Show HN: Smooth CLI – Token-efficient browser for AI agents (docs.smooth.sh)

109 points by antves ↗ HN
Hi HN! Smooth CLI (https://www.smooth.sh) is a browser that agents like Claude Code can use to navigate the web reliably, quickly, and affordably. It lets agents specify tasks using natural language, hiding UI complexity, and allowing them to focus on higher-level intents to carry out complex web tasks. It can also use your IP address while running browsers in the cloud, which helps a lot with roadblocks like captchas (https://docs.smooth.sh/features/use-my-ip).

Here’s a demo: https://www.youtube.com/watch?v=62jthcU705k Docs start at https://docs.smooth.sh.

Agents like Claude Code, etc are amazing but mostly restrained to the CLI, while a ton of valuable work needs a browser. This is a fundamental limitation to what these agents can do.

So far, attempts to add browsers to these agents (Claude’s built-in --chrome, Playwright MCP, agent-browser, etc.) all have interfaces that are unnatural for browsing. They expose hundreds of tools - e.g. click, type, select, etc - and the action space is too complex. (For an example, see the low-level details listed at https://github.com/vercel-labs/agent-browser). Also, they don’t handle the billion edge cases of the internet like iframes nested in iframes nested in shadow-doms and so on. The internet is super messy! Tools that rely on the accessibility tree, in particular, unfortunately do not work for a lot of websites.

We believe that these tools are at the wrong level of abstraction: they make the agent focus on UI details instead of the task to be accomplished.

Using a giant general-purpose model like Opus to click on buttons and fill out forms ends up being slow and expensive. The context window gets bogged down with details like clicks and keystrokes, and the model has to figure out how to do browser navigation each time. A smaller model in a system specifically designed for browsing can actually do this much better and at a fraction of the cost and latency.

Security matters too - probably more than people realize. When you run an agent on the web, you should treat it like an untrusted actor. It should access the web using a sandboxed machine and have minimal permissions by default. Virtual browsers are the perfect environment for that. There’s a good write up by Paul Kinlan that explains this very well (see https://aifoc.us/the-browser-is-the-sandbox and https://news.ycombinator.com/item?id=46762150). Browsers were built to interact with untrusted software safely. They’re an isolation boundary that already works.

Smooth CLI is a browser designed for agents based on what they’re good at. We expose a higher-level interface to let the agent think in terms of goals and tasks, not low-level details.

For example, instead of this:

  click(x=342, y=128)
  type("search query")
  click(x=401, y=130)
  scroll(down=500)
  click(x=220, y=340)
  ...50 more steps
Your agent just says:

  Search for flights from NYC to LA and find the cheapest option
Agents like Claude Code can use the Smooth CLI to extract hard-to-reach data, fill-in forms, download files, interact with dynamic content, handle authentication, vibe-test apps, and a lot more.

Smooth enables agents to launch as many browsers and tasks as they want, autonomously, and on-demand. If the agent is carrying out work on someone’s behalf, the agent’s browser presents itself to the web as a device on the user’s network. The need f...

26 comments

[ 3.1 ms ] story [ 40.7 ms ] thread
Congrats for shipping.

How does it compare to Agent Browser by Vercel?

Frontend QA is the final frontier, good luck, you are over the target.

The amount of manual QA I am currently subjected to is simultaneously infuriating and hilarious. The foundation models are up to the task but we need new abstractions and layers to correctly fix it. This will all go the way of the dodo in 12 months but it'll be useful in the meantime.

agent-browser helped a lot over playwright but doesn't completely close the gap.

frontend QA is exactly where i've seen the biggest ROI with browser agents. the gap with Playwright MCP specifically is that it assumes the agent can reason about CSS selectors and DOM state, which breaks constantly on anything with dynamic rendering, client-side routing, or shadow DOM.

the right abstraction for QA is probably closer to what a manual tester actually does, describe expected behavior, let a specialized system figure out the mechanical verification steps.

but the harder unsolved problem is evaluation: how do you reliably distinguish "the agent verified the behavior" from "the agent navigated to the right page and hallucinated a success report"? visual diffing against golden screenshots helps for regression but doesn't cover semantic correctness of dynamic content.

Ironically, the landing page and docs pages of Smooth aren't all that token-efficient!
This looks really interesting!

I _would_ be curious to try it, but...

My first question was whether I could use this for sensitive tasks, given that it's not running on our machines. And after poking around for a while, I didn't find a single mention of security anywhere (as far as I could tell!)

The only thing that I did find was zero data retention, which is mentioned as being 'on request' and only on the Enterprise plan.

