BrowserGuard
Chrome extension for detecting and controlling browser-based AI agents. Manifest V3.
AI agents increasingly operate within the browser -- reading page content, filling forms, navigating between sites, and communicating with external APIs. BrowserGuard gives you visibility into this activity by detecting AI-driven automation in real time and providing controls to limit what agents can access. It protects against prompt injection embedded in web content, data exfiltration through AI tool calls, and unauthorized cross-domain navigation by autonomous agents.
Installation
Install directly from the Chrome Web Store:
Or build from source for development:
git clone https://github.com/opena2a-org/AI-BrowserGuard cd AI-BrowserGuard npm install && npm run build # In Chrome: # 1. Navigate to chrome://extensions # 2. Enable "Developer mode" # 3. Click "Load unpacked" # 4. Select the dist/ directory
What BrowserGuard Protects Against
Browser-based AI agents introduce several security risks that traditional browser extensions do not address:
- Prompt injection in web content -- malicious instructions hidden in page text, invisible elements, or HTML comments that manipulate AI agents reading the page
- Data exfiltration via AI tools -- agents extracting sensitive page content (credentials, personal data, internal documents) and sending it to external APIs
- Unauthorized cross-domain navigation -- autonomous agents following links or redirects to domains outside the user's intended scope
- Shadow AI activity -- browser extensions or scripts using AI APIs without the user's knowledge or consent
How It Works
BrowserGuard injects a lightweight content script into each tab. The content script monitors DOM mutations, network requests, and user interaction patterns without interfering with normal browsing. When AI agent activity is detected, the extension surfaces it in the popup UI and logs it to the session timeline. A background service worker coordinates detection across tabs and manages the delegation policy engine.
Detection Layers
BrowserGuard uses a 4-layer detection system to identify AI agents operating in the browser:
Layer 1: Network Analysis
Monitors outbound requests to known AI API endpoints (OpenAI, Anthropic, etc.).
Layer 2: DOM Instrumentation
Detects automated DOM manipulation patterns characteristic of AI agents.
Layer 3: Behavioral Analysis
Identifies non-human interaction patterns (typing speed, click patterns).
Layer 4: Protocol Inspection
Monitors WebSocket and SSE connections for MCP/A2A protocol traffic.
Features
- Session timeline: visual history of all detected agent activity
- Delegation engine: define which agents can access which tabs/domains
- Kill switch: immediately terminate all agent activity
- Boundary monitoring: alerts when agents cross domain boundaries
- Alert system: configurable notifications for detected agent activity
- Popup UI: quick status overview and controls
Configuration
Click the BrowserGuard icon in the Chrome toolbar to access the popup UI. From there you can:
- Toggle detection on or off per tab or globally
- Configure domain allowlists and blocklists for the delegation engine
- Set alert thresholds (e.g., notify only on high-confidence detections)
- Export the session timeline as JSON for external analysis
- View detection statistics and per-layer hit counts
All configuration is stored locally in Chrome storage. BrowserGuard does not send any data to external servers.