mcp-scraper 0.1.9 → 0.2.0

package/dist/{server-MTXAJG5J.js → server-ASCMKUQ5.js}

@@ -6,10 +6,12 @@ import {
   configureReportSaving,
   harvestTimeoutBudget,
   liveWebToolAnnotations
-} from "./chunk-JNC32DMS.js";
+} from "./chunk-BMVQB3WN.js";
+import "./chunk-2BS7BUEE.js";
 import {
   BALANCE_PACK_LABELS,
   BALANCE_PRICE_IDS,
+  BROWSER_OPEN_MIN_BALANCE_MC,
   CONCURRENCY_PRICE_ID,
   CREDIT_COST_CATALOG,
   FREE_MONTHLY_REFRESH_MC,
@@ -17,12 +19,13 @@ import {
   LedgerOperation,
   MC_COSTS,
   MC_PER_CREDIT,
+  browserActiveCostMc,
   classifyHarvestProblem,
   createHarvestAttemptRecorder,
   harvestProblemResponse,
   insufficientBalanceResponse,
   serializeHarvestProblem
-} from "./chunk-ZK456YXN.js";
+} from "./chunk-GXBT5CDU.js";
 import {
   BrowserDriver,
   MapsPlaceOptionsSchema,
@@ -3497,8 +3500,8 @@ import { chromium } from "playwright";
 async function fetchWithKernel(url) {
   const apiKey = browserServiceApiKey();
   if (!apiKey) throw new Error("Browser backend API key not set");
-  const client = new Kernel({ apiKey });
-  const kb = await client.browsers.create({ stealth: true, timeout_seconds: 60 });
+  const client2 = new Kernel({ apiKey });
+  const kb = await client2.browsers.create({ stealth: true, timeout_seconds: 60 });
   const browser = await chromium.connectOverCDP(kb.cdp_ws_url);
   try {
     const context = browser.contexts()[0] ?? await browser.newContext({
@@ -3511,7 +3514,7 @@ async function fetchWithKernel(url) {
   } finally {
     await browser.close().catch(() => {
     });
-    await client.browsers.deleteByID(kb.session_id).catch(() => {
+    await client2.browsers.deleteByID(kb.session_id).catch(() => {
     });
   }
 }
@@ -4843,7 +4846,7 @@ async function extractSite(opts) {
 }
 
 // src/api/server.ts
-import { Hono as Hono9 } from "hono";
+import { Hono as Hono10 } from "hono";
 import { serve as serveInngest } from "inngest/hono";
 
 // src/inngest/client.ts
@@ -8532,13 +8535,13 @@ var FacebookAdExtractor = class {
     }
     await page.waitForTimeout(1500);
     let prevCount = 0;
-    for (let scroll = 0; scroll < 20; scroll++) {
+    for (let scroll2 = 0; scroll2 < 20; scroll2++) {
       const count = await page.evaluate(() => {
         const bt = document.body ? document.body.innerText ?? "" : "";
         return [...bt.matchAll(/Library ID/g)].length;
       });
       if (count >= maxAds) break;
-      if (count === prevCount && scroll > 0) break;
+      if (count === prevCount && scroll2 > 0) break;
       prevCount = count;
       await page.evaluate(() => {
         if (document.body) window.scrollTo(0, document.body.scrollHeight);
@@ -9184,7 +9187,7 @@ facebookAdApp.post("/search", createApiKeyAuth(), async (c) => {
       return c.json(searchResult2);
     }
     await page.waitForTimeout(1500);
-    for (let scroll = 0; scroll < 3; scroll++) {
+    for (let scroll2 = 0; scroll2 < 3; scroll2++) {
       await page.evaluate(() => {
         if (document.body) window.scrollTo(0, document.body.scrollHeight);
       });
@@ -10952,11 +10955,767 @@ mcpApp.all("/", async (c) => {
   }
 });
 
+// src/api/browser-agent-routes.ts
+import { Hono as Hono8 } from "hono";
+
+// src/api/browser-agent-db.ts
+import { randomUUID } from "crypto";
+var _ready = false;
+async function migrateBrowserAgent() {
+  if (_ready) return;
+  const db = getDb();
+  await db.execute(`
+    CREATE TABLE IF NOT EXISTS browser_agent_sessions (
+      id                  TEXT PRIMARY KEY,
+      runtime_session_id  TEXT NOT NULL,
+      live_view_url       TEXT,
+      cdp_ws_url          TEXT NOT NULL,
+      status              TEXT NOT NULL DEFAULT 'open',
+      label               TEXT,
+      user_id             INTEGER,
+      created_at          TEXT NOT NULL DEFAULT (datetime('now')),
+      closed_at           TEXT,
+      last_action_at      TEXT,
+      active_ms           INTEGER NOT NULL DEFAULT 0,
+      billed_mc           INTEGER NOT NULL DEFAULT 0
+    )
+  `);
+  await db.execute(`CREATE INDEX IF NOT EXISTS browser_agent_sessions_status ON browser_agent_sessions(status)`);
+  await db.execute(`CREATE INDEX IF NOT EXISTS browser_agent_sessions_user ON browser_agent_sessions(user_id)`);
+  await db.execute(`
+    CREATE TABLE IF NOT EXISTS browser_agent_actions (
+      id          TEXT PRIMARY KEY,
+      session_id  TEXT NOT NULL,
+      type        TEXT NOT NULL,
+      params_json TEXT,
+      ok          INTEGER NOT NULL DEFAULT 1,
+      error       TEXT,
+      created_at  TEXT NOT NULL DEFAULT (datetime('now'))
+    )
+  `);
+  await db.execute(`CREATE INDEX IF NOT EXISTS browser_agent_actions_session ON browser_agent_actions(session_id)`);
+  await db.execute(`
+    CREATE TABLE IF NOT EXISTS browser_agent_replays (
+      replay_id  TEXT PRIMARY KEY,
+      session_id TEXT NOT NULL,
+      view_url   TEXT,
+      label      TEXT,
+      started_at TEXT NOT NULL DEFAULT (datetime('now')),
+      stopped_at TEXT
+    )
+  `);
+  await db.execute(`CREATE INDEX IF NOT EXISTS browser_agent_replays_session ON browser_agent_replays(session_id)`);
+  _ready = true;
+}
+async function createSessionRow(input) {
+  const db = getDb();
+  const id = `bas_${randomUUID().replace(/-/g, "").slice(0, 20)}`;
+  await db.execute({
+    sql: `INSERT INTO browser_agent_sessions (id, runtime_session_id, live_view_url, cdp_ws_url, status, label, user_id, last_action_at)
+          VALUES (?, ?, ?, ?, 'open', ?, ?, datetime('now'))`,
