mcp-scraper 0.1.9 → 0.2.0

package/dist/bin/api-server.cjs

@@ -3530,8 +3530,8 @@ var init_url_utils = __esm({
 async function fetchWithKernel(url) {
   const apiKey = browserServiceApiKey();
   if (!apiKey) throw new Error("Browser backend API key not set");
-  const client = new import_sdk.default({ apiKey });
-  const kb = await client.browsers.create({ stealth: true, timeout_seconds: 60 });
+  const client2 = new import_sdk.default({ apiKey });
+  const kb = await client2.browsers.create({ stealth: true, timeout_seconds: 60 });
   const browser = await import_playwright.chromium.connectOverCDP(kb.cdp_ws_url);
   try {
     const context = browser.contexts()[0] ?? await browser.newContext({
@@ -3544,7 +3544,7 @@ async function fetchWithKernel(url) {
   } finally {
     await browser.close().catch(() => {
     });
-    await client.browsers.deleteByID(kb.session_id).catch(() => {
+    await client2.browsers.deleteByID(kb.session_id).catch(() => {
     });
   }
 }
@@ -8292,6 +8292,9 @@ var init_site_audit_routes = __esm({
 });
 
 // src/api/rates.ts
+function browserActiveCostMc(activeMs) {
+  return Math.round(activeMs * MC_PER_BROWSER_MS);
+}
 function mcToCredits(mc) {
   return mc / MC_PER_CREDIT;
 }
@@ -8308,7 +8311,7 @@ function insufficientBalanceResponse(balanceMc, requiredMc) {
     topup_url: topupUrl
   };
 }
-var MC_COSTS, MC_PER_CREDIT, CREDIT_COST_CATALOG, CONCURRENCY_PRICE_ID, FREE_SIGNUP_MC, FREE_MONTHLY_REFRESH_MC, BALANCE_PRICE_IDS, BALANCE_PACK_LABELS, LedgerOperation;
+var MC_COSTS, MC_PER_BROWSER_MS, BROWSER_OPEN_MIN_BALANCE_MC, MC_PER_CREDIT, CREDIT_COST_CATALOG, CONCURRENCY_PRICE_ID, FREE_SIGNUP_MC, FREE_MONTHLY_REFRESH_MC, BALANCE_PRICE_IDS, BALANCE_PACK_LABELS, LedgerOperation;
 var init_rates = __esm({
   "src/api/rates.ts"() {
     "use strict";
@@ -8324,8 +8327,11 @@ var init_rates = __esm({
       maps_place: 2e3,
       maps_review: 50,
       fb_search: 50,
-      fb_transcribe: 50
+      fb_transcribe: 50,
+      browser_minute: 4e3
     };
+    MC_PER_BROWSER_MS = MC_COSTS.browser_minute / 6e4;
+    BROWSER_OPEN_MIN_BALANCE_MC = 1e3;
     MC_PER_CREDIT = 1e3;
     CREDIT_COST_CATALOG = [
       {
@@ -8421,6 +8427,14 @@ var init_rates = __esm({
         credits: mcToCredits(MC_COSTS.fb_transcribe),
         unit: "per call",
         notes: "Whisper transcription of Facebook ad video via fal.ai."
+      },
+      {
+        key: "browser_minute",
+        label: "Interactive browser session",
+        aliases: ["browser_open", "browser agent", "browser_agent", "live browser", "browse", "browser control", "interactive browser"],
+        credits: mcToCredits(MC_COSTS.browser_minute),
+        unit: "per minute of active time",
+        notes: "Metered per second of active browser work (navigation, clicks, typing, screenshots). Idle and standby time are free. Billed against your balance as you act; close the session to stop the meter."
       }
     ];
     CONCURRENCY_PRICE_ID = "price_1Ta1NRS8aAcsk3TGwsRnYbix";
@@ -8466,7 +8480,8 @@ var init_rates = __esm({
       FB_SEARCH: "fb_search",
       FB_TRANSCRIBE: "fb_transcribe",
       FB_SEARCH_REFUND: "fb_search_refund",
-      FB_TRANSCRIBE_REFUND: "fb_transcribe_refund"
+      FB_TRANSCRIBE_REFUND: "fb_transcribe_refund",
+      BROWSER_SESSION: "browser_session"
     };
   }
 });
@@ -9032,19 +9047,19 @@ var init_BrowserDriver = __esm({
         if (this.browser) {
           const b = this.browser;
           const sessionId = this.kernelSessionId;
-          const client = this.kernelClient;
+          const client2 = this.kernelClient;
           this.browser = null;
           this.context = null;
           this.page = null;
           this.kernelSessionId = null;
           this.kernelClient = null;
-          if (client && sessionId) {
+          if (client2 && sessionId) {
             console.info(JSON.stringify({
               event: "kernel_browser_delete_started",
               kernel_session_id: sessionId
             }));
             const deleteSession = withTimeout(
-              client.browsers.deleteByID(sessionId),
+              client2.browsers.deleteByID(sessionId),
               KERNEL_SESSION_DELETE_TIMEOUT_MS,
               `Kernel session ${sessionId} delete`
             );
@@ -10513,13 +10528,13 @@ var init_FacebookAdExtractor = __esm({
         }
         await page.waitForTimeout(1500);
         let prevCount = 0;
-        for (let scroll = 0; scroll < 20; scroll++) {
+        for (let scroll2 = 0; scroll2 < 20; scroll2++) {
           const count = await page.evaluate(() => {
             const bt = document.body ? document.body.innerText ?? "" : "";
             return [...bt.matchAll(/Library ID/g)].length;
           });
           if (count >= maxAds) break;
-          if (count === prevCount && scroll > 0) break;
+          if (count === prevCount && scroll2 > 0) break;
           prevCount = count;
           await page.evaluate(() => {
             if (document.body) window.scrollTo(0, document.body.scrollHeight);
@@ -11663,7 +11678,7 @@ var init_facebook_ad_routes = __esm({
           return c.json(searchResult2);
         }
         await page.waitForTimeout(1500);
-        for (let scroll = 0; scroll < 3; scroll++) {
+        for (let scroll2 = 0; scroll2 < 3; scroll2++) {
           await page.evaluate(() => {
             if (document.body) window.scrollTo(0, document.body.scrollHeight);
           });
@@ -15276,7 +15291,7 @@ var PACKAGE_VERSION;
 var init_version = __esm({
   "src/version.ts"() {
     "use strict";
-    PACKAGE_VERSION = "0.1.9";
+    PACKAGE_VERSION = "0.2.0";
   }
 });
 
@@ -16809,17 +16824,802 @@ var init_mcp_routes = __esm({
   }
 });
 
+// src/api/browser-agent-db.ts
+async function migrateBrowserAgent() {
+  if (_ready) return;
+  const db = getDb();
+  await db.execute(`
+    CREATE TABLE IF NOT EXISTS browser_agent_sessions (
+      id                  TEXT PRIMARY KEY,
+      runtime_session_id  TEXT NOT NULL,
+      live_view_url       TEXT,
+      cdp_ws_url          TEXT NOT NULL,
+      status              TEXT NOT NULL DEFAULT 'open',
+      label               TEXT,
+      user_id             INTEGER,
+      created_at          TEXT NOT NULL DEFAULT (datetime('now')),
+      closed_at           TEXT,
+      last_action_at      TEXT,
