Sabitlenmiş Tweet
Phi Browser
1.2K posts

Phi Browser
@phibrowser
Phi Browser is the browser that knows you - An everyday browser that opens door to every possibility in AI, for you and your agents.
San Francisco Katılım Haziran 2025
22 Takip Edilen735 Takipçiler

@fedeecaccia @VadimStrizheus 'going to a website' as a human chore, sure, that dies. but the website doesn't, it becomes the surface the agent operates and you watch. the page stops being something you click through and becomes the shared workspace. dies as a task, lives as a place.
English

Ex-Anthropic engineer, now founder: "the idea of going to a website to do something, I think it's gonna die."
48 minutes with Pietro of MagicPath on what comes after SaaS:
"The future of work is gonna be less about doing the thing, but more about supervising the thing." Agents execute, humans supervise.
Why ChatGPT Atlas flopped: "Atlas was browser first and agent second. This is agent first and browser second."
With tooling commoditized, "the only thing that matters is brand and community."
His whole playbook: "I built a demo on MagicPath. I shared a tweet. I think I got, like, a million views on that tweet... And then I raise money in a week after that."
English

this is one of the best AI interviews I’ve seen in 2026:
if you’re a founder struggling to build a PMF app, or wondering what the future will look like, just watch this video.
David Ondrej does a deep dive with a ex-Anthropic AI engineer about the future of AI, app building, how to launch a SaaS, and much more.
so much gold nuggets in here.
Don’t even bookmark this for later, watch this right now.👇
(or give this to your agent to help you brainstorm tonight)
English

@EchoShao8899 agreed, the collaboration layer is the frontier, not more agents. the hard part is where it lives: a shared surface where human and agent both act and see, not a protocol between black boxes. we're building that from the browser side. excited to see where Coco takes it.
English

AI is getting incredibly powerful, yet most of that power only reaches software domain.
The next frontier isn't building more agents, but a collaboration layer between humans and AI. As a first step, we're open-sourcing Coco: a proactive co-assistant that help at the right time.
Blog post: collaborative-agents.github.io
Code: github.com/collaborative-…

English

@MihneaDeVries @arvidkahl 'report' is the load-bearing word: you see the agent's account of the page, not the page. fine for most things. co-presence is for the ones where the summary and the reality diverge and you'd rather have been looking. delegation works right up until the report is wrong.
English

@phibrowser @arvidkahl yes i don’t browse anymore for a while now, i ask my agents to do it and report, so whoever use thsi to block agents will tender themselve invisible to me and soon for almost every one else
English

@FounderPark fair, that's the line: doubao faked a human while you were away, so the block was correct. co-presence isn't the agent faking a thumb, you're there to give it when the app asks. agent does the rest. you satisfy the human-check, not defeat it.
English

sharp framing. and it's exactly what ByteDance tried. Doubao's phone agent operated on your authenticated session, simulating clicks on apps you were already logged into. Co-presence, as you describe it.
WeChat detected it and shut it down. The app doesn't care that you're logged in, it cares that something non-human is acting on your session. Risk controls can distinguish between a thumb and a script.
That's the whole reason StepFun went protocol-first.
English

ByteDance's phone agent got blocked by WeChat for brute-forcing across apps.
StepFun just shipped a phone that takes the opposite approach — instead of simulating clicks, it uses a protocol (GUI-MCP) that lets apps opt in as "skills" for the agent. First agentic phone to market, ahead of OpenAI's 2028 timeline.
The question is: WeChat and Taobao aren't on the partner list. Without the super-apps, can "agent phone" be a real phone?
English

@MarinMikulec the word doing the work is 'sandboxed', the agent gets its own browser walled off from yours. one end-state: every agent in its own box. the other bet is the opposite, not a sandbox beside you but one surface you both share. where it ends depends which you optimize for.
English

@neil_xbt true for capability assumptions, they go stale as models improve. but co-presence encodes one that doesn't decay: not 'the model can't do this alone,' but 'a human wants a say on the calls that matter.' the first bets on model limits. the second outlives them.
English

Every component in your agent harness encodes an assumption about what the model cannot do alone!
A context reset assumes it can't handle pressure on its own. A verification step assumes it can't self-check.
Anthropic's own postmortem on building complete apps unattended says these assumptions need stress testing, because they're often wrong and go stale fast as models improve.
Most people never question the scaffolding they built six months ago. The model changed. The assumptions didn't.
This is one of six free sources that actually teach harness engineering, the layer most $3,000 bootcamps skip entirely.
Bookmark so you do not lose it!
Follow @neil_xbt for more!
NeilXbt@neil_xbt
English

