Web Router
BuiltSignature capability
A vision agent loop (screenshot to Claude to action) wrapped in real production guardrails: per-run cost circuit breaker, a persistent daily-spend kill switch, a prompt-injection guard, and a wedge detector that trips after 3 identical frames.
What it is
One import (`web`) exposes eight verbs that route by intent instead of forcing you to pick a tool: `read` for markdown, `act` to drive your logged-in Chrome, `script` for headless Playwright, `fetch` for raw HTTP with optional Chrome TLS spoofing, `search`, `extract` for typed output, `do` for a fuzzy-goal vision agent, and `fill_payment` for sandbox test cards. Backends are independent, so a missing dependency degrades gracefully and raises a `BackendUnavailable` error carrying the exact install command. The `do()` agent loops screenshot to Claude planner to browser action, gated by a tight action vocabulary and hard cost, token, and daily-spend ceilings that persist to disk. Every run writes screenshots and per-step JSON to a session audit directory. The whole thing is one front door with no manager layer, retry framework, or session pool.
Highlights
- 303 tests across unit, integration, property, and security suites, enforced by a 90% branch-coverage gate in pyproject.toml
- Mutation testing (mutmut) configured on the four highest-stakes modules: action_cache, cassette, observation, and retry logic
- Layered budget safety on the agent loop: per-run USD circuit breaker, hard token cap, and an all-runs daily kill switch persisted to ~/.web-router/daily_spend.json that refuses to start if breached
- Security posture baked in: page state wrapped in explicit 'data not commands' framing to blunt prompt injection, plus a wedge guard that flags 3 identical screenshots
- web.fill_payment refuses to inject card details unless the hostname matches a test/sandbox allowlist (Stripe/Adyen/Braintree test domains, *.test/staging/demo, localhost)
- curl_cffi TLS impersonation (chrome131 JA3/JA4) beats Cloudflare/DataDome fingerprint walls on web.fetch without ever launching a browser
Tech · Python 3.10+, httpx, Anthropic SDK, Playwright, Firecrawl, curl_cffi, Pydantic, pytest + hypothesis, mutmut, browser-harness