We've been building quietly for a while.
Web Agent Bridge (WAB) is an open protocol that standardizes how AI agents interact with websites — discovery, trust verification, governed transactions, and provable receipts. It runs on your infrastructure, respects your data boundaries, and doesn't require trusting a third party to work.
We're at a point where we'd genuinely benefit from outside eyes.
Not to validate what we've built — but to stress-test it, find the gaps, and understand where it breaks or where it doesn't fit the way people actually work.
Here's what's available to test today:
→ DNS Discovery — add a single TXT record and any WAB-aware agent can find your site's capabilities. No code changes required.
→ Zero-Config Adoption — npx wab-init auto-detects your stack (Next.js, Nuxt, SvelteKit, Astro, Laravel, WordPress) and scaffolds everything locally.
→ Agent Governance Layer — permission boundaries, human approval gates, kill switch, tamper-evident HMAC audit chain. Wraps any agent action in one call.
→ ATP (Agent Transaction Primitive) — signed intent contracts with idempotent execution and Ed25519 receipts. Public verification requires no authentication.
→ MCP adapter — npm install @wab/mcp-server — works with Claude, GPT, LangChain, Ollama.
→ VS Code extension — search "WAB" in the Extensions panel or: code --install-extension webagentbridge.wab
On privacy and data:
WAB is designed to run on your own infrastructure. There's no telemetry unless you opt in. The cryptographic trust layer (Ed25519 + DNSSEC) means verification doesn't require contacting our servers — you can validate everything independently. The Governance Layer stores audit logs locally by default. We don't want your data. The architecture is deliberately built so we can't have it.
What we're looking for:
People who build AI agents and want to test how WAB handles discovery and governed execution on real sites. Security researchers who want to probe the trust layer — Ed25519 signing, SSL fingerprint pinning, HMAC chain integrity. Developers who've tried browser automation and want to compare the WAB approach. Anyone willing to tell us where it's awkward, incomplete, or doesn't match their mental model.
We're not looking for cheerleaders. We're looking for honest feedback — including the uncomfortable kind.
If something doesn't work, we want to know. If the docs are unclear, we want to know. If the approach has a fundamental flaw, we really want to know.
445/445 tests passing. 13 releases. 230+ commits. Open source, MIT core.
Verify any site yourself: webagentbridge.com/check?host=YOUR_DOMAIN
GitHub: github.com/abokenan444/web-agent-bridge
Docs: webagentbridge.com/docs
Discord: discord.gg/NnbpJYEF
If you'd rather open a GitHub issue or discussion than join Discord, that works too. All feedback is read.