By @SiliconANGLE
Publication Date: 2025-11-19 14:00:00
New research out today from browser security company SquareX Ltd. is warning of a hidden application programming interface in Perplexity AI Inc.’s Comet browser that allows extensions in the artificial intelligence browser to execute local commands and gain full control over users’ devices.
The problem arises due to Comet having a Model Context Protocol API that allows its embedded extensions to execute arbitrary local commands on users’ devices, capabilities that traditional browsers explicitly prohibit.
Added to the mix is that there is limited official documentation on the MCP API and that the documentation that does exist only covers the intent of the feature. The documentation does not disclose that Comet’s embedded extensions have persistent access to the API and the ability to launch local apps arbitrarily without user permission, creating what SquareX calls a massive breach of user trust and transparency.
“For decades, browser vendors have adhered to strict security controls that prevent browsers, and especially extensions, from directly controlling the underlying device,” explains Kabilan Sakthivel, a researcher at SquareX. “Traditional browsers require native messaging APIs with explicit registry entries and user consent for any local system access.”
Sakthivel added that “in their ambition to make the browser more powerful, Comet has bypassed all of these safeguards with a hidden API that most users don’t even know exists. This…
