This feels like a classic case of extensions having incentives that don’t align with user expectations.
Browser extensions sit in a uniquely privileged position, and once they start touching AI chats, they’re no longer just dealing with URLs or page content but with highly contextual, often sensitive data.
We’ve seen this pattern before with “free” VPN extensions, where the business model quietly depended on harvesting or reselling user data. The mechanics are different, but the incentives look familiar.
The scary part isn’t even malice, it’s scope creep: a feature added “to improve the experience” gradually turns into large-scale data collection.
This seems less like an AI problem and more like an extension permission and auditability problem that the browser ecosystem still hasn’t fully solved.
This feels like a classic case of extensions having incentives that don’t align with user expectations.
Browser extensions sit in a uniquely privileged position, and once they start touching AI chats, they’re no longer just dealing with URLs or page content but with highly contextual, often sensitive data.
We’ve seen this pattern before with “free” VPN extensions, where the business model quietly depended on harvesting or reselling user data. The mechanics are different, but the incentives look familiar.
The scary part isn’t even malice, it’s scope creep: a feature added “to improve the experience” gradually turns into large-scale data collection.
This seems less like an AI problem and more like an extension permission and auditability problem that the browser ecosystem still hasn’t fully solved.