browse.sh — an open catalog of browser automation skills for any website. Find reusable SKILL.md recipes that teach AI agents to complete tasks online, and install them with the browse CLI.
The "npm for browser skills" framing is exciting and honestly a little scary. With an open catalog and community contributions, when two skills exist for the same site, how does an agent decide which one to trust? And what stops a subtly wrong or even malicious skill from spreading before your weekly revalidation catches it? Feels like skill provenance and reputation become the real product once the catalog gets big.
This is a great use of memory! How do you deal with information recency?
Report
Maker
@patrick_monnot A little confused by the question, but I'll attempt to answer. We revalidate the skills every week so our skills stay up to date (if the page changes or data updates, our skills should too). Memory here is like a weak cache, we invalidate if our data is stale.
Congrats on the launch! What are some surprisingly hard websites/workflows for agents to automate today that Browse.sh makes easier?
Report
Interesting angle. For agent browser automation, the thing I’d want to inspect first is not just success rate, but replayability: logs, screenshots, failed steps, and whether the agent can hand control back cleanly when the page changes.
Report
the CLI install pattern is the right distribution mechanism for developers but the interesting question is who maintains skills for sites that actively try to block automation. linkedin and some other platforms regularly update their markup specifically to break scrapers and automation tools. does browse.sh have a position on skills for sites that have terms of service prohibiting automated access or is that left entirely to the skill author and the person installing it
Report
Is there any way to bypass bans? For example, Amazon doesn’t seem to like AI agents very much and bans them outright.
Report
Love the positioning here—giving agents 'muscle memory' is a brilliant way to frame web automation. Capturing UI changes is usually what breaks most web scrapers or browser bots. How does browse.sh handle dynamic UI changes or heavy anti-bot protections (like Cloudflare) when an agent is executing a task?
Replies
recreation.gov skill is a life-saver!!
love the domain based installation!
browse skills add amazon.com
Composio
great ship guys! composio loves browserbase
The "npm for browser skills" framing is exciting and honestly a little scary. With an open catalog and community contributions, when two skills exist for the same site, how does an agent decide which one to trust? And what stops a subtly wrong or even malicious skill from spreading before your weekly revalidation catches it? Feels like skill provenance and reputation become the real product once the catalog gets big.
Pod
This is a great use of memory! How do you deal with information recency?
@patrick_monnot A little confused by the question, but I'll attempt to answer. We revalidate the skills every week so our skills stay up to date (if the page changes or data updates, our skills should too). Memory here is like a weak cache, we invalidate if our data is stale.
codefy.ai
Congrats on the launch! What are some surprisingly hard websites/workflows for agents to automate today that Browse.sh makes easier?
Interesting angle. For agent browser automation, the thing I’d want to inspect first is not just success rate, but replayability: logs, screenshots, failed steps, and whether the agent can hand control back cleanly when the page changes.
the CLI install pattern is the right distribution mechanism for developers but the interesting question is who maintains skills for sites that actively try to block automation. linkedin and some other platforms regularly update their markup specifically to break scrapers and automation tools. does browse.sh have a position on skills for sites that have terms of service prohibiting automated access or is that left entirely to the skill author and the person installing it
Is there any way to bypass bans? For example, Amazon doesn’t seem to like AI agents very much and bans them outright.
Love the positioning here—giving agents 'muscle memory' is a brilliant way to frame web automation. Capturing UI changes is usually what breaks most web scrapers or browser bots. How does browse.sh handle dynamic UI changes or heavy anti-bot protections (like Cloudflare) when an agent is executing a task?