Chrome extension that detects when AI agents take over your browser, enforces delegation boundaries, and gives you an emergency kill switch. Zero network requests. Fully local processing.
AI Browser Guard v1.0.0
Status: Active
[!] Agent detected on current tab
Framework: Playwright
Signals: WebDriver flag, CDP connection, synthetic events
Confidence: High
[*] Active delegation: Limited
Allowed sites: github.com, docs.example.com
Time remaining: 47 min
[BLOCKED] Form submission on bank.example.com
Rule: Site not in allowlist
[Kill Switch: Ctrl+Shift+K]Playwright, Puppeteer, Selenium, Anthropic Computer Use, and OpenAI Operator can all control your browser. AI Browser Guard detects them without requiring the agent to identify itself.
Detection, control, delegation, enforcement, and logging. Everything runs locally in your browser.
Multiple detection signals working in parallel. WebDriver flags, CDP markers, behavioral analysis (event timing, click precision, typing cadence), and framework-specific fingerprints. No agent self-identification required.
One-click revocation of all agent access. Terminates active CDP connections, disables content script injection, clears automation flags, and revokes delegated permissions. Visual confirmation in the popup.
Define what an agent can and cannot do before it gets access. Three presets: Read-Only (navigate and read only), Limited (specific sites, time-bounded), and Full Access (everything, with logging).
Fail-closed rule evaluation. Every agent action is compared against active delegation rules. Violations are blocked before execution at the content script level. Chrome notification for each violation.
Chronological log of every agent action per session. Each entry includes timestamp, action type, target URL, target element (CSS selector), and outcome (allowed or blocked). Last 5 sessions retained.
A multi-stage pipeline runs on every page load. Each stage operates independently, so detection succeeds even if an agent evades one layer.
AI Browser Guard makes zero network requests. All processing happens locally on your device. No data leaves your browser.
No external API calls, no analytics, no telemetry, no crash reports. The extension never communicates with any server.
All data stored in chrome.storage.local on your device. Sessions, rules, and settings never leave your machine. Uninstall deletes everything.
Apache-2.0 licensed. Full source code on GitHub. Audit every line. No obfuscated code, no hidden behavior.
Build from source and load as an unpacked extension. No store account required for development.
# Clone the repository
$ git clone https://github.com/opena2a-org/AI-BrowserGuard.git
$ cd aibrowserguard
# Install dependencies and build
$ npm install
$ npm run build
# Load in Chrome
1. Open chrome://extensions
2. Enable Developer Mode
3. Click "Load unpacked"
4. Select the dist/ folder
# Run tests
$ npm run testChrome Manifest V3 extension with three coordinating components.
Injected into every page. Runs the detection pipeline, intercepts agent actions, and enforces delegation boundaries at the DOM level.
Manages session state, delegation rules, and chrome.storage.local. Coordinates between content scripts and the popup. Handles kill switch execution.
Displays detection status, active delegation rules, violation log, and session timeline. Hosts the kill switch button and delegation wizard.
Take back control of your browser. Detect AI agents, enforce boundaries, and terminate access with one click.