@growthub/cli 0.14.1 → 0.14.2

package/assets/worker-kits/growthub-custom-workspace-starter-v1/apps/workspace/lib/adapters/sandboxes/default-local-agent-host.js

@@ -36,27 +36,95 @@ import { registerSandboxAdapter } from "./sandbox-adapter-registry.js";
 const MAX_OUTPUT_BYTES = 1024 * 256;
 const TELEMETRY_MARKER = "GROWTHUB_AGENT_TELEMETRY:";
 
+/**
+ * Browser access — the product's OWN agent browser primitive, surfaced.
+ *
+ * The upstream Paperclip server already gives every agent browser access
+ * through one boolean: the agent config's `chrome` primitive (see
+ * `ui/src/components/agent-config-primitives.tsx` — "Enable Claude's Chrome
+ * integration by passing --chrome") gated by the chrome-lease service in
+ * `server/src/services/chrome-lease.ts` before `adapter.execute()`. The
+ * sandbox row's `browserAccess` is the SAME bit on the governed Data Model
+ * side, so a row stays portable to the upstream adapter registry without
+ * translation — exactly like the host slugs themselves.
+ *
+ * When `browserAccess` is on, each host engages its FIRST-PARTY browser
+ * integration — nothing is invented or injected by this adapter:
+ *
+ *   native-flag   the host CLI has a first-party browser flag and
+ *                 argv(request) appends it (Claude Code `--chrome`,
+ *                 Codex `--enable browser_use --enable in_app_browser`).
+ *   env-signal    the host CLI has no documented one-shot browser flag; it
+ *                 receives GROWTHUB_SANDBOX_BROWSER_ACCESS=1 (mirroring the
+ *                 upstream browser-isolation context) and its own browser
+ *                 integration — whatever the operator has configured in that
+ *                 host — honors the row's setting. We never fabricate a flag
+ *                 or write host config we cannot verify against the upstream
+ *                 tool, the same rule the auth catalog follows for login
+ *                 subcommands.
+ *
+ * In the orchestration graph this is what makes browser access node-level
+ * and host-agnostic: thinAdapter / ai-agent nodes execute through this same
+ * catalog, so every node inherits the row's browser grant regardless of
+ * which host runs it.
+ */
+
 /**
  * Canonical Paperclip host catalog — slugs mirror `AGENT_ADAPTER_TYPES`.
  *
  * Each entry declares the binary the operator must have on PATH and how to
- * invoke it for one-shot prompt execution. `argv` returns the argv array the
- * adapter should pass; `inputMode` chooses whether the user's command is sent
- * via stdin or as a positional argument. `installHint` is surfaced verbatim
- * when the binary is not found, so operators get an actionable error.
+ * invoke it for one-shot prompt execution. `argv(request)` receives the sealed
+ * RunRequest and returns the argv array the adapter should pass — hosts with
+ * native capability flags (network sandbox mode, browser access) derive them
+ * deterministically from the governed row's saved settings. `inputMode`
+ * chooses whether the user's command is sent via stdin or as a positional
+ * argument. `installHint` is surfaced verbatim when the binary is not found,
+ * so operators get an actionable error. `browser` declares how the host's
+ * first-party browser integration is engaged (see above).
  */
 const HOST_CATALOG = {
   claude_local: {
     label: "Claude Code (local)",
     binary: "claude",
-    argv: () => ["-p", "--output-format", "text"],
+    argv: (request = {}) => {
+      const args = ["-p", "--output-format", "text"];
+      if (request.browserAccess) {
+        // Claude Code's first-party Chrome integration — the same flag the
+        // upstream server adapter passes when the agent config's `chrome`
+        // primitive is on.
+        args.push("--chrome");
+      }
+      return args;
+    },
+    browser: { lane: "native-flag", flags: ["--chrome"] },
     inputMode: "stdin",
     installHint: "Install Claude Code: npm i -g @anthropic-ai/claude-code"
   },
   codex_local: {
     label: "Codex CLI (local)",
     binary: "codex",
-    argv: () => ["exec", "--skip-git-repo-check", "--sandbox", "read-only", "-"],
+    argv: (request = {}) => {
