This iteration of Gemini doesn't perform in-browser actions, but they did announce they'll ship an agent later.

Yes. I agree that many of the announced and currently shipping features should be just fine from a security perspective with only a local agent.

▲

simonw 2 days ago | parent [-]

Running an LLM locally makes no difference at all to the threat of malicious instructions that make it into the model causing unwanted actions or exfiltrating data.

If anything a local LLM is more likely to have those problems because it's not as capable at detecting malicious tricks as a larger model.

	▲	tadfisher 2 days ago \| parent [-]
		This is the MCP problem, essentially, and the solution is the same: the user should review and approve specific actions before they are taken. Of course there will probably be a setting to auto-approve everything...