+    args: [id, input.runtimeSessionId, input.liveViewUrl, input.cdpWsUrl, input.label, input.userId]
+  });
+  const row = await getSessionRow(id);
+  if (!row) throw new Error("session insert failed");
+  return row;
+}
+async function getSessionRow(id) {
+  const db = getDb();
+  const res = await db.execute({ sql: `SELECT * FROM browser_agent_sessions WHERE id = ?`, args: [id] });
+  return res.rows[0] ?? null;
+}
+async function listSessionRows(userId, includeClosed = false) {
+  const db = getDb();
+  const clauses = [];
+  const args = [];
+  if (userId != null) {
+    clauses.push("(user_id = ? OR user_id IS NULL)");
+    args.push(userId);
+  }
+  if (!includeClosed) clauses.push(`status = 'open'`);
+  const where = clauses.length ? `WHERE ${clauses.join(" AND ")}` : "";
+  const res = await db.execute({
+    sql: `SELECT * FROM browser_agent_sessions ${where} ORDER BY created_at DESC LIMIT 100`,
+    args
+  });
+  return res.rows;
+}
+async function addActiveMs(id, deltaMs) {
+  const db = getDb();
+  await db.execute({
+    sql: `UPDATE browser_agent_sessions SET active_ms = active_ms + ?, last_action_at = datetime('now') WHERE id = ?`,
+    args: [Math.max(0, Math.round(deltaMs)), id]
+  });
+  const res = await db.execute({ sql: `SELECT active_ms, billed_mc FROM browser_agent_sessions WHERE id = ?`, args: [id] });
+  const row = res.rows[0];
+  return { active_ms: Number(row?.active_ms ?? 0), billed_mc: Number(row?.billed_mc ?? 0) };
+}
+async function setBilledMc(id, billedMc) {
+  const db = getDb();
+  await db.execute({
+    sql: `UPDATE browser_agent_sessions SET billed_mc = ? WHERE id = ?`,
+    args: [Math.round(billedMc), id]
+  });
+}
+async function markSessionClosed(id) {
+  const db = getDb();
+  await db.execute({
+    sql: `UPDATE browser_agent_sessions SET status = 'closed', closed_at = datetime('now') WHERE id = ?`,
+    args: [id]
+  });
+}
+async function recordAction(input) {
+  const db = getDb();
+  await db.execute({
+    sql: `INSERT INTO browser_agent_actions (id, session_id, type, params_json, ok, error)
+          VALUES (?, ?, ?, ?, ?, ?)`,
+    args: [
+      `baa_${randomUUID().replace(/-/g, "").slice(0, 20)}`,
+      input.sessionId,
+      input.type,
+      input.params == null ? null : JSON.stringify(input.params),
+      input.ok ? 1 : 0,
+      input.error ?? null
+    ]
+  });
+}
+async function recordReplayStart(input) {
+  const db = getDb();
+  await db.execute({
+    sql: `INSERT INTO browser_agent_replays (replay_id, session_id, view_url, label)
+          VALUES (?, ?, ?, ?)`,
+    args: [input.replayId, input.sessionId, input.viewUrl, input.label]
+  });
+}
+async function recordReplayStop(replayId, viewUrl) {
+  const db = getDb();
+  await db.execute({
+    sql: `UPDATE browser_agent_replays SET stopped_at = datetime('now'), view_url = COALESCE(?, view_url) WHERE replay_id = ?`,
+    args: [viewUrl, replayId]
+  });
+}
+async function listReplayRows(sessionId) {
+  const db = getDb();
+  const res = await db.execute({
+    sql: `SELECT * FROM browser_agent_replays WHERE session_id = ? ORDER BY started_at DESC`,
+    args: [sessionId]
+  });
+  return res.rows;
+}
+
+// src/services/browser-agent/browser-agent-service.ts
+import Kernel3 from "@onkernel/sdk";
+import { chromium as playwrightChromium } from "playwright";
+var DEFAULT_TIMEOUT_SECONDS = 600;
+function client() {
+  const apiKey = browserServiceApiKey();
+  if (!apiKey) throw new Error("Browser backend API key is required");
+  return new Kernel3({ apiKey });
+}
+async function createSession(opts = {}) {
+  const k = client();
+  const resolvedProxyId = opts.proxyId ?? browserServiceProxyId();
+  const browser = await k.browsers.create({
+    stealth: opts.stealth ?? true,
+    timeout_seconds: opts.timeoutSeconds ?? DEFAULT_TIMEOUT_SECONDS,
+    ...resolvedProxyId ? { proxy_id: resolvedProxyId } : {},
+    ...opts.profileName ? { profile: { name: opts.profileName } } : {}
+  });
+  const runtimeSessionId = browser.session_id;
+  if (opts.disableDefaultProxy) {
+    try {
+      await k.browsers.update(runtimeSessionId, { disable_default_proxy: true });
+    } catch {
+    }
+  }
+  if (opts.viewport) {
+    try {
+      await k.browsers.update(runtimeSessionId, { viewport: opts.viewport });
+    } catch {
+    }
+  }
+  return {
+    runtimeSessionId,
+    liveViewUrl: browser.browser_live_view_url ?? null,
+    cdpWsUrl: browser.cdp_ws_url
+  };
+}
+async function closeSession(runtimeSessionId) {
+  const k = client();
+  await k.browsers.deleteByID(runtimeSessionId);
+}
+async function screenshot(runtimeSessionId) {
+  const k = client();
+  const res = await k.browsers.computer.captureScreenshot(runtimeSessionId);
+  const buf = Buffer.from(await res.arrayBuffer());
+  return { base64: buf.toString("base64"), mimeType: "image/png" };
+}
+async function click(runtimeSessionId, x, y, opts = {}) {
+  const k = client();
+  await k.browsers.computer.clickMouse(runtimeSessionId, {
+    x,
+    y,
+    button: opts.button ?? "left",
+    ...opts.numClicks ? { num_clicks: opts.numClicks } : {}
+  });
+}
+async function typeText(runtimeSessionId, text, delayMs) {
+  const k = client();
+  await k.browsers.computer.typeText(runtimeSessionId, {
+    text,
+    ...typeof delayMs === "number" ? { delay: delayMs } : {}
+  });
+}
+async function scroll(runtimeSessionId, x, y, deltaX, deltaY) {
+  const k = client();
