Many so-called browser skills and web-automation toolkits still revolve around an old question: how do I open a page, click a control, scrape some content, and move on. Their center of gravity is the size of the toolbox, not whether the browser itself is actually the evidence source.

use-my-browser matters because it reframes the problem. It does not treat the browser as a default path, and it does not try to funnel every web task into browser automation. Its real concern is different: once Chrome DevTools MCP makes it possible for an agent to attach to the user’s current browser session, how should that agent take over deliberately, verify capability, operate safely, recover from ambiguity, and preserve reusable experience from the run?

What this skill really delivers, then, is not “more browser commands.” It delivers a browser-session operating protocol.

1. Why use-my-browser is worth analyzing on its own

1.1 The browser becomes evidence, not just a transport

The first principle in use-my-browser is very clear: only take the browser route when the browser itself is the evidence source. In practice, that means things like:

  • the real state of an already authenticated session
  • the rendered UI the user can actually see
  • lazy-loaded, hover-only, expanded, dragged, or uploaded states that only exist after interaction
  • an element or request the user has already selected in DevTools
  • the real behavior of a localhost app inside a browser

That is a very different center of gravity from classic web retrieval. In many systems, search, fetch, and curl are the default, and the browser is just a fallback. In use-my-browser, some tasks treat the browser as the only trustworthy observation surface.

1.2 Chrome DevTools MCP changes the problem definition

The skill is built around a newer workflow made possible by Chrome DevTools MCP. In the older model, agents either performed static retrieval or launched a fresh automation browser. Those two paths were separate, and the clues a user had already isolated in DevTools were hard to hand off naturally.

With Chrome DevTools MCP, three assumptions change:

  • the agent can reuse the browser session the user already has open and authenticated
  • the agent can continue from an existing debugging context, such as a selected DOM node or network request
  • manual debugging and AI-assisted debugging can happen in one continuous session rather than in parallel browser worlds

At that point, the hard problem is no longer just “how do I control a tab?” It becomes “when should I take over the current session, how do I avoid destroying the current context, and when do I stop and report missing capability?”

1.3 It is deliberately not the default for all web tasks

One of the strongest design choices in this skill is restraint. Right in the entrypoint, it forces every task into one of two classes:

  • static-capable
  • browser-required

That boundary is doing serious work. If a task only needs a stable URL, a few deterministic fields, public text, or metadata, it should stay on the static path. There is no virtue in opening the browser just because the browser is available.

On the other hand, once a task is classified as browser-required, the skill forbids silent downgrade. If the environment lacks the required browser capabilities, the task should be marked blocked, not “completed” with lower-fidelity evidence.

That is a meaningful engineering stance: routing must follow evidence quality, not tool preference.

2. Core methodology: define the evidence first, then choose the route

2.1 Goal-first, not tool-first

In task-routing.md, the skill keeps returning to the same discipline: define what counts as done, define what evidence would prove it, and only then choose the route.

That sounds simple, but it blocks a lot of bad browser habits. For example:

  • “Confirm that the toggle is still visible after saving on the settings page” is a browser task because the visible state is the evidence.
  • “Extract the canonical URL and title from a public page” is a static task because the browser adds no higher-quality proof.
  • “Try static extraction first, and only escalate if the media source is not actually exposed” is an evidence-driven escalation path.

The important point is that the skill does not choose a tool and then rationalize it afterward. It starts from the success condition and works backward.

2.2 The split between static-capable and browser-required

The routing logic in use-my-browser can be summarized like this:

  1. If a stable URL plus direct retrieval can answer the question, stay on the static path.
  2. If the task depends on login state, rendered UI, browser-native interaction, localhost behavior, lazy content, or DevTools context, classify it as browser-required.
  3. Once it is browser-required, do not quietly switch back to non-browser tools and pretend the answer is equivalent.

This matters because many browser-heavy questions are easy to accidentally flatten. Questions like “what does the user actually see,” “did the upload flow really trigger,” or “did the save operation materially change state” tend to get misreduced into “I fetched some HTML and it looked plausible.”

use-my-browser pushes back very explicitly against that reduction.

2.3 Prove capability before you mutate anything

Many automation systems assume the environment is usable and improvise after failure. use-my-browser turns capability proof into a formal step.

In browser-capability-matrix.md, capability is not established by guessing binaries, process names, or shell commands. It is established by real browser-tool calls, such as:

  • whether page inventory can be listed
  • whether a task-owned page can be created
  • whether that page can be selected
  • whether snapshot-style visible state can be read
  • whether DOM-level inspection is available when needed
  • whether upload support is actually callable for upload tasks

This is especially important for localhost and 127.0.0.1. The skill explicitly refuses to treat “I can open a page” as equivalent to “I can perform the deeper browser interaction this task depends on.” It cares about a complete capability chain, not a superficial sign that a browser exists.

3. Implementation shape: a layered protocol rather than a bag of tricks

3.1 One entrypoint plus single-purpose references

From an implementation standpoint, use-my-browser does not try to be one enormous do-everything document. Instead, it uses a very disciplined structure:

  • SKILL.md owns scope, classification, hard rules, and reference loading
  • each reference file owns one narrow operational concern
  • references stay one level deep rather than turning into a second routing hierarchy

That is a smart way to encode a browser protocol. Browser work becomes chaotic very quickly: routing, page actions, uploads, recovery, DevTools handoff, media inspection, anti-automation diagnosis, and parallel coordination are all easy to mix together. Once that happens, the agent loses constraints.

use-my-browser solves that by letting the entrypoint decide the task shape first, then loading only the one or two references that actually matter for the current run. It keeps breadth without collapsing into a tangled playbook.

3.2 The default browser loop: page ledger, snapshots, native actions

In browser-playbook.md, the skill defines a default operating loop that is worth studying on its own:

  1. list_pages and build a page ledger
  2. new_page only when a task-owned page is actually needed
  3. select_page before page work
  4. take_snapshot to understand current state
  5. prefer MCP-native actions first
  6. refresh understanding after any action that may have changed the UI
  7. escalate to evaluate_script only when the snapshot is insufficient

Two details here are especially strong.

First, it expects a lightweight page ledger that tracks at least pageId, a stable page identity, ownership, whether the page was created by the task, and whether it should be closed at exit. In other words, it does not treat “the current page” as a magical global. It treats pages as resources with state and ownership.

Second, it makes take_snapshot, not screenshots, the default understanding tool. Screenshots are reserved for cases where visual rendering itself is the evidence, such as layout bugs, charts, canvas state, or frame-specific media analysis.

That is pragmatic design. It prefers structured, actionable, low-overhead understanding over heavy screenshots and broad scripting by default.

3.3 How the selector bridge reconnects selector knowledge to MCP-native interaction

This is one of the most interesting engineering ideas in the skill.

Real pages often create an awkward mismatch: you may already know a reliable CSS selector and can find the element in the DOM, but the MCP action model operates on accessibility-tree uids. Those are different addressing systems. The result is that the agent “knows the target” but still lacks a clean MCP-native handle for click or upload_file.

selector-bridge.md solves that with a six-step bridge:

  1. use evaluate_script to locate the target with existing selector knowledge
  2. inject a temporary, unique, removable aria-label or other bridge marker
  3. run take_snapshot again
  4. find the corresponding uid in the snapshot
  5. perform click or upload_file on that MCP-native target
  6. remove the marker afterward

This may sound like a small tactic, but it preserves two important properties at once:

  • the interaction stays MCP-native rather than degrading into el.click()
  • understanding and action remain inside the same snapshot-driven protocol

Uploads in particular are a first-class bridge case. If the file input exists but the snapshot does not expose an actionable target, the skill recommends bridging early rather than flailing through random clicks.

4. The most valuable idea: it actually understands what it means to take over the user’s current session

4.1 DevTools-context handoff instead of blind replay

If the biggest waste in many browser systems is redoing work the user already did, debug-handoff.md is a direct answer to that problem.

