FillApp Safety & Use Notice

Last updated: September 3, 2025

FillApp helps you automate browser work inside your own logged-in session. You can fill forms, get page-aware assistance, and in Agent mode execute multi-step tasks across tabs. Everything runs in the browser where you already work and actions are visible on screen.

What this page is

This page explains how to use FillApp responsibly today, what the current risks are, and what we’re actively improving. Please read it before using Agent mode.

Modes and their current risk profile

Fill mode: form completion (lower risk, not zero)

  • Purpose: Match your text or saved snippets to form fields and fill them.
  • Important: Fill mode is instructed not to submit forms, but AI can still misinterpret page structure or labels. There is a non-zero chance it may trigger a submit or “save.” Prefer drafts or test forms when possible.

Assist mode: read-only (no actions)

  • Purpose: Read on-screen content to summarize, extract, or answer questions about pages, PDFs, or images.
  • Guarantee: Assist mode is read-only. It cannot click, type, submit, navigate, switch tabs, or execute any actions on your pages.

Agent mode: multi-step automation (preview, higher risk)

  • Purpose: Plan and execute tasks that may include clicking, typing, switching tabs, and opening new tabs to complete a workflow.
  • Status: Preview. Use with caution, supervise closely, and start with low-stakes tasks.

Where FillApp runs

FillApp operates inside your browser session and shows a visible trace of actions so you can see what is happening. It leverages sessions you already have and does not require sharing your credentials with us.

Do not use Agent mode for high-risk scenarios (for now)

Until stricter guardrails and site controls ship, avoid using Agent on:

  • Financial accounts or payments
  • Healthcare or medical systems
  • Government portals with sensitive personal data
  • Production admin consoles, permanent deletes, or irreversible changes
  • Any workflow where a single wrong click can cause loss, exposure, or liability

Prefer test environments, sandbox accounts, staging data, drafts, and read-only contexts.

Practical safety checklist

Before you start

  • Start with Assist or Fill; move to Agent only after you understand the page and steps.
  • Prefer draft or test records. Duplicate important data and work on the copy.
  • Close unrelated tabs and windows that contain sensitive information.

While it runs (Agent/Fill)

  • Keep the page in view; watch the on-screen trace and pause if anything looks off.
  • Break long workflows into shorter steps and review outcomes between steps.

After it finishes

  • Verify results in the app’s activity or history pages when available.
  • For forms, review every field before manually submitting final versions.

Known risks with browser-based AI

Even with careful design, AI can:

  • Misread a button or label and click the wrong control (Agent/Fill)
  • Act on hidden elements or dynamic UI that changes during runtime (Agent/Fill)
  • Be influenced by misleading page content (Agent/Fill)
  • Submit or save when it should not (primarily Fill, Agent if instructed)

These risks exist any time an AI interacts with live web pages. Supervision is essential, especially in Agent mode.

What we are actively improving

We are prioritizing:

  • Action confirmations for clearly sensitive steps (for example, irreversible submissions)
  • Safer defaults that bias toward read-only behavior unless you explicitly approve an action path
  • Site-level controls (allow/block) to keep Agent mode off restricted domains
  • Better form discipline to avoid unintended submissions in Fill mode
  • Clearer traces and logs so you can review exactly what happened on a page

We will update this notice as these protections ship.

Your responsibilities

You are responsible for how you use FillApp in your browser session. Do not rely on Agent mode for sensitive workflows. Use judgment, supervision, and test data. If you are unsure whether a page is safe for automation, treat it as unsafe.

Feedback

We welcome security and usability feedback and will iterate quickly. Reach out via the site’s Contact page.