{"passport":{"unfragile":{"@version":"1.0","version":"2026-05","artifact":{"id":"awesome-openwork-open-browser-automation-agent","slug":"openwork-open-browser-automation-agent","name":"🌐 Openwork - Open Browser Automation Agent","type":"agent","url":"https://github.com/accomplish-ai/openwork","page_url":"https://unfragile.ai/openwork-open-browser-automation-agent","categories":["automation"],"tags":[],"pricing":{"model":"open_source","free":true,"starting_price":null},"status":"active","verified":false},"capabilities":[{"id":"awesome-openwork-open-browser-automation-agent__cap_0","uri":"capability://automation.workflow.local.ai.powered.browser.task.automation.via.pseudo.terminal.cli.spawning","name":"local ai-powered browser task automation via pseudo-terminal cli spawning","description":"Openwork spawns the OpenCode CLI as an external process using node-pty pseudo-terminal emulation, enabling local execution of AI-driven browser automation tasks without cloud infrastructure. The Electron main process manages the CLI lifecycle, captures stdout/stderr streams, and marshals task results back to the React renderer via IPC, creating a fully local execution model where the AI provider (Anthropic, OpenAI, Google, Groq) is user-supplied via API keys.","intents":["Execute browser automation tasks locally without sending code or context to third-party cloud services","Spawn and manage long-running AI agent processes with real-time output streaming to the UI","Integrate an external CLI tool (OpenCode) as a subprocess while maintaining process isolation and IPC communication"],"best_for":["Privacy-conscious developers building AI agents that must run entirely on-device","Teams requiring full control over AI provider selection and API key management","Developers integrating external CLI tools into Electron applications via pseudo-terminal"],"limitations":["No built-in cloud fallback or distributed execution — all processing is single-machine bound","node-pty introduces platform-specific behavior differences (macOS Keychain vs Windows Credential Vault vs Linux Secret Service)","CLI process spawning adds ~500ms-2s overhead per task initiation due to Node.js startup time","No native support for concurrent task execution — sequential CLI invocations only"],"requires":["Node.js 18+ (bundled in Electron app)","OpenCode CLI binary available in system PATH or bundled runtime","Valid API key for at least one supported provider (Anthropic, OpenAI, Google, Groq)","macOS (Apple Silicon) for current release; extensible to other platforms"],"input_types":["task description (natural language string)","file system paths (for context and output)","API key credentials (stored in OS keychain)"],"output_types":["task execution logs (stdout/stderr streams)","structured task history JSON","file system modifications (code generation, edits)"],"categories":["automation-workflow","tool-use-integration"],"confidence":0.5,"matches":0,"success_rate":0},{"id":"awesome-openwork-open-browser-automation-agent__cap_1","uri":"capability://safety.moderation.os.native.secure.credential.storage.with.keychain.vault.integration","name":"os-native secure credential storage with keychain/vault integration","description":"Openwork stores AI provider API keys in OS-native secure storage (macOS Keychain, Windows Credential Vault, Linux Secret Service) via the keytar library, ensuring credentials are encrypted at rest and never persisted as plaintext JSON. The secure storage layer is abstracted in the main process and exposed to the renderer via IPC, preventing the Chromium renderer from ever accessing raw credentials.","intents":["Store API keys securely without exposing them to the Chromium renderer process","Retrieve credentials at runtime for CLI invocation while maintaining OS-level encryption","Support multiple AI providers (Anthropic, OpenAI, Google, Groq) with unified credential management"],"best_for":["Desktop application developers requiring secure credential storage without custom encryption","Teams building multi-provider AI integrations with strict security isolation requirements","Users concerned about API key exposure in Electron renderer memory"],"limitations":["Keytar library adds ~50-100ms latency per credential retrieval due to OS keychain round-trips","No built-in credential rotation or expiration management — relies on user manual updates","Linux Secret Service requires dbus daemon running; fails silently on headless systems","macOS Keychain prompts user for permission on first access per app session"],"requires":["keytar npm package (native binding to OS keychain APIs)","macOS 10.7+ (Keychain), Windows 7+ (Credential Manager), or Linux with Secret Service dbus","Electron main process with access to OS credential APIs"],"input_types":["API key string (plaintext during initial entry)","provider identifier (Anthropic, OpenAI, Google, Groq)"],"output_types":["decrypted API key string (in-memory only)","credential