+  await k.browsers.computer.scroll(runtimeSessionId, { x, y, delta_x: deltaX, delta_y: deltaY });
+}
+async function pressKeys(runtimeSessionId, keys) {
+  const k = client();
+  await k.browsers.computer.pressKey(runtimeSessionId, { keys });
+}
+async function goto(cdpWsUrl, url) {
+  const browser = await playwrightChromium.connectOverCDP(cdpWsUrl);
+  try {
+    const context = browser.contexts()[0] ?? await browser.newContext();
+    const page = context.pages()[0] ?? await context.newPage();
+    await page.goto(url, { waitUntil: "domcontentloaded", timeout: 45e3 });
+    return { url: page.url(), title: await page.title() };
+  } finally {
+    await browser.close().catch(() => {
+    });
+  }
+}
+async function readPage(cdpWsUrl) {
+  const browser = await playwrightChromium.connectOverCDP(cdpWsUrl);
+  try {
+    const context = browser.contexts()[0] ?? await browser.newContext();
+    const page = context.pages()[0] ?? await context.newPage();
+    const url = page.url();
+    const title = await page.title().catch(() => "");
+    const data = await page.evaluate(() => {
+      const SEL = 'a[href], button, input, textarea, select, [role="button"], [role="link"], [role="tab"], [onclick]';
+      const out = [];
+      const nodes = Array.from(document.querySelectorAll(SEL)).slice(0, 120);
+      for (const el2 of nodes) {
+        const r = el2.getBoundingClientRect();
+        if (r.width < 1 || r.height < 1) continue;
+        if (r.bottom < 0 || r.top > window.innerHeight) continue;
+        const e = el2;
+        const name = (e.getAttribute("aria-label") || e.placeholder || e.innerText || e.getAttribute("value") || e.getAttribute("title") || "").trim().replace(/\s+/g, " ").slice(0, 80);
+        out.push({
+          role: el2.getAttribute("role") || el2.tagName.toLowerCase(),
+          name,
+          x: Math.round(r.left + r.width / 2),
+          y: Math.round(r.top + r.height / 2)
+        });
+      }
+      const text = (document.body?.innerText || "").replace(/\n{3,}/g, "\n\n").trim().slice(0, 6e3);
+      return { text, els: out };
+    });
+    return {
+      url,
+      title,
+      text: data.text,
+      elements: data.els.map((e, i) => ({ ref: i + 1, role: e.role, name: e.name, x: e.x, y: e.y }))
+    };
+  } finally {
+    await browser.close().catch(() => {
+    });
+  }
+}
+async function replayStart(runtimeSessionId) {
+  const k = client();
+  const res = await k.browsers.replays.start(runtimeSessionId);
+  return { replayId: res.replay_id, viewUrl: res.replay_view_url ?? null };
+}
+async function replayStop(runtimeSessionId, replayId) {
+  const k = client();
+  await k.browsers.replays.stop(replayId, { id: runtimeSessionId });
+}
+async function replayList(runtimeSessionId) {
+  const k = client();
+  const res = await k.browsers.replays.list(runtimeSessionId);
+  return res.map((r) => ({
+    replayId: r.replay_id,
+    viewUrl: r.replay_view_url ?? null,
+    startedAt: r.started_at ?? null,
+    finishedAt: r.finished_at ?? null
+  }));
+}
+
+// src/api/browser-agent-routes.ts
+var auth = createApiKeyAuth();
+async function charge(sessionId, userId, startedAtMs) {
+  const elapsedMs = Date.now() - startedAtMs;
+  const { active_ms, billed_mc } = await addActiveMs(sessionId, elapsedMs);
+  const owed = browserActiveCostMc(active_ms);
+  const delta = owed - billed_mc;
+  if (delta > 0) {
+    const res = await debitMc(userId, delta, LedgerOperation.BROWSER_SESSION, sessionId);
+    if (res.ok) await setBilledMc(sessionId, owed);
+  }
+}
+function publicSession(row) {
+  return {
+    session_id: row.id,
+    status: row.status,
+    label: row.label,
+    created_at: row.created_at,
+    last_action_at: row.last_action_at,
+    closed_at: row.closed_at,
+    active_seconds: Math.round((row.active_ms ?? 0) / 1e3),
+    credits_used: Math.round((row.billed_mc ?? 0) / 10) / 100
+  };
+}
+function failure(err) {
+  const msg = err instanceof Error ? err.message : String(err);
+  return { error: sanitizeVendorName(msg) };
+}
+async function loadOpenSession(id, userId) {
+  const row = await getSessionRow(id);
+  if (!row) return null;
+  if (row.user_id != null && row.user_id !== userId) return null;
+  return row;
+}
+function buildBrowserAgentRoutes() {
+  const app2 = new Hono8();
+  app2.use("*", async (c, next) => {
+    await migrateBrowserAgent();
+    return next();
+  });
+  app2.use("*", auth);
+  app2.post("/sessions", async (c) => {
+    const user = c.get("user");
+    if (Number(user.balance_mc ?? 0) < BROWSER_OPEN_MIN_BALANCE_MC) {
+      return c.json(insufficientBalanceResponse(Number(user.balance_mc ?? 0), BROWSER_OPEN_MIN_BALANCE_MC), 402);
+    }
+    const body = await c.req.json().catch(() => ({}));
+    try {
+      const created = await createSession({
+        timeoutSeconds: typeof body.timeout_seconds === "number" ? body.timeout_seconds : void 0,
+        proxyId: typeof body.proxy_id === "string" ? body.proxy_id : void 0,
+        profileName: typeof body.profile === "string" ? body.profile : void 0,
+        disableDefaultProxy: body.disable_default_proxy === true,
+        viewport: body.viewport && typeof body.viewport === "object" ? body.viewport : void 0
+      });
+      const row = await createSessionRow({
+        runtimeSessionId: created.runtimeSessionId,
+        liveViewUrl: created.liveViewUrl,
+        cdpWsUrl: created.cdpWsUrl,
+        label: typeof body.label === "string" ? body.label : null,
