Safe Browser

Skill Verified Active

Build local constrained-browser agents with a safe_browser tool that owns CDP, enforces a domain allowlist with Fetch interception, and lets a runtime Claude Agent SDK agent complete browsing tasks without raw browser, shell, or CDP access. Use when the user wants an agent to browse or scrape while staying on approved domains, demo blocked off-domain navigation, or generate a safe browser client.

Purpose

To enable users to build and demonstrate browser agents that operate within strict domain boundaries, ensuring safety and control during web browsing and scraping tasks.

Features

Builds local constrained-browser agents
Enforces domain allowlist with CDP Fetch interception
Provides a `safe_browser` tool with restricted capabilities
Includes example for Hacker News scraping with security checks
Generates audit logs and artifacts for verification

Use Cases

Browsing or scraping while staying on approved domains
Demonstrating prompt-injection or link-following containment
Building scrapers or browser workflows with domain policy
Generating a Claude Agent SDK example for browser tasks

Non-Goals

Providing a general-purpose browser automation tool
Allowing agents raw browser, shell, or CDP access
Supporting off-domain navigation or arbitrary web requests

Workflow

Copy the local template and set up the environment.
Run the provided Node.js script (`hn-scraper-demo.mjs`).
Observe the agent interacting with the `safe_browser` tool.
Verify browser navigation stays within the allowlist.
Review generated artifacts (audit log, screenshots) for proof of concept.

Prerequisites

Node.js installed
Chromium browser installed (or will be installed via Playwright)

Installation

First, add the marketplace

/plugin marketplace add browserbase/skills

/plugin install skills@browserbase

Quality Score

Verified

99 /100

Analyzed about 21 hours ago

Trust Signals

Last commit1 day ago

GitHub owner browserbase

Stars3.2k

Downloads 0

LicenseMIT

Websitebrowserbase.com

Status

View Source

Similar Extensions

Use My Browser

100

Use when work depends on the user's live browser session or visible rendered state rather than static fetches, especially for browser debugging contexts or DevTools-selected elements or requests, logged-in dashboards or CMS flows, localhost apps, forms, uploads, downloads, media inspection, DOM or iframe inspection, Shadow DOM, or browser failures that look like soft 404s, auth walls, anti-bot checks, or rate limits.

Skill

xixu-me

Skillify

Codify the most recent successful /scrape flow into a permanent browser-skill on disk. Future /scrape calls with the same intent run the codified script in ~200ms instead of re-driving the page. Walks back through the conversation, synthesizes script.ts + script.test.ts + fixture, runs the test in a temp dir, and asks before committing. Use when asked to "skillify", "codify", "save this scrape", or "make this permanent". (gstack)

Skill

garrytan

Project Session Manager

100

Worktree-first dev environment manager for issues, PRs, and features with optional tmux sessions

Skill

Yeachan-Heo

Public Google Drive

100

Create public Google Docs or Google Sheet files without requiring OAuth. Use this skill to create and edit Google Docs and Sheets, no Google sign-in required. Documents are viewable at shareable links. Registration is automatic on first use.

Skill

zagmoai

Oh My Claudecode

100

Process-first advisor routing for Claude, Codex, or Gemini via `omc ask`, with artifact capture and no raw CLI assembly

Skill

Yeachan-Heo

X Twitter Scraper

100

Use when the user needs X (Twitter) data or confirmation-gated X actions through Xquik: tweet search, user lookup, follower extraction, media download, monitoring, webhooks, MCP, SDKs, posting, likes, DMs, and profile updates. Requires a Xquik API key. Never ask for X login material.

Skill

Xquik-dev