Reinasboo/agent-browser
.agents/skills/agent-browser/SKILL.md
Browser automation CLI for AI agents. Use for website interaction, form automation, screenshots, scraping, and web app verification. Prefer snapshot refs (@e1, @e2) for deterministic actions.
tools
Updated Apr 15, 2026
$ install --global
skillsauthnpx skillsauth add Reinasboo/Bountylab agent-browserInstall this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.
Security Scan Results
3 of 9 scanners reported clean
Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.
3
Scanners Passed
9
Scanners in report
Clean
TrivyContainer and dependency vulnerability scanner
95%
Clean
SemgrepStatic code analysis for vulnerabilities
95%
Clean
mcp-scan (Snyk)Model Context Protocol security validation
95%
Skipped
Snyk (dep)Open source security scanning
50%
Skipped
Socket.devSupply chain security analysis
50%
Skipped
VirusTotalMulti-engine malware detection
50%
Skipped
CrowdStrikeAdvanced threat intelligence
50%
Skipped
OSV-ScannerOpen Source Vulnerability database check
50%
Skipped
OWASP Dep-Check
50%
Last scanned: Apr 6, 2026, 11:32 AM19.7s7 files scanned
SKILL.md
- name:
- agent-browser
- description:
- Browser automation CLI for AI agents. Use for website interaction, form automation, screenshots, scraping, and web app verification. Prefer snapshot refs (@e1, @e2) for deterministic actions.
- allowed-tools:
- Read Write Bash Grep Glob
- tags:
- browser-automation, headless-browser, ai-agent, web-testing, web-scraping, verification
- platforms:
- Claude, Gemini, Codex, ChatGPT
- version:
- 1.1.0
- source:
- vercel-labs/agent-browser
agent-browser - Browser Automation for AI Agents
When to use this skill
- Open websites and automate UI actions
- Fill forms, click controls, and verify outcomes
- Capture screenshots/PDFs or extract content
- Run deterministic web checks with accessibility refs
- Execute parallel browser tasks via isolated sessions
Core workflow
Always use the deterministic ref loop:
agent-browser open <url>agent-browser snapshot -i- interact with refs (
@e1,@e2, ...) agent-browser snapshot -iagain after page/DOM changes
agent-browser open https://example.com/form
agent-browser wait --load networkidle
agent-browser snapshot -i
agent-browser fill @e1 "[email protected]"
agent-browser click @e2
agent-browser snapshot -i
Command patterns
Use && chaining when intermediate output is not needed.
# Good chaining: open -> wait -> snapshot
agent-browser open https://example.com && agent-browser wait --load networkidle && agent-browser snapshot -i
# Separate calls when output is needed first
agent-browser snapshot -i
# parse refs
agent-browser click @e2
High-value commands:
- Navigation:
open,close - Snapshot:
snapshot -i,snapshot -i -C,snapshot -s "#selector" - Interaction:
click,fill,type,select,check,press - Verification:
diff snapshot,diff screenshot --baseline <file> - Capture:
screenshot,screenshot --annotate,pdf - Wait:
wait --load networkidle,wait <selector|@ref|ms>
Verification patterns
Use explicit evidence after actions.
# Baseline -> action -> verify structure
agent-browser snapshot -i
agent-browser click @e3
agent-browser diff snapshot
# Visual regression
agent-browser screenshot baseline.png
agent-browser click @e5
agent-browser diff screenshot --baseline baseline.png
Safety and reliability
- Refs are invalid after navigation or significant DOM updates; re-snapshot before next action.
- Prefer
wait --load networkidleor selector/ref waits over fixed sleeps. - For multi-step JS, use
eval --stdin(or base64) to avoid shell escaping breakage. - For concurrent tasks, isolate with
--session <name>. - Use output controls in long pages to reduce context flooding.
- Optional hardening in sensitive flows: domain allowlist and action policies.
Optional hardening examples:
# Wrap page content with boundaries to reduce prompt-injection risk
export AGENT_BROWSER_CONTENT_BOUNDARIES=1
# Limit output volume for long pages
export AGENT_BROWSER_MAX_OUTPUT=50000
# Restrict navigation and network to trusted domains
export AGENT_BROWSER_ALLOWED_DOMAINS="example.com,*.example.com"
# Restrict allowed action types
export AGENT_BROWSER_ACTION_POLICY=./policy.json
Example policy.json:
{"default":"deny","allow":["navigate","snapshot","click","fill","scroll","wait","get"],"deny":["eval","download","upload","network","state"]}
CLI-flag equivalent:
agent-browser --content-boundaries --max-output 50000 --allowed-domains "example.com,*.example.com" --action-policy ./policy.json open https://example.com
Troubleshooting
command not found: install and runagent-browser install.- Wrong element clicked: run
snapshot -iagain and use fresh refs. - Dynamic SPA content missing: wait with
--load networkidleor targetedwaitselector. - Session collisions: assign unique
--sessionnames and close each session. - Large output pressure: narrow snapshots (
-i,-c,-d,-s) and extract only needed text.
References
Deep-dive docs in this skill:
- commands
- snapshot-refs
- session-management
- authentication
Related resources:
- https://github.com/vercel-labs/agent-browser
- https://agent-browser.dev
Ready templates:
./templates/form-automation.sh./templates/capture-workflow.sh
Metadata
- Version: 1.1.0
- Last updated: 2026-02-26
- Scope: deterministic browser automation for agent workflows
Related Skills
Reinasboo/security-review
development
VerifiedTrustedCommunity
Security code review for vulnerabilities. Use when asked to "security review", "find vulnerabilities", "check for security issues", "audit security", "OWASP review", or review code for injection, XSS, authentication, authorization, cryptography issues. Provides systematic review with confidence-based reporting.
SKILL.mdUpdated Apr 15, 2026
Reinasboo/security-best-practices
development
VerifiedTrustedCommunity
Implement security best practices for web applications and infrastructure. Use when securing APIs, preventing common vulnerabilities, or implementing security policies. Handles HTTPS, CORS, XSS, SQL Injection, CSRF, rate limiting, and OWASP Top 10.
SKILL.mdUpdated Apr 15, 2026
Reinasboo/responsive-design
development
VerifiedTrustedCommunity
Create responsive web designs that work across all devices and screen sizes. Use when building mobile-first layouts, implementing breakpoints, or optimizing for different viewports. Handles CSS Grid, Flexbox, media queries, viewport units, and responsive images.
SKILL.mdUpdated Apr 15, 2026
Reinasboo/remotion-video-production
content-media
VerifiedTrustedCommunity
Produce programmable videos with Remotion using scene planning, asset orchestration, and validation gates for automated, brand-consistent video content.
SKILL.mdUpdated Apr 15, 2026