existence check (boolean)"],"categories":["safety-moderation","tool-use-integration"],"confidence":0.5,"matches":0,"success_rate":0},{"id":"awesome-openwork-open-browser-automation-agent__cap_10","uri":"capability://tool.use.integration.configuration.generator.for.opencode.cli.with.environment.variable.injection","name":"configuration generator for opencode cli with environment variable injection","description":"Openwork generates OpenCode CLI configuration by reading app settings (provider, model, API key reference) and injecting them as environment variables or command-line arguments before spawning the CLI subprocess. The configuration generator validates that required settings are present (API key in keychain, provider selected) and constructs the CLI invocation with proper escaping and quoting. This approach keeps CLI configuration logic decoupled from Openwork, allowing the CLI to evolve independently.","intents":["Construct valid OpenCode CLI invocations with provider-specific configuration","Inject API keys from secure storage into CLI environment without exposing them to renderer","Enable CLI configuration changes without modifying Openwork code"],"best_for":["Developers integrating external CLI tools into Electron applications","Teams building CLI wrappers that need to inject configuration at runtime","Applications requiring provider-specific CLI argument construction"],"limitations":["Configuration generator must be updated if OpenCode CLI changes its argument format","No validation of CLI argument syntax — relies on CLI to reject invalid arguments","Environment variable injection is platform-specific (Windows vs Unix escaping rules)","No built-in support for CLI configuration files — all config passed via environment or arguments"],"requires":["electron-store for reading app settings","keytar for retrieving API keys from secure storage","main process handler for configuration generation and CLI spawning"],"input_types":["app settings (provider, model, debug mode)","task description (passed to CLI)","API key (retrieved from keychain)"],"output_types":["CLI command string (with environment variables and arguments)","validation result (success/error with details)"],"categories":["tool-use-integration","automation-workflow"],"confidence":0.5,"matches":0,"success_rate":0},{"id":"awesome-openwork-open-browser-automation-agent__cap_11","uri":"capability://safety.moderation.permission.system.for.folder.access.with.os.native.file.picker.integration","name":"permission system for folder access with os-native file picker integration","description":"Openwork implements a permission system that tracks which folders the user has granted access to, storing folder paths in app settings. When a task requires file system access, the main process checks if the target folder is in the permitted list; if not, it prompts the user via OS-native file picker (macOS NSOpenPanel, Windows IFileDialog) to grant access. Granted folders are stored persistently and reused for subsequent tasks without re-prompting.","intents":["Request user permission before allowing tasks to access file system folders","Maintain a persistent list of permitted folders to avoid repeated permission prompts","Provide OS-native permission UI that users expect (file picker dialogs)"],"best_for":["Desktop applications requiring granular file system access control","Teams building security-conscious automation tools","Applications targeting non-technical users who expect native permission dialogs"],"limitations":["Permission system is application-level, not OS-level — does not integrate with macOS/Windows file access sandboxing","No built-in permission revocation UI — users must manually edit app settings to remove folders","File picker dialog is modal and blocks task execution until user responds","No support for wildcard or glob patterns — only exact folder paths are tracked"],"requires":["electron-store for storing permitted folder paths","OS-native file picker APIs (macOS dialog.showOpenDialog, Windows IFileDialog)","main process handler for permission checking and prompting"],"input_types":["target folder path (from task or CLI)","user response to file picker (folder selection or cancel)"],"output_types":["permission check result (granted/denied)","permitted folder list (stored in app settings)"],"categories":["safety-moderation","automation-workflow"],"confidence":0.5,"matches":0,"success_rate":0},{"id":"awesome-openwork-open-browser-automation-agent__cap_2","uri":"capability://data.processing.analysis.task.execution.history.persistence.with.debounced.json.flushing","name":"task execution history persistence with debounced json flushing","description":"Openwork maintains a task history log using electron-store with debounced writes to JSON files in the app's userData directory. The main process accumulates task records in memory and flushes to disk on a debounce timer (typically 1-2 seconds), reducing I/O overhead while