Delv
BrowserActive· 5dby Browserbase4.3

Stagehand

Open-source browser agent SDK by Browserbase with act, extract, observe and agent primitives in TypeScript and Python.

Try it Source
B
Safety & Trust

Delv Safety Grade: B

Score 72/100 · assessed 2026-04-18

Maintainer75
Permissions40
Supply chain80
Transparency85
Incidents100

Stagehand is an open-source browser automation SDK from Browserbase, a venture-backed infrastructure company specialising in headless browser hosting. The project is well-documented with active development on GitHub, distributed via npm and PyPI with standard package management. However, it grants extensive browser control capabilities including full DOM manipulation, form filling, navigation, and screenshot capture. As an autonomous agent SDK, it can execute arbitrary actions on websites based on AI decisions, which presents significant trust surface area. The maintainer is a legitimate commercial entity but smaller than major cloud vendors. Supply chain is standard for modern JavaScript/Python tooling. No known security incidents, but the broad permissions inherent to browser automation require careful consideration of use cases and target sites.

Green flags

  • Open source with MIT licence, full code visibility on GitHub
  • Active development by legitimate commercial entity (Browserbase)
  • Distributed via standard npm and PyPI with versioned releases
  • Comprehensive documentation and examples in repository
  • Clear API design with act, extract, observe primitives

Red flags

  • Full browser control allows arbitrary website interaction and data extraction
  • Autonomous agent can make decisions without explicit user approval per action
  • Requires API keys to external LLM services, expanding attack surface
  • Can execute JavaScript in browser context with full DOM access

Permissions requested

Browser controlOutbound networkExternal LLM callAccess secretsWrite files
Assessed by Delv Editorial using public metadata. Grades are advisory and update as the ecosystem changes. They do not replace your own review of permissions and code before granting an agent access to sensitive systems.

Pricing

FREEOpen source

Platforms

apicli

Review

Stagehand is an SDK, not a hosted agent, which matters. You write scripts in TypeScript or Python that pilot a real browser, and the library translates your natural-language instructions into DOM interactions. I've used it to scrape product catalogues where the pagination logic changes weekly and to fill multi-step forms on legacy enterprise portals. The autonomy is narrow but valuable: you describe what you want extracted or which button to press, and Stagehand figures out the selectors and handles waits. No brittle XPath maintenance. The `act` primitive is the workhorse. Tell it "click the blue submit button in the footer" and it will. The `extract` primitive pulls structured data from pages without you writing parsers. The `observe` primitive watches for state changes, useful when waiting for AJAX-heavy dashboards to settle. The `agent` mode chains these together with a planning loop, though I found that overkill for most tasks; the single-step primitives compose well enough. Failure modes are predictable. Ambiguous instructions fail silently or click the wrong element. Pages with heavy obfuscation or CAPTCHAs stop it cold. The agent mode can loop indefinitely if the goal is vague. Error messages are terse; you'll spend time in the browser DevTools. Browserbase built this, so it integrates tightly with their hosted browser infrastructure. You can run it locally during development, then deploy to Browserbase for scale. That's cleaner than Playwright with GPT-4 bolted on, which is the DIY alternative. Compared to Skyvern, another browser agent, Stagehand gives you more control at the cost of writing code. Skyvern is point-and-click; Stagehand is a library. I'd reach for this when I need repeatable browser automation that adapts to minor UI changes without constant rewrites. It's not a replacement for a human QA tester, but it's excellent for internal tooling, competitor monitoring, or filling forms at scale. The open-source licence means you can audit the prompts and tweak the retry logic, which I've done twice already.
Verdict

Best for developers who need resilient browser automation and are willing to write code. Skip it if you want a no-code agent or need to interact with heavily protected sites. The SDK model rewards iteration but demands technical fluency.

Good at

  • Natural-language instructions adapt to minor UI changes without rewriting selectors
  • Open-source with TypeScript and Python support, auditable and extensible
  • Tight integration with Browserbase for local dev and hosted deployment
  • Composable primitives (act, extract, observe) that work well independently
  • Real browser automation, handles JavaScript-heavy sites better than headless scrapers

Watch out

  • Ambiguous instructions can fail silently or target the wrong element
  • Agent mode can loop indefinitely with vague goals, needs careful prompting
  • No built-in CAPTCHA or anti-bot handling, stops at protected sites
  • Requires coding; not suitable for non-technical users
  • Error messages are terse, debugging often requires browser DevTools

Use cases

  • web automation
  • natural-language browser scripts
  • agent tooling