Chrome extensions can exploit vulnerabilities in locally running Model Context Protocol (MCP) servers, allowing unauthorized access to sensitive resources. This poses a significant security threat, as these extensions can perform privileged actions without authentication, potentially leading to complete system compromise. Organizations must reassess their security measures to mitigate these risks.