Feat/browser agent progress emission

[kunal-10-cloud]

Summary

Implemented structured [SubagentProgress] emission for the browser agent, replacing raw string updates. This enables rich UI rendering with progress spinners, status icons, and formatted tool arguments in the terminal.

Details

• Structured Activity: Handled all activity event types (thoughts, tool starts/ends, and errors) instead of just thought chunks.
• State Management: Added tracking for recent activity items to maintain status transitions (running → completed/error/cancelled).
• Terminal States: Ensured the agent always emits a final state on success, failure, or cancellation.
• Improved Feedback: Integrated initial setup logs into the progress feed for immediate visibility.
• Verification: Updated unit tests to validate the new structured output and fixed generic type linting issues in tests.

Related Issues

Closes #21088

How to Validate

1. Run unit tests for the browser agent:

   npm test -w @google/gemini-cli-core -- src/agents/browser/

Run a browser task in the CLI and verify the UI shows spinners and tool icons during execution.

Attaching screencast as POC:

Screen.Recording.2026-03-08.at.4.48.37.AM.mov

Pre-Merge Checklist

• Updated relevant documentation and README (if needed)
• Added/updated tests (if needed)
• Noted breaking changes (if any)
• Validated on required platforms/methods:
  • MacOS
    • npm run
    • npx
    • Docker
    • Podman
    • Seatbelt
  • Windows
    • npm run
    • npx
    • Docker
  • Linux
    • npm run
    • npx
    • Docker

[gemini-code-assist]

Summary of Changes

Hello, I'm Gemini Code Assist¹! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!

This pull request significantly enhances the browser agent's feedback mechanism by transitioning from simple string-based progress updates to a structured SubagentProgress emission system. This change allows for a more detailed and dynamic representation of the agent's activities, such as thoughts, tool executions, and error states, which can be leveraged by the UI for improved user experience. The update also includes robust state management for these activities and ensures consistent reporting of the agent's final status.

Highlights

• Structured Progress Emission: Implemented structured SubagentProgress objects for the browser agent, replacing raw string updates to provide richer, real-time feedback.
• Comprehensive Activity Handling: The agent now handles all activity event types, including thoughts, tool starts, tool ends, and errors, ensuring a complete view of its operation.
• State Management: Added tracking for recent activity items to accurately manage status transitions (e.g., running to completed, error, or cancelled).
• Terminal State Guarantee: Ensured the agent always emits a final state (success, failure, or cancellation) for clear termination reporting.
• Enhanced Feedback: Initial setup logs are now integrated into the progress feed, providing immediate visibility into the agent's startup process.
• Testing and Linting: Updated unit tests to validate the new structured output and addressed generic type linting issues.

Changelog

• packages/core/src/agents/browser/browserAgentInvocation.test.ts
  • Added new test cases for the execute method to verify the emission of SubagentProgress objects.
  • Included tests for handling various activity events and ensuring correct error state emission.
  • Mocked LocalAgentExecutor and createBrowserAgentDefinition for isolated testing.
• packages/core/src/agents/browser/browserAgentInvocation.ts
  • Imported randomUUID for generating unique IDs for activity items.
  • Defined MAX_RECENT_ACTIVITY to limit the number of stored activity items.
  • Refactored the execute method to initialize and update a recentActivity array with structured SubagentActivityItem objects.
  • Modified the onActivity callback to process THOUGHT_CHUNK, TOOL_CALL_START, TOOL_CALL_END, and ERROR events, updating the recentActivity and emitting SubagentProgress.
  • Ensured that initial setup messages are emitted as SubagentProgress objects.
  • Updated the error handling logic to mark running activities as cancelled or erroneous and emit a final SubagentProgress with the appropriate state.

Activity

• Updated relevant documentation and README (if needed).
• Added/updated tests (if needed).
• Validated on MacOS using npm run.

Using Gemini Code Assist

The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.

Invoking Gemini

You can request assistance from Gemini at any point by creating a comment using either /gemini <command> or @gemini-code-assist <command>. Below is a summary of the supported commands on the current page.

Feature	Command	Description
Code Review	/gemini review	Performs a code review for the current pull request in its current state.
Pull Request Summary	/gemini summary	Provides a summary of the current pull request in its current state.
Comment	@gemini-code-assist	Responds in comments when explicitly tagged, both in pull request comments and review comments.
Help	/gemini help	Displays a list of available commands.

Customization

To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/ folder in the base of the repository. Detailed instructions can be found here.

Limitations & Feedback

Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for Github and other Google products, sign up here.

You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension.

Footnotes

1. Review the Privacy Notices, Generative AI Prohibited Use Policy, Terms of Service, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution. ↩

[kunal-10-cloud]

@jacob314 @gsquared94 can you please review this pr and let me know if any changes needed?

[gemini-code-assist]

Code Review

This pull request introduces structured SubagentProgress emission for the browser agent, which is a significant enhancement for providing rich UI feedback. However, it introduces a critical security vulnerability where sensitive tool arguments (e.g., passwords used in a fill tool call) are emitted in plain text within the progress updates, risking exposure in logs or user interfaces. Additionally, a high-severity issue was identified where tool errors (other than cancellations) do not update the tool's status, leaving it in a misleading 'running' state in the UI, which needs to be addressed for accurate progress display.

[gsquared94]

@kunal-10-cloud please address the gemini review findings. Also can you add a screencast of this working?

Thanks.

[kunal-10-cloud]

/gemini review

[kunal-10-cloud]

@kunal-10-cloud please address the gemini review findings. Also can you add a screencast of this working?