+      // INTENTIONAL: networkAllow alone selects `workspace-write`. Codex's
+      // `read-only` sandbox blocks ALL outbound network, so workspace-write is
+      // the least-privileged Codex mode where the row's network grant can take
+      // effect — and writes are confined to the sealed ephemeral workdir the
+      // adapter spawns into (cwd), never the operator's repo. Browser flags
+      // remain gated on browserAccess only; network alone never opens a browser.
+      const netOn = Boolean(request.networkAllow);
+      const browserOn = Boolean(request.browserAccess);
+      const args = [
+        "exec",
+        "--skip-git-repo-check",
+        "--sandbox",
+        netOn ? "workspace-write" : "read-only",
+      ];
+      if (browserOn) {
+        args.push("--enable", "browser_use", "--enable", "in_app_browser");
+      }
+      args.push("-");
+      return args;
+    },
+    browser: { lane: "native-flag", flags: ["--enable", "browser_use", "--enable", "in_app_browser"] },
     inputMode: "stdin",
     installHint: "Install Codex CLI: npm i -g @openai/codex"
   },
@@ -64,6 +132,7 @@ const HOST_CATALOG = {
     label: "Cursor Agent (local)",
     binary: "cursor-agent",
     argv: () => ["--print"],
+    browser: { lane: "env-signal" },
     inputMode: "stdin",
     installHint: "Install Cursor Agent CLI: curl https://cursor.com/install -fsS | bash"
   },
@@ -71,6 +140,7 @@ const HOST_CATALOG = {
     label: "Gemini CLI (local)",
     binary: "gemini",
     argv: () => ["-p", "-"],
+    browser: { lane: "env-signal" },
     inputMode: "stdin",
     installHint: "Install Gemini CLI: npm i -g @google/gemini-cli"
   },
@@ -78,6 +148,7 @@ const HOST_CATALOG = {
     label: "OpenCode (local)",
     binary: "opencode",
     argv: () => ["run", "--quiet"],
+    browser: { lane: "env-signal" },
     inputMode: "stdin",
     installHint: "Install OpenCode: npm i -g opencode-ai"
   },
@@ -85,6 +156,7 @@ const HOST_CATALOG = {
     label: "Pi (local)",
     binary: "pi",
     argv: () => ["run", "--stdin"],
+    browser: { lane: "env-signal" },
     inputMode: "stdin",
     installHint: "Install Pi CLI: refer to your Paperclip Pi distribution"
   },
@@ -92,6 +164,7 @@ const HOST_CATALOG = {
     label: "Qwen Code (local)",
     binary: "qwen",
     argv: () => ["-p"],
+    browser: { lane: "env-signal" },
     inputMode: "stdin",
     installHint: "Install Qwen Code CLI: refer to your Qwen distribution"
   },
@@ -99,6 +172,7 @@ const HOST_CATALOG = {
     label: "Hermes Paperclip (local)",
     binary: "hermes",
     argv: () => ["run", "--stdin"],
+    browser: { lane: "env-signal" },
     inputMode: "stdin",
     installHint: "Install Hermes Paperclip adapter: npm i -g hermes-paperclip-adapter"
   },
@@ -106,6 +180,7 @@ const HOST_CATALOG = {
     label: "OpenClaw Gateway (local)",
     binary: "openclaw",
     argv: () => ["gateway", "exec", "--stdin"],
+    browser: { lane: "env-signal" },
     inputMode: "stdin",
     installHint: "Install OpenClaw Gateway: refer to your Paperclip distribution"
   }
@@ -292,12 +367,13 @@ async function run(request) {
     GROWTHUB_SANDBOX_AGENT_HOST: hostSlug,
     GROWTHUB_SANDBOX_NET_ALLOW: request.networkAllow ? "1" : "0",
     GROWTHUB_SANDBOX_NET_ALLOWLIST: Array.isArray(request.allowList) ? request.allowList.join(",") : "",
+    GROWTHUB_SANDBOX_BROWSER_ACCESS: request.browserAccess ? "1" : "0",
     ...(request.env || {})
   };
 
   const timeoutMs = Number.isFinite(request.timeoutMs) && request.timeoutMs > 0 ? request.timeoutMs : 60000;
   const startedAt = Date.now();
-  const argv = host.argv(command);
+  const argv = host.argv(request);
 
   return await new Promise((resolve) => {
     let stdout = Buffer.alloc(0);
@@ -385,6 +461,8 @@ async function run(request) {
           binary: host.binary,
           argv,
           inputMode: host.inputMode,
+          browserAccess: Boolean(request.browserAccess),
+          browserLane: request.browserAccess ? host.browser.lane : null,
           timedOut,
           signal: signal || null,
           tokens: telemetry.tokens,

package/assets/worker-kits/growthub-custom-workspace-starter-v1/apps/workspace/lib/adapters/sandboxes/default-local-process.js

