Lede: Independent analysis of Anthropic's Claude Desktop installation process revealed an unregistered manifest file enabling Native Messaging for specific browser extension IDs in Chromium-based browsers such as Brave.

The file com.anthropic.claude_browser_extension.json is written to ~/Library/Application Support/BraveSoftware/Brave-Browser/NativeMessagingHosts/ upon Claude.app installation and specifies the binary path /Applications/Claude.app/Contents/Helpers/chrome-native-host along with three allowed_origins for Chrome extensions, per primary source documentation (https://www.thatprivacyguy.com/blog/anthropic-spyware/). This mechanism remains inactive until triggered by a matching extension ID and is separate from the documented Claude Code bridge com.anthropic.claude_code_browser_extension.json. Anthropic's Computer Use technical specifications describe associated capabilities including tab creation, login state sharing, console error reading, DOM inspection, and structured data extraction (https://docs.anthropic.com/en/docs/build-with-claude/computer-use).

Installation occurs without explicit notification or consent dialog, differing from standard Native Messaging registration practices outlined in Chromium documentation. The action implicates Article 5(3) of Directive 2002/58/EC, which requires user consent for storage or access to information on a user's terminal equipment (https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=CELEX:32002L0058). Mainstream coverage has not addressed the distinction between this bridge and the documented Claude Code component or parallels to prior Electron app permission issues reported by the Electronic Frontier Foundation in 2020.

Patterns of expanding agentic system access appear in related releases, including OpenAI's GPT-4o computer-use preview and Google's Project Astra integration tests, both of which faced similar scrutiny over undocumented local resource access in 2024 technical analyses.