Security Firm Discovers Unauthenticated API in AI Browser

Security researchers from the firm Bishop Fox discovered a hidden, undocumented API in the initial release of the Comet AI browser. This API allowed any website visited by a user to execute commands directly on the user’s computer. The AI-powered browser, developed by the startup Comet AI, contained this functionality in its initial version, 0.1.0. The discovery was made by Bishop Fox researchers while they were testing the browser’s feature for creating AI agents to automate tasks.

The API was exposed through a WebSocket connection on the local machine and crucially, it lacked any authentication or access controls. This absence of security measures meant that any webpage loaded within the Comet browser could interact with the API without restriction. The capabilities of this API included reading and writing files on the local system and executing arbitrary system commands. Bishop Fox demonstrated this vulnerability by creating a proof-of-concept exploit. They built a malicious webpage that, when visited by a user in the vulnerable Comet browser, would write a file to the user’s desktop.

Vendor Response and Vulnerability Remediation

Upon discovering the vulnerability, Bishop Fox responsibly disclosed their findings to Comet AI. The development team at Comet AI responded to the report by releasing an updated version of the browser, version 0.1.1, which removed the hidden API entirely. Comet AI stated that the API was a remnant from an internal prototype and was not intended to be included in the public production release. According to the company, the API’s intended purpose was for use by the browser’s own internal user interface components.