+      active_ms           INTEGER NOT NULL DEFAULT 0,
+      billed_mc           INTEGER NOT NULL DEFAULT 0
+    )
+  `);
+  await db.execute(`CREATE INDEX IF NOT EXISTS browser_agent_sessions_status ON browser_agent_sessions(status)`);
+  await db.execute(`CREATE INDEX IF NOT EXISTS browser_agent_sessions_user ON browser_agent_sessions(user_id)`);
+  await db.execute(`
+    CREATE TABLE IF NOT EXISTS browser_agent_actions (
+      id          TEXT PRIMARY KEY,
+      session_id  TEXT NOT NULL,
+      type        TEXT NOT NULL,
+      params_json TEXT,
+      ok          INTEGER NOT NULL DEFAULT 1,
+      error       TEXT,
+      created_at  TEXT NOT NULL DEFAULT (datetime('now'))
+    )
+  `);
+  await db.execute(`CREATE INDEX IF NOT EXISTS browser_agent_actions_session ON browser_agent_actions(session_id)`);
+  await db.execute(`
+    CREATE TABLE IF NOT EXISTS browser_agent_replays (
+      replay_id  TEXT PRIMARY KEY,
+      session_id TEXT NOT NULL,
+      view_url   TEXT,
+      label      TEXT,
+      started_at TEXT NOT NULL DEFAULT (datetime('now')),
+      stopped_at TEXT
+    )
+  `);
+  await db.execute(`CREATE INDEX IF NOT EXISTS browser_agent_replays_session ON browser_agent_replays(session_id)`);
+  _ready = true;
+}
+async function createSessionRow(input) {
+  const db = getDb();
+  const id = `bas_${(0, import_node_crypto3.randomUUID)().replace(/-/g, "").slice(0, 20)}`;
+  await db.execute({
+    sql: `INSERT INTO browser_agent_sessions (id, runtime_session_id, live_view_url, cdp_ws_url, status, label, user_id, last_action_at)
+          VALUES (?, ?, ?, ?, 'open', ?, ?, datetime('now'))`,
+    args: [id, input.runtimeSessionId, input.liveViewUrl, input.cdpWsUrl, input.label, input.userId]
+  });
+  const row = await getSessionRow(id);
+  if (!row) throw new Error("session insert failed");
+  return row;
+}
+async function getSessionRow(id) {
+  const db = getDb();
+  const res = await db.execute({ sql: `SELECT * FROM browser_agent_sessions WHERE id = ?`, args: [id] });
+  return res.rows[0] ?? null;
+}
+async function listSessionRows(userId, includeClosed = false) {
+  const db = getDb();
+  const clauses = [];
+  const args = [];
+  if (userId != null) {
+    clauses.push("(user_id = ? OR user_id IS NULL)");
+    args.push(userId);
+  }
+  if (!includeClosed) clauses.push(`status = 'open'`);
+  const where = clauses.length ? `WHERE ${clauses.join(" AND ")}` : "";
+  const res = await db.execute({
+    sql: `SELECT * FROM browser_agent_sessions ${where} ORDER BY created_at DESC LIMIT 100`,
+    args
+  });
+  return res.rows;
+}
+async function addActiveMs(id, deltaMs) {
+  const db = getDb();
+  await db.execute({
+    sql: `UPDATE browser_agent_sessions SET active_ms = active_ms + ?, last_action_at = datetime('now') WHERE id = ?`,
+    args: [Math.max(0, Math.round(deltaMs)), id]
+  });
+  const res = await db.execute({ sql: `SELECT active_ms, billed_mc FROM browser_agent_sessions WHERE id = ?`, args: [id] });
+  const row = res.rows[0];
+  return { active_ms: Number(row?.active_ms ?? 0), billed_mc: Number(row?.billed_mc ?? 0) };
+}
+async function setBilledMc(id, billedMc) {
+  const db = getDb();
+  await db.execute({
+    sql: `UPDATE browser_agent_sessions SET billed_mc = ? WHERE id = ?`,
+    args: [Math.round(billedMc), id]
+  });
+}
+async function markSessionClosed(id) {
+  const db = getDb();
+  await db.execute({
+    sql: `UPDATE browser_agent_sessions SET status = 'closed', closed_at = datetime('now') WHERE id = ?`,
+    args: [id]
+  });
+}
+async function recordAction(input) {
+  const db = getDb();
+  await db.execute({
+    sql: `INSERT INTO browser_agent_actions (id, session_id, type, params_json, ok, error)
+          VALUES (?, ?, ?, ?, ?, ?)`,
+    args: [
+      `baa_${(0, import_node_crypto3.randomUUID)().replace(/-/g, "").slice(0, 20)}`,
+      input.sessionId,
+      input.type,
+      input.params == null ? null : JSON.stringify(input.params),
+      input.ok ? 1 : 0,
+      input.error ?? null
+    ]
+  });
+}
+async function recordReplayStart(input) {
+  const db = getDb();
+  await db.execute({
+    sql: `INSERT INTO browser_agent_replays (replay_id, session_id, view_url, label)
+          VALUES (?, ?, ?, ?)`,
+    args: [input.replayId, input.sessionId, input.viewUrl, input.label]
+  });
+}
+async function recordReplayStop(replayId, viewUrl) {
+  const db = getDb();
+  await db.execute({
+    sql: `UPDATE browser_agent_replays SET stopped_at = datetime('now'), view_url = COALESCE(?, view_url) WHERE replay_id = ?`,
+    args: [viewUrl, replayId]
+  });
+}
+async function listReplayRows(sessionId) {
+  const db = getDb();
+  const res = await db.execute({
+    sql: `SELECT * FROM browser_agent_replays WHERE session_id = ? ORDER BY started_at DESC`,
+    args: [sessionId]
+  });
+  return res.rows;
+}
+var import_node_crypto3, _ready;
+var init_browser_agent_db = __esm({
+  "src/api/browser-agent-db.ts"() {
+    "use strict";
+    import_node_crypto3 = require("crypto");
+    init_db();
+    _ready = false;
+  }
+});
+
+// src/services/browser-agent/browser-agent-service.ts
+function client() {
+  const apiKey = browserServiceApiKey();
+  if (!apiKey) throw new Error("Browser backend API key is required");
+  return new import_sdk6.default({ apiKey });
+}
+async function createSession(opts = {}) {
+  const k = client();
+  const resolvedProxyId = opts.proxyId ?? browserServiceProxyId();
+  const browser = await k.browsers.create({
+    stealth: opts.stealth ?? true,
+    timeout_seconds: opts.timeoutSeconds ?? DEFAULT_TIMEOUT_SECONDS,
+    ...resolvedProxyId ? { proxy_id: resolvedProxyId } : {},
+    ...opts.profileName ? { profile: { name: opts.profileName } } : {}
+  });
+  const runtimeSessionId = browser.session_id;
+  if (opts.disableDefaultProxy) {
+    try {
+      await k.browsers.update(runtimeSessionId, { disable_default_proxy: true });
+    } catch {
+    }
+  }
+  if (opts.viewport) {
+    try {
+      await k.browsers.update(runtimeSessionId, { viewport: opts.viewport });
+    } catch {
+    }
+  }
+  return {
+    runtimeSessionId,
+    liveViewUrl: browser.browser_live_view_url ?? null,
+    cdpWsUrl: browser.cdp_ws_url
+  };
+}
+async function closeSession(runtimeSessionId) {
+  const k = client();
+  await k.browsers.deleteByID(runtimeSessionId);
+}
