AI browsing now available for early testing in Brave

Note: This blog post was updated May 5, 2026 to clarify that Leo Agentic browsing has migrated from Brave Nightly, and is now available for early testing in all release channels.

Today, we’re announcing the availability of Brave’s new AI browsing feature. This agentic experience aims to turn the browser into a truly smart partner, automating tasks and helping people accomplish more.

However, agentic browsing is also inherently dangerous. Giving an AI control of your browsing experience could expose personal data, or allow agentic AI to take unintended actions. Security measures are tricky to get right and disastrous when they fail, as we have shown through numerous vulnerabilities we found and responsibly disclosed over the last few months. Indirect prompt injections are a systemic challenge facing the entire category of AI-powered browsers.

For this reason, we’ve chosen a careful approach to releasing AI browsing in the Brave browser and soliciting input from security researchers. We are offering AI browsing behind an opt-in feature flag. We’ll continue to build upon our defenses over time with feedback from the public. At present, these safeguards include:

AI browsing is currently behind an opt-in feature flag, via Brave’s integrated AI assistant Leo.

AI browsing now available for early testing in Brave | Brave

Related reading

Google checks websites for llms.txt in new agentic browsing audit

AI in practice Archive

Google begins rolling out Chrome's "Auto Browse" AI agent today

Announcing the new Skills feature in Leo, Brave’s in-browser AI assistant |…

I let Chrome's AI agent shop, research, and email for me - here's how it went

Google brings Gemini in Chrome to US users, unveils agentic browsing…