructions embedded in web content to be interpreted by the AI model, potentially executing unauthorized actions using a user's privileges. This vulnerability effectively circumvents established data governance principles and can transform the AI browser into an "insider threat," capable of accessing sensitive corporate assets. The inability of large language models (LLMs) to differentiate between legitimate user intent and malicious web-embedded commands makes current AI browsers unsuitable for enterprise deployment, with researchers labeling them as "dormant malware." Major browser vendors, including those behind Chrome (GOOGL, GOOG) and Edge (MSFT), are actively integrating AI features like Gemini and Copilot, and are expected to introduce more agentic capabilities. This trend suggests a broader proliferation of these security risks across the enterprise landscape. Without critical security enhancements such as prompt isolation, gated permissions, and sandboxing, organizations face significant data loss and compliance challenges.