+        userId: user.id
+      });
+      return c.json({ ...publicSession(row), watch_url: `/console/${row.id}` });
+    } catch (err) {
+      return c.json(failure(err), 502);
+    }
+  });
+  app2.get("/sessions", async (c) => {
+    const user = c.get("user");
+    const includeClosed = c.req.query("all") === "1";
+    const rows = await listSessionRows(user.id, includeClosed);
+    return c.json({ sessions: rows.map(publicSession) });
+  });
+  app2.get("/sessions/:id", async (c) => {
+    const user = c.get("user");
+    const row = await loadOpenSession(c.req.param("id"), user.id);
+    if (!row) return c.json({ error: "not found" }, 404);
+    return c.json({ ...publicSession(row), watch_url: `/console/${row.id}` });
+  });
+  app2.get("/sessions/:id/live-view", async (c) => {
+    const user = c.get("user");
+    const row = await loadOpenSession(c.req.param("id"), user.id);
+    if (!row) return c.json({ error: "not found" }, 404);
+    return c.json({ live_view_url: row.live_view_url });
+  });
+  app2.delete("/sessions/:id", async (c) => {
+    const user = c.get("user");
+    const row = await loadOpenSession(c.req.param("id"), user.id);
+    if (!row) return c.json({ error: "not found" }, 404);
+    try {
+      await closeSession(row.runtime_session_id);
+    } catch {
+    }
+    await markSessionClosed(row.id);
+    return c.json({ ok: true });
+  });
+  app2.post("/sessions/:id/goto", async (c) => {
+    const user = c.get("user");
+    const row = await loadOpenSession(c.req.param("id"), user.id);
+    if (!row) return c.json({ error: "not found" }, 404);
+    const body = await c.req.json().catch(() => ({}));
+    const url = typeof body.url === "string" ? body.url : "";
+    if (!url) return c.json({ error: "url is required" }, 400);
+    const t0 = Date.now();
+    try {
+      const result = await goto(row.cdp_ws_url, url);
+      await charge(row.id, user.id, t0);
+      await recordAction({ sessionId: row.id, type: "goto", params: { url }, ok: true });
+      return c.json(result);
+    } catch (err) {
+      await charge(row.id, user.id, t0);
+      await recordAction({ sessionId: row.id, type: "goto", params: { url }, ok: false, error: String(err) });
+      return c.json(failure(err), 502);
+    }
+  });
+  app2.post("/sessions/:id/screenshot", async (c) => {
+    const user = c.get("user");
+    const row = await loadOpenSession(c.req.param("id"), user.id);
+    if (!row) return c.json({ error: "not found" }, 404);
+    const t0 = Date.now();
+    try {
+      const shot = await screenshot(row.runtime_session_id);
+      let page = null;
+      try {
+        page = await readPage(row.cdp_ws_url);
+      } catch {
+        page = null;
+      }
+      await charge(row.id, user.id, t0);
+      await recordAction({ sessionId: row.id, type: "screenshot", params: null, ok: true });
+      return c.json({
+        image_base64: shot.base64,
+        mime_type: shot.mimeType,
+        url: page?.url ?? null,
+        title: page?.title ?? null,
+        elements: page?.elements ?? [],
+        text: page?.text ?? null
+      });
+    } catch (err) {
+      await charge(row.id, user.id, t0);
+      await recordAction({ sessionId: row.id, type: "screenshot", params: null, ok: false, error: String(err) });
+      return c.json(failure(err), 502);
+    }
+  });
+  app2.post("/sessions/:id/read", async (c) => {
+    const user = c.get("user");
+    const row = await loadOpenSession(c.req.param("id"), user.id);
+    if (!row) return c.json({ error: "not found" }, 404);
+    const t0 = Date.now();
+    try {
+      const page = await readPage(row.cdp_ws_url);
+      await charge(row.id, user.id, t0);
+      await recordAction({ sessionId: row.id, type: "read", params: null, ok: true });
+      return c.json(page);
+    } catch (err) {
+      await charge(row.id, user.id, t0);
+      return c.json(failure(err), 502);
+    }
+  });
+  app2.post("/sessions/:id/click", async (c) => {
+    const user = c.get("user");
+    const row = await loadOpenSession(c.req.param("id"), user.id);
+    if (!row) return c.json({ error: "not found" }, 404);
+    const body = await c.req.json().catch(() => ({}));
+    const x = Number(body.x);
+    const y = Number(body.y);
+    if (!Number.isFinite(x) || !Number.isFinite(y)) return c.json({ error: "x and y are required" }, 400);
+    const t0 = Date.now();
+    try {
+      await click(row.runtime_session_id, x, y, {
+        button: body.button === "right" || body.button === "middle" ? body.button : "left",
+        numClicks: typeof body.num_clicks === "number" ? body.num_clicks : void 0
+      });
+      await charge(row.id, user.id, t0);
+      await recordAction({ sessionId: row.id, type: "click", params: { x, y }, ok: true });
+      return c.json({ ok: true });
+    } catch (err) {
+      await charge(row.id, user.id, t0);
+      await recordAction({ sessionId: row.id, type: "click", params: { x, y }, ok: false, error: String(err) });
+      return c.json(failure(err), 502);
+    }
+  });
+  app2.post("/sessions/:id/type", async (c) => {
+    const user = c.get("user");
+    const row = await loadOpenSession(c.req.param("id"), user.id);
+    if (!row) return c.json({ error: "not found" }, 404);
+    const body = await c.req.json().catch(() => ({}));
+    const text = typeof body.text === "string" ? body.text : "";
+    if (!text) return c.json({ error: "text is required" }, 400);
+    const t0 = Date.now();
