AI security firm Manifold has reported that two vulnerabilities it identified in Anthropic's Claude for Chrome browser extension remain unaddressed in the latest version. These flaws allow malicious extensions to manipulate Claude, enabling unauthorized actions such as reading Gmail, Google Docs, and calendar entries without user consent.
A prior fix was intended to restrict actions to a list of approved tasks; however, it failed to ensure that user actions were genuine, allowing attackers to potentially exploit this oversight. One vulnerability also permits the extension to operate without user confirmation if in 'Act without asking' mode, representing a significant security risk. Manifold alerted Anthropic on May 21, yet subsequent releases still reflect these vulnerabilities.