I submitted a remote code execution to the browser-use about 40 days ago. GHSA-r2x7-6hq9-qp7v I am a bit stunned by the lack of response. Any safety concerns in this project?

That's pretty good, I've achieved pretty much the same thing using the vercel's agent-browser, but I've tried playwright and it worked easily as good. Its good for scraping, automating stuff in the browser.

> The new paradigm? SKILL.md + a few python helpers that need to have the ability to change on the fly. [...] What would you call this new paradigm? A dialect?

It's called "agentic coding" for all I know, and isn't a new paradigm, the whole purpose with agentic coding is that it uses tools to do their thing, then those tools could be structured as the good old JSON schema tools next to the implemented runtime, or as MCP, or HTTP API or whatever, the "paradigm" is the same: Have a harness, have a LLM, let the harness define tools that the LLM can use those.

I was wondering when someone would finally build this.

Anyway, of course this will be superseded by a harness that provides freedom to complete any task within the OS.

If I'm understanding correctly, this might be the first example of just-in-time agentic coding that I've come across.

I’d call it “open washing”, but it looks cool. Good luck with it

1. Can you elaborate on the self healing?

2. Can you publish a tabular comparison on your README?

3. What information gets sent to your API server?

I'm struggling to see why I should use this over agent-browser; I have not yet run into the "cross origin iframes" problem. Is this more for the 'claw crowd?

Sawyer Hood's dev-browser[0] allows the browser to write playwright JS code directly. Do you have cases where his approach fails and yours works?

[0] https://github.com/SawyerHood/dev-browser

And that's how I woke up with an LLM roleplaying with itself while looking at porn.

[dead]