packages/builtin-skills/src/verify/surfaces/web.md
Default surface for frontend and full-stack changes — the browser is the one place
network requests and rendered UI are observable together, so you can assert both
sides of a contract in one run. Driven by agent-browser
(../references/agent-browser.md).
Use web when the behavior is the same in a normal browser against the app's dev server or a deployed URL. If the criterion depends on the desktop shell, use electron.md instead; if it's backend/CLI, use cli.md.
http://localhost:<port>), or a deployed/preview URL the task targets.--session so cookies persist across commands.SESSION=app
agent-browser --session $SESSION open "http://localhost:3000/"
agent-browser --session $SESSION snapshot -i
# interact via refs, then capture
agent-browser --session $SESSION screenshot ./proof/state.png
Use the authenticated session as the evidence source. Do not use a separate ordinary-Chrome screenshot as proof — it doesn't prove the automated session reached the state. Ordinary Chrome is only a cookie source for auth fallback.
When the criterion spans a new/changed API and the UI consuming it, capture both the network exchange and the rendered result:
SESSION=app
agent-browser --session $SESSION network har start
# ... drive the scenario that triggers the API ...
agent-browser --session $SESSION network requests --type xhr,fetch # inspect calls
agent-browser --session $SESSION network har stop ./proof/capture.har
agent-browser --session $SESSION screenshot ./proof/result.png
Upload the screenshot (--type screenshot) and the network proof (the HAR as
--type text --file ./proof/capture.har, or a focused request/response as
--type text --content …). Asserting only one layer leaves the contract half-proven.
If you can only run the frontend locally but the backend is remote, drive the frontend URL the same way — just remember the backend is not your branch, so it proves frontend behavior, not backend changes.