David Wolf · Project Use Case
AI SECURITY · PRODUCT SECURITY · CONFIDENTIAL AI AUTOMATION PLATFORM
Confidential AI Automation Platform
Chrome Extension WebLLM, WASM & Automation Runtime
A browser-extension AI runtime embedding WebLLM, Transformers, persistent offscreen workers, WASM engines, Puppeteer-core automation, MITM-style...
Designed and implemented a Chrome extension runtime for AI-assisted browser automation, embedding WebLLM and Transformers models, persistent offscreen service-worker architecture, custom WASM engines, Puppeteer-core browser...
Client
Confidential / Internal AI Automation Platform
Engagement Type
Consulting / Internal Buildout
Period
2025–2026
Role
AI Automation Architect / Chrome Extension Engineer / AI Product Security Engineer
Focus Areas
Chrome Extension Architecture, WebLLM Integration, Transformers Integration, Persistent Offscreen Workers
The Research Narrative
Strategic Problem
The challenge was making advanced AI and automation capabilities work inside Chrome extension constraints. WebLLM, Transformers, WASM, persistent workers, Puppeteer-style automation, request interception, and...
What David Did
David designed a layered runtime with content scripts, background logic, persistent offscreen workers, model adapters, WASM engines, automation primitives, interception pipelines, and...
What Became Clearer
The result was a browser-native AI automation foundation that supports local inference, structured capture, streaming event handling, normalized data records, and agent-ready workflows...
Consulting Proof
This is evidence of turning messy security telemetry into explainable dashboards, alert-quality improvements, and executive-ready operating views.
The Context
Modern browser extensions can become powerful AI runtimes, but only if they move beyond brittle content scripts. This project treated the extension as a local AI, automation, interception, and normalization platform.
The Challenge
The challenge was making advanced AI and automation capabilities work inside Chrome extension constraints. WebLLM, Transformers, WASM, persistent workers, Puppeteer-style automation, request interception, and WebSocket processing all had to fit a secure and maintainable runtime model.
What I Did
David designed a layered runtime with content scripts, background logic, persistent offscreen workers, model adapters, WASM engines, automation primitives, interception pipelines, and schema normalizers. The architecture emphasized delegation, typed messages, normalized records, and clear control boundaries.
- •Designed a Chrome extension runtime architecture with clear separation between content scripts, background logic, offscreen execution, workers, storage, model adapters, and orchestration
- •Embedded WebLLM for local browser-based LLM execution where feasible, reducing dependence on remote inference for certain workflows
- •Integrated Transformers-style model execution for browser-local classification, extraction, enrichment, and lightweight inference tasks
- •Implemented persistent offscreen worker patterns to support longer-lived AI/model workloads despite Manifest V3 service-worker lifecycle constraints
- •Developed WASM-specific engines and wrappers so performance-sensitive scoring, extraction, normalization, and matching logic could run consistently across browser and other runtime targets
- •Carved up and embedded Puppeteer-core capabilities into a browser-extension framework, selectively adapting automation primitives for extension-compatible control surfaces
- •Implemented MITM-style request/response interception capabilities for authorized observation, capture, normalization, and enrichment of application traffic
- •Built schema normalization pipelines to convert intercepted API responses, page-derived data, and automation outputs into stable typed records
The Outcome
The result was a browser-native AI automation foundation that supports local inference, structured capture, streaming event handling, normalized data records, and agent-ready workflows without relying on one-off scraping or fragile prompt glue.
Research Outcomes
Signal Quality
Improved the trustworthiness of operational security signals
Operational Clarity
Translated complex security data into clearer operating views
Stakeholder Visibility
Made technical risk and status easier to explain
Operational Impact
Turned raw telemetry into actionable security intelligence
Capabilities Demonstrated
Security Analytics
Signal investigation and event analysis
Telemetry Normalization
Consistent and trusted data
Operational Reporting
Actionable views for security operations
IAM / Access Control
Identity telemetry and access insights
SIEM Alert Debugging
Noise reduction and signal validation
Dashboard Development
Operational and executive views
Executive Reporting
Security data translated for leadership
Public-Safe Evidence
Shareable insights without sensitive data
Key Deliverables
- •Chrome extension AI runtime architecture
- •WebLLM browser-local inference integration
- •Transformers model adapter integration
- •Persistent offscreen worker architecture
- •WASM engine integration for shared runtime logic
- •Puppeteer-core-derived automation primitives adapted for extension constraints
- •MITM-style request/response interception pipeline
- •Schema normalization pipeline
Tools & Technologies
Consulting Translation
The reusable pattern is not Disney-specific: normalize fragmented security telemetry, debug low-signal alert behavior, build trusted operating views, and give leadership evidence they can act on without exposing sensitive systems.