+    try {
+      await typeText(row.runtime_session_id, text, typeof body.delay === "number" ? body.delay : void 0);
+      await charge(row.id, user.id, t0);
+      await recordAction({ sessionId: row.id, type: "type", params: { length: text.length }, ok: true });
+      return c.json({ ok: true });
+    } catch (err) {
+      await charge(row.id, user.id, t0);
+      return c.json(failure(err), 502);
+    }
+  });
+  app2.post("/sessions/:id/scroll", async (c) => {
+    const user = c.get("user");
+    const row = await loadOpenSession(c.req.param("id"), user.id);
+    if (!row) return c.json({ error: "not found" }, 404);
+    const body = await c.req.json().catch(() => ({}));
+    const x = typeof body.x === "number" ? body.x : 640;
+    const y = typeof body.y === "number" ? body.y : 400;
+    const deltaX = typeof body.delta_x === "number" ? body.delta_x : 0;
+    const deltaY = typeof body.delta_y === "number" ? body.delta_y : 5;
+    const t0 = Date.now();
+    try {
+      await scroll(row.runtime_session_id, x, y, deltaX, deltaY);
+      await charge(row.id, user.id, t0);
+      await recordAction({ sessionId: row.id, type: "scroll", params: { deltaX, deltaY }, ok: true });
+      return c.json({ ok: true });
+    } catch (err) {
+      await charge(row.id, user.id, t0);
+      return c.json(failure(err), 502);
+    }
+  });
+  app2.post("/sessions/:id/press", async (c) => {
+    const user = c.get("user");
+    const row = await loadOpenSession(c.req.param("id"), user.id);
+    if (!row) return c.json({ error: "not found" }, 404);
+    const body = await c.req.json().catch(() => ({}));
+    const keys = Array.isArray(body.keys) ? body.keys.map(String) : [];
+    if (!keys.length) return c.json({ error: "keys is required" }, 400);
+    const t0 = Date.now();
+    try {
+      await pressKeys(row.runtime_session_id, keys);
+      await charge(row.id, user.id, t0);
+      await recordAction({ sessionId: row.id, type: "press", params: { keys }, ok: true });
+      return c.json({ ok: true });
+    } catch (err) {
+      await charge(row.id, user.id, t0);
+      return c.json(failure(err), 502);
+    }
+  });
+  app2.post("/sessions/:id/replay/start", async (c) => {
+    const user = c.get("user");
+    const row = await loadOpenSession(c.req.param("id"), user.id);
+    if (!row) return c.json({ error: "not found" }, 404);
+    const body = await c.req.json().catch(() => ({}));
+    try {
+      const started = await replayStart(row.runtime_session_id);
+      await recordReplayStart({
+        sessionId: row.id,
+        replayId: started.replayId,
+        viewUrl: started.viewUrl,
+        label: typeof body.label === "string" ? body.label : null
+      });
+      return c.json({ replay_id: started.replayId });
+    } catch (err) {
+      return c.json(failure(err), 502);
+    }
+  });
+  app2.post("/sessions/:id/replay/stop", async (c) => {
+    const user = c.get("user");
+    const row = await loadOpenSession(c.req.param("id"), user.id);
+    if (!row) return c.json({ error: "not found" }, 404);
+    const body = await c.req.json().catch(() => ({}));
+    const replayId = typeof body.replay_id === "string" ? body.replay_id : "";
+    if (!replayId) return c.json({ error: "replay_id is required" }, 400);
+    try {
+      await replayStop(row.runtime_session_id, replayId);
+      let viewUrl = null;
+      try {
+        const all = await replayList(row.runtime_session_id);
+        viewUrl = all.find((r) => r.replayId === replayId)?.viewUrl ?? null;
+      } catch {
+        viewUrl = null;
+      }
+      await recordReplayStop(replayId, viewUrl);
+      return c.json({ ok: true });
+    } catch (err) {
+      return c.json(failure(err), 502);
+    }
+  });
+  app2.get("/sessions/:id/replays", async (c) => {
+    const user = c.get("user");
+    const row = await loadOpenSession(c.req.param("id"), user.id);
+    if (!row) return c.json({ error: "not found" }, 404);
+    const rows = await listReplayRows(row.id);
+    return c.json({
+      replays: rows.map((r) => ({
+        replay_id: r.replay_id,
+        view_url: r.view_url,
+        label: r.label,
+        started_at: r.started_at,
+        stopped_at: r.stopped_at
+      }))
+    });
+  });
+  return app2;
+}
+
+// src/api/browser-agent-console.ts
+function renderConsoleHtml(initialSessionId) {
+  const initial = JSON.stringify(initialSessionId ?? "");
+  return `<!DOCTYPE html>
+<html lang="en">
+<head>
+<meta charset="UTF-8" />
+<meta name="viewport" content="width=device-width, initial-scale=1.0" />
+<title>Browser Agent Console</title>
+<style>
+  :root { color-scheme: dark; }
+  :where(*) { box-sizing: border-box; }
+  body { margin: 0; font: 14px/1.5 ui-sans-serif, system-ui, -apple-system, sans-serif; background: #0b0e14; color: #d7dce5; }
+  header { display: flex; align-items: center; gap: 12px; padding: 10px 16px; border-bottom: 1px solid #1c2230; background: #0f131c; }
+  header h1 { font-size: 15px; margin: 0; font-weight: 600; color: #fff; letter-spacing: .2px; }
+  header .spacer { flex: 1; }
+  input, button, select { font: inherit; }
+  input[type=text], input[type=password], input[type=url] { background: #141925; border: 1px solid #232b3a; color: #e6eaf2; border-radius: 7px; padding: 7px 10px; }
+  button { background: #2b6cff; border: 0; color: #fff; border-radius: 7px; padding: 7px 12px; cursor: pointer; font-weight: 500; }