@@ -108,6 +108,7 @@ async function run(request) {
     GROWTHUB_SANDBOX_RUN_ID: request.runId || "",
     GROWTHUB_SANDBOX_NET_ALLOW: request.networkAllow ? "1" : "0",
     GROWTHUB_SANDBOX_NET_ALLOWLIST: Array.isArray(request.allowList) ? request.allowList.join(",") : "",
+    GROWTHUB_SANDBOX_BROWSER_ACCESS: request.browserAccess ? "1" : "0",
     ...(request.env || {})
   };
 
@@ -177,7 +178,8 @@ async function run(request) {
           timedOut,
           signal: signal || null,
           networkAllow: Boolean(request.networkAllow),
-          allowList: Array.isArray(request.allowList) ? request.allowList : []
+          allowList: Array.isArray(request.allowList) ? request.allowList : [],
+          browserAccess: Boolean(request.browserAccess)
         }
       });
     });

package/assets/worker-kits/growthub-custom-workspace-starter-v1/apps/workspace/lib/adapters/sandboxes/index.js

@@ -10,6 +10,7 @@
 import "./default-local-process.js";
 import "./default-local-agent-host.js";
 import "./default-local-intelligence.js";
+import "./adapters/local-intelligence-browser-access.js";
 import { loadAllSandboxAdapters } from "./adapter-loader.js";
 
 let baseLoaded = true; // default-local-process registered via static import

package/assets/worker-kits/growthub-custom-workspace-starter-v1/apps/workspace/lib/adapters/sandboxes/sandbox-adapter-registry.js

@@ -27,6 +27,9 @@
  *     timeoutMs:       number,            // hard cap, capped at SANDBOX_MAX_TIMEOUT_MS
  *     networkAllow:    boolean,           // allow outbound network from inside the sandbox
  *     allowList:       string[],          // hostnames the user explicitly allowed
+ *     browserAccess:   boolean,           // row-level browser capability (implies networkAllow);
+ *                                         // adapters surface it natively where the target supports
+ *                                         // it and always publish GROWTHUB_SANDBOX_BROWSER_ACCESS
  *     env:             Record<string,string>, // server-resolved env (NEVER sent to browser)
  *     envRefSlugs:     string[],          // ref slugs resolved (kept for record metadata)
  *     envRefsMissing:  string[],          // slugs the server could not resolve (audit-only)
@@ -99,7 +102,8 @@ function describeRegisteredSandboxAdapters() {
           slug,
           label: host?.label || slug,
           binary: host?.binary || null,
-          installHint: host?.installHint || null
+          installHint: host?.installHint || null,
+          browserLane: host?.browser?.lane || "env-signal"
         }))
       : null
   }));

package/assets/worker-kits/growthub-custom-workspace-starter-v1/apps/workspace/lib/data-model/field-contracts.js

@@ -11,6 +11,7 @@ const SANDBOX_ENVIRONMENT_FIELDS = {
     options: ["local", "serverless"]
   },
   networkAllow: { editor: "boolean-toggle" },
+  browserAccess: { editor: "boolean-toggle" },
   lifecycleStatus: {
     editor: "select",
     options: ["draft", "live"]

package/assets/worker-kits/growthub-custom-workspace-starter-v1/apps/workspace/lib/orchestration-agent-swarm.js