ensuring eventual persistence. Task records include execution metadata (timestamps, status, provider used, token counts) and are queryable via the React UI for task replay and audit trails.","intents":["Maintain an audit trail of all executed tasks with execution metadata and results","Enable task replay by storing full execution context (prompt, provider, model selection)","Reduce disk I/O overhead by batching task history writes with debouncing"],"best_for":["Developers building audit-logged automation systems","Teams requiring task execution history for compliance or debugging","Applications where high-frequency task execution would cause excessive disk writes"],"limitations":["Debouncing introduces up to 2 seconds of latency before task history is persisted to disk","No built-in data retention policy — history grows unbounded unless manually pruned","JSON file format becomes unwieldy with >10,000 task records (file size and parse time)","No encryption of task history — sensitive execution data stored as plaintext JSON"],"requires":["electron-store npm package","Electron userData directory with write permissions","Main process access to file system APIs"],"input_types":["task metadata object (status, provider, model, timestamps, token counts)","task execution results (stdout, stderr, file modifications)"],"output_types":["task history JSON array","queryable task records (by timestamp, provider, status)"],"categories":["data-processing-analysis","automation-workflow"],"confidence":0.5,"matches":0,"success_rate":0},{"id":"awesome-openwork-open-browser-automation-agent__cap_3","uri":"capability://automation.workflow.react.based.task.management.ui.with.zustand.state.synchronization","name":"react-based task management ui with zustand state synchronization","description":"Openwork provides a React-based renderer process UI built with Zustand for state management, enabling users to create tasks, monitor execution progress, view task history, and configure AI provider settings. The renderer communicates with the main process via IPC for all side effects (spawning CLI, accessing credentials, persisting history), maintaining strict separation between UI state and system state. Zustand stores handle local UI state (form inputs, modal visibility) while IPC messages synchronize with authoritative main process state.","intents":["Provide a user-friendly interface for creating and monitoring AI-powered automation tasks","Display real-time task execution progress and logs from the spawned CLI process","Manage AI provider configuration and API key setup through an onboarding flow"],"best_for":["Desktop application developers building Electron UIs with React","Teams requiring real-time task monitoring and progress visualization","Non-technical users who need a GUI for AI automation without CLI knowledge"],"limitations":["Zustand state is ephemeral — lost on app restart unless explicitly persisted via IPC","No built-in form validation framework — custom validation logic required per field","React renderer process has no direct access to file system or credentials (by design)","IPC round-trips add ~10-50ms latency per state synchronization"],"requires":["React 18+","Zustand state management library","Electron preload script exposing IPC APIs via contextBridge","Main process IPC handlers for all side effects"],"input_types":["user input (task description, folder selection, provider selection)","IPC messages from main process (task status updates, execution logs)"],"output_types":["rendered React components (task list, execution monitor, settings panel)","IPC messages to main process (spawn task, fetch history, save credentials)"],"categories":["automation-workflow","tool-use-integration"],"confidence":0.5,"matches":0,"success_rate":0},{"id":"awesome-openwork-open-browser-automation-agent__cap_4","uri":"capability://automation.workflow.bundled.node.js.runtime.with.system.path.resolution.for.cli.discovery","name":"bundled node.js runtime with system path resolution for cli discovery","description":"Openwork bundles a Node.js runtime within the Electron application and implements intelligent PATH resolution to locate the OpenCode CLI binary. The system PATH utilities search bundled runtime directories, system PATH environment variable, and fallback locations, enabling the app to function on systems without Node.js installed. The CLI path resolution is performed in the main process before spawning the CLI subprocess, with caching to avoid repeated PATH searches.","intents":["Distribute Openwork without requiring users to install Node.js separately","Locate the OpenCode CLI binary across different system configurations and installation paths","Enable CLI execution on systems with no Node.js in PATH by using bundled runtime"],"best_for":["Desktop application developers distributing Electron apps to non-technical users","Teams building CLI-based tools that need to work out-of-the-box without