BrowserAct published a monorepo containing two agent skills under an MIT license at github.com/browser-act/skills1. The first, browser-act, is a stealth browser runtime; the second, browser-act-skill-forge, is a meta-skill that generates reusable agent packages from arbitrary websites. The repository has no formal releases or version tags, according to its releases page2, but the code is installable via npx across Claude Code, Cursor, VS Code, and several other AI coding assistants. The timing aligns with a burst of Claude Skills marketing content on BrowserAct’s blog3 between May 15 and May 18, 2026, suggesting the open-source drop doubles as a funnel for its credit-based commercial SaaS.
What browser-act claims to do
The stealth runtime targets commodity bot detection stacks including Cloudflare, reCAPTCHA, and Datadome, according to the project’s README1. It runs real Chrome with parallel execution and isolates fingerprints, proxies, and sessions per task. A built-in captcha solver and an HTML stripping step are also included; the README claims the stripping removes 90% of junk markup.1
Auto-generating skills from live sites
browser-act-skill-forge is described as a meta-skill that explores a website once and emits a deployable Skill package containing a SKILL.md file and Python scripts. The documented workflow is a five-step loop: Describe, Explore, Generate, Auto-test, Deploy. In the Auto-test step, a sub-agent runs the generated skill, verifies the output, and attempts to self-fix failures. The repository1 includes pre-built solutions for Amazon ASIN lookup, Google News, Google Maps, and YouTube transcripts.
Installation and ecosystem fit
The skills install through an npx command and the README1 lists support for Claude Code, Cursor, VS Code, OpenCode, OpenClaw, Codex, and Gemini CLI. This positions the project within the emerging Model Context Protocol and AI-agent tooling ecosystem, where reusable skills are becoming a standard unit of distribution.
The SaaS business behind the repo
BrowserAct operates a credits-based SaaS priced from a free tier with 100 daily credits up to an Advanced tier at $96 per month4 for 100,000 credits, with a 7-day free trial on paid plans. The pricing page explicitly advertises LinkedIn profile and comment scrapers alongside the open-source skills.
Against Playwright, Puppeteer, and Browser Use
Stealth browser automation is not new. Playwright, Puppeteer, and the newer Browser Use project already occupy this space, and anti-detection wrappers have been available for years. BrowserAct differentiates by targeting AI agent workflows specifically and bundling anti-detection as a first-class feature rather than an add-on. The Skill Forge concept, auto-generating reusable skill packages, is less common, though its utility depends on whether the generated scripts survive site changes.
The open-source repository itself is early-stage by conventional metrics: 1,200 stars, 30 forks, zero open issues, and only two pull requests, with no semantic versioning or published releases.1 That profile could indicate either a mature but quiet codebase or low community engagement.
The anti-detection and CAPTCHA-bypass capabilities carry legal and ethical weight. BrowserAct’s pricing page4 advertises LinkedIn scrapers, and automated collection from sites that deploy bot mitigation may violate terms of service or regional regulations. That concern applies to any stealth browser stack, but including it in the default feature set makes the compliance question explicit.
Frequently Asked Questions
What does a team pay if the free open-source runtime isn’t enough and they need the managed SaaS?
Between the free tier (100 daily credits) and the Advanced tier ($96/month for 100k credits), BrowserAct offers a Basic plan at $13/month for 10,000 credits and an Essential plan at $56/month for 50,000 credits, all with a 7-day trial. Sustained agent workflows that trigger captcha solving or parallel sessions will likely exhaust the free tier quickly, pushing teams toward at least the Basic tier.
How does browser-act’s anti-detection differ from puppeteer-extra-plugin-stealth?
puppeteer-extra-plugin-stealth is a patch-layer that injects evasion scripts into an existing Puppeteer session, while browser-act bundles anti-detection as a first-class runtime with per-task proxy and fingerprint isolation out of the box. The tradeoff is maturity: puppeteer-extra runs on a community-tested codebase with years of field use, whereas browser-act’s efficacy claims remain vendor-only with no independent audits.
What’s the practical risk of depending on a repo with zero releases and zero tags?
Without semantic versioning or published releases, any commit to main could introduce breaking changes—new anti-detection rules, altered skill templates, or shifted CLI arguments—with no changelog to trace. Teams pinning via npx have no stable anchor point, and regressions would be difficult to isolate or roll back without manually vendoring the code.
What happens to Skill Forge outputs when a target site changes its layout?
Skill Forge generates static SKILL.md and Python files from a single exploration pass, with no re-exploration trigger or versioning of generated packages. If the target site updates its DOM or adds new bot detection, the generated scripts break silently—the auto-test loop only validates at generation time, so ongoing maintenance falls entirely on the user.