@@ -288,6 +288,7 @@ async function runThroughAdapter({
   timeoutMs,
   networkAllow,
   allowList,
+  browserAccess,
   env,
   envRefSlugs,
   envRefsMissing,
@@ -331,6 +332,7 @@ async function runThroughAdapter({
       timeoutMs,
       networkAllow,
       allowList,
+      browserAccess: browserAccess === true,
       env,
       envRefSlugs,
       envRefsMissing,
@@ -400,6 +402,7 @@ async function runOrchestratorPhase({ orchestratorNode, subagents, inputPayload,
     timeoutMs: clampPositiveInt(orchestratorNode?.config?.timeoutMs, DEFAULT_ORCHESTRATOR_TIMEOUT_MS),
     networkAllow: executionContext.networkAllow === true,
     allowList: executionContext.allowList || [],
+    browserAccess: executionContext.browserAccess === true,
     env,
     envRefSlugs: executionContext.envRefSlugs || [],
     envRefsMissing: executionContext.envRefsMissing || [],
@@ -488,6 +491,9 @@ async function dispatchSubagentTask({
     command,
     timeoutMs: clampPositiveInt(subagentConfig.timeoutMs, executionContext.timeoutMs || DEFAULT_SUBAGENT_TIMEOUT_MS),
     networkAllow: subagentConfig.networkAccess === true && executionContext.networkAllow === true,
+    // Browser is a superset of network: a subagent only inherits the row's
+    // browser access through the same node-level network gate.
+    browserAccess: subagentConfig.networkAccess === true && executionContext.browserAccess === true,
     allowList: executionContext.allowList || [],
     env,
     envRefSlugs: executionContext.envRefSlugs || [],
@@ -568,6 +574,7 @@ async function runSynthesisPhase({ synthesisNode, swarmConfig, tasks, inputPaylo
     timeoutMs: clampPositiveInt(cfg.timeoutMs, DEFAULT_SYNTHESIS_TIMEOUT_MS),
     networkAllow: executionContext.networkAllow === true,
     allowList: executionContext.allowList || [],
+    browserAccess: executionContext.browserAccess === true,
     env,
     envRefSlugs: executionContext.envRefSlugs || [],
     envRefsMissing: executionContext.envRefsMissing || [],
@@ -822,6 +829,7 @@ async function runAgentSwarmGraphIfPresent({
     envRefsMissing: executionContext?.envRefsMissing || [],
     networkAllow: executionContext?.networkAllow === true,
     allowList: executionContext?.allowList || [],
+    browserAccess: executionContext?.browserAccess === true,
     timeoutMs: clampPositiveInt(timeoutMs, DEFAULT_SUBAGENT_TIMEOUT_MS),
     sandboxName: executionContext?.sandboxName || row?.Name || "swarm",
     onEvent: executionContext?.onEvent,

package/assets/worker-kits/growthub-custom-workspace-starter-v1/apps/workspace/lib/orchestration-graph-runner.js

@@ -281,6 +281,9 @@ async function runOrchestrationGraphIfPresent({ workspaceConfig, row, timeoutMs,
 
   const apiNode = extractApiRegistryCallNode(graph);
   if (!apiNode?.config) {
+    if ((Array.isArray(graph.nodes) ? graph.nodes : []).some((node) => node?.type === "ai-agent")) {
+      return null;
+    }
     return {
       ok: false,
       exitCode: 1,

package/assets/worker-kits/growthub-custom-workspace-starter-v1/apps/workspace/lib/orchestration-graph.js

@@ -157,9 +157,10 @@ function validateOrchestrationGraph(graph) {
     } else {
       const hasThinAdapter = graph.nodes.some((n) => n?.type === "thinAdapter");
       const hasApi = graph.nodes.some((n) => n?.type === "api-registry-call");
+      const hasAiAgent = graph.nodes.some((n) => n?.type === "ai-agent");
       const hasResult = graph.nodes.some((n) => n?.type === "tool-result");
-      if (!hasThinAdapter && !hasApi) errors.push("orchestrationGraph requires an api-registry-call node");
-      if (!hasThinAdapter && !hasResult) errors.push("orchestrationGraph requires a tool-result node");
+      if (!hasThinAdapter && !hasApi && !hasAiAgent) errors.push("orchestrationGraph requires an executable node");
+      if (!hasThinAdapter && !hasAiAgent && !hasResult) errors.push("orchestrationGraph requires a tool-result node");
     }
   }
   if (!Array.isArray(graph.edges)) {
@@ -712,6 +713,7 @@ function buildCanonicalNode(nodeId, registryRow = {}, options = {}) {
 function getNextCanonicalNodeId(graph) {
   const parsed = parseOrchestrationGraph(graph) || graph;
   if ((parsed?.nodes || []).some((n) => n?.type === "thinAdapter")) return null;
+  if ((parsed?.nodes || []).some((n) => n?.type === "ai-agent")) return null;
   const ids = new Set((parsed?.nodes || []).map((n) => String(n.id)));
   for (const id of CANONICAL_NODE_ORDER) {
     if (!ids.has(id)) return id;

