Analyzing the security risks of agentic browsing, specifically prompt injection via HTML, and exploring benchmarks like BrowseSafe.
To protect agents, we need a defense layer that sits between the raw HTML and the agent's context.
A proxy or browser extension that captures the DOM before the agent processes it.
A lightweight model or heuristic engine that scans for "injection-like" patterns.
Removes or neutralizes suspicious segments before passing the safe DOM to the agent.
Scanning every DOM element introduces latency. A key engineering challenge is balancing safety (catching all attacks) with speed (not slowing down the browsing experience).