Persona Web Access

Tracking since May 15, 2026.

Changelog

• May 27, 2026
  description

  Persona Web Access connects trusted Persona browser workflows to the Chrome session you already use. It is designed for users who want a clear, reviewable bridge between an assistant and their own browser, without hidden cross-tab scanning or surprise focus changes.
  
  Persona Web Access can:
  
  - Read the authorized tab after user action or confirmation.
  - Capture visible screenshots for task evidence.
  - Open, navigate, and inspect governed background tabs while keeping the active window unchanged when silent mode is used.
  - Perform confirmed click, fill, scroll, wait, hover, select, keyboard, observation, and element inspection actions for Browser Agent workflows.
  - Open the native Chrome Side Panel to show Browser Agent progress, screenshots, HumanGate prompts, and correction input.
  - Collect capped and redacted diagnostics such as DOM/AX structure, visible screenshots, network lifecycle metadata, console/page errors, timing data, and response-body excerpts when advanced diagnostics are explicitly requested.
  - Keep local action receipts with redacted arguments so users can review what happened.
  - Stop sensitive actions behind HumanGate confirmation, including CAPTCHA, payment, account deletion, transfer, publishing, and clipboard actions.
  - Request optional cookies, notifications, downloads, or all-sites host access only when a user-approved workflow needs that capability.
  
  Persona Web Access does not sell data, use data for advertising, bypass CAPTCHA, automatically complete payment or account-deletion flows, read password fields, read hidden form values, read localStorage/sessionStorage, read request headers, scan all open tabs, or use native messaging.
  
  Optional cookies, notifications, and downloads are privileged runtime capabilities. Cookies are used for explicit login-state checks, notifications are used for task status, and downloads are used only for user-requested exports. These optional capabilities are not part of ordinary page-read diagnostics.
  
  The Chrome debugger permission is used only for explicit Browser Agent diagnostics on authorized tabs, such as sanitized network lifecycle, console, timing metadata, screenshots, and capped/redacted response-body excerpts. It is not used to inspect cookies, request headers, hidden storage, or to bypass site protections, and it detaches after the diagnostic workflow stops.

  Persona Web Access connects trusted Persona browser workflows to the Chrome session you already use. It is designed for users who want a clear, reviewable bridge between an assistant and their own browser, without hidden cross-tab scanning or surprise focus changes.
  
  Persona Web Access can:
  
  - Read the authorized tab after user action or confirmation.
  - Capture visible screenshots for task evidence.
  - Open, navigate, and inspect governed background tabs while keeping the active window unchanged when silent mode is used.
  - Perform confirmed click, fill, scroll, wait, hover, select, keyboard, observation, and element inspection actions for Browser Agent workflows.
  - Open the native Chrome Side Panel to show Browser Agent progress, screenshots, HumanGate prompts, and correction input.
  - Collect capped and redacted diagnostics such as DOM/AX structure, visible screenshots, network lifecycle metadata, console/page errors, timing data, and response-body excerpts when advanced diagnostics are explicitly requested.
  - Keep local action receipts with redacted arguments so users can review what happened.
  - Stop sensitive actions behind HumanGate confirmation, including CAPTCHA, payment, account deletion, transfer, publishing, and clipboard actions.
  - Request optional cookies, notifications, downloads, or all-sites host access only when a user-approved workflow needs that capability.
  
  Persona Web Access does not sell data, use data for advertising, bypass CAPTCHA, automatically complete payment or account-deletion flows, read password fields, read hidden form values, read localStorage/sessionStorage, read request headers, scan all open tabs, or use native messaging.
  
  Optional cookies, notifications, and downloads are privileged runtime capabilities. Cookies are used for explicit login-state checks, notifications are used for task status, and downloads are used only for user-requested exports. These optional capabilities are not part of ordinary page-read diagnostics.
  
  The Chrome debugger permission is used only for explicit Browser Agent diagnostics on authorized tabs, such as sanitized network lifecycle, console, timing metadata, screenshots, and capped/redacted response-body excerpts. It is not used to inspect cookies, request headers, hidden storage, or to bypass site protections, and it detaches after the diagnostic workflow stops.
  