When the user has already provided a debugging scene, the agent is supposed to continue from that context instead of rebuilding the whole flow. Typical cases include:

  • the user already selected the broken element in Elements
  • the user already selected the failing request in Network
  • the page is already paused in a state that is difficult to reproduce

The preferred order is:

  1. reuse the current browser session
  2. reuse the current debugging context if the host exposes it
  3. if selection is not directly exposed, re-anchor from current page state with the smallest possible move
  4. reproduce from scratch only when the current context is stale, missing, or insufficient

That is more than a performance optimization. It is a serious respect-for-evidence rule. If the user has already isolated the scene, the agent should not pretend the only valid investigation starts from zero.

4.2 “Visible confirmation + structural proof” for control-plane workflows

Another especially mature part of this skill is control-plane-workflows.md. It treats dashboards, CMS surfaces, editors, settings pages, and publish flows as control planes and gives them a stricter protocol than ordinary browsing.

The real danger in control-plane work is not merely that a click fails. It is that a click appears to succeed while the underlying state remains ambiguous. So the skill imposes a hard rule for state-changing actions:

  • one visible confirmation signal
  • plus one structural proof

The visible signal might be a toast, banner, state badge, or button copy changing from Saving to Saved. The structural proof might be:

  • a route or URL transition
  • a stable timestamp or status indicator
  • a newly visible row, card, or asset in the expected container
  • when the UI is ambiguous, one confirming network result

This distinction is crucial. It prevents the agent from misreporting “the click happened” as “the business state changed.” For publish, delete, send, or externally visible updates, that is not optional caution. It is the difference between a trustworthy result and a dangerous hallucination.

4.3 A stop-loss model for anti-automation friction

When pages become weird, many automation systems respond by clicking harder and faster. anti-automation-friction.md does the opposite. It tells the agent to slow down, gather one fresh round of evidence, classify the failure, and attempt at most one deliberate alternative.

It separates the problem into three buckets:

  • route or parameter error
  • missing auth or session
  • anti-automation friction

Those diagnoses lead to very different actions. For example:

  • if the site-generated href works but the hand-built URL soft-404s, trust the DOM-discovered route
  • if the page clearly redirects to sign-in or replaces the control with an auth wall, describe the exact blocked capability
  • if the page starts producing no-op clicks, rate-limit signals, or unstable availability, do not increase mutation pressure or spray fresh tabs

This is a strong stop-loss discipline. It protects both site pressure and evidence quality.

5. Going deeper into the page: lazy content, media state, and stale-target recovery

5.1 Minimum-trigger discipline for iframes, Shadow DOM, and collapsed content

In deep-dom.md, the skill is very explicit that iframe, Shadow DOM, collapsed sections, and lazy-loaded regions should not trigger a “just expand everything and scrape the page” reflex. It uses a minimum-trigger rule instead.

That means:

  • for same-origin iframes, prefer visible evidence first and only inspect contentDocument when necessary
  • for Shadow DOM, first ask what the host already proves before entering shadowRoot
  • for collapsed sections, try structural reading before expanding
  • for lazy-loaded content, record the initial state, make one deliberate trigger, and record extra retries explicitly

This keeps browser work focused on “do just enough to prove the conclusion” instead of “do as much interaction as possible.” That reduces action noise and lowers the risk of turning transient UI movement into fake evidence.

5.2 Media inspection is not screenshot-first; it is evidence-ladder-first

media-inspection.md shows the same discipline. It does not encourage “if there is an image or video, take a screenshot.” Instead, it defines an evidence ladder:

  1. inspect the page-level media element and surrounding metadata
  2. inspect <source>, currentSrc, player state, and direct resource clues
  3. only move to the underlying media resource when it answers the question better than the page can

This is especially important for video analysis. The skill prefers checking <video> state such as currentSrc, duration, currentTime, and paused, then performing a controlled seek if needed, and only then taking a targeted screenshot of the relevant frame.

That is a genuinely professional distinction. Many “video page” tasks do not really need a full-page image. They need a combination of player state, source identity, timestamp, and one precise visual confirmation.

