OpenAI’s ChatGPT Agent may soon be able to control your web browser directly, rather than operating in a separate, cloud-based environment.
A recent discovery by Tibor Blaho, lead engineer at AIPRM, revealed a hidden “Use cloud browser” toggle in ChatGPT’s agent settings. “The new ChatGPT web app version adds a hidden option to ‘Use cloud browser’ when enabling Agent mode . . . this option is enabled only if the user agent matches ‘ChatGPT.+Macintosh;.+ Chrome’ (likely the new browser from OpenAI),” Blaho wrote on X.
Currently, ChatGPT Agent mode works by running inside a Linux-powered virtual machine hosted on Microsoft Azure. This “virtual browser” takes screenshots, clicks buttons, fills forms, and navigates pages remotely. While secure, it cannot access your real browser tabs or operate as smoothly as a local app.
According to BleepingComputer, the leaked interface suggests OpenAI is developing Agent mode to “choose between two execution paths: a remote ‘cloud/virtual browser’ and a first-party local browser (the rumored OpenAI browser).”
This would mean that if a user is running OpenAI’s yet-to-be-released Chromium-based browser on macOS, the Agent could operate directly inside it, bypassing the cloud-only browsing mode it uses today.

Image: Tibor Blaho via X
Security and privacy concerns
While this change offers exciting possibilities, it also raises important questions about security and privacy. An AI agent with the ability to control a user’s browser could potentially access a wide range of personal information and online accounts.
As OpenAI’s help pages on the ChatGPT agent note, giving the agent access to websites or connectors “creates potential privacy risks, including ‘prompt injection’ attacks.”
The ChatGPT maker has already implemented multiple safeguards such as requiring user permission before taking major actions and allowing users to “take over browser” during sensitive tasks like logins. However, with the agent potentially gaining more direct access to a user’s entire browsing environment, the need for robust security measures will become even more critical.
The ChatGPT Agent, introduced in July, combines earlier automation tools like Operator and Deep Research into one system that can reason, research, and execute multi-step tasks. A native OpenAI browser with Agent integration could challenge existing players like Chrome and Edge, and compete with AI-first browsers such as Dia.
OpenAI’s response to the leak
OpenAI has not confirmed the information released in the leak, but the move fits with its push to keep more functionality within the ChatGPT ecosystem, reducing reliance on third-party tools and tightening control over performance, security, and features.