+async function screenshot(runtimeSessionId) {
+  const k = client();
+  const res = await k.browsers.computer.captureScreenshot(runtimeSessionId);
+  const buf = Buffer.from(await res.arrayBuffer());
+  return { base64: buf.toString("base64"), mimeType: "image/png" };
+}
+async function click(runtimeSessionId, x, y, opts = {}) {
+  const k = client();
+  await k.browsers.computer.clickMouse(runtimeSessionId, {
+    x,
+    y,
+    button: opts.button ?? "left",
+    ...opts.numClicks ? { num_clicks: opts.numClicks } : {}
+  });
+}
+async function typeText(runtimeSessionId, text, delayMs) {
+  const k = client();
+  await k.browsers.computer.typeText(runtimeSessionId, {
+    text,
+    ...typeof delayMs === "number" ? { delay: delayMs } : {}
+  });
+}
+async function scroll(runtimeSessionId, x, y, deltaX, deltaY) {
+  const k = client();
+  await k.browsers.computer.scroll(runtimeSessionId, { x, y, delta_x: deltaX, delta_y: deltaY });
+}
+async function pressKeys(runtimeSessionId, keys) {
+  const k = client();
+  await k.browsers.computer.pressKey(runtimeSessionId, { keys });
+}
+async function goto(cdpWsUrl, url) {
+  const browser = await import_playwright4.chromium.connectOverCDP(cdpWsUrl);
+  try {
+    const context = browser.contexts()[0] ?? await browser.newContext();
+    const page = context.pages()[0] ?? await context.newPage();
+    await page.goto(url, { waitUntil: "domcontentloaded", timeout: 45e3 });
+    return { url: page.url(), title: await page.title() };
+  } finally {
+    await browser.close().catch(() => {
+    });
+  }
+}
+async function readPage(cdpWsUrl) {
+  const browser = await import_playwright4.chromium.connectOverCDP(cdpWsUrl);
+  try {
+    const context = browser.contexts()[0] ?? await browser.newContext();
+    const page = context.pages()[0] ?? await context.newPage();
+    const url = page.url();
+    const title = await page.title().catch(() => "");
+    const data = await page.evaluate(() => {
+      const SEL = 'a[href], button, input, textarea, select, [role="button"], [role="link"], [role="tab"], [onclick]';
+      const out = [];
+      const nodes = Array.from(document.querySelectorAll(SEL)).slice(0, 120);
+      for (const el2 of nodes) {
+        const r = el2.getBoundingClientRect();
+        if (r.width < 1 || r.height < 1) continue;
+        if (r.bottom < 0 || r.top > window.innerHeight) continue;
+        const e = el2;
+        const name = (e.getAttribute("aria-label") || e.placeholder || e.innerText || e.getAttribute("value") || e.getAttribute("title") || "").trim().replace(/\s+/g, " ").slice(0, 80);
+        out.push({
+          role: el2.getAttribute("role") || el2.tagName.toLowerCase(),
+          name,
+          x: Math.round(r.left + r.width / 2),
+          y: Math.round(r.top + r.height / 2)
+        });
+      }
+      const text = (document.body?.innerText || "").replace(/\n{3,}/g, "\n\n").trim().slice(0, 6e3);
+      return { text, els: out };
+    });
+    return {
+      url,
+      title,
+      text: data.text,
+      elements: data.els.map((e, i) => ({ ref: i + 1, role: e.role, name: e.name, x: e.x, y: e.y }))
+    };
+  } finally {
+    await browser.close().catch(() => {
+    });
+  }
+}
+async function replayStart(runtimeSessionId) {
+  const k = client();
+  const res = await k.browsers.replays.start(runtimeSessionId);
+  return { replayId: res.replay_id, viewUrl: res.replay_view_url ?? null };
+}
+async function replayStop(runtimeSessionId, replayId) {
+  const k = client();
+  await k.browsers.replays.stop(replayId, { id: runtimeSessionId });
+}
+async function replayList(runtimeSessionId) {
+  const k = client();
+  const res = await k.browsers.replays.list(runtimeSessionId);
+  return res.map((r) => ({
+    replayId: r.replay_id,
+    viewUrl: r.replay_view_url ?? null,
+    startedAt: r.started_at ?? null,
+    finishedAt: r.finished_at ?? null
+  }));
+}
+var import_sdk6, import_playwright4, DEFAULT_TIMEOUT_SECONDS;
+var init_browser_agent_service = __esm({
+  "src/services/browser-agent/browser-agent-service.ts"() {
+    "use strict";
+    import_sdk6 = __toESM(require("@onkernel/sdk"), 1);
+    import_playwright4 = require("playwright");
+    init_browser_service_env();
+    DEFAULT_TIMEOUT_SECONDS = 600;
+  }
+});
+
+// src/api/browser-agent-routes.ts
+async function charge(sessionId, userId, startedAtMs) {
+  const elapsedMs = Date.now() - startedAtMs;
+  const { active_ms, billed_mc } = await addActiveMs(sessionId, elapsedMs);
+  const owed = browserActiveCostMc(active_ms);
+  const delta = owed - billed_mc;
+  if (delta > 0) {
+    const res = await debitMc(userId, delta, LedgerOperation.BROWSER_SESSION, sessionId);
+    if (res.ok) await setBilledMc(sessionId, owed);
+  }
+}
+function publicSession(row) {
+  return {
+    session_id: row.id,
+    status: row.status,
+    label: row.label,
+    created_at: row.created_at,
+    last_action_at: row.last_action_at,
+    closed_at: row.closed_at,
+    active_seconds: Math.round((row.active_ms ?? 0) / 1e3),
+    credits_used: Math.round((row.billed_mc ?? 0) / 10) / 100
+  };
+}
+function failure(err) {
+  const msg = err instanceof Error ? err.message : String(err);
+  return { error: sanitizeVendorName(msg) };
+}
+async function loadOpenSession(id, userId) {
+  const row = await getSessionRow(id);
+  if (!row) return null;
+  if (row.user_id != null && row.user_id !== userId) return null;
+  return row;
+}
+function buildBrowserAgentRoutes() {
+  const app2 = new import_hono8.Hono();
+  app2.use("*", async (c, next) => {
+    await migrateBrowserAgent();
+    return next();
+  });
+  app2.use("*", auth);
+  app2.post("/sessions", async (c) => {
+    const user = c.get("user");
+    if (Number(user.balance_mc ?? 0) < BROWSER_OPEN_MIN_BALANCE_MC) {
+      return c.json(insufficientBalanceResponse(Number(user.balance_mc ?? 0), BROWSER_OPEN_MIN_BALANCE_MC), 402);
+    }
+    const body = await c.req.json().catch(() => ({}));
+    try {
+      const created = await createSession({
+        timeoutSeconds: typeof body.timeout_seconds === "number" ? body.timeout_seconds : void 0,
+        proxyId: typeof body.proxy_id === "string" ? body.proxy_id : void 0,
+        profileName: typeof body.profile === "string" ? body.profile : void 0,
+        disableDefaultProxy: body.disable_default_proxy === true,
