Anthropic secretly installs spyware when you install Claude Desktop
The article argues that Claude Desktop silently installs Native Messaging manifests into multiple Chromium-browser paths, pre-authorizing a browser bridge without explicit user consent.
Core Thesis
Alexander Hanff documents an audit of Claude Desktop on macOS and argues that the application silently installs an undocumented Native Messaging bridge across multiple Chromium-browser directories, including browsers the user may not have installed. The article frames this as a dark pattern, a security risk, and in the author's view a legal and privacy violation because the bridge can expose authenticated browser sessions and automation capability once paired with an extension.
Argument Structure
The infographic follows the structure of the generated knowledge graph: section claims, glossary entities, a how-to interpretation path, and linked FAQ nodes.
The finding
The article centers on the unexpected discovery of an Anthropic Native Messaging manifest in browser directories unrelated to an explicit browser-extension install.
Native Messaging manifest, Claude Desktop browser bridge, Browser pre-authorization
Audit evidence
The author presents filesystem evidence, identical manifests, timestamps, logs, code-signing details, and macOS provenance metadata.
Seven-browser install set, Manifest rewrites, macOS provenance metadata
Security and privacy threats
The article argues that the dormant bridge expands attack surface and creates a path to privileged browser automation and data access.
Authenticated session access, Prompt injection risk, Browser trust boundary
What Anthropic should have done
The closing section proposes explicit opt-in, per-browser scope limitation, visible settings, and persistent revocation controls.
Affirmative consent, Pull-not-push installation, Persistent revocation
How The Argument Progresses
The knowledge graph models the article as an explicit sequence of reasoning steps rather than a loose summary.
1
Find the manifest
The article starts with an unexpected Anthropic Native Messaging file in a Brave browser path.
2
Attribute the installation
It then ties the manifest set to Claude Desktop using logs, timestamps, code-signing details, and provenance metadata.
3
Describe the risk surface
The author explains the browser-automation and authenticated-session implications once a paired extension is active.
4
Propose consent-based remediation
The article ends by calling for explicit opt-in, browser-specific scope, visibility, and persistent revoke controls.
Glossary From The Graph
These linked entities are exposed as DefinedTerm nodes in the RDF and mirrored in the embedded JSON-LD.
Native Messaging manifest
The configuration file a Chromium browser uses to allow an extension to invoke a local executable outside the browser sandbox.
Claude Desktop browser bridge
The undocumented Native Messaging bridge the article says Claude Desktop installs on macOS.
Browser pre-authorization
The act of registering extension IDs and a local helper in advance of explicit extension installation.
Seven-browser install set
The article's finding that identical manifests were created for Arc, Brave, Chromium, Chrome, Edge, Vivaldi, and Opera paths.
Manifest rewrites
The repeated reinstallation or rewriting of the manifests reflected in timestamps and log history.
macOS provenance metadata
The com.apple.provenance evidence the author uses to attribute manifest creation to Claude Desktop.
Signed helper binary
The code-signed helper executable inside Claude.app that the manifests authorize browsers to launch.
Authenticated session access
The article's concern that the bridge can expose already-signed-in browser sessions to an agentic workflow.
FAQ From The Knowledge Graph
Each question and answer below is linked to a separate resolver-backed node and mirrored in the metadata graph.