• Menu
  • Skip to right header navigation
  • Skip to main content
  • Skip to primary sidebar

DigiBanker

Bringing you cutting-edge new technologies and disruptive financial innovations.

  • Home
  • Pricing
  • Features
    • Overview Of Features
    • Search
    • Favorites
  • Share!
  • Log In
  • Home
  • Pricing
  • Features
    • Overview Of Features
    • Search
    • Favorites
  • Share!
  • Log In

Anthropic tests AI that can see pages, click, and fill forms in Chrome via a plugin, with guardrails to cut prompt‑injection risk from 23.6% to 11.2%.

August 29, 2025 //  by Finnovate

Anthropic PBC, the startup developing the Claude Gen AI model family, announced the pilot of a browser extension on Tuesday that lets its AI model take control of users’ Google Chrome. The experimental browser-using capability, called Claude for Chrome, will be available for 1,000 users subscribed to the company’s Max plan for $100 or $200 per month. The company announced the extension as a controlled pilot for a small number of users so Anthropic can develop better security practices for this emerging technology. “We view browser-using AI as inevitable: so much work happens in browsers that giving Claude the ability to see what you’re looking at, click buttons, and fill forms will make it substantially more useful,” Anthropic said. The company said that early versions of Claude for Chrome showed promise in managing calendars, scheduling meetings, drafting email responses and testing website features. However, the feature is still experimental and represents a major new security concern, which is why it is not being released widely. Allowing AI models direct control of browsers means that they will encounter a higher chance of malicious instructions in the wild that could be executed on users’ computers, allowing attackers to manipulate the AI model. In experiments, Anthropic said prompt injection tests evaluated 123 attacks representing 29 different scenarios. Out of those, AI-controlled browser use without safety mitigation had a 23.6% success rate for deliberate attacks. “When we added safety mitigations to autonomous mode, we reduced the attack success rate of 23.6% to 11.2%, which represents a meaningful improvement over our existing Computer Use capability,” Anthropic said. Anthropic said for the pilot, users will be blocked from sites it considers “high-risk categories,” such as financial services, adult content and pirated content. The Anthropic team added that it will use insights from the pilot users to refine how prompt injection classifiers operate and how the security mechanisms work to protect users. By building an understanding of user behavior, especially unsafe behavior, and uncovering new attack patterns, the company said it hopes to develop more sophisticated controls for this type of safety-critical application.

Read Article

Category: Essential Guidance

Previous Post: « Embedded payments are seeing rising adoption in the parking sector through AI-recognition tech that lets customers just drive in and scan a QR code to enter their credit card information the first time they park, with automatic vehicle identification and charges applied on subsequent trips

Copyright © 2025 Finnovate Research · All Rights Reserved · Privacy Policy
Finnovate Research · Knyvett House · Watermans Business Park · The Causeway Staines · TW18 3BA · United Kingdom · About · Contact Us · Tel: +44-20-3070-0188

We use cookies to provide the best website experience for you. If you continue to use this site we will assume that you are happy with it.