+        viewport: body.viewport && typeof body.viewport === "object" ? body.viewport : void 0
+      });
+      const row = await createSessionRow({
+        runtimeSessionId: created.runtimeSessionId,
+        liveViewUrl: created.liveViewUrl,
+        cdpWsUrl: created.cdpWsUrl,
+        label: typeof body.label === "string" ? body.label : null,
+        userId: user.id
+      });
+      return c.json({ ...publicSession(row), watch_url: `/console/${row.id}` });
+    } catch (err) {
+      return c.json(failure(err), 502);
+    }
+  });
+  app2.get("/sessions", async (c) => {
+    const user = c.get("user");
+    const includeClosed = c.req.query("all") === "1";
+    const rows = await listSessionRows(user.id, includeClosed);
+    return c.json({ sessions: rows.map(publicSession) });
+  });
+  app2.get("/sessions/:id", async (c) => {
+    const user = c.get("user");
+    const row = await loadOpenSession(c.req.param("id"), user.id);
+    if (!row) return c.json({ error: "not found" }, 404);
+    return c.json({ ...publicSession(row), watch_url: `/console/${row.id}` });
+  });
+  app2.get("/sessions/:id/live-view", async (c) => {
+    const user = c.get("user");
+    const row = await loadOpenSession(c.req.param("id"), user.id);
+    if (!row) return c.json({ error: "not found" }, 404);
+    return c.json({ live_view_url: row.live_view_url });
+  });
+  app2.delete("/sessions/:id", async (c) => {
+    const user = c.get("user");
+    const row = await loadOpenSession(c.req.param("id"), user.id);
+    if (!row) return c.json({ error: "not found" }, 404);
+    try {
+      await closeSession(row.runtime_session_id);
+    } catch {
+    }
+    await markSessionClosed(row.id);
+    return c.json({ ok: true });
+  });
+  app2.post("/sessions/:id/goto", async (c) => {
+    const user = c.get("user");
+    const row = await loadOpenSession(c.req.param("id"), user.id);
+    if (!row) return c.json({ error: "not found" }, 404);
+    const body = await c.req.json().catch(() => ({}));
+    const url = typeof body.url === "string" ? body.url : "";
+    if (!url) return c.json({ error: "url is required" }, 400);
+    const t0 = Date.now();
+    try {
+      const result = await goto(row.cdp_ws_url, url);
+      await charge(row.id, user.id, t0);
+      await recordAction({ sessionId: row.id, type: "goto", params: { url }, ok: true });
+      return c.json(result);
+    } catch (err) {
+      await charge(row.id, user.id, t0);
+      await recordAction({ sessionId: row.id, type: "goto", params: { url }, ok: false, error: String(err) });
+      return c.json(failure(err), 502);
+    }
+  });
+  app2.post("/sessions/:id/screenshot", async (c) => {
+    const user = c.get("user");
+    const row = await loadOpenSession(c.req.param("id"), user.id);
+    if (!row) return c.json({ error: "not found" }, 404);
+    const t0 = Date.now();
+    try {
+      const shot = await screenshot(row.runtime_session_id);
+      let page = null;
+      try {
+        page = await readPage(row.cdp_ws_url);
+      } catch {
+        page = null;
+      }
+      await charge(row.id, user.id, t0);
+      await recordAction({ sessionId: row.id, type: "screenshot", params: null, ok: true });
+      return c.json({
+        image_base64: shot.base64,
+        mime_type: shot.mimeType,
+        url: page?.url ?? null,
+        title: page?.title ?? null,
+        elements: page?.elements ?? [],
+        text: page?.text ?? null
+      });
+    } catch (err) {
+      await charge(row.id, user.id, t0);
+      await recordAction({ sessionId: row.id, type: "screenshot", params: null, ok: false, error: String(err) });
+      return c.json(failure(err), 502);
+    }
+  });
+  app2.post("/sessions/:id/read", async (c) => {
+    const user = c.get("user");
+    const row = await loadOpenSession(c.req.param("id"), user.id);
+    if (!row) return c.json({ error: "not found" }, 404);
+    const t0 = Date.now();
+    try {
+      const page = await readPage(row.cdp_ws_url);
+      await charge(row.id, user.id, t0);
+      await recordAction({ sessionId: row.id, type: "read", params: null, ok: true });
+      return c.json(page);
+    } catch (err) {
+      await charge(row.id, user.id, t0);
+      return c.json(failure(err), 502);
+    }
+  });
+  app2.post("/sessions/:id/click", async (c) => {
+    const user = c.get("user");
+    const row = await loadOpenSession(c.req.param("id"), user.id);
+    if (!row) return c.json({ error: "not found" }, 404);
+    const body = await c.req.json().catch(() => ({}));
+    const x = Number(body.x);
+    const y = Number(body.y);
+    if (!Number.isFinite(x) || !Number.isFinite(y)) return c.json({ error: "x and y are required" }, 400);
+    const t0 = Date.now();
+    try {
+      await click(row.runtime_session_id, x, y, {
+        button: body.button === "right" || body.button === "middle" ? body.button : "left",
+        numClicks: typeof body.num_clicks === "number" ? body.num_clicks : void 0
+      });
+      await charge(row.id, user.id, t0);
+      await recordAction({ sessionId: row.id, type: "click", params: { x, y }, ok: true });
+      return c.json({ ok: true });
+    } catch (err) {
+      await charge(row.id, user.id, t0);
+      await recordAction({ sessionId: row.id, type: "click", params: { x, y }, ok: false, error: String(err) });
+      return c.json(failure(err), 502);
+    }
+  });
+  app2.post("/sessions/:id/type", async (c) => {
+    const user = c.get("user");
+    const row = await loadOpenSession(c.req.param("id"), user.id);
+    if (!row) return c.json({ error: "not found" }, 404);
+    const body = await c.req.json().catch(() => ({}));
+    const text = typeof body.text === "string" ? body.text : "";
+    if (!text) return c.json({ error: "text is required" }, 400);
+    const t0 = Date.now();
+    try {
+      await typeText(row.runtime_session_id, text, typeof body.delay === "number" ? body.delay : void 0);
+      await charge(row.id, user.id, t0);
+      await recordAction({ sessionId: row.id, type: "type", params: { length: text.length }, ok: true });
+      return c.json({ ok: true });
+    } catch (err) {
+      await charge(row.id, user.id, t0);
+      return c.json(failure(err), 502);
+    }
+  });
+  app2.post("/sessions/:id/scroll", async (c) => {