+  button.ghost { background: #1a2030; color: #cdd5e4; border: 1px solid #28303f; }
+  button:disabled { opacity: .5; cursor: default; }
+  .layout { display: grid; grid-template-columns: 280px 1fr; height: calc(100vh - 53px); }
+  aside { border-right: 1px solid #1c2230; overflow-y: auto; padding: 12px; }
+  aside h2 { font-size: 11px; text-transform: uppercase; letter-spacing: .08em; color: #6b7689; margin: 4px 4px 10px; }
+  .sess { padding: 9px 10px; border-radius: 8px; border: 1px solid #1c2230; margin-bottom: 8px; cursor: pointer; }
+  .sess:hover { border-color: #2b6cff; }
+  .sess.active { border-color: #2b6cff; background: #131b2e; }
+  .sess .id { font-family: ui-monospace, monospace; font-size: 12px; color: #aeb8cc; }
+  .sess .meta { font-size: 11px; color: #6b7689; margin-top: 3px; }
+  .dot { display: inline-block; width: 7px; height: 7px; border-radius: 50%; margin-right: 5px; }
+  .dot.open { background: #36d399; } .dot.closed { background: #5a6677; }
+  main { display: flex; flex-direction: column; overflow: hidden; }
+  .toolbar { display: flex; align-items: center; gap: 10px; padding: 10px 16px; border-bottom: 1px solid #1c2230; }
+  .toolbar label { font-size: 13px; color: #aeb8cc; display: flex; align-items: center; gap: 6px; }
+  .stage { flex: 1; position: relative; background: #05070b; overflow: auto; }
+  .stage iframe { width: 100%; height: 100%; border: 0; display: block; }
+  .empty { display: flex; align-items: center; justify-content: center; height: 100%; color: #5a6677; flex-direction: column; gap: 10px; }
+  .replays { border-top: 1px solid #1c2230; padding: 10px 16px; max-height: 200px; overflow-y: auto; }
+  .replays h3 { font-size: 11px; text-transform: uppercase; letter-spacing: .08em; color: #6b7689; margin: 0 0 8px; }
+  .replay { display: flex; align-items: center; gap: 10px; padding: 6px 0; font-size: 13px; }
+  .replay a { color: #7aa2ff; }
+  .gate { max-width: 380px; margin: 80px auto; padding: 24px; border: 1px solid #1c2230; border-radius: 12px; background: #0f131c; }
+  .gate h2 { margin: 0 0 6px; font-size: 16px; color: #fff; }
+  .gate p { color: #8893a7; margin: 0 0 16px; }
+  .gate input { width: 100%; margin-bottom: 12px; }
+  .gate button { width: 100%; }
+  .muted { color: #6b7689; font-size: 12px; }
+</style>
+</head>
+<body>
+<div id="app"></div>
+<script>
+const INITIAL_SESSION = ${initial};
+const KEY_STORE = 'browser_agent_api_key';
+let state = { key: localStorage.getItem(KEY_STORE) || '', sessions: [], current: INITIAL_SESSION || null, readOnly: true, liveUrl: null, replays: [] };
+
+function api(method, path, body) {
+  return fetch('/agent' + path, {
+    method,
+    headers: { 'Content-Type': 'application/json', 'x-api-key': state.key },
+    body: body ? JSON.stringify(body) : undefined,
+  }).then(async r => ({ ok: r.ok, data: await r.json().catch(() => ({})) }));
+}
+
+async function refreshSessions() {
+  const r = await api('GET', '/sessions?all=1');
+  if (r.ok) { state.sessions = r.data.sessions || []; render(); }
+}
+
+async function selectSession(id) {
+  state.current = id; state.liveUrl = null; state.replays = [];
+  history.replaceState(null, '', '/console/' + id);
+  render();
+  const live = await api('GET', '/sessions/' + id + '/live-view');
+  state.liveUrl = live.ok ? live.data.live_view_url : null;
+  const reps = await api('GET', '/sessions/' + id + '/replays');
+  state.replays = reps.ok ? (reps.data.replays || []) : [];
+  render();
+}
+
+async function openSession() {
+  const r = await api('POST', '/sessions', { label: 'console' });
+  if (r.ok) { await refreshSessions(); selectSession(r.data.session_id); }
+  else alert('Open failed: ' + JSON.stringify(r.data));
+}
+
+async function closeCurrent() {
+  if (!state.current) return;
+  await api('DELETE', '/sessions/' + state.current);
+  await refreshSessions();
+}
+
+function frameSrc() {
+  if (!state.liveUrl) return null;
+  const sep = state.liveUrl.includes('?') ? '&' : '?';
+  return state.readOnly ? state.liveUrl + sep + 'readOnly=true' : state.liveUrl;
+}
+
+function saveKey(v) { state.key = v.trim(); localStorage.setItem(KEY_STORE, state.key); render(); if (state.key) { refreshSessions(); if (state.current) selectSession(state.current); } }
+
+function h(html) { const t = document.createElement('template'); t.innerHTML = html.trim(); return t.content.firstChild; }
+function esc(s) { return String(s == null ? '' : s).replace(/[&<>"]/g, c => ({ '&': '&amp;', '<': '&lt;', '>': '&gt;', '"': '&quot;' }[c])); }
+
+function render() {
+  const app = document.getElementById('app');
+  app.innerHTML = '';
+  if (!state.key) {
+    app.appendChild(h('<div class="gate"><h2>Browser Agent Console</h2><p>Paste your API key to watch and control browser sessions.</p><input id="k" type="password" placeholder="API key" /><button id="kb">Continue</button></div>'));
+    document.getElementById('kb').onclick = () => saveKey(document.getElementById('k').value);
+    document.getElementById('k').onkeydown = e => { if (e.key === 'Enter') saveKey(e.target.value); };
+    return;
+  }
+  const header = h('<header><h1>Browser Agent</h1><span class="muted">live control + replays</span><span class="spacer"></span><button id="open">+ New Session</button><button class="ghost" id="logout">Forget key</button></header>');
+  app.appendChild(header);
+  document.getElementById('open').onclick = openSession;
+  document.getElementById('logout').onclick = () => saveKey('');
+
