Otto

Automate web workflows on real browser tabs without hosting a browser farm.

📖 Docs · 🇺🇸 English · 🇨🇳 简体中文

Otto is a secure remote browser automation platform that lets you control real browser tabs from your CLI or scripts — no browser farm, no infrastructure overhead. Send commands over WebSocket to a relay daemon, which routes them to a Chrome extension that executes actions on live tabs.

Built for developers and automation teams who need real browser context for testing, monitoring, and agent-driven workflows without managing headless infrastructure.

Features

• Real browser tabs, not headless farms — Execute commands on live Chrome tabs via a lightweight extension node. No Docker, no Puppeteer farm, no cloud browser rental.
• Remote CLI control — Send commands from your laptop to a browser running anywhere. The relay handles routing and auth so controller and node don't need to be on the same host.
• Code drives the browser. The LLM just decides what to do. — Otto handles clicks, typing, navigation, and DOM interaction with deterministic code. Your agent only burns tokens on strategy, not on every interaction.
• Secure by default — Token auth, replay protection, per-node ACL grants, and pre-ingress log redaction. Secrets stored in OS keychain.
• Live debugging — Stream logs by requestId with otto logs follow --source all. Correlate relay, controller, and node events in real time.
• Network interception — Subscribe to HTTP traffic from managed browser tabs. Stream responses back for inspection, validation, or data extraction.
• Site-scoped command bundles — Author custom, reusable commands for any domain that run inside the extension. Versioned, shareable, testable.
• Agent and CI ready — Non-interactive setup, --json output, MCP server, streaming test harness, and agent runtime registration.

Quick Start

Requirements: Node.js 20+, Chrome, and an npm installation.

1. Install the CLI globally:

npm install -g @telepat/otto

2. Run guided setup:

otto setup

3. Load the unpacked extension into Chrome (the exact path is printed by otto setup).

4. Register a controller identity:

otto client register --name "my-laptop" --description "Local controller"
otto client login

5. Verify the stack:

otto commands list

For the full walkthrough, see the Installation and Quickstart guides.

Requirements

• Node.js 20+
• npm 10+
• Chrome (latest stable)
• macOS, Linux, or Windows

How It Works

Controller (otto CLI / script)
        |  WebSocket (authenticated)
        v
  Relay daemon  (:8787)
        |  WebSocket (authenticated, node)
        v
  Extension node (Chrome)
        |  chrome.tabs / chrome.scripting
        v
  Browser tab (managed, site-scoped)

1. Controller sends command envelopes over WebSocket to relay.
2. Relay authenticates, authorizes by action scope, and routes by targetNodeId.
3. Node executes the action and returns terminal result or error.
4. Relay forwards terminal outcome back to the originating controller.

Execution guarantees:

• targetNodeId is required for all commands.
• Per-tab execution is serial; cross-tab execution is parallel.
• Replay protection is enforced (replayNonce plus timestamp window).
• Sensitive fields are redacted before log persistence and streaming.

Using With AI Agents

Otto is designed for headless automation and agent-driven workflows:

• Non-interactive setup — otto setup --non-interactive emits deterministic JSON output with no TTY prompts.
• Machine-readable output — Append --json to most CLI commands (otto commands list, otto test, otto logs list) for structured consumption.
• Programmatic API — The relay exposes HTTP and WebSocket endpoints for direct integration. See the Protocol docs for message schemas.
• Live log streaming — otto logs follow --source all streams structured events by requestId for real-time agent debugging.
• Agent docs — For Agents provides automation runbooks, command development guides, and curl snippets.

Security And Trust

• Controller authentication uses client-secret token exchange; secrets are stored in the OS keychain when available.
• Node-side ACL grants are required before a controller can route commands to a given node.
• Replay protection and timestamp windows prevent command replay.
• Sensitive fields are redacted from logs and streams before persistence.
• Otto never automates credential submission; users authenticate manually and rerun.

To report a security issue, open a private report through the repository security flow.

Documentation And Support

• Documentation site
• Installation
• Quickstart
• Architecture
• Protocol
• CLI reference
• Security
• For Agents
• Repository
• npm package

Contributing

Contributions are welcome. See Development for local setup, build commands, and test workflows.

License

MIT. See LICENSE.