+    const user = c.get("user");
+    const row = await loadOpenSession(c.req.param("id"), user.id);
+    if (!row) return c.json({ error: "not found" }, 404);
+    const body = await c.req.json().catch(() => ({}));
+    const x = typeof body.x === "number" ? body.x : 640;
+    const y = typeof body.y === "number" ? body.y : 400;
+    const deltaX = typeof body.delta_x === "number" ? body.delta_x : 0;
+    const deltaY = typeof body.delta_y === "number" ? body.delta_y : 5;
+    const t0 = Date.now();
+    try {
+      await scroll(row.runtime_session_id, x, y, deltaX, deltaY);
+      await charge(row.id, user.id, t0);
+      await recordAction({ sessionId: row.id, type: "scroll", params: { deltaX, deltaY }, ok: true });
+      return c.json({ ok: true });
+    } catch (err) {
+      await charge(row.id, user.id, t0);
+      return c.json(failure(err), 502);
+    }
+  });
+  app2.post("/sessions/:id/press", async (c) => {
+    const user = c.get("user");
+    const row = await loadOpenSession(c.req.param("id"), user.id);
+    if (!row) return c.json({ error: "not found" }, 404);
+    const body = await c.req.json().catch(() => ({}));
+    const keys = Array.isArray(body.keys) ? body.keys.map(String) : [];
+    if (!keys.length) return c.json({ error: "keys is required" }, 400);
+    const t0 = Date.now();
+    try {
+      await pressKeys(row.runtime_session_id, keys);
+      await charge(row.id, user.id, t0);
+      await recordAction({ sessionId: row.id, type: "press", params: { keys }, ok: true });
+      return c.json({ ok: true });
+    } catch (err) {
+      await charge(row.id, user.id, t0);
+      return c.json(failure(err), 502);
+    }
+  });
+  app2.post("/sessions/:id/replay/start", async (c) => {
+    const user = c.get("user");
+    const row = await loadOpenSession(c.req.param("id"), user.id);
+    if (!row) return c.json({ error: "not found" }, 404);
+    const body = await c.req.json().catch(() => ({}));
+    try {
+      const started = await replayStart(row.runtime_session_id);
+      await recordReplayStart({
+        sessionId: row.id,
+        replayId: started.replayId,
+        viewUrl: started.viewUrl,
+        label: typeof body.label === "string" ? body.label : null
+      });
+      return c.json({ replay_id: started.replayId });
+    } catch (err) {
+      return c.json(failure(err), 502);
+    }
+  });
+  app2.post("/sessions/:id/replay/stop", async (c) => {
+    const user = c.get("user");
+    const row = await loadOpenSession(c.req.param("id"), user.id);
+    if (!row) return c.json({ error: "not found" }, 404);
+    const body = await c.req.json().catch(() => ({}));
+    const replayId = typeof body.replay_id === "string" ? body.replay_id : "";
+    if (!replayId) return c.json({ error: "replay_id is required" }, 400);
+    try {
+      await replayStop(row.runtime_session_id, replayId);
+      let viewUrl = null;
+      try {
+        const all = await replayList(row.runtime_session_id);
+        viewUrl = all.find((r) => r.replayId === replayId)?.viewUrl ?? null;
+      } catch {
+        viewUrl = null;
+      }
+      await recordReplayStop(replayId, viewUrl);
+      return c.json({ ok: true });
+    } catch (err) {
+      return c.json(failure(err), 502);
+    }
+  });
+  app2.get("/sessions/:id/replays", async (c) => {
+    const user = c.get("user");
+    const row = await loadOpenSession(c.req.param("id"), user.id);
+    if (!row) return c.json({ error: "not found" }, 404);
+    const rows = await listReplayRows(row.id);
+    return c.json({
+      replays: rows.map((r) => ({
+        replay_id: r.replay_id,
+        view_url: r.view_url,
+        label: r.label,
+        started_at: r.started_at,
+        stopped_at: r.stopped_at
+      }))
+    });
+  });
+  return app2;
+}
+var import_hono8, auth;
+var init_browser_agent_routes = __esm({
+  "src/api/browser-agent-routes.ts"() {
+    "use strict";
+    import_hono8 = require("hono");
+    init_api_auth();
+    init_errors();
+    init_db();
+    init_rates();
+    init_browser_agent_db();
+    init_browser_agent_service();
+    auth = createApiKeyAuth();
+  }
+});
+
+// src/api/browser-agent-console.ts
+function renderConsoleHtml(initialSessionId) {
+  const initial = JSON.stringify(initialSessionId ?? "");
+  return `<!DOCTYPE html>
+<html lang="en">
+<head>
+<meta charset="UTF-8" />
+<meta name="viewport" content="width=device-width, initial-scale=1.0" />
+<title>Browser Agent Console</title>
+<style>
+  :root { color-scheme: dark; }
+  :where(*) { box-sizing: border-box; }
+  body { margin: 0; font: 14px/1.5 ui-sans-serif, system-ui, -apple-system, sans-serif; background: #0b0e14; color: #d7dce5; }
+  header { display: flex; align-items: center; gap: 12px; padding: 10px 16px; border-bottom: 1px solid #1c2230; background: #0f131c; }
+  header h1 { font-size: 15px; margin: 0; font-weight: 600; color: #fff; letter-spacing: .2px; }
+  header .spacer { flex: 1; }
+  input, button, select { font: inherit; }
+  input[type=text], input[type=password], input[type=url] { background: #141925; border: 1px solid #232b3a; color: #e6eaf2; border-radius: 7px; padding: 7px 10px; }
+  button { background: #2b6cff; border: 0; color: #fff; border-radius: 7px; padding: 7px 12px; cursor: pointer; font-weight: 500; }
+  button.ghost { background: #1a2030; color: #cdd5e4; border: 1px solid #28303f; }
+  button:disabled { opacity: .5; cursor: default; }
+  .layout { display: grid; grid-template-columns: 280px 1fr; height: calc(100vh - 53px); }
+  aside { border-right: 1px solid #1c2230; overflow-y: auto; padding: 12px; }
+  aside h2 { font-size: 11px; text-transform: uppercase; letter-spacing: .08em; color: #6b7689; margin: 4px 4px 10px; }
+  .sess { padding: 9px 10px; border-radius: 8px; border: 1px solid #1c2230; margin-bottom: 8px; cursor: pointer; }
+  .sess:hover { border-color: #2b6cff; }
+  .sess.active { border-color: #2b6cff; background: #131b2e; }
+  .sess .id { font-family: ui-monospace, monospace; font-size: 12px; color: #aeb8cc; }
+  .sess .meta { font-size: 11px; color: #6b7689; margin-top: 3px; }
+  .dot { display: inline-block; width: 7px; height: 7px; border-radius: 50%; margin-right: 5px; }
+  .dot.open { background: #36d399; } .dot.closed { background: #5a6677; }
+  main { display: flex; flex-direction: column; overflow: hidden; }
