TEXT: Hey HN, I'm Preet, 16 years old, and I've been building Comet AI Browser for the past 2 months while preparing for JEE. I want to be upfront about what this is and what it isn't. What it is: A cross-platform AI browser (Windows/macOS/Linux/Android/iOS) with a security architecture I couldn't find anywhere else. Most AI browsers trust LLM guardrails to prevent prompt injection. Comet doesn't — it enforces isolation at the system level:
The agent perceives pages via OCR only, never parsing raw HTML/JS. Injected scripts are invisible to it by design. A syntactic firewall strips dangerous primitives (rm -rf, powershell.exe, sudo) before anything reaches the LLM. Native OS actions require explicit human authorization — the AI generates intent, not execution.
I demonstrated a live prompt injection attack against it on YouTube: https://youtu.be/PRcE_O1oXIE Benchmarks (all on the same i5-U, 8GB RAM, SATA SSD I developed on):
Speedometer 3.1: 12ms mean, ±1ms variance BrowserAudit security score: 398/409 Adblock score: 100%
The Speedometer result surprised me too. The ±1ms variance matters more than the raw number — it means the Chromium CEF integration isn't fighting Electron overhead under load. What's working:
Multi-provider AI routing (GPT, Claude, Gemini, Groq, Ollama local) AI Action Chain engine with multi-hop research and memory persistence Cross-device sync via WiFi/Bluetooth/QR — phone controls desktop, home screen widgets trigger desktop actions Cross-app OCR clicking (natural language commands work across all applications) 8-layer OS authorization with zero-knowledge cloud verification for dangerous operations CI/CD pipeline producing 5 platform binaries per release
What it isn't: Production ready. It's a functional beta with known stability issues (context loss between agent steps, some empty extractions). The Electron base is also on the roadmap to replace with native Chromium. Built on: Electron 40 + Next.js 16 + React 19 (desktop), Flutter/Dart (mobile) MIT licensed, all source on GitHub. Happy to answer questions about the security architecture specifically — that's the part I'm most uncertain whether I got right, and honest feedback from people who know this space would genuinely help.