npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

h17-webpilot

v0.4.7

Published

Browser control framework for agents via Chrome extension + WebSocket

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

hpalma17hpalma17

Keywords

browserautomationagentllmmcpwebsocketchrome-extensionbrowser-controlbrowser-automationweb-automation

Readme

Webpilot

npm Socket Badge License Node Publish

Webpilot is a browser tool.

It launches a real Chromium-based browser with a local extension runtime, exposes a WebSocket protocol, and lets a user, script, or LLM drive that browser through the same command surface.

The primary interface is the live DOM — not screenshots. discover, html, and q give you real page structure, real selectors, and real handles. Screenshots exist as a fallback for when layout or visual rendering is the actual question. For everything else, read the DOM.

What Webpilot does:

  • starts and controls a real browser — no CDP, no detectable debugging port
  • exposes the live DOM directly: navigation, element discovery, querying, interaction, cookies
  • provides configurable cursor, click, typing, and scroll behavior
  • works from the CLI, raw WebSocket, Node, or an MCP adapter

What Webpilot does not do:

  • decide what to do next
  • ship a tuned human profile
  • ship site strategy, retries, or route doctrine

The user or LLM decides the workflow. Webpilot provides the browser runtime and commands.

Install

npm install -g h17-webpilot

Quick Start

1. Start

webpilot start

If no config exists, the first run will detect installed browsers, ask you to choose one, and generate ~/h17-webpilot/config.js.

Use webpilot start -d for an append-only session log (~/h17-webpilot/webpilot.log by default).

2. Use the tool

webpilot -c 'go example.com'
webpilot -c 'discover'
webpilot -c 'click h1'
webpilot -c 'wait h1'
webpilot -c 'html'
webpilot -c 'cookies load ./cookies.json'

Use the same loop every time:

  1. inspect
  2. act
  3. verify

CLI

webpilot                        # interactive REPL
webpilot -c 'go example.com'   # single command
webpilot start                  # launch browser + WS server
webpilot start -d               # launch with session logging
webpilot stop                   # stop running server

Core commands:

  • go <url>: navigate
  • discover: list interactive elements with handles
  • q <selector> / query <selector>: query elements
  • wait <selector>: wait for a selector
  • click <selector|handleId>: safe click
  • type [selector] <text>: type with the configured public profile
  • clear <selector>: clear an input
  • key <name> / press <name>: send a key
  • sd [px] [selector] / su [px] [selector]: scroll
  • html: read page HTML
  • ss: save a screenshot — use when layout or visual rendering is the question, not DOM structure
  • cookies: dump cookies
  • cookies load <file>: load cookies from a JSON array file
  • frames: list frames

Raw mode stays available:

webpilot -c 'human.click {"selector": "button[type=submit]"}'
webpilot -c '{"action": "dom.getHTML", "params": {}}'

WebSocket Protocol

Connect to ws://localhost:7331 and send JSON:

{ "id": "1", "action": "tabs.navigate", "params": { "url": "https://example.com" } }

Capability groups:

  • tabs
  • dom
  • human
  • cookies
  • events
  • framework

Full reference: protocol/PROTOCOL.md

Node API

The Node API is a wrapper over the same WebSocket protocol.

const { startWithPage } = require('h17-webpilot');

const { page } = await startWithPage();
await page.navigate('https://example.com');
await page.query('h1');
await page.click('h1');
await page.waitFor('body');

Useful methods:

  • navigate(url) / legacy goto(url)
  • query(selector) / legacy $(selector)
  • queryAll(selector) / legacy $$(selector)
  • waitFor(selector) / legacy waitForSelector(selector)
  • read() / legacy content()
  • click(...) / legacy humanClick(...)
  • type(...) / legacy humanType(...)
  • scroll(...) / legacy humanScroll(...)
  • clearInput(...) / legacy humanClearInput(...)
  • pressKey(key)
  • configure(config) / legacy setConfig(config)

Config

Config is loaded from ~/h17-webpilot/config.js (or config.json). Override with --config <path>.

Public config is split into:

  • framework: runtime behavior, debug toggles, handle retention
  • human: cursor, click, typing, scroll, and avoid rules

The public package exposes a lot of knobs on purpose. The user decides how much to tune. The package does not ship a strong profile.

Example:

module.exports = {
  framework: {
    debug: {
      cursor: true,
      sessionLogPath: '~/h17-webpilot/webpilot.log',
    },
  },
  human: {
    calibrated: false,
    profileName: 'public-default',
    cursor: {
      spreadRatio: 0.16,
      jitterRatio: 0,
      stutterChance: 0,
      driftThresholdPx: 0,
      overshootRatio: 0,
    },
    click: {
      thinkDelayMin: 35,
      thinkDelayMax: 90,
      maxShiftPx: 50,
    },
    type: {
      baseDelayMin: 8,
      baseDelayMax: 20,
      variance: 4,
      pauseChance: 0,
      pauseMin: 0,
      pauseMax: 0,
    },
  },
};

Auth/session bootstrap example:

module.exports = {
  browser: "/Applications/Chromium.app/Contents/MacOS/Chromium",
  boot: {
    cookiesPath: "./cookies.json",
    commands: [
      "go https://hugopalma.work",
      "cookies load ./cookies.json",
      { action: "framework.getConfig", params: {} }
    ],
  },
};

boot.cookiesPath loads a cookie jar before commands run. boot.commands accepts:

  • command strings like the CLI shorthands
  • cookies load <file> entries
  • raw objects: { action, params, tabId? }

These defaults do not represent a human profile:

  • typing is very fast
  • overshoot is off
  • jitter is off
  • drift is off

They are there to show what is configurable. The package does not ship your final values.

Tested Browsers

Tested browsers:

  • Chromium
  • Helium
  • Google Chrome

Limits

  • Defaults are for demonstration and development, not for behavior parity.
  • The browser tool does not decide workflows.
  • The user or LLM still has to choose selectors, waits, retries, and verification steps.
  • dom.evaluate may hit CSP restrictions on some sites. DOM reading and interaction still work through the isolated content-script path.

Skill Usage

SKILL.md explains how an LLM should use Webpilot as a browser tool.

License

Apache 2.0