Show HN: AG2B – Run the agent loop in the browser, expose your tools via WebMCP

AG2B (Agent to Browser) runs the AI agent loop directly in the browser, allowing developers to expose existing client functions as tools without a separate server-side runtime or tool registry. The framework uses "scopes" to inject live UI context into each agent turn, reducing latency and token costs compared to DOM-based alternatives. It aims to accelerate AI feature deployment in B2B apps by keeping the server as a thin proxy for API keys and permissions.

Hello everyone, TL;DR Live demo: https://ag2b-example.vercel.app https://ag2b-example.vercel.app Working on different projects, especially in B2B, I am getting the same request more and more often - "Add an AI feature, yesterday " Most agent frameworks I found run the runtime on the server - and that pulls in a whole stack. Both backend and frontend have to learn how that runtime works and adopt its SDKs. The server turns into an orchestrator carrying most of the logic. For a feature that's really just "automate what the app already does, and add a brain," I kept asking the same thing: do we actually need all of that and how to ship these AI features faster? AG2B Agent to Browser is my research on this question. The agent loop runs in the browser, where your app already is. Tools the first primitive are just your existing client functions store actions, click handlers, whatever you already wrote , so there's no second tool registry and no contract to negotiate between the frontend and backend. The server shrinks but not limited to a thin proxy that keeps your API key out of the bundle plus optionally gates with user's permissions. Because the loop runs where the UI lives, each turn can carry a fresh snapshot of what the user sees and can do right now. Scopes the second primitive re-inject live context on every iteration - into the system or user prompt, your choice. The model sees what's actually on screen right now. Nothing stale, zero roundtrips and clear context for the LLM. On security take, does it secure? The LLM can only call the tools you delegate, and those tools are your existing handlers which already hit authenticated, permission-checked endpoints. A tool call goes through the same gates a user or frontend logic goes through. What about existing server-side runtimes? Actually they can coexist. With AG2B you can write your own tool or custom provider which interacts with these endpoints. There are some alternatives to run the agent in browser like working with DOM. That also works, but you pay for it a lot - parsing html and DOM operations are more expensive tokens, bundle size than telling LLM what it can do and provide a filtered context. Two cases I built it for: 1. General app automation - a tiny LLM proxy + good prompting + your existing frontend logic wrapped with small primitives = the assistant can drive the app. 2. Domain tasks - e.g. "turn this question into a SQL query" over a big proprietary BI model. A fine-tuned/prompted model that knows the schema + an endpoint to hit it + one Tool - and you get the result. It's plain TypeScript, provider-agnostic OpenAI/Anthropic built in, or your own , with a hook system to observe/intercept every step human-in-the-loop approvals, guardrails, RAG and React bindings - headless hooks or a drop-in chat. Vue is coming. There is also a plugin system. For example I created a WebMCP plugin which exposes your agent's tools through the browser API - which already could be tested in Chrome. Repo: https://github.com/ag2b/ag2b https://github.com/ag2b/ag2b Docs: https://ag2b.ai https://ag2b.ai Comments URL: https://news.ycombinator.com/item?id=48308148 https://news.ycombinator.com/item?id=48308148 Points: 1 Comments: 0