🚀 Socket Launch Week Day 4:Socket MCP Adds Org Alerts, Threat Feed Review, and Package Inspection.Learn more
Sign In

@mastra/browser-viewer

Package Overview
Dependencies
Maintainers
1
Versions
91
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install
Package version was removed
This package version has been unpublished, mostly likely due to security reasons
This package has malicious versions linked to the ongoing "Mastra AI framework compromise" supply chain attack.

Affected versions:

0.1.3
View campaign page

@mastra/browser-viewer

Playwright-based browser viewer for Mastra CLI providers

unpublished
Source
npmnpm
Version
0.1.3
Version published
Weekly downloads
1.1K
-48.24%
Maintainers
1
Weekly downloads
 
Created
Source

@mastra/browser-viewer

Playwright-based browser viewer for Mastra workspaces with CLI provider support.

Overview

@mastra/browser-viewer provides BrowserViewer, which launches Chrome via Playwright and exposes the CDP URL for CLI tools (agent-browser, browser-use, or browse) to connect. This gives you:

  • Full screencast support: Direct page-level CDP sessions
  • Input injection: Mouse and keyboard events work correctly
  • Browser lifecycle control: Browser starts/stops with the server
  • CLI flexibility: Agent uses skills + workspace commands to drive any CLI

Installation

npm install @mastra/browser-viewer

Usage

Basic Setup

import { BrowserViewer } from '@mastra/browser-viewer';

const viewer = new BrowserViewer({
  cli: 'agent-browser', // Which CLI the agent will use
  headless: false, // Show browser window
});

// Launch browser
await viewer.launch();

// Get CDP URL for CLIs to connect
const cdpUrl = await viewer.getCdpUrl();
console.log(cdpUrl); // ws://127.0.0.1:9222/devtools/browser/...

Connect to Existing Browser

import { BrowserViewer } from '@mastra/browser-viewer';

const viewer = new BrowserViewer({
  cli: 'agent-browser',
  cdpUrl: 'ws://127.0.0.1:9222/devtools/browser/abc123',
});

With Workspace

The CDP URL is automatically injected into CLI commands when used with workspace tools.

import { Workspace, LocalSandbox } from '@mastra/core';
import { BrowserViewer } from '@mastra/browser-viewer';

const workspace = new Workspace({
  sandbox: new LocalSandbox({ cwd: './workspace' }),
  browser: new BrowserViewer({
    cli: 'agent-browser',
    headless: false,
  }),
});

// When agent runs: agent-browser open https://google.com
// Mastra auto-injects the CDP connection so CLI uses Mastra's browser

Configuration

OptionTypeDefaultDescription
cli'agent-browser' | 'browser-use' | 'browse' | 'browse-cli'RequiredWhich CLI the agent uses
cdpUrlstring-Connect to existing browser instead of launching
headlessbooleantrueRun browser in headless mode
cdpPortnumber0 (auto)Port for Chrome remote debugging
viewport{ width, height }1280x720Browser viewport size
executablePathstring-Path to Chrome executable

How It Works

  • BrowserViewer launches Chrome via Playwright with --remote-debugging-port
  • Agent calls CLI commands via workspace_execute_command
  • CDP URL is auto-injected so CLI connects to Mastra-managed Chrome
  • Screencast streams directly from page-level CDP sessions
  • Browser closes when server exits

Supported CLIs

  • agent-browser: Vercel's browser automation CLI (--cdp <port>)
  • browser-use: Python-based browser automation (--cdp-url <url>)
  • browse: Browserbase's CLI (--ws <url>)

License

Apache-2.0

FAQs

Package last updated on 17 Jun 2026

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

Introducing Repository Access Permissions and Custom Roles

Product

Introducing Repository Access Permissions and Custom Roles

Socket now supports Custom Roles and Repository Access Permissions so organizations can control who can access specific repositories and actions.

By Joe Werle  -  Jun 19, 2026