Comet Browser Flaw Lets Hidden API Run Commands on Users’ Devices

SquareX warns Perplexity’s Comet AI browser contains a hidden MCP API that bypasses security, allowing attackers to install malware and seize full device control.

Security researchers from web browser security firm SquareX have issued a public warning after uncovering a vulnerability in Perplexity’s Comet AI browser. Their research, published on November 19, 2025, reveals a hidden feature that could allow cybercriminals complete control over a user’s computer.

The Concealed API Threat

The problem lies with a secretive mechanism called the MCP API (specifically, chrome.perplexity.mcp.addStdioServer). For your information, traditional web browsing relies on ‘sandbox isolation,’ a principle that intentionally locks down the browser environment to prevent websites or extensions from running programs on your PC.

However, the MCP API allows Comet’s own ‘embedded extensions’ to bypass this vital security layer, allowing them to execute any command on your device without asking for permission. This ...