package/assets/worker-kits/growthub-custom-workspace-starter-v1/apps/workspace/lib/orchestration-run-console.js

@@ -685,6 +685,7 @@ function normalizeRunConsoleRecord(record) {
       envRefsMissing: Array.isArray(record.envRefsMissing) ? record.envRefsMissing.slice() : [],
       networkAllow: Boolean(record.networkAllow),
       allowList: Array.isArray(record.allowList) ? record.allowList.slice() : [],
+      browserAccess: Boolean(record.browserAccess),
       adapterMeta,
       templateTrace
     },

package/assets/worker-kits/growthub-custom-workspace-starter-v1/apps/workspace/lib/sandbox-agent-auth.js

@@ -34,15 +34,14 @@
  * on-disk auth state; this module only records *readiness*, not secrets.
  *
  * The status semantics are deliberately conservative:
- *   - "active"    a real auth probe confirmed authentication (auth-status
- *                 exit 0 with auth-shaped output, or a clean login exit)
- *   - "reachable" the binary is callable (version probe exit 0) — but
- *                 authentication is NOT yet confirmed
+ *   - "active"    the selected pinned host CLI is callable and ready for the
+ *                 local agent-host bridge, or a clean login exit completed
+ *   - "reachable" legacy metadata value treated as active by the UI
  *   - "stale"    the binary printed auth-shaped failure output
  *   - "missing"  binary not found on PATH
  *
- * A `--version` probe NEVER promotes to "active". The next sandbox-run is
- * the final source of truth for session readiness.
+ * A successful host probe promotes to "active" because the sidecar represents
+ * selected local host readiness, not provider-account auth semantics.
  */
 
 import { spawn } from "node:child_process";
@@ -132,6 +131,38 @@ function assertAgentHostEligible(row, { requireLogin = false, requireLogout = fa
   return { spec, agentHost };
 }
 
+function normalizeAgentHostOverride(agentHost) {
+  const nextAgentHost = String(agentHost || "").trim();
+  if (!nextAgentHost) return "";
+  if (!getHostAuthSpec(nextAgentHost)) {
+    const error = new Error(
+      `Agent auth setup is not registered for agentHost "${nextAgentHost}"`
+    );
+    error.code = "SANDBOX_AGENT_AUTH_HOST_UNSUPPORTED";
+    throw error;
+  }
+  return nextAgentHost;
+}
+
+function applyAgentHostOverride(row, agentHost) {
+  if (!agentHost) return row;
+  return {
+    ...row,
+    runLocality: "local",
+    adapter: "local-agent-host",
+    agentHost
+  };
+}
+
+function buildAgentHostSelectionPatch(agentHost) {
+  if (!agentHost) return {};
+  return {
+    runLocality: "local",
+    adapter: "local-agent-host",
+    agentHost
+  };
+}
+
 function resolveHostBinary(row, spec) {
   const candidates = [row?.agentCommand, row?.claudeCommand];
   for (const candidate of candidates) {
@@ -205,9 +236,24 @@ function hasAny(patterns, text) {
   return patterns.some((p) => p.test(text));
 }
 
+function deriveStatusFromAuthStatusJson(text) {
+  if (!text || typeof text !== "string") return null;
+  const trimmed = text.trim();
+  if (!trimmed.startsWith("{")) return null;
+  try {
+    const parsed = JSON.parse(trimmed);
+    if (parsed && typeof parsed === "object" && typeof parsed.loggedIn === "boolean") {
+      return parsed.loggedIn ? "active" : "stale";
+    }
+  } catch {}
+  return null;
+}
+
 function deriveStatusFromAuthStatusProbe({ exitCode, stdout = "", stderr = "", spawnError }) {
   if (spawnError) return spawnError.notFound ? "missing" : null;
   const combined = `${stdout}\n${stderr}`;
+  const jsonStatus = deriveStatusFromAuthStatusJson(stdout) || deriveStatusFromAuthStatusJson(stderr);
+  if (jsonStatus) return jsonStatus;
   if (hasAny(UNKNOWN_SUBCOMMAND_PATTERNS, combined)) return null; // fall back
   if (hasAny(STALE_AUTH_PATTERNS, combined)) return "stale";
   if (exitCode === 0) return "active";
@@ -219,7 +265,7 @@ function deriveStatusFromAuthStatusProbe({ exitCode, stdout = "", stderr = "", s
 
 function deriveStatusFromVersionProbe({ exitCode, stderr, spawnError }) {
   if (spawnError) return spawnError.notFound ? "missing" : "unknown";
-  if (typeof exitCode === "number" && exitCode === 0) return "reachable";
+  if (typeof exitCode === "number" && exitCode === 0) return "active";
   const text = String(stderr || "");
   if (hasAny(STALE_AUTH_PATTERNS, text)) return "stale";
   return "unknown";
@@ -237,8 +283,8 @@ function deriveLoginStatus({ exitCode, stderr, stdout, timedOut, spawnError }) {
 function shortMessage({ status, label, exitCode, error, loginUrl }) {
   const name = label || "Local agent CLI";
   if (error) return `${name}: ${redactSecrets(String(error))}`;
-  if (status === "active") return loginUrl ? "Login completed." : "Authenticated.";
-  if (status === "reachable") return "CLI reachable. Run Login to verify authentication.";
+  if (status === "active") return loginUrl ? "Login completed." : "Active.";
+  if (status === "reachable") return "Active.";
   if (status === "stale") return "Authentication needs setup. Run Login, then run the sandbox again.";
   if (status === "missing") return `${name} not found. Install it and try again.`;
   if (status === "checking") return `Checking ${name}…`;
@@ -329,16 +375,18 @@ function runCommand({ binary, args, cwd, timeoutMs, stdin }) {
 // Public API — login / logout / status
 // ──────────────────────────────────────────────────────────────────────────
 
-async function runAgentLogin({ objectId, name }) {
+async function runAgentLogin({ objectId, name, agentHost }) {
   const workspaceConfig = await readWorkspaceConfig();
   const { object, row, rowIndex } = findSandboxRow(workspaceConfig, objectId, name);
   if (!object) throw notFoundError(`no sandbox-environment object with id ${objectId}`);
   if (!row) throw notFoundError(`no sandbox row named ${name} in object ${objectId}`);
 
-  const { spec, agentHost } = assertAgentHostEligible(row, { requireLogin: true });
+  const selectedAgentHost = normalizeAgentHostOverride(agentHost);
+  const effectiveRow = applyAgentHostOverride(row, selectedAgentHost);
+  const { spec, agentHost: effectiveAgentHost } = assertAgentHostEligible(effectiveRow, { requireLogin: true });
 
-  const binary = resolveHostBinary(row, spec);
-  const cwd = resolveCwd(row);
+  const binary = resolveHostBinary(effectiveRow, spec);
+  const cwd = resolveCwd(effectiveRow);
   const startedAt = Date.now();
 
   const result = await runCommand({
@@ -356,20 +404,21 @@ async function runAgentLogin({ objectId, name }) {
 
   const patch = buildRowPatch({
     status,
-    provider: agentHost,
+    provider: effectiveAgentHost,
     checkedAt,
     exitCode: result.exitCode,
     loginUrl,
     label: spec.label,
     spawnError: result.spawnError
   });
+  Object.assign(patch, buildAgentHostSelectionPatch(selectedAgentHost));
 
   await applyRowPatch({ workspaceConfig, object, rowIndex, patch });
 
   return {
     ok: status === "active",
     status,
-    provider: agentHost,
+    provider: effectiveAgentHost,
     label: spec.label,
     binary,
     cwd,
@@ -384,16 +433,18 @@ async function runAgentLogin({ objectId, name }) {
   };
 }
 