I totally understand that you guys need to train and advance your model, but with suggested features like scraping behind login walls, it's a little hard to take seriously with neither of those two things anywhere on the site, so anything you could do to lift up those concerns would be amazing.

Again, you seem to have done some really cool stuff, so I'd love for it to be possible to use!

Update: The homepage says this in a feature box, which is... almost worst than saying nothing, because it doesn't mean anything? -> "Enterprise-grade security; End-to-end encryption, enterprise-grade standards, and zero-trust access controls keep your data protected in transit and at rest."

i can see a new token efficient mirror web possibly emerging using content type headers on the request side

forms, PRG, semantic HTML and no js needed

Way too expensive, I'll wait for a free/open source browser optimized to be used by agents.
I was actually very interested until I realized that this doesn't run on my computer…

I get the sandboxing, etc, but a Docker container would achieve the same goals.

Glad I saw this comment.

The product sounds interesting but I am not gonna run this is in the cloud for my use cases.

Interesting approach. Exposing high-level goals rather than UI actions definitely reduces token overhead, but reproducible comparisons with open-source setups would strengthen the claim. Also, remote browsers introduce a new attack surface—sandboxing helps, but I’d like to see clear isolation guarantees against malicious pages or rogue scripts.
Look this is cool idea, but subscribing to anything these days is a hard sell, we are all tired of subscription plans. You probably would be more succesful if you could find this to package in a way that is not subscription.
How does your approach differ from BrowserOS, not in the product sense(their product is ane enterprise browser based off chrome). but in how they designed the interface between the browser and the models?
I'm a bit curious. Why did you link the docs instead of the site in this post?
Interesting idea as an open source tool I could hack locally, but no way in hell am I adding yet another bill and using a web browser of all things as SaaS. I'll make my own web-specialized subagent.
I'm working on building a personal assistant concept. One test I've been running is asking different AI assistants to use a browser to check available appointment slots for my hairstylist. None of them has managed to do it successfully yet, but I'm going to keep trying.

https://n694923.alteg.io/company/656492/personal/menu?o=

I built a browser agent that can almost certainly handle that task. Will test and let you know by posting here later.
Curious how this compares to https://sentienceapi.com/. My understanding is that Sentience uses deterministic "semantic snapshots" to try and give agents a more reliable browser interface.
This is a good idea. Do you use something like browser-use or Fara-7b behind the scenes? Or maybe you don't want to give up your secrets (which is fine if that's the case).
Is this essentially a cloud-managed specialized subagent with an LLM-friendly API?

Seems like an interesting new category.

Cool project guys! Just gave it a spin. One thing I would have wished, was if the browsers would run locally. Since the smooth browser is running in prod, it makes it harder for Claude to test dev apps
the abstraction level argument is spot on. i've been working on browser automation for AI agents and the biggest lesson has been that exposing Playwright-level primitives to a foundation model is fundamentally the wrong interface. the model burns most of its context reasoning about DOM traversal and coordinate-based clicking instead of the actual task. the natural language intent layer is the right call, it's basically treating the browser interaction as a tool-use problem where the tool itself is agentic.

curious about failure recovery though: when the specialised browsing model misinterprets an intent (e.g. clicks the wrong "Submit" on a page with multiple forms), does the outer agent get enough signal to retry or reframe the instruction? that's been the hardest part in my experience, the error surface between "the browser did the wrong thing" and "I specified the wrong thing" is really blurry.

Few days ago I built something like this for a personal project because it’s just the obvious thing to do - abstract away the gory details of using a browser. I found it was surprisingly easy to build and I soon had a browser agent that worked as you describe Smooth. Just surprised that the other browser agent frameworks like Browser Use and claude —chrome haven’t caught up to this yet, it’s so obvious and easy to do.
Hello, do you mind open sourcing it ? my email hn@medreda.blog
> Smooth offers a “self” proxy that creates a secure tunnel and routes all browser traffic through your machine’s IP address

Can you confirm that you only route the traffic of the one user who owns the machine though the proxy? Or do you use it as residential proxy for other users as well?

The docs don't say anything about it.

Hey really unique take!

Curious to see how you compare against competitors, any benchmarks to share?

We launched a competitor in the space rtrvr.ai, that when benchmarked is SOTA and beats even OpenAI Operator.

Cool work on the proxying but LinkedIn has really advanced detections for even device/hardware fingerprinting, how advanced are your stealth measures? Because this might be risking account bans.

People in this space even setup consumer hardware in datacenters to get around this actually.

Wait, so this does the same thing the agent would do, but via cloud? What's the advantage?