  Version 0.2.28 fixes all-sites permission handling for Browser Agent actions. This update corrects the permission state shown in the popup, ensures bypass confirmations only turn on after all-sites access is actually granted, and fixes localhost permission matching for click, fill, hover, wait, and screenshot workflows. It also includes recent Side Panel and Browser Agent reliability improvements from the 0.2.x line. No new manifest permissions, nativeMessaging, or OS-level automation are added.

• May 21, 2026
  description

  Persona Web Access connects Persona web workflows to your current Chrome tab.
  It is built for users who want a clear, reviewable bridge between a web
  assistant and the page they are already viewing.
  
  The Lite version can:
  
  - Read the current active tab after user confirmation.
  - Return page title, URL, selected text, visible readable text, links, and image
    URLs.
  - Capture a visible-area PNG screenshot of the current active tab.
  - Perform confirmed click, fill, scroll, wait, and current-tab observation actions
    for Browser Agent workflows.
  - Open the native Chrome Side Panel to show Browser Agent progress and correction
    prompts.
  - Keep local action receipts so users can see what was requested and when.
  - Reject calls from non-allowlisted web origins.
  
  Persona Web Access does not read every open tab. It does not collect cookies,
  localStorage, sessionStorage, password fields, hidden form values, request
  headers, browsing history, bookmarks, downloads, or local files.
  
  This Lite release requests the Chrome debugger permission only for explicit
  current-tab observer diagnostics, such as sanitized network lifecycle, console,
  and timing metadata. It does not use the debugger to inspect cookies, request
  headers, response bodies, or hidden storage, and it detaches after the observer
  workflow stops. This store build does not request native messaging, download,
  history, or bookmark permissions.

  Persona Web Access connects trusted Persona browser workflows to the Chrome session you already use. It is designed for users who want a clear, reviewable bridge between an assistant and their own browser, without hidden cross-tab scanning or surprise focus changes.
  
  Persona Web Access can:
  
  - Read the authorized tab after user action or confirmation.
  - Capture visible screenshots for task evidence.
  - Open, navigate, and inspect governed background tabs while keeping the active window unchanged when silent mode is used.
  - Perform confirmed click, fill, scroll, wait, hover, select, keyboard, observation, and element inspection actions for Browser Agent workflows.
  - Open the native Chrome Side Panel to show Browser Agent progress, screenshots, HumanGate prompts, and correction input.
  - Collect capped and redacted diagnostics such as DOM/AX structure, visible screenshots, network lifecycle metadata, console/page errors, timing data, and response-body excerpts when advanced diagnostics are explicitly requested.
  - Keep local action receipts with redacted arguments so users can review what happened.
  - Stop sensitive actions behind HumanGate confirmation, including CAPTCHA, payment, account deletion, transfer, publishing, and clipboard actions.
  - Request optional cookies, notifications, downloads, or all-sites host access only when a user-approved workflow needs that capability.
  
  Persona Web Access does not sell data, use data for advertising, bypass CAPTCHA, automatically complete payment or account-deletion flows, read password fields, read hidden form values, read localStorage/sessionStorage, read request headers, scan all open tabs, or use native messaging.
  
  Optional cookies, notifications, and downloads are privileged runtime capabilities. Cookies are used for explicit login-state checks, notifications are used for task status, and downloads are used only for user-requested exports. These optional capabilities are not part of ordinary page-read diagnostics.
  
  The Chrome debugger permission is used only for explicit Browser Agent diagnostics on authorized tabs, such as sanitized network lifecycle, console, timing metadata, screenshots, and capped/redacted response-body excerpts. It is not used to inspect cookies, request headers, hidden storage, or to bypass site protections, and it detaches after the diagnostic workflow stops.

• May 21, 2026
  permissions

  activeTab, scripting, tabs, storage, webRequest, clipboardRead, clipboardWrite, sidePanel, debugger

  activeTab, scripting, tabs, storage, webRequest, clipboardRead, clipboardWrite, sidePanel, debugger, alarms

Permissions & access

Permissions

activeTabscriptingtabsstoragewebRequestclipboardReadclipboardWritesidePaneldebuggeralarms

Host access

None declared

Screenshots