Overview :

This Knowledge Base (KB) article addresses common security-related queries for the AutomationEdge browser extension. It explains how the extension handles data, authentication, storage, deployment, logging, and administrative control, ensuring transparency and compliance with enterprise security expectations.

1. Data Collection :

The browser extension processes only the minimum page-level information required to perform user-initiated automation actions, such as identifying DOM elements for click, set, or get operations.

• The extension does not collect, store, or transmit:

  • User credentials

  • API keys or secrets

  • Session cookies or session identifiers

  • Screen recordings

• File access or file transfer occurs only when explicitly configured within an automation workflow.

• No background or unauthorized data collection is performed.

2. Authentication & Session Handling :

• The browser extension does not perform user authentication.

• It does not create, store, or manage user sessions.

• The extension operates strictly within:

  • The user’s existing authenticated browser session, or

  • A user-configured automation workflow that manages authentication

All session security, isolation, and protection mechanisms are enforced by the browser itself. The extension can access only the web content and resources that the browser explicitly permits.

3. Data Storage & Retention :

• The extension collects only runtime data required to execute automation commands (for example, reading page elements).

• This data is:

  • Processed temporarily in memory

  • Not written to disk

  • Not stored persistently

Since no data is retained by the extension, there is no defined data retention period, and no extension-level storage or storage-specific security controls are required.

4. Bot Identity & Deactivation :

• Automations are identified and tracked at the AutomationEdge Agent or Process Studio level.

• Users can:

  • Stop or terminate running automations via Process Studio or the AE Agent

• The browser extension itself can be:

  • Disabled

  • Temporarily turned off

  • Completely removed

These actions can be performed at any time using standard browser extension management controls.

5. Deployment Model :

• The browser extension is distributed through official browser stores:

  • Chrome Web Store

  • Microsoft Edge Add-ons Store

  • Mozilla Firefox Add-ons Store

Key deployment characteristics:

• The extension is not SaaS-based

• It does not rely on any shared cloud service for operation

• Once installed, it runs entirely within the customer’s browser environment

• It interacts only with the locally deployed AutomationEdge Agent or Process Studio

The complete AutomationEdge solution can be deployed fully within the customer’s internal environment.

6. Outbound Internet Access :

• The browser extension communicates only with the locally deployed AutomationEdge Agent or Process Studio.

• It does not require outbound internet access for its own functionality.

• Any internet access occurs only when:

  • The browser navigates to user-specified URLs as part of an automation workflow

The extension is sandboxed within the browser and:

• Cannot directly access other systems or applications

• Cannot access separate browser instances on the host machine

7. Logging :

• The browser extension does not generate, store, or retain logs.

• All automation-related logging (execution status, errors, etc.) is handled by:

  • AutomationEdge Agent, or

  • Process Studio

Log retention, storage, and deletion are fully controlled by the customer through the AutomationEdge platform, based on their internal policies.

8. Uninstallation and Administrative Control :

• The browser extension can be:

  • Disabled

  • Uninstalled

using standard browser extension settings.

• AutomationEdge cannot remotely install, control, or remove the browser extension.

• Installation and removal are fully controlled by:

  • End users, or

  • Customer IT administrators

Conclusion :

The AutomationEdge browser extension is designed with a security-first approach, ensuring minimal data access, no credential handling, no persistent storage, and full customer control. Its architecture aligns with enterprise security and compliance requirements while enabling robust browser-based automation.