Skip to main content
hc
Submit
toolsSource-backedReview first Safety Privacy

Browser Harness

MIT-licensed CDP browser-control harness from Browser Use that lets Claude Code, Codex, and other coding agents connect to a real or cloud Chrome browser, use screenshots and coordinate clicks, edit task-specific helpers, and optionally learn reusable domain skills for web automation workflows.

by Browser Use·added 2026-06-18·
CodexCLI
HarnessCodexCLI
Review first review before installing

Open the source and read safety notes before installing.

Safety notes

  • Browser Harness can connect agents to a real logged-in Chrome profile. Remote debugging may expose active sessions, extensions, bookmarks, history, page content, downloads, uploads, and account actions to the agent.
  • The documented Way 1 setup uses the user's everyday Chrome profile through `chrome://inspect/#remote-debugging`; require explicit user consent before attaching to sensitive accounts.
  • The documented Way 2 setup launches Chrome with a non-default `--user-data-dir` and remote debugging port; keep that isolated profile separate from everyday browser data.
  • Remote Browser Use Cloud sessions require `BROWSER_USE_API_KEY`, may use proxies, can persist profile state, and can continue billing until timeout or shutdown.
  • Agents using Browser Harness can edit `agent-workspace/agent_helpers.py` and optional domain-skill files; review generated helper code and public skill contributions before reuse.
  • Browser automation can submit forms, send messages, purchase items, scrape websites, change account settings, and upload files. Keep destructive or account-writing tasks behind confirmation.

Privacy notes

  • Browser Harness workflows can expose page screenshots, DOM text, URLs, cookies-backed login state, account data, downloads, uploads, form inputs, and extracted website data to the agent and configured model providers.
  • Profile sync for Browser Use Cloud is documented as cookies-only, but it still moves browser authentication material into a remote browser environment.
  • Cloud browser live URLs, proxy settings, profile identifiers, daemon logs, `/tmp` socket or pid files, and copied support artifacts may reveal browsing activity or account context.
  • Public domain-skill PRs should not include secrets, private selectors tied to confidential apps, customer data, screenshots, credentials, tokens, or personal browsing history.

Prerequisites

  • Python 3.11 or newer, uv, git, and a durable local checkout for editable installation.
  • A Chrome or Chromium-based browser that can be attached through Chrome remote debugging, or a Browser Use Cloud API key for cloud browsers.
  • Codex, Claude Code, or another agent host that can read the Browser Harness `SKILL.md` instructions.
  • A clear boundary for which browser profile, logged-in sites, cloud browser sessions, downloads, uploads, and account actions the agent may access.

Schema details

Install type
cli
Troubleshooting
No
Source repository stats
Scope
Source repo
Collection metadata
Estimated setup
30 minutes
Difficulty
advanced
Tool listing metadata
Pricing
freemium
Disclosure
editorial
Application category
DeveloperApplication
Operating system
macOS, Windows, Linux
Full copyable content
git clone https://github.com/browser-use/browser-harness
cd browser-harness
uv tool install -e .
command -v browser-harness

browser-harness <<'PY'
new_tab("https://github.com/browser-use/browser-harness")
wait_for_load()
print(page_info())
PY

About this resource

Overview

Browser Harness is a thin, editable browser-control harness from Browser Use. It connects an LLM-powered coding agent to Chrome over CDP, then gives the agent a browser-harness command plus a SKILL.md workflow for screenshots, coordinate clicks, raw CDP calls, helper edits, cloud browsers, and optional domain-specific skills.

Use it when a coding agent needs to operate a real browser session rather than only call a hosted scraping API or deterministic Playwright script. It is most relevant for Claude Code, Codex, and similar agents that can read the included skill instructions and then call the harness from a terminal.

Install

The upstream install guide recommends cloning the repository into a durable location and installing the checkout as an editable uv tool:

git clone https://github.com/browser-use/browser-harness
cd browser-harness
uv tool install -e .
command -v browser-harness

Then register the repository's SKILL.md with the agent host. The install guide documents a Codex path under $CODEX_HOME/skills/browser-harness/SKILL.md and a Claude Code path through an import in ~/.claude/CLAUDE.md.

The repository has a pyproject.toml for the browser-harness package, version 0.1.0, with Python 3.11+ and dependencies on cdp-use, fetch-use, pillow, and websockets. At verification time, the PyPI browser-harness name was a reserved placeholder rather than the documented install path, so prefer the repo checkout and editable uv install unless upstream publishes a package.

