Brave Browser Starts Testing Agentic AI Mode For Automated Tasks

Intended to assist with tasks such as autonomous web research, product comparison, promo-code discovery, and news summarization, the feature is currently in its testing phase and accessible through the Brave Nightly version.

Brave stresses that agentic AI browsing is "inherently dangerous" and shouldn’t be used for critical operations, mainly due to prompt injection attacks and the potential for misinterpreting users' intent.

The mode will also be restricted from accessing the browser’s settings page, non-HTTPS sites, the Chrome Web Store, where it could download extensions, and any sites flagged by Brave’s Safe Browsing system.

All its actions will be visible in tabs, and anything risky will trigger warnings to the user, requesting their explicit approval.

Additionally, the mode will be monitored by an ‘alignment checker’ mechanism, similar to what Google announced recently for Gemini’s agentic mode on Chrome, where an isolated second model evaluates whether the agent’s actions match user intent.

Being isolated, this second model cannot be affected by prompt-injection attacks that target the primary agent.

Additionally, Brave will encode specific policy-based rules and use models trained to mitigate prompt injection, such as Claude Sonnet, to provide effective protection.

Those interested in testing Brave’s new agentic AI mode can do so only through Brave Nightly, after enabling the “Brave’s AI browsing” flag in ‘brave://flags.’

This will enable a button on Leo’s chat box that activates the new browsing mode.

Tester feedback to help address any issues may be submitted here, while Brave also announced it’s doubling its HackerOne bug bounty payments for in-scope submissions concerning AI browsing.

Source: BleepingComputer