Launch HN: Browser Use (YC W25) – open-source web agents

Original Article ↗ Hacker News Discussion ↗

Positioning vs Other Tools

  • Compared to Stagehand, Browser Use is described as higher‑level and “end‑to‑end” rather than step‑by‑step, and compatible with many LLMs (including local ones via Ollama).
  • Versus Skyvern, commenters see Browser Use as an open‑source framework with a simple cloud “one prompt and go” layer, while Skyvern feels more like a closed web app.
  • Some ask how it compares to TaxyAI’s DOM‑based extension; no detailed answer appears in the thread.

Security & DevTools Concerns

  • A substantial subthread criticizes the guidance to attach to a user’s real Chrome profile via remote debugging (CDP) as “inherently insecure,” referencing known Chromium issues.
  • Attack vector: devtools port has no auth and can be exploited (e.g., via XSS) to compromise the browser and potentially the host machine.
  • Alternatives discussed: ChromeDriver, minimal‑permission extensions, WebViews; disagreement over which approach is safer.
  • Several commenters say local use in this mode is “unusable” until addressed; cloud use shifts risk to trusting the provider with passwords instead.

Integrations & MCP Debate

  • Some users want MCP (Model Context Protocol) support to plug Browser Use into tools like Cursor and Claude Desktop.
  • Maintainers initially view MCP as unnecessary “gimmick” vs direct HTTP APIs, but are swayed by repeated user requests and existing community MCP wrappers.
  • Pro‑MCP arguments: standardized tooling, easier integrations, explicit user opt‑in, and better security boundaries than arbitrary HTTP/curl.

Scraping Ethics & Website Impact

  • Concerns about agents driving huge traffic spikes, ignoring robots.txt and rate limits, and increasing hosting bills 100–1000%.
  • Browser Use team mentions possible mitigations: only fetching interactive elements, skipping media, caching via eTags, and a long‑term vision where agents pay for data.
  • Critics highlight marketing claims like “extract data behind login walls” as adversarial to sites and liken it to “breaking into someone’s house.”
  • There’s a request for an easy way for site admins to detect and block Browser Use traffic.

Reliability, Determinism & Speed

  • Mixed reports: quickstart Reddit example sometimes fails, while more complex internal workflows can work surprisingly well.
  • Issues cited: loops while loading a tab, hallucinated form inputs (e.g., fake addresses), lack of a verifiable feedback loop that what was requested actually happened.
  • Ideas: record agent histories, extract xPaths/DOM selectors from successful runs, then re‑run deterministically and use LLMs as a repair fallback.
  • Users want faster execution; maintainers say they’re already significantly faster than some vision‑heavy competitors and discuss specialized inference (e.g., Groq) and custom actions for common flows like WhatsApp.

Use Cases, RPA & Testing

  • Strong excitement from people doing:
    • Legacy web/CRM integration and internal tools
    • RPA‑style workflows, with Browser Use turning agent runs into repeatable scripts
    • Automated web testing and accessibility, especially if xPaths/DOM or accessibility trees can be captured once and reused.
  • There’s interest in extending these ideas to native Windows apps (with pointers to OmniParser, Pig, AskUI) and eventually to mobile device automation.

Licensing & Open‑Source Strategy

  • MIT license draws praise but also warnings: cloud vendors could repackage and undercut them, as allegedly happened with Elasticsearch, MongoDB, Redis.
  • Some predict a future shift to AGPL or a business license; maintainers don’t commit either way in the thread.

Anti‑bot / Platform‑Specific Issues

  • LinkedIn is highlighted as particularly hostile to automation: CAPTCHAs, nested scrollable UIs, detection. Suggested mitigations include using a separate browser profile.
  • A user reports being blocked within seconds by a real‑estate site and asks about stealth measures; no concrete anti‑detection roadmap is given.
  • One commenter distinguishes “agents” (acting as user clones) from traditional scraping bots but acknowledges sites that truly don’t want agents will escalate defenses.

Community Reception

  • Overall sentiment is highly positive: many see Browser Use as a leading open‑source building block for browser agents and RPA.
  • Users share creative demos (e.g., ordering food from smart glasses) and plan to integrate it into products, while recognizing that security hardening, speed, determinism, and site‑friendliness remain open challenges.