ArcSolve Agent Support and Permissions Notice
Effective Date: May 27, 2026
ArcSolve Agent is a highly privileged extension that can carry out user-directed browser workflows in actual Chrome tabs. Because it can not only read pages but also navigate tabs, click, type, scroll, capture screenshots, and collect diagnostic information, users should personally verify the scope of execution on sensitive sites.
1. What This Extension Does
ArcSolve Agent supports the following operations.
- Management of tabs and tab groups for Agent workflows
- Reading the current page’s text, DOM, links, form fields, and visual information
- Executing user-directed clicks, typed input, scrolling, key input, and navigation
- Observing screenshot, console, network, dialog, and download status
- Relaying browser tool results to ArcSolve AI or to the ArcSolve Desktop native messaging host
2. Why Site Access Is Required
Agent workflows may run on any website that the user is currently viewing or has requested. Because Chrome requires host permission before an extension can read or manipulate a page, <all_urls> is necessary.
This permission is not a permission to automatically collect every page visited. The content script may stand by on permitted sites, but website data is generated and transmitted only when the user runs an Agent browser tool, or when the ArcSolve Desktop native messaging host issues a browser-runtime request within the scope of the user’s workflow.
3. Purpose of Each Permission
| Permission | Purpose of Use |
|---|---|
<all_urls> host permission | Reading pages and executing browser tools on sites targeted by the user’s workflow |
debugger | CDP-based screenshots, input, scrolling, and handling of console/network/dialog/navigation |
alarms | Scheduling reconnect backoff for the ArcSolve Desktop native messaging host |
downloads | Observing download start and completion status during the user’s workflow |
identity | ArcSolve sign-in based on Chrome Identity |
nativeMessaging | Connecting to the ArcSolve Desktop native host installed on the user’s device |
scripting | Re-injecting the bundled content script when the content script receiver is absent |
sidePanel | Displaying the Agent UI and workflow status |
storage | Storing user preferences, OAuth tokens, and Agent session and tab state |
tabGroups | Creating and managing tab groups for Agent workflows |
tabs | Querying, creating, selecting, updating, navigating, and closing tabs |
webNavigation | Keeping auxiliary targets opened from a workflow tab within the same workflow boundary |
windows | Inspecting and creating workflow windows |
ArcSolve Agent does not use the activeTab or clipboardWrite permissions.
4. Default Behavior of the Content Script
The content script may be loaded on permitted sites at document_idle. Its default behavior is to wait for browser tool requests from the background and to clean up transient element references when the page URL changes.
Page contents and screenshots are not automatically transmitted to ArcSolve servers merely because the extension is installed or a page is loaded.
5. Data That May Be Processed When Browser Tools Are Executed
When the user runs an Agent workflow, or when the ArcSolve Desktop native host issues a browser-runtime request, the following data may be generated as tool results.
- Tab URL, title, status, and window/group information
- Page visible text, DOM structure, role/name/ref, links, and form fields
- Screenshots and on-screen position information
- Results of clicks, typed input, scrolling, key input, and navigation
- Diagnostic information for console, network, dialog, download, and navigation events
Tool results may be delivered to the ArcSolve API, the configured AI provider, or the ArcSolve Desktop native host, depending on the workflow context.
6. Caution on Sensitive Sites
On the following sites or pages, narrowly scope the work before running an Agent workflow.
- Financial, payment, tax, insurance, hospital, and public-institution sites
- Internal company systems, customer management, and HR/accounting/legal materials
- Personal messages, email, and cloud drives that are visible only after sign-in
- Hard-to-reverse actions such as purchases, reservations, deletions, submissions, or settings changes
- Sites with CAPTCHA, paywalls, or anti-abuse policies
Page state and operation results read by the Agent may be passed on to ArcSolve AI or to ArcSolve Desktop native messaging workflows.
7. Operations That Require User Confirmation
Where the Agent is about to perform the following operations, it is safer for the user to personally verify the context.
- Payments, purchases, reservations, subscriptions, or cancellations
- Changes to account settings, granting of permissions, or deletion of data
- Sending messages, posting comments, or submitting forms
- Downloading or uploading files
- Capturing screenshots or reading text on tabs containing sensitive information
8. Prompt Injection and Browser-Operation Limits
Web pages may contain instructions designed to deceive the Agent. ArcSolve is designed to treat page content as untrusted data, but for sensitive operations users should review the Agent’s instructions and the page content as separate items.
Agent workflows operate within the boundaries of the Agent session and tab group. Policies are in place to prevent manipulation of tabs outside the Agent group or tabs the user did not intend to be operated on.
9. External Connection Restrictions
The origins from which a web page may connect to the Agent extension are limited to domains that ArcSolve has approved. Production builds allow the single ArcSolve web origin https://arcsolve.ai/*; staging packages allow https://staging.arcsolve.ai/*; development builds may additionally include localhost. Production builds do not include staging.arcsolve.ai, www.arcsolve.ai, or localhost in externally_connectable.matches. This invariant is enforced by the release-gate diagnostic test (apps/arcsolve-extension-agent/tests/diagnostics/browser-runtime.diagnostic.test.ts).
Desktop integration is performed through the Chrome native messaging host registered by the ArcSolve Desktop application installed by the user. In enterprise environments, host connections may be restricted by the Chromium NativeMessagingAllowlist or NativeMessagingBlocklist policies.
10. How Users Can Stay in Control
- Restrict site access from Chrome’s extension settings
- Refrain from starting an Agent workflow, or stop one in progress
- Avoid running Agent workflows on sensitive sites
- Disconnect from ArcSolve Desktop
- Disable or uninstall the extension
If site access is restricted, Agent features such as page reading, element lookup, clicking and typing, screenshots, and console/network diagnostics may not function on the affected site.
11. Related Documents
Inquiries: [email protected]
12. Chrome Web Store Reviewer Summary
This English summary is provided for Chrome Web Store review convenience. The Korean text above is the authoritative notice.
- ArcSolve Agent requests
<all_urls>,debugger,alarms,downloads,identity,nativeMessaging,scripting,sidePanel,storage,tabGroups,tabs,webNavigation, andwindowsto run user-directed browser workflows. - The content script waits for browser tool requests. Page data is generated and transmitted only when the user runs an Agent browser workflow or ArcSolve Desktop native host sends a browser-runtime request.
debuggeris used for Chrome DevTools Protocol operations such as screenshots, input events, navigation, console, network, dialog state, and device metrics alignment.- ArcSolve Desktop integration uses Chrome native messaging to connect to the user-installed ArcSolve Desktop native host.
- Production builds allow only the single ArcSolve web origin
https://arcsolve.ai/*inexternally_connectable.matches; staging packages allowhttps://staging.arcsolve.ai/*only. The release-gate diagnostic test enforces this invariant on the production package. - Website access and debugger access are not used for personalized advertising, hidden tracking, credential collection, or unrelated background crawling.