prerequisites","Applications requiring bundled runtime for reproducible execution across environments"],"limitations":["Bundled Node.js increases application size by ~100-150MB depending on build configuration","PATH resolution adds ~50-100ms overhead on first CLI invocation (cached thereafter)","Bundled runtime may conflict with system Node.js if both are in PATH and have different versions","Updates to bundled Node.js require full application rebuild and redistribution"],"requires":["Electron build process configured to bundle Node.js runtime","System PATH utilities for cross-platform PATH parsing (Windows semicolon vs Unix colon)","OpenCode CLI binary available in bundled runtime or system PATH"],"input_types":["CLI binary name (e.g., 'opencode')","system environment variables (PATH, NODE_PATH)"],"output_types":["resolved CLI binary path (absolute file system path)","CLI availability check (boolean)"],"categories":["automation-workflow","tool-use-integration"],"confidence":0.5,"matches":0,"success_rate":0},{"id":"awesome-openwork-open-browser-automation-agent__cap_5","uri":"capability://safety.moderation.electron.ipc.based.process.isolation.with.preload.script.context.bridging","name":"electron ipc-based process isolation with preload script context bridging","description":"Openwork implements strict process isolation using Electron's three-process model: main process (Node.js), preload script (isolated context), and renderer process (Chromium). The preload script uses contextBridge to expose a curated API surface to the renderer, forwarding IPC messages to the main process for all privileged operations (spawning CLI, accessing credentials, file system). This architecture prevents the Chromium renderer from directly accessing system resources, credentials, or spawned processes.","intents":["Prevent renderer process compromise from exposing API keys or spawning arbitrary processes","Implement a secure IPC boundary between untrusted renderer and privileged main process","Provide a typed API surface to the renderer without exposing raw IPC message passing"],"best_for":["Electron application developers building security-sensitive applications","Teams requiring strict process isolation between UI and system operations","Applications handling sensitive credentials or file system access"],"limitations":["IPC round-trips add ~10-50ms latency per operation (cumulative for chained operations)","Preload script must be manually maintained to expose new API surface — no automatic generation","Renderer cannot directly access file system, child processes, or native modules (by design)","Debugging IPC communication requires Electron DevTools inspection of main process"],"requires":["Electron 12+ (contextBridge API)","Preload script configured in BrowserWindow webPreferences","Main process IPC handlers for all renderer-initiated operations"],"input_types":["IPC messages from renderer (task spawn, credential fetch, history query)","main process operations (file system, process spawning, credential storage)"],"output_types":["IPC responses to renderer (task status, execution logs, credential confirmation)","renderer API surface exposed via contextBridge"],"categories":["safety-moderation","tool-use-integration"],"confidence":0.5,"matches":0,"success_rate":0},{"id":"awesome-openwork-open-browser-automation-agent__cap_6","uri":"capability://tool.use.integration.multi.provider.ai.model.selection.with.unified.configuration.interface","name":"multi-provider ai model selection with unified configuration interface","description":"Openwork provides a unified configuration interface for selecting AI providers (Anthropic, OpenAI, Google, Groq) and models, with provider-specific API key management. The configuration is stored in electron-store and exposed via the React UI, enabling users to switch providers without code changes. The main process reads the selected provider and model at task execution time, passing them to the OpenCode CLI via environment variables or command-line arguments.","intents":["Allow users to choose between multiple AI providers without application restart","Store provider-specific configuration (API keys, model selection) persistently","Enable cost optimization by switching between providers based on task requirements"],"best_for":["Teams evaluating multiple AI providers and wanting to switch without code changes","Cost-conscious users optimizing for different providers' pricing models","Developers building provider-agnostic AI automation tools"],"limitations":["No built-in provider capability detection — users must manually select compatible models","Configuration changes require task restart; no mid-execution provider switching","No built-in fallback if selected provider API is unavailable — task fails rather than retrying with alternate provider","Provider-specific features (vision, function calling) not abstracted — CLI must handle provider differences"],"requires":["API keys for at least