Web Panel
A browser-based management interface embedded in the VulpineOS binary for monitoring every AI browser agent in your fleet. Access the full dashboard, agent management, and configuration from any browser.
Starting the Web Panel
The panel is served automatically in serve mode:
vulpineos --serve --port 8443 --api-key $VULPINE_API_KEYOpen https://your-server:8443 in a browser. Enter your API key to authenticate.
For local development without TLS:
vulpineos --serve --port 8443 --api-key mykey --no-tls
# Open http://localhost:8443Pages
Dashboard
Live overview: kernel status and PID, active agent count, context pool utilization (active/total/available), total API cost. Telemetry panel shows memory, contexts, pages, and detection risk percentage. Recent events feed updates in real-time via WebSocket.
Agents
Agent list with status, fingerprint summary, token usage, and cost per agent. Spawn new agents with a task description. Kill or pause running agents. Click an agent to open its detail page.
Agent Detail
Three tabs:
- Conversation — Full message history with role-colored entries (user/assistant). Send messages to the agent via text input.
- Recording — Action timeline showing timestamped browser actions (navigate, click, type, scroll, screenshot).
- Fingerprint — JSON view of the agent’s assigned fingerprint (user agent, screen dimensions, WebGL, etc).
Contexts
Create and remove browser contexts. Lists active contexts with IDs. Contexts are isolated — separate cookies, storage, and fingerprints per context.
Proxies
Import proxies in bulk (one URL per line). Test proxy latency and resolve exit country. Delete individual proxies. Shows URL, status (tested/untested), latency, and country.
Security
Lists all 7 active protections (injection filter, action-lock, CSP injection, DOM mutation monitoring, injection signatures, sandboxed evaluation, token-optimized DOM). Shows injection attempt feed from Browser.injectionAttemptDetected events in real-time.
Webhooks
Add webhook endpoints with optional event filtering and secret headers. Remove registered webhooks. Events: agent.completed, agent.failed, agent.paused, rate_limit.detected, injection.detected, budget.alert, budget.exceeded.
Scripts
JSON script editor for the agent scripting DSL. Write scripts with 8 actions (navigate, click, type, wait, extract, screenshot, set, if). Run button executes the script and shows output in a live console panel.
Logs
Filterable event stream from the kernel WebSocket. Filter by event method name. Shows timestamp, method, and params for each event.
Settings
Configure LLM provider, model, and API key (persisted to ~/.vulpineos/config.json). Resource limits: memory per context (MB), default budget per agent (USD). Kernel info: binary path, auto-restart status, context pool configuration.
API Communication
The panel communicates via WebSocket control messages to the PanelAPI handler. All messages go through the /ws endpoint with API key authentication.
29 control message types across 9 domains:
| Domain | Messages |
|---|---|
| agents | list, spawn, kill, pause, resume, getMessages |
| config | get, set |
| costs | getAll, setBudget, total |
| webhooks | list, add, remove |
| proxies | list, add, delete, test, setRotation |
| bus | pending, approve, reject, policies, addPolicy |
| recording | getTimeline, export |
| fingerprints | get, generate |
| status | get |
Example message flow:
// Connect with API key
const ws = new WebSocket('wss://server:8443/ws?token=API_KEY')
// Send control message
ws.send(JSON.stringify({
type: 'control',
payload: JSON.stringify({
command: 'agents.list',
params: '{}'
})
}))
// Receive response
ws.onmessage = (e) => {
const msg = JSON.parse(e.data)
// Control response: { type: 'control', payload: '{"agents": [...]}' }
// Live event: { type: 'juggler', method: 'Browser.telemetryUpdate', params: {...} }
}Real-time events (telemetry, injection alerts, agent status) are broadcast automatically to all connected clients.
Single Binary
The web panel’s static assets (HTML, CSS, JS) are embedded in the Go binary using //go:embed. No external web server needed — vulpineos --serve starts the kernel, foxbridge CDP proxy, and web panel from a single binary.
See also
- TUI Workbench — terminal dashboard for managing agents
- Remote Access — deploy VulpineOS on a VPS with WebSocket
- Agent-to-Agent Communication — message bus with approval policies