This audit of Perplexity’s Comet browser reveals a critical tension in AI security: the gap between human-like interaction and machine-like trust boundaries. The strongest version of this narrative is that proactive threat modeling and adversarial testing can uncover real-world risks before they harm users. The researchers deserve credit for systematically demonstrating how AI agents, when treated as naive processors of external content, become vectors for data exfiltration. The techniques—fake ...