one supported provider (Anthropic, OpenAI, Google, Groq)","electron-store for configuration persistence","OpenCode CLI supporting provider selection via environment variables or CLI flags"],"input_types":["provider selection (enum: Anthropic, OpenAI, Google, Groq)","model identifier (provider-specific string)","API key (stored in secure storage)"],"output_types":["configuration JSON (provider, model, API key reference)","provider-specific CLI invocation (environment variables or flags)"],"categories":["tool-use-integration","automation-workflow"],"confidence":0.5,"matches":0,"success_rate":0},{"id":"awesome-openwork-open-browser-automation-agent__cap_7","uri":"capability://automation.workflow.onboarding.flow.with.folder.permission.setup.and.api.key.configuration","name":"onboarding flow with folder permission setup and api key configuration","description":"Openwork implements a guided onboarding flow that walks users through initial setup: API key configuration (with secure storage via keytar), folder permission grants (for file system access), and provider/model selection. The onboarding state is tracked in electron-store and the React UI conditionally renders the onboarding flow on first launch. Folder permissions are requested via native OS dialogs (macOS file picker) and stored as app settings for subsequent task execution.","intents":["Guide non-technical users through initial setup without requiring manual configuration","Request necessary permissions (file system access) upfront with clear explanations","Validate API key configuration before allowing task execution"],"best_for":["Desktop applications targeting non-technical users","Teams building onboarding flows for multi-step configuration","Applications requiring upfront permission grants for file system or OS access"],"limitations":["Onboarding state is binary (complete/incomplete) — no partial progress tracking","Folder permissions are stored as app settings; no built-in permission revocation UI","API key validation is basic (non-empty check) — no actual provider connectivity test","Onboarding flow cannot be re-triggered after completion without manual state reset"],"requires":["React UI for onboarding form rendering","electron-store for onboarding state persistence","OS native file picker dialogs (macOS NSOpenPanel, Windows IFileDialog)","Keytar integration for secure API key storage"],"input_types":["user input (API key, folder selection, provider choice)","OS file picker results (folder paths)"],"output_types":["onboarding completion state (boolean)","stored configuration (API key in keychain, folders in app settings, provider selection)"],"categories":["automation-workflow","safety-moderation"],"confidence":0.5,"matches":0,"success_rate":0},{"id":"awesome-openwork-open-browser-automation-agent__cap_8","uri":"capability://automation.workflow.real.time.task.execution.monitoring.with.stdout.stderr.stream.capture","name":"real-time task execution monitoring with stdout/stderr stream capture","description":"Openwork captures stdout and stderr streams from the spawned OpenCode CLI process in real-time using node-pty, forwarding execution logs to the React renderer via IPC messages. The main process buffers log lines and sends them to the renderer on a batching interval (typically 100-500ms) to reduce IPC overhead. The renderer displays logs in a scrollable task monitor UI, enabling users to observe task progress, debug failures, and track token usage in real-time.","intents":["Display real-time task execution progress and logs to users without polling","Enable debugging of failed tasks by capturing full stdout/stderr output","Track token usage and cost metrics during task execution"],"best_for":["Developers building task monitoring UIs for long-running processes","Teams requiring real-time visibility into AI agent execution","Applications where task execution can take minutes and users need progress feedback"],"limitations":["Log buffering introduces 100-500ms latency before logs appear in UI","Large log outputs (>10MB) can cause memory pressure in main process if not pruned","IPC message batching may lose log ordering if messages arrive out-of-order","No built-in log filtering or search — full output stored in memory and renderer"],"requires":["node-pty for pseudo-terminal stream capture","IPC message batching logic in main process","React renderer with scrollable log display component"],"input_types":["stdout/stderr streams from spawned CLI process","log batching interval (milliseconds)"],"output_types":["IPC log messages (batched lines with timestamps)","rendered log display in React UI (scrollable, searchable)"],"categories":["automation-workflow","data-processing-analysis"],"confidence":0.5,"matches":0,"success_rate":0},{"id":"awesome-openwork-open-browser-automation-agent__cap_9","uri":"capability://automation.workflow.fresh.install.cleanup.and.state.reset.with.selective.data.retention","name":"fresh install cleanup