+  .toolbar { display: flex; align-items: center; gap: 10px; padding: 10px 16px; border-bottom: 1px solid #1c2230; }
+  .toolbar label { font-size: 13px; color: #aeb8cc; display: flex; align-items: center; gap: 6px; }
+  .stage { flex: 1; position: relative; background: #05070b; overflow: auto; }
+  .stage iframe { width: 100%; height: 100%; border: 0; display: block; }
+  .empty { display: flex; align-items: center; justify-content: center; height: 100%; color: #5a6677; flex-direction: column; gap: 10px; }
+  .replays { border-top: 1px solid #1c2230; padding: 10px 16px; max-height: 200px; overflow-y: auto; }
+  .replays h3 { font-size: 11px; text-transform: uppercase; letter-spacing: .08em; color: #6b7689; margin: 0 0 8px; }
+  .replay { display: flex; align-items: center; gap: 10px; padding: 6px 0; font-size: 13px; }
+  .replay a { color: #7aa2ff; }
+  .gate { max-width: 380px; margin: 80px auto; padding: 24px; border: 1px solid #1c2230; border-radius: 12px; background: #0f131c; }
+  .gate h2 { margin: 0 0 6px; font-size: 16px; color: #fff; }
+  .gate p { color: #8893a7; margin: 0 0 16px; }
+  .gate input { width: 100%; margin-bottom: 12px; }
+  .gate button { width: 100%; }
+  .muted { color: #6b7689; font-size: 12px; }
+</style>
+</head>
+<body>
+<div id="app"></div>
+<script>
+const INITIAL_SESSION = ${initial};
+const KEY_STORE = 'browser_agent_api_key';
+let state = { key: localStorage.getItem(KEY_STORE) || '', sessions: [], current: INITIAL_SESSION || null, readOnly: true, liveUrl: null, replays: [] };
+
+function api(method, path, body) {
+  return fetch('/agent' + path, {
+    method,
+    headers: { 'Content-Type': 'application/json', 'x-api-key': state.key },
+    body: body ? JSON.stringify(body) : undefined,
+  }).then(async r => ({ ok: r.ok, data: await r.json().catch(() => ({})) }));
+}
+
+async function refreshSessions() {
+  const r = await api('GET', '/sessions?all=1');
+  if (r.ok) { state.sessions = r.data.sessions || []; render(); }
+}
+
+async function selectSession(id) {
+  state.current = id; state.liveUrl = null; state.replays = [];
+  history.replaceState(null, '', '/console/' + id);
+  render();
+  const live = await api('GET', '/sessions/' + id + '/live-view');
+  state.liveUrl = live.ok ? live.data.live_view_url : null;
+  const reps = await api('GET', '/sessions/' + id + '/replays');
+  state.replays = reps.ok ? (reps.data.replays || []) : [];
+  render();
+}
+
+async function openSession() {
+  const r = await api('POST', '/sessions', { label: 'console' });
+  if (r.ok) { await refreshSessions(); selectSession(r.data.session_id); }
+  else alert('Open failed: ' + JSON.stringify(r.data));
+}
+
+async function closeCurrent() {
+  if (!state.current) return;
+  await api('DELETE', '/sessions/' + state.current);
+  await refreshSessions();
+}
+
+function frameSrc() {
+  if (!state.liveUrl) return null;
+  const sep = state.liveUrl.includes('?') ? '&' : '?';
+  return state.readOnly ? state.liveUrl + sep + 'readOnly=true' : state.liveUrl;
+}
+
+function saveKey(v) { state.key = v.trim(); localStorage.setItem(KEY_STORE, state.key); render(); if (state.key) { refreshSessions(); if (state.current) selectSession(state.current); } }
+
+function h(html) { const t = document.createElement('template'); t.innerHTML = html.trim(); return t.content.firstChild; }
+function esc(s) { return String(s == null ? '' : s).replace(/[&<>"]/g, c => ({ '&': '&amp;', '<': '&lt;', '>': '&gt;', '"': '&quot;' }[c])); }
+
+function render() {
+  const app = document.getElementById('app');
+  app.innerHTML = '';
+  if (!state.key) {
+    app.appendChild(h('<div class="gate"><h2>Browser Agent Console</h2><p>Paste your API key to watch and control browser sessions.</p><input id="k" type="password" placeholder="API key" /><button id="kb">Continue</button></div>'));
+    document.getElementById('kb').onclick = () => saveKey(document.getElementById('k').value);
+    document.getElementById('k').onkeydown = e => { if (e.key === 'Enter') saveKey(e.target.value); };
+    return;
+  }
+  const header = h('<header><h1>Browser Agent</h1><span class="muted">live control + replays</span><span class="spacer"></span><button id="open">+ New Session</button><button class="ghost" id="logout">Forget key</button></header>');
+  app.appendChild(header);
+  document.getElementById('open').onclick = openSession;
+  document.getElementById('logout').onclick = () => saveKey('');
+
+  const layout = h('<div class="layout"></div>');
+  const aside = h('<aside><h2>Sessions</h2></aside>');
+  if (!state.sessions.length) aside.appendChild(h('<div class="muted" style="padding:4px">No sessions yet.</div>'));
+  for (const s of state.sessions) {
+    const el = h('<div class="sess ' + (s.session_id === state.current ? 'active' : '') + '"><div class="id">' + esc(s.session_id) + '</div><div class="meta"><span class="dot ' + esc(s.status) + '"></span>' + esc(s.status) + (s.label ? ' \xB7 ' + esc(s.label) : '') + '</div></div>');
+    el.onclick = () => selectSession(s.session_id);
+    aside.appendChild(el);
+  }
+  layout.appendChild(aside);
+
+  const main = h('<main></main>');
+  if (!state.current) {
+    main.appendChild(h('<div class="empty"><div>Select or open a session to watch.</div></div>'));
+  } else {
+    const tb = h('<div class="toolbar"><label><input type="checkbox" id="ro" ' + (state.readOnly ? 'checked' : '') + ' /> Read-only (uncheck to take control)</label><span class="spacer"></span><button class="ghost" id="reload">Reload view</button><button class="ghost" id="close">Close session</button></div>');
+    main.appendChild(tb);
+    const stage = h('<div class="stage"></div>');
+    const src = frameSrc();
+    if (src) {
+      const f = h('<iframe allow="autoplay; clipboard-read; clipboard-write" src="' + esc(src) + '"></iframe>');
+      stage.appendChild(f);
+    } else {
+      stage.appendChild(h('<div class="empty"><div>Live view unavailable for this session.</div><div class="muted">It may be closed or still starting.</div></div>'));
+    }
+    main.appendChild(stage);
+
+    const rep = h('<div class="replays"><h3>Replays</h3></div>');
+    if (!state.replays.length) rep.appendChild(h('<div class="muted">No replays recorded.</div>'));
+    for (const r of state.replays) {
+      const status = r.stopped_at ? 'ready' : 'recording\u2026';