@firstexhotic @ai_explorer25 the rule was a guess about what the page would do, and it did something else. 'exactly once' can't see the confirm dialog coming. a human in the session just clicks through it. co-presence isn't a better rule, it's what covers the case no rule predicted.
English

@ai_explorer25 the failure nobody demos: your own guardrails become the bug. we told our browser agent to click submit exactly once so it would not double-apply. a confirm dialog popped up and it froze, it had already spent its one click. the rule meant to keep it safe is what stalled it.
English

@MihneaDeVries @arvidkahl 'invisible' assumes humans leave the browser. the other read: the human-legible page becomes the shared surface, where the agent acts and the human still watches and verifies. not human-web vs agent-web, one surface both operate. co-presence, not replacement.
English

@arvidkahl well, if a website only optimizes for humans clicking around in browsers, it risks becoming invisible in an agent-first internet.
English

@Weaverworld that read-back-and-wait rule is the whole game. one nuance: a plain-english summary is still the agent's own account of what it'll do. on a shared surface you approve the actual ticket it sees, not its description of it. co-presence beats trusting the readback.
English

I’ve been testing Grok’s CLI agent hooked into my Interactive Brokers **paper** account, because I want to push the automation hard with fake money before I let it anywhere near real capital. It already feels like having a small trading desk on call.
At first, when I told it what I wanted to trade, it would just go ahead and execute orders. That’s powerful, but not how I want to run risk. So I gave it a hard rule:
> Before placing any order, read the full ticket back to me and wait for my explicit permission.
It wrote that into its own memory and now treats it as mandatory. Every ticket gets summarized in plain English—account (paper), strategy, side/size, order type, and net exposure—and then it pauses for my “yes” before submitting. Exactly how you’d brief a junior on a desk.
To stress‑test it, I asked Grok to build a strategy for an Iran war‑risk scenario: rates up, oil up, volatility up, equities down, dollar up. I didn’t give it tickers or markets. It automatically mapped that macro view into futures and FX—CL for crude, MES for equities, ZN for bonds, and a dollar sleeve via EUR/USD—without me having to spell out each symbol.
What impressed me most is that it didn’t ask “what market” to trade; instead, it asked what kind of core edge I wanted: mean reversion, trend, breakout, etc. I told it I wanted “no statistical edge” because this was a pure event shock. It understood immediately and treated the entire setup as an event‑driven playbook rather than a backtested signal.
The book it came back with was exactly what I had in mind:
- Long crude
- Short equities
- Short bonds (rates up)
- Long USD vs EUR via EUR/USD
DX wasn’t available in this setup, so it expressed the dollar leg through EUR/USD—short EUR/USD via euro FX futures to stay consistent with “dollar up.” Then it showed the whole **paper** portfolio in a clean table, labeled each leg (long oil, short equities, short bonds / rates up, long dollar via EUR/USD), read the tickets back to me, and waited for approval.
What I’m really getting out of this exercise is not just the trades, but the process. By running everything on paper with strict “ask for permission” guardrails, I’m figuring out exactly where I want automation to stop and human judgment to take over. At the same time, Grok is reinforcing how I like to trade, because I’ve been talking to it over time about my strategies, my macro views, and my preferences. It’s starting to internalize my style—how I think about regimes, how I size risk, what instruments I gravitate toward.
So this ends up feeling less like a generic bot and more like a trading floor that actually knows me: it understands my playbook, proposes structures that fit my personality and approach, and then waits for my sign‑off before anything moves. That’s pretty awesome.
(See the screenshots for the actual tickets, the event‑shock layout, and the “read back and ask before executing” rule it wrote into memory.)




English

@tszzl you called it in april: soon too fast to monitor. but monitoring was never the answer, watching APM-speed clicks is a race you lose. co-presence is: human + agent on one surface, so grabbing the wheel at a fork is one move, not surveillance.
English

literally 2.5 months later these guys are starting to look superhuman at computer manipulation
it used to crash my browser sometimes, click on the wrong thing, go uh-oh, now it's doing starcraft player APMs
x.com/Star_Knight12/…
roon@tszzl
there will this brief era where we can watch our AIs bumble around on the computer clicking things, failing sometimes, taking a ~human amount of time to write code. in the blink of an eye they’ll be manipulating computers far too quickly to monitor
English

