Skip to content

Add BrowseCLI in a Daytona sandbox example (Verified Browserbase browser over CDP)#5128

Draft
shrey150 wants to merge 1 commit into
daytonaio:mainfrom
shrey150:browsecli-in-daytona
Draft

Add BrowseCLI in a Daytona sandbox example (Verified Browserbase browser over CDP)#5128
shrey150 wants to merge 1 commit into
daytonaio:mainfrom
shrey150:browsecli-in-daytona

Conversation

@shrey150

@shrey150 shrey150 commented Jun 25, 2026

Copy link
Copy Markdown

What

Adds examples/python/browsecli-in-daytona/ — a Python example that runs your
agent loop inside a Daytona Sandbox and connects out over CDP to a Verified
Browserbase browser
(residential IP, anti-bot fingerprint hardening, automatic
CAPTCHA solving). That hardened browser is the layer a sandbox lacks: a sandbox's
in-sandbox Chromium is immature and browses from a datacenter IP that
Cloudflare / Akamai / DataDome block on sight.

The example keeps the browser out of the sandbox — the sandbox runs the
browse CLI
and drives a remote Browserbase session. This mirrors the
OpenAI × Daytona computer-use cookbook
pattern, but uses Browserbase as the anti-bot / CAPTCHA browser layer rather than
the sandbox's local desktop browser.

┌──────────────────────────┐      CDP over wss       ┌──────────────────────────┐
│  Daytona Sandbox          │  ───────────────────────▶ │  Browserbase Verified    │
│  node + `browse` CLI      │                            │  browser (residential IP,│
│  your agent loop          │ ◀──────────────────────────│  stealth, CAPTCHA solve)  │
└──────────────────────────┘      page data / refs     └──────────────────────────┘

Files

examples/python/browsecli-in-daytona/:

  • main.py — builds the sandbox image declaratively (Image.debian_slim + Node 20 + the browse CLI; no Chrome installed), creates the Sandbox, uploads + runs the demo, tears down. Browserbase creds are injected per-exec, never baked into the image.
  • browsecli-demo.sh — creates a Verified Browserbase session (--proxies --verified --solve-captchas), opens a Cloudflare-protected page over CDP, and asserts it reached real content instead of a challenge wall.
  • requirements.txt, .env.example, README.md.

Prerequisites (called out in the README)

  • Browserbase Scale plan: Verified browsers (residential IP + automatic CAPTCHA solving) require a Browserbase Scale plan — https://www.browserbase.com/pricing.
  • Daytona egress: reaching Browserbase requires either a Tier 3/4 org (full egress) or the merged Browserbase domain-allowlist entry (daytonaio/sandbox-network-whitelist#117, merged) deployed to Daytona's Envoy proxies. The IP-level networkAllowList does not bypass the SNI/domain filter.

The Daytona SDK build/exec flow in this example is verified on real Daytona
infrastructure
; egress is the only gate.

Note

Opening this as a draft — the egress allowlist (#117) is merged but the
rollout to Daytona's proxies gates the full end-to-end run on lower tiers. Happy
to adjust placement/conventions per maintainer preference.


Summary by cubic

Adds examples/python/browsecli-in-daytona/: a Python example that runs an agent in a Daytona Sandbox and drives a Verified Browserbase browser over CDP via the browse CLI. Enables reliable browsing of protected sites from the sandbox without installing Chrome, using residential IP, anti-bot hardening, and auto CAPTCHA solving.

  • New Features

    • Declarative Daytona image with Node 20 and global browse; no Chrome in-sandbox.
    • Demo script creates a Verified Browserbase session (--proxies --verified --solve-captchas), opens a Cloudflare-protected page over CDP, and checks for real content.
    • Credentials injected at exec (BROWSERBASE_API_KEY), then sandbox teardown.
    • Includes README.md, .env.example, and requirements.txt (daytona>=0.187.0).
  • Migration

    • Browserbase Scale plan required for Verified; otherwise drop --verified.
    • Daytona egress must allow Browserbase domains: Tier 3/4 org or the deployed domain-allowlist entry from daytonaio/sandbox-network-whitelist#117.

Written for commit e6d4410. Summary will update on new commits.

Review in cubic

…ser over CDP)

Runs the agent loop in a Daytona Sandbox and connects out over CDP to a
Verified Browserbase browser (residential IP, anti-bot, CAPTCHA solving) —
the hardened browser layer a sandbox lacks. Mirrors the OpenAI x Daytona
computer-use cookbook pattern.

Reaching Browserbase needs Tier 3/4 egress OR the merged domain-allowlist
(daytonaio/sandbox-network-whitelist#117) deployed to Daytona's proxies.

Signed-off-by: Shrey Pandya <shrey@browserbase.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant