Stats
Actions
Tags
From stagehand
Build local constrained-browser agents with a safe_browser tool that enforces domain allowlists via CDP Fetch interception. Use for safe browsing demos or scraping with domain policy.
How this skill is triggered — by the user, by Claude, or both
Slash command
/stagehand:safe-browserThis skill is limited to the following tools:
The summary Claude sees in its skill listing — used to decide when to auto-load this skill
Build a local browser-agent demo where the generated runtime agent has exactly one browser capability: `safe_browser`. The tool owns the Playwright/CDP session, enables `Fetch` interception for all requests, and fails any request whose host is not allowlisted.
Build a local browser-agent demo where the generated runtime agent has exactly one browser capability: safe_browser. The tool owns the Playwright/CDP session, enables Fetch interception for all requests, and fails any request whose host is not allowlisted.
This skill is a builder guide. The skill itself is not the runtime boundary; the generated Claude Agent SDK app is.
Use the Claude Agent SDK local template:
cp -R skills/safe-browser/templates/claude-agent-sdk /tmp/safe-browser-demo
cd /tmp/safe-browser-demo
npm install
cp ~/Developer/scratchpad/.env .env 2>/dev/null || true
node hn-scraper-demo.mjs
To watch the local browser instead of running headless:
SAFE_BROWSER_HEADLESS=false node hn-scraper-demo.mjs
If Chromium is missing:
npx playwright install chromium
User task
-> coding agent uses this skill to create a demo app
-> Claude Agent SDK runtime agent
-> only tool: safe_browser
-> local Chromium
-> CDP Fetch.enable({ urlPattern: "*" })
-> allowlist decision
-> Fetch.continueRequest for allowed hosts
-> Fetch.failRequest for blocked hosts
Expose constrained actions, not raw CDP:
goto: navigate to an absolute URL through Page.navigate.extract_front_page: return structured data for the Hacker News front page.extract_comments: return structured data for a Hacker News comments page.current_url: report the current page URL.audit_log: return CDP allow/block decisions.Do not expose { method, params } CDP passthrough. The agent must not be able to call Fetch.disable, create targets, attach new sessions, or run arbitrary shell/browser clients.
For the Hacker News demo, an accessibility snapshot is not necessary. Purpose-built extractors are easier to verify and harder to misuse than a broad page snapshot.
Always run the generated demo and show concrete output. A passing demo must prove:
safe_browser.https://news.ycombinator.com.Fetch.requestPaused for that URL.Fetch.failRequest.news.ycombinator.com.The template script already performs these assertions.
safe_browser.npx claudepluginhub browserbase/skillsWraps agent-browser skill with security features: URL blocklisting, rate limiting, robots.txt enforcement, ethical scraping guardrails. Use for safe browser automation workflows.
Automates browser interactions with agent-browser CLI: navigate URLs, click/fill elements, take screenshots, extract content, multi-step workflows. For web scraping, form automation, site tasks.
Controls the user's already-running Chrome via CDP to automate, scrape, test, or interact with web pages. Uses screenshots and coordinate clicks by default.