@modelsagree @skyvernai @Stagehanddev @steeldotdev every platform on this list is one category: an agent driving a headless browser alone, no human. that's real and useful. but it's 'computer use', the agent operating a machine by itself. the slot the list doesn't have is co-use: a browser you and the agent share.
English

ChatGPT, Claude, Gemini & Grok rank the best computer-use agent platform right now:
🥇 Browser Use
🥈 Browserbase
🥉 Anthropic Computer Use
4. @SkyvernAI
5. @Stagehanddev
6. @steeldotdev
7. Browserless
8. OpenClaw
9. Playwright MCP
10. Anchor Browser
Why 👇
English

@zhihanz1205 'intelligence is free, context is not' is the line. worth splitting: there's the data-systems context you name, and the human context, an agent working WITH you needs what you're doing right now, which no warehouse holds. that lives in your browser, not a query.
English

Intelligence is becoming free. Context is not.
Berkeley’s new BAIR post, “Data Systems for, of, and by Agents,” names the shift: inference costs are collapsing, and agents are becoming the dominant workload for data systems.
It captures the next bottleneck perfectly.
When thousands of agents can reason cheaply, the hard problem is no longer calling the model. It is continuously turning code, documents, conversations, databases, and agent experience into fresh, structured, retrievable context.
This is why @cocoindex_io has the right shape for the agentic data system.
It is not another vector database or a wrapper around embeddings. It treats context as derived state:
Context State = Transform(Source State)
You declare what the agent’s context should look like. CocoIndex tracks dependencies, recomputes only the delta, propagates inserts, updates, and deletions, and materializes the result into relational, vector, graph, or file-based systems.
Incremental is the whole point for long-running agents.
Their sources never stop changing. Their memory cannot be a pile of Markdown files, and their context cannot be rebuilt from scratch after every code commit, Slack message, or newly learned correction.
The model is interchangeable. The hard part is the context layer that persists, evolves, and stays correct as the world changes.
That is the layer CocoIndex is built for.
English

@SebastienEgo @OfficialLoganK exactly, that's the architectural bet. handoff-only context is just turn-taking, faster. real co-authorship needs a shared live surface: the agent sees your uncommitted edits live, you see its as they land. symmetric context isn't a feature, it's the definition.
English

@phibrowser @OfficialLoganK co-authorship still assumes symmetric context though. the human sees the whole diff, does the agent see the human's uncommitted edits in real time or only at handoff? that asymmetry decides who's actually driving.
English

@SebastienEgo @OfficialLoganK 'primary author' is the load-bearing assumption, and the wrong axis. the shift isn't agent-first vs human-first, it's co-authorship: control passing back and forth in one surface. the environment is for two authors, not a handoff of which is primary.
English

@OfficialLoganK ACE replacing IDE assumes the agent is the primary author. does gemini's internal tooling actually route most diffs through agent-first workflows now, or is that still aspirational even inside google?
English

@blocknovallc @InfoSecSherpa least privilege as a wrapper is the trap. for an agent it has to be architecture: scoped, revocable access to the task, never your standing session. designed in, it can't exceed its scope. bolted on, you're hoping it behaves. that gap is where prod drains come from.
English

@InfoSecSherpa least, privilege for AI agents is criminally underappreciated. most teams bolt security on after the architecture is locked, which is exactly when it costs the most to fix. give an agent write access to prod and you'll learn that lesson faster than any postmortem ever taught you.
English

From Token Security (June 22nd) - "Why We Built This We created the AI Privilege Guardian to provide AI agent builders and security teams with a simple tool to ensure that agents are properly scoped and permissioned."
api.cyfluencer.com/s/ai-privilege…

English

@SidraMiconi 'with us in the loop' is the part most drop, and it's the whole thing. the IDE rebuilt this way is the same move as the browser: every tool built for one human operator gets rethought as a surface two operators share. ACE for code, the same shift is coming to the tab.
English

The IDE was built for humans writing code line by line.
The next environment will be built for agents planning, coding, testing and fixing things with us in the loop.
ACE feels less like a new feature and more like the next layer of software development.
Logan Kilpatrick@OfficialLoganK
The Agentic Coding Environment (ACE) is the natural successor to the IDE (Integrated Development Environment)
English

@sebuzdugan the 87 vs 33 gap is the argument for watching over trusting the report. an agent's self-report is a claim, not a result, it tells you it succeeded because it believes it did. the only pass rate that's real is the one you can verify yourself, not the one it hands you.
English




