[STG-1898] feat: add safe browser skill

[shrey150]

Linear: https://linear.app/browserbase/issue/STG-1898/add-safe-browser-skill

Summary

• add a safe-browser skill for local Claude Agent SDK constrained-browser demos
• include a runnable Hacker News scraper template whose only runtime browser tool is safe_browser
• enforce the HN allowlist through CDP Fetch.enable / Fetch.failRequest and write audit artifacts

Verification

• npm start in skills/safe-browser/templates/claude-agent-sdk -> PASS safe-browser Hacker News demo
• JSON parse check for marketplace, template package, and lockfile
• npm run build currently fails before this change because tsconfig.json has no TypeScript inputs (TS18003)

---

Note

Medium Risk
Adds a new executable Playwright/CDP demo template with network interception and local browser automation, which could be misused or be brittle across Chromium/CDP changes, but it’s isolated to new skill/template content.

Overview
Adds a new safe-browser skill to the marketplace and README, documenting how to build constrained local browsing agents whose only capability is a safe_browser tool.

Introduces a runnable Claude Agent SDK + Playwright template (hn-scraper-demo.mjs) that enforces a domain allowlist via CDP Fetch interception (continueRequest vs failRequest), logs tool/CDP/audit events, and writes verification artifacts (result, logs, screenshot) for a Hacker News scraping demo.

^{Reviewed by Cursor Bugbot for commit f577c36. Bugbot is set up for automated code reviews on this repo. Configure here.}

[cursor]

Cursor Bugbot has reviewed your changes and found 1 potential issue.

^{❌ Bugbot Autofix is OFF. To automatically fix reported issues with cloud agents, enable autofix in the Cursor dashboard.}

^{Reviewed by Cursor Bugbot for commit f577c36. Configure here.}

[cursor]

Blocked-external assertion matches error-handler entries with null host

Low Severity

The blockedExternal filter uses entry.host !== "news.ycombinator.com", which also matches error-handler audit entries where host is null (since null !== "news.ycombinator.com" is true). This means the verification assertion "Expected one blocked off-domain request" could pass when the only "blocked" entry was caused by a handler error, not by the allowlist actually blocking an external domain. The filter needs an additional entry.host !== null check to only match genuine allowlist-based blocks.

Additional Locations (1)

• skills/safe-browser/templates/claude-agent-sdk/hn-scraper-demo.mjs#L149-L158

 

^{Reviewed by Cursor Bugbot for commit f577c36. Configure here.}

[shubh24]

// Instead of intercepting EVERYTHING:
await page.sendCDP("Fetch.enable");

// Only intercept document navigations:
await page.sendCDP("Fetch.enable", {
  patterns: [{ resourceType: "Document", requestStage: "Request" }]
});

With resourceType: "Document", only top-level page navigations (and iframes) get intercepted. CSS, JS, images, fonts, etc. all pass through untouched.

[codeCraft-Ritik]

Great work! The implementation looks clean, and the change feels well-scoped.