Anthropic has introduced Claude for Chrome as part of a limited research preview. It’s a Chrome extension that lives in the Chrome browser and performs actions for you. Basically, this makes Claude an AI agent that can see your webpages and interact with them. Claude inside Chrome can navigate webpages, click buttons, and fill forms.

Anthropic is piloting Claude for Chrome with 1,000 Max plan users. If you are subscribed to Anthropic’s Claude Max subscription plan (costs $100 per month), you can join the waitlist via this link and sign up for the program.

Anthropic warns that malicious prompts hidden in websites can trick Claude to perform harmful actions. So it’s taking a slow approach and piloting with only Max users for now. Brave researchers recently published that Perplexity’s Comet AI browser — which is an agentic browser, meant for performing actions — is prone to prompt injection attacks.

So it’s good that Anthropic is rolling out Claude for Chrome in a staggered manner. As I have mentioned earlier, prompt injection is a challenging problem in the AI/ML field and research is still going on to align the model with human values, and to separate user instructions from malicious instructions found on the web.

Anthropic says that malicious prompts can trick AI agents to take harmful actions such as accessing your accounts or files, sharing your private information, making purchases without your knowledge, taking actions you never intended, and more.

OpenAI, on the other hand, is using an isolated, cloud browser to perform actions via the ChatGPT Agent. Meanwhile, Google is integrating its Project Mariner agent across various products, instead of directly offering the agent in Chrome.