[securityig] Work Item: AI in the Browser Threat Model (#20) from Simone Onofri via GitHub on 2025-06-02 (public-security@w3.org from June 2025)

From: Simone Onofri via GitHub <noreply@w3.org>
Date: Mon, 02 Jun 2025 20:58:05 +0000
To: public-security@w3.org
Message-ID: <issues.opened-3111615965-1748897883-noreply@w3.org>

simoneonofri has just created a new issue for https://github.com/w3c/securityig:

== Work Item: AI in the Browser Threat Model ==
Following the [CfC](https://lists.w3.org/Archives/Public/public-security/2025Feb/0023.html), thanks to @tomcjones we have a Threat Model for AI in the Browser.

We have AI in different scenarios:
 - Web API (i.e., Writing Assistance API)
 - Browser Level (i.e., Extension)
 - Using Agent (i.e., Operator)
 - Agentic Web (i.e., via protocols)

The first scenario was already [detailed by Tom here](https://github.com/TomCJones/threat-modeling/blob/main/models/AI%20in%20a%20Scripted%20User%20Agent.md).

Please view or discuss this issue at https://github.com/w3c/securityig/issues/20 using your GitHub account


-- 
Sent via github-notify-ml as configured in https://github.com/w3c/github-notify-ml-config

Received on Monday, 2 June 2025 20:58:06 UTC