and state reset with selective data retention","description":"Openwork implements a fresh install cleanup mechanism that resets application state (onboarding flag, debug mode, selected model) while optionally retaining task history and secure credentials. The cleanup is triggered via a manual reset action in the settings UI or automatically on major version upgrades. The main process clears electron-store entries selectively, preserving keytar credentials and task history unless explicitly purged by the user.","intents":["Reset application state to factory defaults without losing task history","Clear cached configuration on major version upgrades to prevent compatibility issues","Allow users to selectively purge sensitive data (credentials, history) on demand"],"best_for":["Desktop applications requiring state reset functionality","Teams managing version upgrades with breaking configuration changes","Users concerned about data retention and wanting manual purge controls"],"limitations":["No granular reset controls — cleanup is all-or-nothing per category (settings, history, credentials)","Cleanup does not remove cached files or temporary data outside electron-store","No confirmation dialog before destructive cleanup — relies on user intent","Credentials in OS keychain are not automatically purged; requires manual removal from system settings"],"requires":["electron-store API for selective key deletion","settings UI with reset action button","main process handler for cleanup operation"],"input_types":["cleanup scope (all, settings-only, history-only, credentials-only)","user confirmation (boolean)"],"output_types":["cleanup completion status (success/failure)","retained data summary (what was kept vs purged)"],"categories":["automation-workflow","data-processing-analysis"],"confidence":0.5,"matches":0,"success_rate":0}],"trust":{"score":28,"verified":false,"data_access_risk":"high","permissions":["Node.js 18+ (bundled in Electron app)","OpenCode CLI binary available in system PATH or bundled runtime","Valid API key for at least one supported provider (Anthropic, OpenAI, Google, Groq)","macOS (Apple Silicon) for current release; extensible to other platforms","keytar npm package (native binding to OS keychain APIs)","macOS 10.7+ (Keychain), Windows 7+ (Credential Manager), or Linux with Secret Service dbus","Electron main process with access to OS credential APIs","electron-store for reading app settings","keytar for retrieving API keys from secure storage","main process handler for configuration generation and CLI spawning"],"failure_modes":["No built-in cloud fallback or distributed execution — all processing is single-machine bound","node-pty introduces platform-specific behavior differences (macOS Keychain vs Windows Credential Vault vs Linux Secret Service)","CLI process spawning adds ~500ms-2s overhead per task initiation due to Node.js startup time","No native support for concurrent task execution — sequential CLI invocations only","Keytar library adds ~50-100ms latency per credential retrieval due to OS keychain round-trips","No built-in credential rotation or expiration management — relies on user manual updates","Linux Secret Service requires dbus daemon running; fails silently on headless systems","macOS Keychain prompts user for permission on first access per app session","Configuration generator must be updated if OpenCode CLI changes its argument format","No validation of CLI argument syntax — relies on CLI to reject invalid arguments","builder identity is not verified yet","no observed match outcomes yet"],"rank_breakdown":{"adoption":0.05,"quality":0.34,"ecosystem":0.39999999999999997,"match_graph":0.25,"freshness":0.6,"weights":{"adoption":0.25,"quality":0.25,"ecosystem":0.1,"match_graph":0.28,"freshness":0.12}},"observed_outcomes":{"matches":0,"success_rate":0,"avg_confidence":0,"top_intents":[],"last_matched_at":null},"maintenance":{"status":"active","updated_at":"2026-06-17T09:51:03.579Z","last_scraped_at":"2026-05-03T14:00:07.640Z","last_commit":null},"community":{"stars":null,"forks":null,"weekly_downloads":null,"model_downloads":null,"model_likes":null}},"distribution":{"claim_url":"https://unfragile.ai/submit?claim=openwork-open-browser-automation-agent","compare_url":"https://unfragile.ai/compare?artifact=openwork-open-browser-automation-agent"}},"signature":"fpcwCZIPEMSQ6fN5gSjXazjqTdLI5ippMhEr/t1ieyqNAvtn1pavCkDNjsHfbCwjjzkmjILLvkT2+MdAF9GWDQ==","signedAt":"2026-06-19T16:59:43.030Z","signedBy":"unfragile.ai","version":1},"_links":{"self":"https://unfragile.ai/api/v1/passport/openwork-open-browser-automation-agent","artifact":"https://unfragile.ai/openwork-open-browser-automation-agent","verify":"https://unfragile.ai/api/v1/verify?slug=openwork-open-browser-automation-agent","publicKey":"https://unfragile.ai/api/v1/trust-passport-public-key","spec":"https://unfragile.ai/trust","schema":"https://unfragile.ai/schema.json","docs":"https://unfragile.ai/docs"}}