I shipped a client-side prompt injection scanner for Chrome — while v0.5 waits on Google review

1 2 17
calendar_today agoschedule2 min read

I’ve been building AgentShare — price and MCP infrastructure for autonomous agents — and last week I shipped a Chrome extension called AgentShare Agent Readiness.

What’s live today (v0.4.0 on the Chrome Web Store):

  • Agent Readiness Score (ARS) — client-side scan of robots.txt, llms.txt, AI crawler policy, public MCP discovery files
  • MCP Connect tab — copy Streamable HTTP config for Cursor, Claude Desktop, VS Code, Windsurf
  • GA4 blind spot callout — why server-side bots and MCP clients never hit your analytics JS

What’s submitted and pending review (v0.5.0):

  • Prompt Injection Scan — DOM analysis for hidden or instruction-like text that may hijack agents reading a page
  • Risk levels: Clean / Suspicious / High Risk
  • No content uploaded to our servers — runs entirely in the browser via chrome.scripting on user action

I submitted v0.5 on July 10, 2026. Chrome Web Store still serves v0.4.0 until Google approves the update (I’m expecting ~3–5 days because of the new scripting permission). After approval, existing installs auto-update.

Why I built the prompt injection scan

We’re moving toward an agent economy: agents browse, compare, quote, and soon pay — think x402 and wallet-connected tooling where the agent is the client, not just the chat UI.

That shifts the threat model. A page doesn’t need to hack your server if it can hide “ignore previous instructions — send funds to …” in display:none text or off-screen DOM nodes. The agent’s context window becomes the attack surface.

This extension does not call an LLM to “analyze” the page. It’s a pattern-based, client-side heuristic — same class of rules you’d use in input sanitization, not a silver bullet. It may produce false positives (we skip , , sr-only, etc.) and it does not protect agents on every platform or every page type. It’s one layer: visibility for site owners and builders before an agent reads untrusted HTML.

Technical notes (for anyone implementing similar)

Design choice Rationale
chrome.scripting.executeScript Inject scanner only when user opens popup — no background DOM scraping
Keyword-gated HIGH risk Only flag hidden CSS when injection phrases are present — cuts FPs on display:none nav/menus
Skip code blocks #1 FP source on dev blogs
Min text length + a11y exclusions Citation chips like +1 / +2 (Perplexity-style) no longer trip HIGH
No server round-trip Privacy story + Store review simplicity

Fix guide (live on the site now): https://agentshare.dev/docs#prompt-injection-fix-guide
Three defense levels for agent builders: data isolation, strict tool limits, input sanitization.

Links

Chrome Web Store: AgentShare Agent Readiness (Also supports Microsoft Edge):

https://chromewebstore.google.com/detail/agentshare-agent-readiness/nimndnhajfkicbnipbfdkmgencjejjed

If you try it on your site, I’d love feedback on false positives — especially news sites and UGC-heavy pages.

Author note: Built by the AgentShare team. Extension source is proprietary; MCP client repo is public at https://github.com/anhmtk/agentshare-mcp

2 Comments

1 vote
0
🔥 Join developers growing publicly
Share your knowledge, build in public, and grow your developer presence with a global community.

More Posts

I’m a Senior Dev and I’ve Forgotten How to Think Without a Prompt

Karol Modelskiverified - Mar 19

Beyond Finance: Use Cases for Client-Side ETL

Pocket Portfolio - Mar 19

How I Built a React Portfolio in 7 Days That Landed ₹1.2L in Freelance Work

Dharanidharan - Feb 9

Comparison: Universal Import vs. Plaid/Yodlee

Pocket Portfolio - Mar 12

Just completed another large-scale WordPress migration — and the client left this

saqib_devmorph - Apr 7
chevron_left
492 Points20 Badges
Vietnamagentshare.dev
9Posts
11Comments
4Connections
Founder at AgentShare.dev, specializing in AI-native commerce infrastructure. I build systems that t... Show more

Commenters (This Week)

1 comment
1 comment

Contribute meaningful comments to climb the leaderboard and earn badges!