Comet And Browser Agent Safety

End-of-lesson check

15 questions · take it digitally for instant feedback at tendril.neural-forge.io/learn/quiz/end-perplexity-comet-agent-safety-creators

1. A browser agent wants to fill out a form on a website you just visited. According to the safety principles discussed, what is the correct approach?

   1. Deny all form-filling requests to be completely safe
   2. Approve the action yourself after reviewing what will be submitted
   3. Ask the agent to fill out the form multiple times to verify accuracy
   4. Let the agent proceed automatically since you visited the site intentionally

2. What does it mean to 'treat web pages as untrusted instructions'?

   1. Assume web content may try to manipulate the agent into unintended actions
   2. Only use browser agents on government and educational websites
   3. Only visit websites that have been verified by your IT department
   4. Never copy code from websites into your agent

3. When building with a browser agent, what does it mean to 'name the job before naming the tool'?

   1. List all team members before starting a project
   2. Always use the most expensive tool for important jobs
   3. Define the specific task you want accomplished before choosing which agent to use
   4. Write a detailed job description before selecting any software

4. Why is it important to write the smallest useful scope the agent can finish?

   1. Larger scopes always cause the agent to fail
   2. Small scopes make the agent more intelligent
   3. Smaller scopes are faster to write and require less coding knowledge
   4. It reduces the risk surface and makes the agent's behavior more predictable and reviewable

5. What does it mean to 'run the result as a user, not as a fan of the tool'?

   1. Switch tools frequently to avoid dependency
   2. Only use tools that have many positive reviews
   3. Use the most popular tool regardless of functionality
   4. Test the output from the agent's perspective rather than assuming the tool is working correctly

6. Before sharing an agent's output, what three things should you inspect?

   1. The diff, data access, and failure path
   2. The color scheme, font size, and layout
   3. The author's credentials, publication date, and source URL
   4. The cost, execution time, and API calls

7. What are the three core security considerations for browser agents mentioned in the material?

   1. Code quality, documentation, and testing
   2. Encryption, authentication, and authorization
   3. Speed, accuracy, and cost
   4. Consent, local MCP access, and risk of unverified web content steering actions

8. In the context of browser agents, what is MCP likely referring to?

   1. Model Control Protocol, a way to configure AI models
   2. Multi-Cloud Platform, a cloud computing service
   3. Model Context Protocol, which controls what data the agent can access
   4. Marketing Campaign Processor, a business tool

9. When deploying a browser agent feature, which question should you ask to ensure appropriate user control?

   1. What should the user be able to do when this is finished?
   2. How many lines of code did the agent generate?
   3. Which celebrity uses this tool?
   4. What is the cheapest tool available?

10. Which of the following data exposures represents a security violation for a browser agent application?

    1. Timestamp of when a file was last modified
    2. User's public profile information visible to other users
    3. User's email shown in a shared document they opted into
    4. Database credentials or API keys exposed to the client-side agent

11. What makes a tool or feature 'observable' in the context of agent safety?

    1. It has a graphical user interface
    2. It was created by a well-known company
    3. Its behavior and outputs can be monitored, logged, and understood by humans
    4. It runs on visible servers rather than hidden infrastructure

12. What makes a tool or feature 'reversible' in the context of agent safety?

    1. It supports both dark and light modes
    2. It can be installed and uninstalled repeatedly
    3. It can be undone or rolled back if something goes wrong
    4. It works in both forward and backward directions

13. Why is it risky to let web content steer browser agent actions without review?

    1. Web content is always accurate and reliable
    2. Browsers are too slow to process web content
    3. Web content might contain instructions that benefit the website owner rather than the user
    4. Web pages consume too much bandwidth

14. What distinguishes a working demo from a production-ready agent system, according to the material?

    1. A demo uses more advanced AI models
    2. Production systems require more training data
    3. Demos are free while production systems cost money
    4. A working demo can be made quickly, but production requires observability, reversibility, and safety for real users

15. Why is consent important in browser agent interactions?

    1. It makes the agent run faster
    2. It allows the agent to skip testing
    3. Consent is only relevant for legal documents, not agents
    4. It ensures users explicitly approve actions before the agent executes them