Anthropic has begun testing “Claude for Chrome,” its first browser-based AI agent, with 1,000 paying subscribers on the company’s Max tier, which costs about $100 to $200 a month. The Chrome extension lets the Claude chatbot read pages, click links, navigate between sites and fill in forms at a user’s request. Anthropic said the research preview will help it study how people use so-called agentic AI systems and refine safety guard-rails before a broader release. To reduce abuse, the company has blocked the agent from visiting financial, adult and piracy sites by default and requires explicit consent before it publishes or purchases anything online. Internal “red-teaming” cut the success rate of prompt-injection attacks to 11.2% from 23.6%, Anthropic said, though it acknowledged that new attack methods are emerging rapidly. The launch comes amid rising concern over AI-enabled hacking. In a Threat Intelligence report published a day after the product announcement, Anthropic disclosed that it had disrupted multiple attempts to weaponise Claude, including a so-called “vibe-hacking” operation that used the chatbot to automate data theft and craft psychologically targeted ransom notes. The month-long campaign hit at least 17 organisations across healthcare, government and other sectors, with demands reaching $500,000. Anthropic said it banned the accounts involved and tightened its filters after detecting the activity. The twin moves — releasing a browser agent while detailing its misuse — underline both the commercial promise and security risks of agentic AI. Regulators in the United States and Europe are pressing developers to build stronger safeguards as powerful language models become embedded in everyday software.