+  const layout = h('<div class="layout"></div>');
+  const aside = h('<aside><h2>Sessions</h2></aside>');
+  if (!state.sessions.length) aside.appendChild(h('<div class="muted" style="padding:4px">No sessions yet.</div>'));
+  for (const s of state.sessions) {
+    const el = h('<div class="sess ' + (s.session_id === state.current ? 'active' : '') + '"><div class="id">' + esc(s.session_id) + '</div><div class="meta"><span class="dot ' + esc(s.status) + '"></span>' + esc(s.status) + (s.label ? ' \xB7 ' + esc(s.label) : '') + '</div></div>');
+    el.onclick = () => selectSession(s.session_id);
+    aside.appendChild(el);
+  }
+  layout.appendChild(aside);
+
+  const main = h('<main></main>');
+  if (!state.current) {
+    main.appendChild(h('<div class="empty"><div>Select or open a session to watch.</div></div>'));
+  } else {
+    const tb = h('<div class="toolbar"><label><input type="checkbox" id="ro" ' + (state.readOnly ? 'checked' : '') + ' /> Read-only (uncheck to take control)</label><span class="spacer"></span><button class="ghost" id="reload">Reload view</button><button class="ghost" id="close">Close session</button></div>');
+    main.appendChild(tb);
+    const stage = h('<div class="stage"></div>');
+    const src = frameSrc();
+    if (src) {
+      const f = h('<iframe allow="autoplay; clipboard-read; clipboard-write" src="' + esc(src) + '"></iframe>');
+      stage.appendChild(f);
+    } else {
+      stage.appendChild(h('<div class="empty"><div>Live view unavailable for this session.</div><div class="muted">It may be closed or still starting.</div></div>'));
+    }
+    main.appendChild(stage);
+
+    const rep = h('<div class="replays"><h3>Replays</h3></div>');
+    if (!state.replays.length) rep.appendChild(h('<div class="muted">No replays recorded.</div>'));
+    for (const r of state.replays) {
+      const status = r.stopped_at ? 'ready' : 'recording\u2026';
+      const link = r.view_url ? '<a href="' + esc(r.view_url) + '" target="_blank" rel="noopener">view mp4</a>' : '<span class="muted">' + status + '</span>';
+      rep.appendChild(h('<div class="replay"><span class="muted">' + esc(r.started_at || '') + '</span><span class="spacer"></span>' + link + '</div>'));
+    }
+    main.appendChild(rep);
+
+    layout.appendChild(main);
+  }
+  app.appendChild(layout);
+
+  const ro = document.getElementById('ro');
+  if (ro) ro.onchange = e => { state.readOnly = e.target.checked; render(); };
+  const reload = document.getElementById('reload');
+  if (reload) reload.onclick = () => selectSession(state.current);
+  const close = document.getElementById('close');
+  if (close) close.onclick = closeCurrent;
+}
+
+render();
+if (state.key) { refreshSessions(); if (state.current) selectSession(state.current); }
+</script>
+</body>
+</html>`;
+}
+
 // src/api/stripe-routes.ts
 import Stripe from "stripe";
-import { Hono as Hono8 } from "hono";
+import { Hono as Hono9 } from "hono";
 var stripe = new Stripe(process.env.STRIPE_SECRET_KEY, { apiVersion: "2026-02-25.clover" });
-var stripeApp = new Hono8();
+var stripeApp = new Hono9();
 stripeApp.post("/webhooks", async (c) => {
   const sig = c.req.header("stripe-signature");
   const body = await c.req.text();
@@ -11253,7 +12012,7 @@ var requireAllowedOrigin = createMiddleware3(async (c, next) => {
   if (!configuredOrigins().has(origin)) return c.json({ error: "Origin not allowed" }, 403);
   return next();
 });
-var auth = createMiddleware3(async (c, next) => {
+var auth2 = createMiddleware3(async (c, next) => {
   const key = c.req.header("x-api-key");
   if (!key) return c.json({ error: "Missing API key" }, 401);
   const user = await getUserByApiKey(key);
@@ -11282,7 +12041,7 @@ var sessionAuth = createMiddleware3(async (c, next) => {
   c.set("sessionUser", { ...refreshed, balance_mc: balanceMc });
   return next();
 });
-var app = new Hono9();
+var app = new Hono10();
 var STRIPE_API_VERSION = "2026-02-25.clover";
 function requireStripeSecret() {
   const secret2 = process.env.STRIPE_SECRET_KEY?.trim();
@@ -11492,7 +12251,7 @@ async function checkHarvestLimits(userId, email, extraSlots = 0) {
   if (active >= limit) return { error: `You have ${active} job${active !== 1 ? "s" : ""} running. Your account allows ${limit} concurrent job${limit !== 1 ? "s" : ""}. Wait for one to finish or add a concurrency slot at mcpscraper.dev/billing.` };
   return null;
 }
-app.post("/harvest", auth, async (c) => {
+app.post("/harvest", auth2, async (c) => {
   const user = c.get("user");
   const raw = await c.req.json().catch(() => ({}));
   const bodyResult = HarvestBodySchema.safeParse(raw);
@@ -11534,7 +12293,7 @@ app.post("/harvest", auth, async (c) => {
   }
   return c.json({ job_id: jobId, status: "pending" }, 202);
 });
-app.post("/harvest/sync", auth, async (c) => {
+app.post("/harvest/sync", auth2, async (c) => {
   const user = c.get("user");
   const raw = await c.req.json().catch(() => ({}));
   const bodyResult = HarvestBodySchema.safeParse(raw);
@@ -11599,17 +12358,17 @@ app.post("/harvest/sync", auth, async (c) => {
     return c.json({ job_id: jobId, status: "failed", ...response, attempts: sanitizeAttempts(attempts) }, problem.httpStatus);
   }
 });
-app.get("/jobs/:id", auth, async (c) => {
+app.get("/jobs/:id", auth2, async (c) => {
   const job = await getJob(c.req.param("id"), c.get("user").id);
   if (!job) return c.json({ error: "Job not found" }, 404);
