Constitutional Safety
CBrowser's most unique feature. No other browser automation tool has built-in ethical boundaries.
The Problem
Other AI automation tools will execute any command you give them:
- "Click Delete All Data" β Done
- "Submit this $10,000 transfer" β Done
- "Accept all terms and conditions" β Done
This is dangerous. AI agents can be tricked, make mistakes, or misread context.
The Solution: Action Zones
CBrowser classifies every action into one of five safety zones:
| Zone | Color | Actions | Behavior |
|---|---|---|---|
| Green | π’ | Navigate, read, screenshot, scroll | Auto-execute immediately |
| Yellow | π‘ | Click buttons, select options | Log and proceed |
| Orange | π | Fill forms, smart-click, session management, persona creation, cognitive journeys | Allowed with caution warning |
| Red | π΄ | Submit forms, delete, purchase, account changes | Requires verification |
| Black | β¬ | Bypass authentication, inject scripts, violate ToS | Never executes |
How It Works
Green Zone (Safe)
These actions cannot cause harm:
# All auto-execute without prompts
npx cbrowser navigate "https://example.com"
npx cbrowser screenshot
npx cbrowser extract "all product names"
Yellow Zone (Logged)
Interactive but low-risk actions:
# Executes but logs the action
npx cbrowser click "Add to Cart"
Every yellow action is logged with:
- Timestamp
- Action type
- Target element
- Screenshot before/after
Orange Zone (State-Modifying)
Actions that modify state but are generally safe:
# Proceeds with caution message
npx cbrowser fill "email" "[email protected]"
npx cbrowser smart-click "Sign In"
npx cbrowser session save "my-session"
Orange zone covers: form fills, smart clicks, session management, persona creation, cognitive journeys, test generation/repair, and marketing tools.
Red Zone (Verification Required)
Potentially destructive or irreversible:
# Will prompt for confirmation
npx cbrowser click "Delete Account"
npx cbrowser click "Place Order"
npx cbrowser click "Submit Application"
To bypass verification (use carefully):
npx cbrowser click "Delete Account" --force
Black Zone (Never Allowed)
CBrowser will refuse these actions entirely:
- Attempting to bypass login screens
- Injecting JavaScript into pages
- Automating CAPTCHA solving
- Violating robots.txt
- Scraping personal data without consent
npx cbrowser inject-script "alert('hacked')"
# Error: Action blocked by constitutional safety rules
The Five Laws
CBrowser follows five constitutional principles:
1. Transparency
Every action is logged with timestamps and screenshots. You can always review what happened.
# View audit log
npx cbrowser audit --last 50
2. Verification
Destructive actions need explicit confirmation. No accidental deletions.
3. Privacy
- Credentials are never logged
- Personal data is automatically redacted in logs
- Screenshots blur sensitive fields
4. Politeness
- Respects robots.txt
- Adds delays between actions (no flooding servers)
- Identifies itself as automation (never pretends to be human)
5. Fallback
When uncertain, CBrowser asks. When dangerous, it stops.
Configuration
Adjusting Zone Classifications
Create .cbrowserrc.json:
{
"safety": {
"redZoneActions": [
"delete",
"remove",
"purchase",
"submit",
"transfer"
],
"blacklistPatterns": [
"admin/*",
"*/delete-all"
],
"requireVerification": true
}
}
Disabling Safety (Not Recommended)
For testing environments only:
CBROWSER_UNSAFE=true npx cbrowser click "Delete Everything"
β οΈ Warning: This disables all safety checks. Use only in isolated test environments.
Why This Matters
As AI agents become more autonomous, safety becomes critical:
- Mistakes happen - AI can misinterpret commands
- Attacks happen - Prompt injection can manipulate agents
- Context is lost - Agents don't understand consequences
Constitutional safety limits damage even when things go wrong.
Related
- Persona Testing - Another unique CBrowser feature
- CLI Reference - See
--forceflag documentation - FAQ - Common safety questions
Copyright: (c) 2026 Alexa Eden.
License: MIT License
Contact: [email protected]