Browser Connection Modes

Mode How It Works Best Fit
Real Chrome profile Enable Chrome remote debugging from chrome://inspect/#remote-debugging and allow the harness to attach User-supervised tasks that need existing logins, cookies, extensions, bookmarks, or real browsing context
Isolated Chrome profile Launch Chrome with --remote-debugging-port=9222 and a non-default --user-data-dir Safer automation, repeatable tasks, and runs where popups or everyday profile access are not acceptable
Browser Use Cloud Start a remote daemon with BROWSER_USE_API_KEY, optional cloud profiles, proxy country settings, and timeout Parallel agents, headless servers, cloud browsers, proxy-backed browsing, or remote observation

Agent Capabilities

Area Browser Harness Coverage
Agent Host Claude Code, Codex, and other terminal agents that can load SKILL.md
Browser Control CDP websocket connection to local Chrome, isolated Chrome, or Browser Use Cloud
Interaction Style Screenshots first, coordinate clicks, keyboard input, JavaScript inspection, HTTP fetches, and raw CDP calls
Editable Workspace agent-workspace/agent_helpers.py for task-specific browser helpers
Domain Skills Optional BH_DOMAIN_SKILLS=1 mode for reusable site playbooks under agent-workspace/domain-skills/
Interaction Skills Reusable guidance for tabs, dialogs, downloads, uploads, iframes, shadow DOM, screenshots, scrolling, cookies, and profile sync
Maintenance browser-harness --doctor, daemon restart guidance, update checks, and cloud-browser shutdown behavior

Use Cases

  • Attach Codex or Claude Code to a local Chrome session for supervised web tasks.
  • Give an agent a cloud browser when local Chrome is unavailable or parallel sub-agents need isolated browser sessions.
  • Build reusable browser automation playbooks for sites such as GitHub, LinkedIn, Amazon, Shopify Admin, Gmail, Salesforce, Reddit, PubMed, SEC EDGAR, and other domains represented in the domain-skill tree.
  • Let an agent use screenshots and coordinate clicks when selectors are brittle or cross-origin iframes make normal DOM automation awkward.
  • Add task-specific helpers in agent-workspace/agent_helpers.py while keeping the protected core package small.
  • Compare Browser Harness with Browser Use, Playwright MCP, Hyperbrowser, Browserbase, Stagehand, Chrome DevTools MCP, and computer-use agents.

Source Review

Verified on 2026-06-18:

  • The upstream repository is browser-use/browser-harness, MIT-licensed, and GitHub metadata showed more than 15,000 stars.
  • The README describes Browser Harness as a thin, editable CDP harness that connects an LLM directly to a real browser.
  • The README includes a setup prompt for Claude Code or Codex and points agents to install.md.
  • The install guide documents editable installation with git clone and uv tool install -e ..
  • The install guide documents Codex and Claude Code skill registration paths for the repository's SKILL.md.
  • The install guide documents local Chrome remote debugging, isolated Chrome profiles, Browser Use Cloud browsers, BROWSER_USE_API_KEY, BU_CDP_URL, BU_CDP_WS, BU_NAME, and cloud browser shutdown behavior.
  • SKILL.md documents the browser-harness heredoc workflow, new_tab usage, screenshot-first operation, coordinate clicks, HTTP fetches, raw CDP calls, remote browsers, and optional domain skills.
  • AGENTS.md states that agents operating the harness edit inside agent-workspace/, including agent_helpers.py and domain-skills/.
  • The repository includes many domain-skill examples and interaction skills for browser mechanics such as downloads, uploads, dialogs, tabs, iframes, shadow DOM, profile sync, screenshots, and cookies.
  • pyproject.toml declares package name browser-harness, version 0.1.0, Python >=3.11, and a browser-harness console script.
  • The GitHub releases endpoint did not expose a latest release at verification time, so this entry does not claim a tagged release.

Safety and Privacy

Browser Harness is powerful because it lets an agent act inside the same browser surfaces a human uses. That is also the risk. Treat a real Chrome profile as account access, not as a disposable test browser. For sensitive accounts, start with an isolated Chrome profile or a dedicated cloud browser, then add explicit approval checkpoints for purchases, messages, profile changes, file uploads, form submissions, and destructive actions.

The domain-skill model is useful but public by default when contributed back to the repository. Keep generated skills generic, avoid screenshots or private data, and do not encode secrets, customer records, private internal routes, or credential-bearing examples.

Duplicate Check

Checked current content/tools/, content/mcp/, content/skills/, guides, README entries, open pull requests, and repository-wide content for Browser Harness, browser-use/browser-harness, Browser Use Cloud browser harness, CDP browser agent, browser-harness, and Browser Harness domain skills. The directory already has a Browser Use tools entry and several browser automation MCP entries, but no dedicated Browser Harness content entry, exact source URL duplicate, target file, or open duplicate PR was found.

