Google Fortifies Chrome Agentic AI Against Indirect Prompt Injection Attacks

Following the introduction of Gemini in Chrome and the preview of agentic capabilities, Google is introducing new security protections for the browser’s users.

To ensure the new Chrome agentic capabilities can be safely used, the internet giant is implementing layered defenses to make it difficult and costly for attackers to harm users.

The protections, it explains, target the main threat to agentic browsers, namely indirect prompt injections, which can lead to data leaks and other unwanted actions being performed by the agent.

According to Google, threat actors can deliver indirect prompts through malicious sites, iframes with third-party content, or user-generated content, such as reviews.

To combat these threats, Google is introducing a new, separate AI model built with Gemini, called the User Alignment Critic.

Isolated from untrusted content, its purpose is to vet the agent’s actions, focusing on determining if the proposed action aligns with the user’s ...