Chrome shipped something quietly huge. Your real, signed-in browser can now be natively accessible to any coding agent.

No extensions. No headless browser. No screenshots. No separate logins. One toggle.

Here’s the official blog post from the Chrome team.

The actual unlock people are glossing over

I keep seeing reactions focused on “browser control” and I think that misses the point. We’ve had Puppeteer forever. Spinning up a headless browser and clicking buttons is solved problem territory.

What’s new is that your agent inherits your actual session. Your cookies. Your auth state. Everything.

The bottleneck for most agentic tasks was always “get past the login page.” If you’ve tried to automate anything behind authentication, you know the pain: credential injection, token management, session handling, 2FA flows. All of that friction just disappeared. Your agent sits in your real browser session and operates as you.

That’s the 10x improvement.

How I actually set this up

I don’t hand my main browser profile to an agent. I’m not going to pretend that’s fine.

My setup: the agent gets its own accounts. I give that account specific roles and permissions in my main accounts, scoped to what I actually want automated. If something goes sideways, the blast radius is limited to what that account can touch.

Think of it the same way you’d think about service accounts. You wouldn’t give a CI pipeline your personal credentials. Same logic applies here.

Who should use this and who shouldn’t

My honest take: most people should lean into consumer solutions for agentic browser automation. Things like the Claude Code extension, Gemini in Chrome, Perplexity. These come with guardrails and permission flows that ask before acting.

Programmatic use through the DevTools protocol is powerful but it’s best for experienced devs who can reason about the tradeoffs. You need to understand what you’re exposing and how to limit it. If you’re not comfortable setting up isolated profiles and scoping permissions, the consumer tools will serve you better and with less risk.

What this changes

The use cases for coding agents just got wider. Anything that required authenticated access to a web app (testing against staging environments, scraping data from dashboards, automating workflows across SaaS tools) is now much more straightforward. The agent doesn’t need to know your password or manage tokens. It just works in the browser you already have open.

We went from “agents can browse the web” to “agents can browse the web as you.” That’s a different thing entirely.