Thanks.

sure just give me a few moments

[gemini-code-assist]

Code Review

This pull request introduces structured "SubagentProgress" emission for the browser agent, significantly improving UI rendering with richer feedback. While the PR aims to sanitize sensitive data in tool arguments and includes unit tests, it has several security weaknesses. The redaction logic in sanitizeToolArgs is incomplete, missing common variants of sensitive keys like api_key, and sensitive information is leaked through tool descriptions and unvalidated error messages. The PR also handles various activity event types, manages state transitions, and ensures final state emission.

[kunal-10-cloud]

/gemini review

[gemini-code-assist]

Code Review

This pull request introduces structured SubagentProgress emission for the browser agent, enhancing user experience with richer feedback, and implements sanitization for sensitive data in tool arguments and error messages. However, a security vulnerability exists where sensitive information could still be leaked through LLM thoughts and incomplete error message sanitization. To fully address this, the redaction logic must be consistently applied across all event types, including LLM thoughts, and the error message sanitizer needs to be updated to cover all sensitive key patterns. Specifically, the current regular expressions for redacting credentials in error messages are too restrictive, and error messages in the top-level catch block are not being sanitized before being passed to the LLM.

[kunal-10-cloud]

/gemini review

[gemini-code-assist]

Code Review

This pull request introduces structured progress reporting for the browser agent, which is a significant improvement for UI feedback. The implementation includes comprehensive state management for agent activities and, importantly, adds sanitization for sensitive data like API keys and passwords in tool arguments and error messages. A security audit confirms that the new sanitization logic is a significant security improvement, and no high or critical severity vulnerabilities were identified in the provided patches, though regex-based redaction has inherent limitations. However, a critical type issue in the error handling path for llmContent could lead to runtime errors and potential prompt injection risks, and a high-severity bug in the error message sanitization regex might cause over-redaction of information. Addressing these will enhance the feature's robustness and security.

[kunal-10-cloud]

/gemini review

[gemini-code-assist]

Code Review

This pull request introduces structured progress emission for the browser agent, significantly enhancing UI rendering, user feedback, and observability. It also adds crucial sanitization for sensitive data in tool arguments, thoughts, and error messages. However, the sanitization logic for redacting sensitive information (like API keys and passwords) from these progress updates is incomplete. Specifically, a high-severity issue was identified where a sensitive key pattern (pwd) was missed in the error message sanitization. Furthermore, tool call descriptions and display names are not sanitized, and the tool argument sanitization only checks keys, not values. These gaps could lead to accidental leakage of secrets in the UI or logs.

[kunal-10-cloud]

/gemini review

[gemini-code-assist]

Code Review

This pull request introduces structured SubagentProgress emission for the browser agent, aiming to provide a richer UI experience by handling various activity events and implementing data sanitization. However, a critical race condition was identified in how concurrent tool calls are handled, which could lead to incorrect UI states. Additionally, a potential information disclosure vulnerability exists where API keys containing spaces in unquoted values might not be fully redacted due to a limitation in the regular expression used for sanitization, potentially exposing sensitive information. Furthermore, the key normalization logic for security sanitization may be insufficient, potentially leading to sensitive data leakage if bypassed. Addressing these issues is important for the feature's stability and security.

[kunal-10-cloud]

/gemini review

[gemini-code-assist]

Code Review

This pull request introduces structured progress emission for the browser agent, which is a great improvement for UI feedback and observability. The implementation includes robust handling of different activity events and comprehensive data sanitization to prevent leaks of sensitive information. My review focuses on improving the reliability of state management for concurrent tool calls, specifically by relying on callId exclusively for identification to prevent potential race conditions. The provided comments align with best practices and are kept as is.

[kunal-10-cloud]

/gemini review

[gemini-code-assist]

Code Review

This pull request introduces a significant improvement by implementing structured progress emission for the browser agent, which will greatly enhance the user experience. The changes are well-structured, covering various activity types and ensuring proper state management. The addition of comprehensive data sanitization is a crucial security measure. However, I've identified a critical vulnerability in the sanitization logic that could lead to incomplete redaction of secrets. My review includes a detailed comment with a suggested fix for this issue. Overall, the implementation is solid, and the new tests are thorough.

_{Note: Security Review did not run due to the size of the PR.}

[kunal-10-cloud]

/gemini review

[gemini-code-assist]

Code Review

This pull request introduces structured progress emission for the browser agent, enhancing UI feedback with comprehensive state management and extensive tests. However, a critical security vulnerability has been identified in the new data sanitization logic. Specifically, a bug in the regex construction for redacting unquoted values, caused by the incorrect use of single backslashes for the whitespace character class in a template literal, could lead to incomplete redaction of secrets and sensitive data leaks. This requires high-priority correction by using double backslashes to ensure the regex engine receives the correct character class.

[kunal-10-cloud]

/gemini review

[gemini-code-assist]

Code Review

This pull request introduces a significant improvement to the browser agent's progress reporting by switching from raw string updates to structured SubagentProgress emissions. This change enables a much richer and more informative UI in the terminal. A major part of this work is the implementation of robust data sanitization logic to redact sensitive information like API keys, passwords, and tokens from thoughts, tool arguments, and error messages, which is a critical security enhancement. The new state management logic correctly handles the lifecycle of tool calls, including concurrent executions, by leveraging callId. The changes are comprehensive and supported by an extensive new suite of unit tests that cover numerous sanitization edge cases. The overall implementation is of high quality.

[kunal-10-cloud]

@kunal-10-cloud, please address the Gemini review findings. Also can you add a screencast of this working?

Thanks.

Hi @gsquared94 @sehoon38 , I have addressed the Gemini bot's recommendations as well as added the screencast in the PR description as requested. Please review it once and let me know if any changes are required

[gsquared94]

lgtm!