+      const link = r.view_url ? '<a href="' + esc(r.view_url) + '" target="_blank" rel="noopener">view mp4</a>' : '<span class="muted">' + status + '</span>';
+      rep.appendChild(h('<div class="replay"><span class="muted">' + esc(r.started_at || '') + '</span><span class="spacer"></span>' + link + '</div>'));
+    }
+    main.appendChild(rep);
+
+    layout.appendChild(main);
+  }
+  app.appendChild(layout);
+
+  const ro = document.getElementById('ro');
+  if (ro) ro.onchange = e => { state.readOnly = e.target.checked; render(); };
+  const reload = document.getElementById('reload');
+  if (reload) reload.onclick = () => selectSession(state.current);
+  const close = document.getElementById('close');
+  if (close) close.onclick = closeCurrent;
+}
+
+render();
+if (state.key) { refreshSessions(); if (state.current) selectSession(state.current); }
+</script>
+</body>
+</html>`;
+}
+var init_browser_agent_console = __esm({
+  "src/api/browser-agent-console.ts"() {
+    "use strict";
+  }
+});
+
 // src/api/stripe-routes.ts
-var import_stripe, import_hono8, stripe, stripeApp;
+var import_stripe, import_hono9, stripe, stripeApp;
 var init_stripe_routes = __esm({
   "src/api/stripe-routes.ts"() {
     "use strict";
     import_stripe = __toESM(require("stripe"), 1);
-    import_hono8 = require("hono");
+    import_hono9 = require("hono");
     init_db();
     init_rates();
     stripe = new import_stripe.default(process.env.STRIPE_SECRET_KEY, { apiVersion: "2026-02-25.clover" });
-    stripeApp = new import_hono8.Hono();
+    stripeApp = new import_hono9.Hono();
     stripeApp.post("/webhooks", async (c) => {
       const sig = c.req.header("stripe-signature");
       const body = await c.req.text();
@@ -17106,14 +17906,14 @@ function getSessionSecret() {
 function safeEqualHex(a, b) {
   if (a.length !== b.length) return false;
   try {
-    return (0, import_node_crypto3.timingSafeEqual)(Buffer.from(a, "hex"), Buffer.from(b, "hex"));
+    return (0, import_node_crypto4.timingSafeEqual)(Buffer.from(a, "hex"), Buffer.from(b, "hex"));
   } catch {
     return false;
   }
 }
 function signSession(userId) {
   const payload = String(userId);
-  const sig = (0, import_node_crypto3.createHmac)("sha256", secret()).update(payload).digest("hex");
+  const sig = (0, import_node_crypto4.createHmac)("sha256", secret()).update(payload).digest("hex");
   return `${payload}.${sig}`;
 }
 function verifySession(token) {
@@ -17121,16 +17921,16 @@ function verifySession(token) {
   if (dot === -1) return null;
   const payload = token.slice(0, dot);
   const sig = token.slice(dot + 1);
-  const expected = (0, import_node_crypto3.createHmac)("sha256", secret()).update(payload).digest("hex");
+  const expected = (0, import_node_crypto4.createHmac)("sha256", secret()).update(payload).digest("hex");
   if (!safeEqualHex(sig, expected)) return null;
   const id = parseInt(payload);
   return isNaN(id) ? null : id;
 }
-var import_node_crypto3, isProduction, secret;
+var import_node_crypto4, isProduction, secret;
 var init_session = __esm({
   "src/api/session.ts"() {
     "use strict";
-    import_node_crypto3 = require("crypto");
+    import_node_crypto4 = require("crypto");
     isProduction = () => process.env.NODE_ENV === "production" || process.env.VERCEL === "1";
     secret = () => getSessionSecret();
   }
@@ -17346,7 +18146,7 @@ async function checkHarvestLimits(userId, email, extraSlots = 0) {
   if (active >= limit) return { error: `You have ${active} job${active !== 1 ? "s" : ""} running. Your account allows ${limit} concurrent job${limit !== 1 ? "s" : ""}. Wait for one to finish or add a concurrency slot at mcpscraper.dev/billing.` };
   return null;
 }
-var import_resend, import_hono9, import_hono10, import_factory6, import_cookie, import_stripe2, secureCookies, isProduction2, sessionCookieOptions, requireAllowedOrigin, auth, adminAuth, sessionAuth, app, STRIPE_API_VERSION, BYPASS_EMAILS, SYNC_HARVEST_TIMEOUT_OVERRIDE_MS;
+var import_resend, import_hono10, import_hono11, import_factory6, import_cookie, import_stripe2, secureCookies, isProduction2, sessionCookieOptions, requireAllowedOrigin, auth2, adminAuth, sessionAuth, app, STRIPE_API_VERSION, BYPASS_EMAILS, SYNC_HARVEST_TIMEOUT_OVERRIDE_MS;
 var init_server = __esm({
   "src/api/server.ts"() {
     "use strict";
@@ -17363,8 +18163,8 @@ var init_server = __esm({
     init_media_extractor();
     init_site_mapper();
     init_site_extractor();
-    import_hono9 = require("hono");
-    import_hono10 = require("inngest/hono");
+    import_hono10 = require("hono");
+    import_hono11 = require("inngest/hono");
     init_client();
     init_site_audit();
     init_site_audit_routes();
@@ -17374,6 +18174,8 @@ var init_server = __esm({
     init_maps_routes();
     init_serp_intelligence_routes();
     init_mcp_routes();
+    init_browser_agent_routes();
+    init_browser_agent_console();
     init_stripe_routes();
     init_site_audit_worker();
     import_factory6 = require("hono/factory");
@@ -17403,7 +18205,7 @@ var init_server = __esm({
       if (!configuredOrigins().has(origin)) return c.json({ error: "Origin not allowed" }, 403);
       return next();
     });
-    auth = (0, import_factory6.createMiddleware)(async (c, next) => {
+    auth2 = (0, import_factory6.createMiddleware)(async (c, next) => {
       const key = c.req.header("x-api-key");
       if (!key) return c.json({ error: "Missing API key" }, 401);
       const user = await getUserByApiKey(key);
@@ -17432,7 +18234,7 @@ var init_server = __esm({
       c.set("sessionUser", { ...refreshed, balance_mc: balanceMc });
       return next();
     });
-    app = new import_hono9.Hono();
+    app = new import_hono10.Hono();
     STRIPE_API_VERSION = "2026-02-25.clover";
     app.use("*", async (c, next) => {
       await next();
@@ -17592,7 +18394,7 @@ var init_server = __esm({
       const parsed = raw === void 0 ? NaN : Number(raw);
       return Number.isFinite(parsed) && parsed > 0 ? parsed : null;
     })();
-    app.post("/harvest", auth, async (c) => {
+    app.post("/harvest", auth2, async (c) => {
       const user = c.get("user");
       const raw = await c.req.json().catch(() => ({}));
       const bodyResult = HarvestBodySchema.safeParse(raw);
@@ -17634,7 +18436,7 @@ var init_server = __esm({