5.3 The recovery loop: reselect, resnapshot, then make one justified escalation

The most common browser failures are not catastrophic crashes. They are ambiguity: a uid went stale, the page drifted, an upload rerendered the control tree, or a broad DOM read picked up stylesheet blobs and extension noise.

browser-recovery.md answers that with a compact recovery loop:

  1. reselect the intended page
  2. take a fresh snapshot
  3. decide whether the old uid, page assumption, or extracted evidence is stale
  4. make one escalation that matches the strongest current hypothesis
  5. stop once the next browser decision is clear

The key phrase is “one justified escalation.” If the strongest hypothesis is a script error, inspect console first. If it looks like a submit path that never fired, inspect network first. If it is probably just a rerendered target, reacquire a fresh uid first. The skill explicitly rejects the habit of stacking retries, new tabs, console inspection, network dives, and DOM rewrites all at once.

That is exactly what separates a mature operating protocol from ad hoc improvisation.

6. Why it is more mature than an ordinary browser skill

6.1 Site patterns as verified memory rather than folklore

Under references/site-patterns/, use-my-browser defines a site-memory system, but the important part is the discipline attached to it.

The skill only wants site notes for verified, operationally meaningful facts, such as:

  • a domain losing auth state under isolatedContext
  • a detail page that must be entered from a DOM-generated href because hand-built URLs soft-404
  • an upload control that reliably needs a particular bridge pattern

Vague impressions like “this site looks like React” or “the dialog feels flaky” are not allowed into the memory system.

It goes further than that. Notes carry fields like updated, confidence, and evidence, and every browser run is supposed to end with a review: did this run verify a reusable fact, disprove a stored fact, or teach nothing domain-specific?

That turns “experience” from informal instinct into a maintainable protocol asset that can be updated, downgraded, or removed.

6.2 Parallel collaboration built on one-owner-per-page discipline

parallel-browser-ownership.md handles another problem that is easy to underestimate: once multiple pages, agents, or delegated subtasks enter the browser, page visibility is not the same thing as page ownership.

Its core rule is extremely simple and extremely effective:

  • one owner per page
  • only operate on pages you created or explicitly own
  • do not assume that visibility in list_pages grants permission to select, mutate, or close the page

This directly addresses some of the ugliest browser-collaboration failures:

  • two agents rerendering the same SPA tab
  • one agent acting on another agent’s stale uid
  • cleanup becoming unsafe because nobody knows which pages are closable

Compared with the implicit model of “everyone shares the same browser, so everyone can touch everything,” this ownership discipline is far better suited to multi-agent MCP workflows.

6.3 Its relationship to web-access is specialization, not replacement

The README openly acknowledges inspiration from web-access, especially around evidence-based routing, treating browser work as a serious operating mode, and preserving site knowledge.

But the two skills do different jobs.

web-access is a broader web toolbox. It is concerned with how to combine search, retrieval, browser work, and site-specific exceptions across the whole web stack. use-my-browser narrows the mission dramatically. It focuses on one harder question: when the task truly depends on the user’s current browser session, how should an agent take that session over safely and with high fidelity?

Because of that narrower mission, it can go much deeper on questions such as:

  • when the browser is actually required
  • how to prove the session’s capabilities are real
  • how to inherit an existing DevTools context
  • how to confirm that a control-plane mutation actually took effect
  • how to recover from stale targets and ambiguous page state
  • how to turn domain experience into maintainable memory

That is not a smaller ambition. It is a sharper one.

Closing Thoughts

What makes use-my-browser worth serious attention is not that it makes browser automation look more sophisticated. It is that it pushes the problem back onto the questions that actually matter:

  • define the evidence before choosing the route
  • prove capability before mutating state
  • reuse the user’s current session and debugging context whenever possible
  • keep interaction MCP-native for higher-fidelity page control
  • require stronger confirmation on high-risk control planes
  • recover from stale targets and ambiguous state through a defined loop
  • replace fuzzy intuition with verified, maintainable site memory

If early browser skills often felt like “giving the agent a remote control for clicking websites,” use-my-browser feels more like giving the agent a field manual for operating inside a live browser scene. It does not try to own every web task. Instead, it concentrates on a harder and more realistic one: when the browser session itself has become the source of truth, how do you let the agent take over efficiently, disturb the user as little as possible, and leave behind reusable operational knowledge when the task is done?

Seen that way, this is not just another browser skill with more documentation. It is a mature strategy-layer implementation for the browser-collaboration model that the Chrome DevTools MCP era is making possible.