Skills
PleaseFix/PerplexedBrowser: Zero-Click Agent Hijack in Perplexity Comet via Indirect Prompt Injection
Zenity Labs disclosed PleaseFix, a vulnerability family in agentic browsers that enables two distinct attack chains: silent local file system exfiltration while the agent returns expected results, and credential theft from 1Password via agent-authorized workflow abuse. Both chains trigger without user interaction through attacker-controlled content embedded in routine workflows (e.g., calendar invites). Perplexity patched the browser-side execution issue prior to disclosure.
Source
↳ Follow the thread