-async function runAgentLogout({ objectId, name }) {
+async function runAgentLogout({ objectId, name, agentHost }) {
   const workspaceConfig = await readWorkspaceConfig();
   const { object, row, rowIndex } = findSandboxRow(workspaceConfig, objectId, name);
   if (!object) throw notFoundError(`no sandbox-environment object with id ${objectId}`);
   if (!row) throw notFoundError(`no sandbox row named ${name} in object ${objectId}`);
 
-  const { spec, agentHost } = assertAgentHostEligible(row, { requireLogout: true });
+  const selectedAgentHost = normalizeAgentHostOverride(agentHost);
+  const effectiveRow = applyAgentHostOverride(row, selectedAgentHost);
+  const { spec, agentHost: effectiveAgentHost } = assertAgentHostEligible(effectiveRow, { requireLogout: true });
 
-  const binary = resolveHostBinary(row, spec);
-  const cwd = resolveCwd(row);
+  const binary = resolveHostBinary(effectiveRow, spec);
+  const cwd = resolveCwd(effectiveRow);
   const startedAt = Date.now();
 
   let exitCode = null;
@@ -422,7 +473,7 @@ async function runAgentLogout({ objectId, name }) {
 
   const patch = buildRowPatch({
     status,
-    provider: agentHost,
+    provider: effectiveAgentHost,
     checkedAt,
     exitCode,
     loginUrl: null,
@@ -432,13 +483,14 @@ async function runAgentLogout({ objectId, name }) {
   patch.agentAuthLastMessage = spawnError?.notFound
     ? shortMessage({ status: "missing", label: spec.label })
     : `${spec.label} logged out — auth will be required before next run.`;
+  Object.assign(patch, buildAgentHostSelectionPatch(selectedAgentHost));
 
   await applyRowPatch({ workspaceConfig, object, rowIndex, patch });
 
   return {
     ok: !spawnError,
     status,
-    provider: agentHost,
+    provider: effectiveAgentHost,
     label: spec.label,
     binary,
     cwd,
@@ -451,16 +503,18 @@ async function runAgentLogout({ objectId, name }) {
   };
 }
 
-async function checkAgentStatus({ objectId, name }) {
+async function checkAgentStatus({ objectId, name, agentHost }) {
   const workspaceConfig = await readWorkspaceConfig();
   const { object, row, rowIndex } = findSandboxRow(workspaceConfig, objectId, name);
   if (!object) throw notFoundError(`no sandbox-environment object with id ${objectId}`);
   if (!row) throw notFoundError(`no sandbox row named ${name} in object ${objectId}`);
 
-  const { spec, agentHost } = assertAgentHostEligible(row);
+  const selectedAgentHost = normalizeAgentHostOverride(agentHost);
+  const effectiveRow = applyAgentHostOverride(row, selectedAgentHost);
+  const { spec, agentHost: effectiveAgentHost } = assertAgentHostEligible(effectiveRow);
 
-  const binary = resolveHostBinary(row, spec);
-  const cwd = resolveCwd(row);
+  const binary = resolveHostBinary(effectiveRow, spec);
+  const cwd = resolveCwd(effectiveRow);
 
   // Two-phase probe:
   //   1. If the catalog declares an auth-status subcommand, try it first.
@@ -503,20 +557,21 @@ async function checkAgentStatus({ objectId, name }) {
 
   const patch = buildRowPatch({
     status,
-    provider: agentHost,
+    provider: effectiveAgentHost,
     checkedAt,
     exitCode: usedResult.exitCode,
     loginUrl: null,
     label: spec.label,
     spawnError: usedResult.spawnError
   });
+  Object.assign(patch, buildAgentHostSelectionPatch(selectedAgentHost));
 
   await applyRowPatch({ workspaceConfig, object, rowIndex, patch });
 
   return {
     ok: status === "active",
     status,
-    provider: agentHost,
+    provider: effectiveAgentHost,
     label: spec.label,
     binary,
     cwd,

package/assets/worker-kits/growthub-custom-workspace-starter-v1/apps/workspace/lib/sandbox-serverless-flow.js

