▲ | mullingitover 2 days ago | |||||||||||||||||||||||||||||||
On the one hand: an agentic browser sounds like a cool idea. Being able to automate things with an agent on the client side is crazy powerful. On the other hand: this has the potential to be an absolute security Chernobyl. A browser is likely to be logged into all your sensitive accounts. An agent in your browser is probably going to be exposed to untrusted inputs from the internet by its very nature. You have the potential for prompt injection to turn your life upside down in a matter of seconds. I like the concept but I wouldn't touch this thing with a ten foot pole unless everyone in the supply chain was PCI/SOC2/ISO 27001 certified, the whole supply chain has been vetted, and I have blood oaths about its security from third party analysts. | ||||||||||||||||||||||||||||||||
▲ | felarof 2 days ago | parent [-] | |||||||||||||||||||||||||||||||
Thanks for raising this - it's a critical concern and you're absolutely right to be cautious. This is exactly why we're going local-first and open source. With cloud agents (like Manus.im), you're trusting a black box with your credentials. With local agents, you maintain control: - Agents only run when you explicitly trigger them - You see exactly what they're doing in real-time and can stop them - You can run tasks in separate chrome user profile - Most importantly: the code is open source, so you can audit exactly what's happening. | ||||||||||||||||||||||||||||||||
|