       }
       return c.json({ job_id: jobId, status: "pending" }, 202);
     });
-    app.post("/harvest/sync", auth, async (c) => {
+    app.post("/harvest/sync", auth2, async (c) => {
       const user = c.get("user");
       const raw = await c.req.json().catch(() => ({}));
       const bodyResult = HarvestBodySchema.safeParse(raw);
@@ -17699,17 +18501,17 @@ var init_server = __esm({
         return c.json({ job_id: jobId, status: "failed", ...response, attempts: sanitizeAttempts(attempts) }, problem.httpStatus);
       }
     });
-    app.get("/jobs/:id", auth, async (c) => {
+    app.get("/jobs/:id", auth2, async (c) => {
       const job = await getJob(c.req.param("id"), c.get("user").id);
       if (!job) return c.json({ error: "Job not found" }, 404);
       const attempts = await listHarvestAttempts(job.id, c.get("user").id);
       const safeResult = job.result && typeof job.result === "object" ? sanitizeHarvestResult(job.result) : job.result;
       return c.json({ ...job, result: safeResult, attempts: sanitizeAttempts(attempts) });
     });
-    app.get("/jobs", auth, async (c) => {
+    app.get("/jobs", auth2, async (c) => {
       return c.json(await listJobs(c.get("user").id));
     });
-    app.get("/history", auth, async (c) => {
+    app.get("/history", auth2, async (c) => {
       const userId = c.get("user").id;
       const [jobs, events] = await Promise.all([
         listJobs(userId),
@@ -17739,7 +18541,7 @@ var init_server = __esm({
       const rows = [...jobRows, ...eventRows].sort((a, b) => String(b.ts).localeCompare(String(a.ts)));
       return c.json(rows.slice(0, 100));
     });
-    app.get("/ledger", auth, async (c) => {
+    app.get("/ledger", auth2, async (c) => {
       return c.json(await getLedger(c.get("user").id, 100));
     });
     app.post("/admin/users", adminAuth, async (c) => {
@@ -17777,11 +18579,11 @@ var init_server = __esm({
       }
       return c.json({ processed, credited, skipped, users_credited });
     });
-    app.post("/extract-url", auth, async (c) => {
+    app.post("/extract-url", auth2, async (c) => {
       const raw = await c.req.json().catch(() => ({}));
       const bodyResult = ExtractUrlBodySchema.safeParse(raw);
       if (!bodyResult.success) return c.json({ error: bodyResult.error.issues[0]?.message ?? "Invalid request" }, 400);
-      const { url, screenshot, screenshotDevice, extractBranding, downloadMedia, mediaTypes, allowLocal } = bodyResult.data;
+      const { url, screenshot: screenshot2, screenshotDevice, extractBranding, downloadMedia, mediaTypes, allowLocal } = bodyResult.data;
       if (!allowLocal) {
         const checked = await validatePublicHttpUrl(url, { field: "URL" });
         if (checked.error || !checked.parsed) return c.json({ error: checked.error ?? "Invalid URL" }, 400);
@@ -17807,7 +18609,7 @@ var init_server = __esm({
         const device = screenshotDevice === "mobile" ? "mobile" : "desktop";
         const [result, pageData] = await Promise.all([
           extractKpo({ url: canonicalUrl, kernelApiKey }),
-          screenshot || extractBranding ? capturePageData(canonicalUrl, { kernelApiKey, device, screenshot: !!screenshot, branding: !!extractBranding }).catch(() => null) : null
+          screenshot2 || extractBranding ? capturePageData(canonicalUrl, { kernelApiKey, device, screenshot: !!screenshot2, branding: !!extractBranding }).catch(() => null) : null
         ]);
         const screenshotBuf = pageData?.screenshot ?? null;
         const brandingData = pageData?.branding ?? null;
@@ -17825,7 +18627,7 @@ var init_server = __esm({
         return c.json({ error: msg }, 500);
       }
     });
-    app.post("/map-urls", auth, async (c) => {
+    app.post("/map-urls", auth2, async (c) => {
       const raw = await c.req.json().catch(() => ({}));
       const bodyResult = MapUrlsBodySchema.safeParse(raw);
       if (!bodyResult.success) return c.json({ error: bodyResult.error.issues[0]?.message ?? "Invalid request" }, 400);
@@ -17865,7 +18667,7 @@ var init_server = __esm({
         return c.json({ error: msg }, 500);
       }
     });
-    app.post("/extract-site", auth, async (c) => {
+    app.post("/extract-site", auth2, async (c) => {
       const raw = await c.req.json().catch(() => ({}));
       const bodyResult = ExtractSiteBodySchema.safeParse(raw);
       if (!bodyResult.success) return c.json({ error: bodyResult.error.issues[0]?.message ?? "Invalid request" }, 400);
@@ -17987,7 +18789,7 @@ var init_server = __esm({
       await setConcurrencySubId(user.id, null);
       return c.json({ ok: true, concurrency_limit: user.extra_concurrency_slots });
     });
-    app.get("/billing/balance", auth, async (c) => {
+    app.get("/billing/balance", auth2, async (c) => {
       const user = c.get("user");
       const balanceMc = await reconcileBalanceMc(user.id);
       const ledger = await getLedger(user.id, 20);
@@ -17999,7 +18801,7 @@ var init_server = __esm({
         ledger
       });
     });
-    app.post("/billing/credits", auth, async (c) => {
+    app.post("/billing/credits", auth2, async (c) => {
       const user = c.get("user");
       const balanceMc = await reconcileBalanceMc(user.id);
       const body = await c.req.json().catch(() => ({}));
@@ -18036,7 +18838,7 @@ var init_server = __esm({
       ]);
       return c.json({ drained: results.length, results, sweepResult });
     });
-    app.on(["GET", "POST", "PUT"], "/api/inngest", (0, import_hono10.serve)({ client: inngest, functions: [siteAuditFn] }));
+    app.on(["GET", "POST", "PUT"], "/api/inngest", (0, import_hono11.serve)({ client: inngest, functions: [siteAuditFn] }));
     app.route("/api/internal/site-architecture-auditor", siteAuditApp);
     app.route("/youtube", youtubeApp);
     app.route("/screenshot", screenshotApp);
@@ -18044,6 +18846,9 @@ var init_server = __esm({
     app.route("/maps", mapsApp);
     app.route("/serp-intelligence", serpIntelligenceApp);
     app.route("/mcp", mcpApp);
+    app.route("/agent", buildBrowserAgentRoutes());
+    app.get("/console", (c) => c.html(renderConsoleHtml()));
+    app.get("/console/:id", (c) => c.html(renderConsoleHtml(c.req.param("id"))));
     app.route("/stripe", stripeApp);
     if (!process.env.INNGEST_EVENT_KEY) {
       startSiteAuditWorker();