Security researchers disclosed a vulnerability nicknamed “ShadowPrompt” in Anthropic’s Claude Google Chrome extension that allowed zero-click prompt injection, according to a koi.ai writeup and reporting by TheHackerNews. Koi Security researcher Oren Yomtov is credited with discovering the flaw, secpod reports. The exploit chain let any website silently inject prompts into the extension so the assistant would process them without user interaction, TheHackerNews and mrcloudbook describe. itsecuritynews, indexing SecurityWeek, reports the flaw could have been used to exfiltrate Gmail access tokens, read Google Drive files, and export chat history. Public writeups by koi.ai and other outlets document the issue and mitigations, and SecurityWeek reporting indicates the extension received a patch.
