Browser Use Agent Guardrails with Veto
Browser automation agents can navigate anywhere, fill any form, and access any URL. Veto adds authorization controls that prevent agents from visiting malicious sites, leaking credentials, or performing unauthorized actions.
What is Browser Use?
Browser Use is an open-source library that enables AI agents to control web browsers autonomously. Agents can navigate websites, fill forms, click buttons, and extract data. This power requires guardrails to prevent unauthorized access to sensitive URLs, forms, and actions.
Why browser agents need guardrails
Browser automation agents operate with full browser capabilities. Without authorization, they can access internal admin panels, submit forms with sensitive data, navigate to phishing sites, and leak credentials through form fields.
Whitelist allowed domains, block internal admin URLs, prevent navigation to malicious sites.
Block credential entry, prevent auto-fill of sensitive fields, require approval for forms.
Prevent agents from entering passwords, API keys, or credit card numbers without authorization.
Quick start with Browser Use
Wrap your Browser Use agent with Veto guardrails in two steps. The agent continues to work normally while Veto enforces authorization policies on every tool call.
from browser_use import Agent
from veto import Veto
# Initialize Veto with your API key
veto = Veto(api_key="veto_live_...")
# Wrap browser tools with authorization
@veto.guard(
policy="browser_safety",
tools=["go_to_url", "click_element", "input_text"]
)
async def safe_browser_task(task: str):
agent = Agent(task=task)
result = await agent.run()
return result
# URL authorization example
veto.add_policy({
"name": "url_whitelist",
"rules": [
{
"match": {"tool": "go_to_url"},
"allow": {"url": {"pattern": "https://*.mycompany.com/*"}}
},
{
"match": {"tool": "go_to_url"},
"deny": {"url": {"pattern": "*://admin.*"}}
}
]
})
# Run with guardrails
await safe_browser_task("Book a meeting on the company calendar")URL authorization patterns
Control which URLs your browser agent can visit. Use pattern matching to define allowed domains, block sensitive paths, and prevent access to internal resources.
Domain whitelisting
Only allow navigation to approved domains like your company's properties or trusted partners.
Path blocking
Block access to admin panels, internal dashboards, and sensitive endpoints within allowed domains.
Approval workflows
Route navigation to certain URLs to human approval before the agent proceeds.
Form protection
Prevent browser agents from filling sensitive form fields that could lead to credential leakage or unauthorized data submission.
# Form protection - prevent credential leakage
veto.add_policy({
"name": "form_protection",
"rules": [
{
"match": {"tool": "input_text"},
"deny": {
"or": [
{"selector": {"pattern": "*password*"}},
{"selector": {"pattern": "*credit_card*"}},
{"selector": {"pattern": "*ssn*"}}
]
},
"message": "Blocked attempt to fill sensitive form field"
},
{
"match": {"tool": "input_text"},
"require_approval": {
"selector": {"pattern": "*email*"}
}
}
]
})Related integrations
Frequently asked questions
How do I restrict which URLs my Browser Use agent can visit?
https://*.mycompany.com/*, block specific paths like *://admin.*, and require human approval for sensitive URLs. Veto intercepts the go_to_url tool call and evaluates it against your policies before the browser navigates.Can I prevent agents from entering passwords or credit cards?
input_text tool and can block form fills on sensitive field selectors. Create rules that deny input on fields matching patterns like *password* or*credit_card*. The agent receives a configurable error message and cannot bypass this protection.Does Veto slow down browser automation?
What happens when a guardrail blocks a browser action?
Secure your browser agents before they click the wrong button.