Vulnerability in Claude Chrome Extension Enables AI Agent Takeover Through Prompt Injection

A vulnerability in the Claude Chrome extension allows attackers to take over the AI agent due to lax extension permissions and improper trust implementation. The flaw enables prompt injection, potentially compromising the extension's functionality. The issue specifically affects the Claude extension for Google Chrome, though no CVE ID, dates, or user impact metrics were disclosed. The vulnerability stems from insufficient security controls in how the extension processes external inputs. No patch or mitigation details were provided in the report.