   const attempts = await listHarvestAttempts(job.id, c.get("user").id);
   const safeResult = job.result && typeof job.result === "object" ? sanitizeHarvestResult(job.result) : job.result;
   return c.json({ ...job, result: safeResult, attempts: sanitizeAttempts(attempts) });
 });
-app.get("/jobs", auth, async (c) => {
+app.get("/jobs", auth2, async (c) => {
   return c.json(await listJobs(c.get("user").id));
 });
-app.get("/history", auth, async (c) => {
+app.get("/history", auth2, async (c) => {
   const userId = c.get("user").id;
   const [jobs, events] = await Promise.all([
     listJobs(userId),
@@ -11639,7 +12398,7 @@ app.get("/history", auth, async (c) => {
   const rows = [...jobRows, ...eventRows].sort((a, b) => String(b.ts).localeCompare(String(a.ts)));
   return c.json(rows.slice(0, 100));
 });
-app.get("/ledger", auth, async (c) => {
+app.get("/ledger", auth2, async (c) => {
   return c.json(await getLedger(c.get("user").id, 100));
 });
 app.post("/admin/users", adminAuth, async (c) => {
@@ -11677,11 +12436,11 @@ app.post("/admin/backfill-signup-credits", adminAuth, async (c) => {
   }
   return c.json({ processed, credited, skipped, users_credited });
 });
-app.post("/extract-url", auth, async (c) => {
+app.post("/extract-url", auth2, async (c) => {
   const raw = await c.req.json().catch(() => ({}));
   const bodyResult = ExtractUrlBodySchema.safeParse(raw);
   if (!bodyResult.success) return c.json({ error: bodyResult.error.issues[0]?.message ?? "Invalid request" }, 400);
-  const { url, screenshot, screenshotDevice, extractBranding, downloadMedia, mediaTypes, allowLocal } = bodyResult.data;
+  const { url, screenshot: screenshot2, screenshotDevice, extractBranding, downloadMedia, mediaTypes, allowLocal } = bodyResult.data;
   if (!allowLocal) {
     const checked = await validatePublicHttpUrl(url, { field: "URL" });
     if (checked.error || !checked.parsed) return c.json({ error: checked.error ?? "Invalid URL" }, 400);
@@ -11707,7 +12466,7 @@ app.post("/extract-url", auth, async (c) => {
     const device = screenshotDevice === "mobile" ? "mobile" : "desktop";
     const [result, pageData] = await Promise.all([
       extractKpo({ url: canonicalUrl, kernelApiKey }),
-      screenshot || extractBranding ? capturePageData(canonicalUrl, { kernelApiKey, device, screenshot: !!screenshot, branding: !!extractBranding }).catch(() => null) : null
+      screenshot2 || extractBranding ? capturePageData(canonicalUrl, { kernelApiKey, device, screenshot: !!screenshot2, branding: !!extractBranding }).catch(() => null) : null
     ]);
     const screenshotBuf = pageData?.screenshot ?? null;
     const brandingData = pageData?.branding ?? null;
@@ -11725,7 +12484,7 @@ app.post("/extract-url", auth, async (c) => {
     return c.json({ error: msg }, 500);
   }
 });
-app.post("/map-urls", auth, async (c) => {
+app.post("/map-urls", auth2, async (c) => {
   const raw = await c.req.json().catch(() => ({}));
   const bodyResult = MapUrlsBodySchema.safeParse(raw);
   if (!bodyResult.success) return c.json({ error: bodyResult.error.issues[0]?.message ?? "Invalid request" }, 400);
@@ -11765,7 +12524,7 @@ app.post("/map-urls", auth, async (c) => {
     return c.json({ error: msg }, 500);
   }
 });
-app.post("/extract-site", auth, async (c) => {
+app.post("/extract-site", auth2, async (c) => {
   const raw = await c.req.json().catch(() => ({}));
   const bodyResult = ExtractSiteBodySchema.safeParse(raw);
   if (!bodyResult.success) return c.json({ error: bodyResult.error.issues[0]?.message ?? "Invalid request" }, 400);
@@ -11887,7 +12646,7 @@ app.post("/billing/concurrency/cancel", requireAllowedOrigin, sessionAuth, async
   await setConcurrencySubId(user.id, null);
   return c.json({ ok: true, concurrency_limit: user.extra_concurrency_slots });
 });
-app.get("/billing/balance", auth, async (c) => {
+app.get("/billing/balance", auth2, async (c) => {
   const user = c.get("user");
   const balanceMc = await reconcileBalanceMc(user.id);
   const ledger = await getLedger(user.id, 20);
@@ -11899,7 +12658,7 @@ app.get("/billing/balance", auth, async (c) => {
     ledger
   });
 });
-app.post("/billing/credits", auth, async (c) => {
+app.post("/billing/credits", auth2, async (c) => {
   const user = c.get("user");
   const balanceMc = await reconcileBalanceMc(user.id);
   const body = await c.req.json().catch(() => ({}));
@@ -11928,7 +12687,7 @@ app.get("/cron/tick", async (c) => {
   if (!process.env.CRON_SECRET || secret2 !== `Bearer ${process.env.CRON_SECRET}`) {
     return c.json({ error: "Unauthorized" }, 401);
   }
-  const { drainQueue } = await import("./worker-AUCXFHEL.js");
+  const { drainQueue } = await import("./worker-KJ4A7WIR.js");
   const budget = { maxJobs: 10, deadlineMs: Date.now() + 28e4 };
   const [results, sweepResult] = await Promise.all([
     drainQueue(budget),
@@ -11944,6 +12703,9 @@ app.route("/facebook", facebookAdApp);
 app.route("/maps", mapsApp);
 app.route("/serp-intelligence", serpIntelligenceApp);
 app.route("/mcp", mcpApp);
+app.route("/agent", buildBrowserAgentRoutes());
+app.get("/console", (c) => c.html(renderConsoleHtml()));
+app.get("/console/:id", (c) => c.html(renderConsoleHtml(c.req.param("id"))));
 app.route("/stripe", stripeApp);
 if (!process.env.INNGEST_EVENT_KEY) {
   startSiteAuditWorker();
@@ -12050,4 +12812,4 @@ app.get("/blog/:slug/", (c) => {
 export {
   app
 };
-//# sourceMappingURL=server-MTXAJG5J.js.map
+//# sourceMappingURL=server-ASCMKUQ5.js.map