Claude Chrome Extension Flaw Allows Prompt Injection and Agent Takeover

Researchers disclosed a vulnerability in the Claude browser extension for Chrome caused by overly permissive extension permissions and improper trust validation. The flaw allows attackers to inject malicious prompts into the Claude AI agent, potentially enabling full session takeover. A malicious webpage or message processed by the extension can hijack agent behavior and exfiltrate session context. This is a concrete example of prompt injection risk at the browser extension layer — a growing attack surface as AI agents gain broader access to browser state. Users should update to the latest Claude extension version and review which sites are granted access to the extension.