Agentic LLM browsers introduce novel architectural vulnerabilities by bridging traditional web sandboxes with highly privileged AI agents. Attackers can exploit trusted origin models via XSS or prompt injection to hijack these agents, enabling unauthorized browser control, data exfiltration, and local file access.