Local control: in-SDK sidecar for user_device environments#161
Local control: in-SDK sidecar for user_device environments#161abonneth wants to merge 2 commits into
Conversation
| ] | ||
| browser = [ | ||
| "hai-drivers[web]>=0.1.0", | ||
| ] |
There was a problem hiding this comment.
Lock omits hai-drivers package
High Severity
Optional browser and desktop extras declare hai-drivers, but uv.lock still resolves direct selenium/pyautogui pins and never installs hai-drivers, while SidecarClient._build_driver imports hai_drivers.
Additional Locations (1)
Reviewed by Cursor Bugbot for commit fa3ff61. Configure here.
14ca56a to
bf57eb3
Compare
bf57eb3 to
6e6cc3f
Compare
6e6cc3f to
f5bd8db
Compare
Agents with a user_device environment are served by an in-SDK sidecar that long-polls the Agent Platform for driver commands and executes them on this machine via hai-drivers (Selenium attached to Chrome's debug port for browser, pyautogui/pynput for desktop). Sidecars start automatically on create_session and are also available via `hai local browser|desktop`. Co-authored-by: Cursor <cursoragent@cursor.com>
f5bd8db to
b2762ab
Compare
There was a problem hiding this comment.
Cursor Bugbot has reviewed your changes and found 1 potential issue.
There are 2 total unresolved issues (including 1 from previous review).
❌ Bugbot Autofix is OFF. To automatically fix reported issues with cloud agents, enable autofix in the Cursor dashboard.
Reviewed by Cursor Bugbot for commit b2762ab. Configure here.
| agent = kwargs["agent"] | ||
| if isinstance(agent, str): | ||
| try: | ||
| agent = AgentsClient(client_wrapper=wrapper).get_agent(agent) |
There was a problem hiding this comment.
Named agent fetch skips resolve
Medium Severity
When create_session is given a catalog agent name and auto sidecars are enabled, the SDK loads the definition with get_agent but does not pass resolve=true. Unresolved string subagent or environment leaves never expose user_device configs, so collect_sidecar_configs can skip required local sidecars while the session still starts.
Additional Locations (1)
Reviewed by Cursor Bugbot for commit b2762ab. Configure here.
…ayer Co-authored-by: Cursor <cursoragent@cursor.com>


Note
Medium Risk
New subprocess/network loop with API credentials and optional desktop/browser control increases attack and operational surface, but behavior is gated by user_device envs, optional extras, and HAI_AUTO_SIDECAR with broad unit test coverage.
Overview
Adds local control so agents with
host: user_deviceenvironments can drive this machine’s browser or desktop via an in-process sidecar, instead of relying only on remote sandboxes.The SDK now rewrites agent/session payloads:
user_deviceenvs get a deterministicsession_id(from API key + env id + capability) so the cloud can route commands to the right channel.Client/AsyncClientuse wrappedagentsandsessionsclients that apply this wiring on create/update/patch and, whenHAI_AUTO_SIDECARis on (default), start sidecars beforecreate_session(including after fetching a named agent).New
hai_agents.localruns background sidecars that long-poll the API, execute driver methods throughhai-drivers(Selenium + optional Chrome launch for browser; desktop extra for local desktop), and post results—with retries, idempotentcommand_uidcaching, and one browser / one desktop per machine (in-process and cross-process lock files).pip install 'hai-agents[browser]'/[desktop]pull inhai-drivers; the CLI addshai local browser/hai local desktopfor manual sidecars when sessions start elsewhere.Tests cover wiring, auto-start, protocol, and runtime rollback; integration tests disable auto sidecars by default.
Reviewed by Cursor Bugbot for commit edc1765. Bugbot is set up for automated code reviews on this repo. Configure here.