Disclosure

Editorial listing. No paid placement or affiliate link is used. Browser Harness is MIT-licensed open-source software, while Browser Use Cloud, proxies, cloud profiles, captcha-related services mentioned by upstream, API keys, and remote browser sessions may have separate billing, terms, privacy controls, and usage limits.

#browser-harness#browser-use#browser-automation#cdp#claude-code#codex#agent-skills#cloud-browser

Source citations

Add this badge to your README

Show that Browser Harness is listed on HeyClaude. Paste this Markdown into your README — it renders the badge and links back to this page.

Listed on HeyClaude
[![Listed on HeyClaude](https://heyclau.de/badge/tools/browser-harness.svg)](https://heyclau.de/entry/tools/browser-harness)

How it compares

Browser Harness side by side with 3 alternatives on trust, install, platform support, and disclosed safety notes — all from reviewed registry metadata.

FieldBrowser Harness

MIT-licensed CDP browser-control harness from Browser Use that lets Claude Code, Codex, and other coding agents connect to a real or cloud Chrome browser, use screenshots and coordinate clicks, edit task-specific helpers, and optionally learn reusable domain skills for web automation workflows.

Open dossier 		Skills CLI

MIT-licensed `skills` CLI from Vercel Labs for installing, using, finding, listing, updating, removing, and initializing Agent Skills across Claude Code, Codex, Cursor, OpenCode, OpenClaw, Gemini CLI, GitHub Copilot, Windsurf, Zed, and dozens of other agent hosts.

Open dossier 		Browser Use

Open-source browser automation library for building AI agents that can navigate, click, type, and inspect websites.

Open dossier 		Hermes Agent

Nous Research AI agent with terminal UI, messaging gateway, skills, memory, MCP integration, scheduled automations, subagents, terminal backends, OpenClaw migration, model switching, and persistent cross-session workflows.

