- From: Tom Jones <thomasclinganjones@gmail.com>
- Date: Mon, 9 Feb 2026 17:12:28 -0800
- To: Simone Onofri via GitHub <noreply@w3.org>
- Cc: public-security@w3.org
- Message-ID: <CAK2Cwb5H0wTGvTC3gZrQ+FVM9dZkG_5WQAK-=cqubc8+L8VQdg@mail.gmail.com>
Here is a very troubling addition being made to chromium which will probably get propagated to all the big browsers. https://github.com/webmachinelearning/webmcp Look at the explainer where the entire security section says: There are security considerations that will need to be accounted for, especially if the WebMCP API is used by semi-autonomous systems like LLM-based agents. Engagement from the community is welcome. I do not know if a TAG review is requested or other w3c input. BUT IMHO this would make any compliant browser a privacy / security nightmare. What do i do to get this on the appropriate w3c attention? second question - should i be an extension to the existing use case / Threat Model for scripted AI? Or a new TM just focused on this? can you add it to the agenda? i've never been able to get a pull request to work. Peace ..tom jones On Mon, Feb 9, 2026 at 6:37 AM Simone Onofri via GitHub <noreply@w3.org> wrote: > Agenda published here: > https://github.com/w3c/securityig/blob/main/meetings/2026/2026-02-17_agenda.md > > Feel free to PR the agenda itself > > -- > GitHub Notification of comment by simoneonofri > Please view or discuss this issue at > https://github.com/w3c/securityig/issues/41#issuecomment-3872120175 using > your GitHub account > > > -- > Sent via github-notify-ml as configured in > https://github.com/w3c/github-notify-ml-config > >
Received on Tuesday, 10 February 2026 01:12:46 UTC