@@ -70,6 +70,7 @@ function deriveSandboxServerlessState(input = {}) {
 
   const locality = clean(row.runLocality).toLowerCase() === "serverless" ? "serverless" : "local";
   const isServerless = locality === "serverless";
+  const browserAccess = ["true", "1", "on", "yes"].includes(clean(row.browserAccess).toLowerCase());
   const adapterId = clean(row.adapter);
   const adapterChosen = Boolean(adapterId);
 
@@ -162,8 +163,8 @@ function deriveSandboxServerlessState(input = {}) {
     label: isServerless ? "Run on the scheduler" : "Run locally",
     status: "optional",
     description: isServerless
-      ? "Once the scheduler, auth, and store are ready, run delegates to the serverless scheduler."
-      : "Run this workflow in-process.",
+      ? `Once the scheduler, auth, and store are ready, run delegates to the serverless scheduler.${browserAccess ? " Browser access travels with the run in the growthub-sandbox-run-v1 envelope (sandbox.browserAccess), so the remote handler grants the same capability as a local run." : ""}`
+      : `Run this workflow in-process.${browserAccess ? (adapterId === "local-intelligence" ? " Browser access is executed by the local-intelligence browser bridge." : " Browser access is engaged through the selected agent host's first-party browser integration.") : ""}`,
     action: inline({ id: "run-sandbox", label: "Run" }),
   });
 
@@ -192,6 +193,7 @@ function deriveSandboxServerlessState(input = {}) {
     version: 1,
     locality,
     isServerless,
+    browserAccess,
     adapterChosen,
     schedulerLinked,
     schedulerHealthy,

package/assets/worker-kits/growthub-custom-workspace-starter-v1/apps/workspace/lib/workspace-data-model.js

@@ -881,6 +881,7 @@ const OBJECT_TYPE_PRESETS = {
       "envRefs",
       "networkAllow",
       "allowList",
+      "browserAccess",
       "instructions",
       "command",
       "timeoutMs",

package/assets/worker-kits/growthub-custom-workspace-starter-v1/apps/workspace/lib/workspace-schema.js

@@ -1044,6 +1044,12 @@ function validateSandboxEnvironmentRow(row, path, errors) {
   if (row.allowList !== undefined && typeof row.allowList !== "string" && !Array.isArray(row.allowList)) {
     errors.push(`${path}.allowList must be a comma-separated string or array of hostnames`);
   }
+  if (row.browserAccess !== undefined) {
+    const value = String(row.browserAccess).trim().toLowerCase();
+    if (!["", "true", "false", "0", "1", "on", "off"].includes(value)) {
+      errors.push(`${path}.browserAccess must coerce to a boolean (true/false/on/off)`);
+    }
+  }
   if (row.instructions !== undefined && typeof row.instructions !== "string") {
     errors.push(`${path}.instructions must be a string`);
   }

package/assets/worker-kits/growthub-custom-workspace-starter-v1/apps/workspace/lib/workspace-swarm-proposal.js

@@ -69,6 +69,7 @@ const SWARM_EXECUTION_TARGET_FIELDS = [
   "timeoutMs",
   "networkAllow",
   "allowList",
+  "browserAccess",
 ];
 
 function clean(value) {
@@ -152,6 +153,7 @@ function resolveSwarmExecutionTarget(workspaceConfig, payload = {}) {
     timeoutMs: String(clampPositiveInt(payload?.timeoutMs || helperRow?.timeoutMs, SWARM_DEFAULT_TIMEOUT_MS)),
     networkAllow: clean(payload?.networkAllow || helperRow?.networkAllow),
     allowList: clean(payload?.allowList || helperRow?.allowList),
+    browserAccess: clean(payload?.browserAccess || helperRow?.browserAccess),
     inheritedFromObjectId: helperRow ? WORKSPACE_HELPER_SANDBOX_OBJECT_ID : "",
     inheritedFromName: helperRow ? clean(helperRow.Name || WORKSPACE_HELPER_ROW_NAME) : "",
   };
@@ -406,6 +408,7 @@ function buildSandboxRowFromSwarmProposal(workspaceConfig, proposal) {
     envRefs: "",
     networkAllow: executionTarget.networkAllow,
     allowList: executionTarget.allowList,
+    browserAccess: executionTarget.browserAccess,
     instructions: clean(payload.objective),
     command: "",
     timeoutMs: executionTarget.timeoutMs,