Open dossier
Trust
Install riskReview firstReview firstReview firstReview first
Notes Safety Privacy Safety Privacy Safety Privacy Safety Privacy
Categorytoolstoolstoolstools
Sourcesource-backedsource-backedsource-backedsource-backed
AuthorBrowser UseVercel LabsBrowser UseNous Research
Added2026-06-182026-06-182026-04-272026-06-18
Platforms
CodexCLI
CursorCodexCLI
CLI
CodexCLI
Source repo
Safety notesBrowser Harness can connect agents to a real logged-in Chrome profile. Remote debugging may expose active sessions, extensions, bookmarks, history, page content, downloads, uploads, and account actions to the agent. The documented Way 1 setup uses the user's everyday Chrome profile through `chrome://inspect/#remote-debugging`; require explicit user consent before attaching to sensitive accounts. The documented Way 2 setup launches Chrome with a non-default `--user-data-dir` and remote debugging port; keep that isolated profile separate from everyday browser data. Remote Browser Use Cloud sessions require `BROWSER_USE_API_KEY`, may use proxies, can persist profile state, and can continue billing until timeout or shutdown. Agents using Browser Harness can edit `agent-workspace/agent_helpers.py` and optional domain-skill files; review generated helper code and public skill contributions before reuse. Browser automation can submit forms, send messages, purchase items, scrape websites, change account settings, and upload files. Keep destructive or account-writing tasks behind confirmation.Agent Skills are executable instructions for coding agents. Inspect `SKILL.md` and supporting files before installing or using skills from unknown repositories. `skills add`, `skills update`, `skills remove`, and `experimental_sync` can write, replace, symlink, copy, or remove skill folders across many local agent directories. Review `--agent`, `--skill`, `--all`, `--global`, and `--yes` flags before running broad operations. `skills use` can materialize a skill into a temporary directory and print the generated prompt, or start a supported agent interactively with that prompt. Treat untrusted skill text as prompt-bearing code. Symlink install mode keeps a canonical copy and links agent directories to it. Copy mode creates independent copies. Choose deliberately when working across shared repos, Windows environments, containers, or synchronized directories. The CLI includes explicit warnings for OpenClaw community skills in `skills use`; do not bypass those warnings unless you understand the trust model for the selected source. The security audit lookup is best-effort and never blocks installation. A missing or safe-looking audit result is not a substitute for reviewing the skill source.Browser Use drives a real browser and can navigate, click, type, and submit forms autonomously; run it against trusted sites and review actions before granting access to logged-in sessions or sensitive accounts.Hermes Agent can run tools, shell commands, terminal sessions, scheduled jobs, subagents, skills, MCP servers, messaging gateways, and remote backends; review permissions before using it on sensitive systems. The README documents one-line shell installers for some platforms. Inspect installer scripts and prefer isolated package installs or disposable environments when evaluating the agent. OpenClaw migration can import settings, memories, skills, command allowlists, messaging settings, API keys, audio assets, and workspace instructions; use dry-run and non-secret presets before migrating real profiles. Scheduled automations and messaging gateways can run unattended and deliver results to external chat systems, so restrict allowed users, home directories, credentials, and write-capable tools. Terminal backends such as local shell, Docker, SSH, Singularity, Modal, and Daytona can touch local files, containers, remote hosts, cloud sandboxes, and GPU infrastructure.
Privacy notesBrowser Harness workflows can expose page screenshots, DOM text, URLs, cookies-backed login state, account data, downloads, uploads, form inputs, and extracted website data to the agent and configured model providers. Profile sync for Browser Use Cloud is documented as cookies-only, but it still moves browser authentication material into a remote browser environment. Cloud browser live URLs, proxy settings, profile identifiers, daemon logs, `/tmp` socket or pid files, and copied support artifacts may reveal browsing activity or account context. Public domain-skill PRs should not include secrets, private selectors tied to confidential apps, customer data, screenshots, credentials, tokens, or personal browsing history.By default, the CLI can send telemetry to `add-skill.vercel.sh` unless `DISABLE_TELEMETRY` or `DO_NOT_TRACK` is set. Telemetry fields in source include CLI version, CI flag, detected agent name, event type, source, selected skills, selected agents, global flag, source type, update counts, find query, and result counts. Security-audit lookup requests can send the skill source and selected skill slugs to the audit endpoint. Local project and global installs can persist source names, selected skills, agent targets, canonical paths, lock data, symlinks, and copied skill contents on disk. Skill contents used through `skills use` are embedded into the generated prompt and may be sent to the downstream model provider or interactive agent process.Page content, screenshots, and DOM data are sent to the configured LLM provider to plan actions, and agents can read and submit data on authenticated sites; control credentials and which pages agents can access.Conversation history, memory files, user profiles, skill outputs, session search indexes, tool arguments, tool results, model responses, gateway messages, audio transcripts, and logs may contain sensitive data. Model providers, messaging platforms, search/image/TTS/browser tool gateways, MCP servers, and remote terminal backends may receive prompts, files, commands, account identifiers, or generated outputs depending on configuration. OpenClaw migration may copy memories, persona files, skills, API keys, messaging settings, command allowlists, TTS assets, and workspace instructions into the Hermes profile. Keep provider keys, bot tokens, OAuth grants, migrated secrets, workspace paths, generated summaries, and session search data out of public prompts, screenshots, issues, and examples.
Prerequisites
  • Python 3.11 or newer, uv, git, and a durable local checkout for editable installation.
  • A Chrome or Chromium-based browser that can be attached through Chrome remote debugging, or a Browser Use Cloud API key for cloud browsers.
  • Codex, Claude Code, or another agent host that can read the Browser Harness `SKILL.md` instructions.
  • A clear boundary for which browser profile, logged-in sites, cloud browser sessions, downloads, uploads, and account actions the agent may access.
  • Node.js 18 or newer for the published `skills` npm package.
  • At least one supported agent host installed if using auto-detected targets, such as Claude Code, Codex, Cursor, OpenCode, OpenClaw, Gemini CLI, GitHub Copilot, Windsurf, Zed, or another supported agent.
  • A reviewed skill source from GitHub, GitLab, a git URL, a local path, a direct skill folder, or another supported provider.
  • A decision between project-scoped skills that live under the current repository and global skills that live under the user's home/config directories.
— none listed
  • Python 3.11 through 3.13 for the packaged Python project.
  • uv, pipx, or another isolated Python application installer.
  • Model provider credentials for Nous Portal, OpenRouter, NovitaAI, NVIDIA NIM, OpenAI-compatible endpoints, or another configured provider.
  • A clear tool and terminal-backend policy before enabling local shell, Docker, SSH, Singularity, Modal, Daytona, browser, search, messaging, or MCP features.
Install
git clone https://github.com/browser-use/browser-harness && cd browser-harness && uv tool install -e .
npm install -g skills
uv tool install hermes-agent
Config
{
  "projectInstall": "npx skills add vercel-labs/agent-skills --skill frontend-design -a claude-code",
  "globalInstall": "npx skills add vercel-labs/agent-skills --skill frontend-design -g -a claude-code -y",
  "temporaryUse": "npx skills use vercel-labs/agent-skills@web-design-guidelines | claude",
  "disableTelemetry": "DISABLE_TELEMETRY=1 npx skills list"
}
Citations
ClaimUnclaimedUnclaimedUnclaimedUnclaimed

Signals

Loading live community signals…

More like this, weekly

A short, calm digest of reviewed Claude resources. Unsubscribe any time.