Researchers Say Claude for Chrome Flaw Lets Rogue Extensions Trigger Gmail Reads

Researchers Say Claude for Chrome Flaw Lets Rogue Extensions Trigger Gmail Reads
Claude for Chrome still contains two unresolved issues that let a script-capable browser extension trigger allowlisted tasks for Gmail, Google Docs, and Calendar through a forged click on claude.ai. Manifold Security says the current v1.0.80 build still accepts synthetic clicks and can enter skip-permissions mode from a URL, leaving users exposed if another extension can reach claude.ai. #ClaudeforChrome #Anthropic #ClaudeBleed #ManifoldSecurity

Keypoints

  • A rogue extension can forge a click on claude.ai and trigger Claude for Chrome tasks.
  • The allowlisted tasks include Gmail, Google Docs, and Calendar access.
  • Claude’s click handler does not check event.isTrusted, so synthetic clicks are accepted.
  • The side panel can switch into skip_all_permission_checks when skipPermissions=true is set in the URL.
  • Manifold Security found both issues still present in Claude for Chrome v1.0.80.

Read More: https://thehackernews.com/2026/07/claude-for-chrome-flaw-lets-other.html