PixieBrix launches Agent Browser Shield, a free source-available browser extension that protects AI agents from prompt injection, dark patterns, and context pollution during web browsing.
There are 6 billion internet users today. With AI agents, we're headed toward hundreds of billions of "users" hitting the web. And if you're using OpenClaw to browse, your agent has basically zero protection from the stuff humans have learned to watch out for, like fake reviews, dark patterns, hidden instructions baked into page content designed to hijack what it does. My team at PixieBrix has spent years helping BPO contact centers protect against insider risk and social engineering in the browser. So we took that same thinking and applied it to AI agents. **The result is Agent Browser Shield, a free, source-available browser extension we just put on ClawHub and GitHub.** Install it alongside your OpenClaw setup and it rides along with your agent in the sits between the browser and your agent, blocking: * Prompt injection (visible and hidden instructions in page content) * Dark patterns (UI designed to manipulate or coerce) * Context pollution (low-value junk that throws off instruction following) Bonus: stripping irrelevant content also cuts down on tokens used. More secure and cheaper to run! This is not a solved problem though. We're building this in the open because agentic browsing is evolving faster than any one team can track. We're measuring the improvements and working on sharing benchmarks as we go. We want the community to help us figure out where to focus. Come build this with us! 🦞 Star on ClawHub: [https://clawhub.ai/pixiebrix/agent-browser-shield](https://clawhub.ai/pixiebrix/agent-browser-shield) ⭐ Star the GitHub: [https://github.com/pixiebrix/agent-browser-shield](https://github.com/pixiebrix/agent-browser-shield) What weird stuff have you seen your OpenClaw agent do on a page? Curious what you're running into so we can build more rules.
OpenAI publishes guidance on designing AI agents resistant to prompt injection attacks, arguing that modern attacks increasingly use social engineering tactics rather than simple string injections, and advocating for system-level defenses that constrain impact rather than relying solely on input filtering.
OpenAI publishes guidance on prompt injection attacks, a social engineering vulnerability where malicious instructions hidden in web content or documents can trick AI models into unintended actions. The company outlines its multi-layered defense strategy including instruction hierarchy research, automated red-teaming, and AI-powered monitoring systems.
AI browsers like OpenAI's Atlas and Perplexity's Comet embed AI assistants directly into browsing with memory and agentic capabilities, but significant security risks from prompt injection attacks make them unsuitable for sensitive use.
Antitech is offering free early-access security assessments for AI agents, testing against attack vectors like prompt injection, tool abuse, and data leakage, providing a vulnerability report and discounts for participants.