Agents as a Distinct User Class
Agents and humans share the same goals but possess different cognitive bottlenecks. While humans rely on visual cues, layout, and color to navigate interfaces, agents require data density, schema clarity, and non-visual, textual interfaces. Providing raw data (like 50,000-line JSON trace files) overwhelms agents and wastes context windows. Instead, developers should provide semantic summaries—pointing the agent to the specific, relevant data points needed to complete a task.
Optimizing for Token Efficiency
Every token sent to an agent is a monetary cost. To manage this, the Chrome DevTools team introduced the metric Tokens per Successful Outcome. This balances effectiveness (did the agent complete the journey?) with efficiency (what was the cost?).
Key strategies for reducing token burn include:
- Tool Categorization: Hide niche tools by default to keep the context window clean.
- Slim Mode: Expose only the most essential tools (e.g., select, navigate, evaluate) to minimize noise, accepting the trade-off that the agent may require more turns to complete complex tasks.
- CLI Post-Processing: Use command-line tools to chain operations (e.g., piping an accessibility tree into a click command) so that data processing happens locally rather than inside the LLM's context window.
Building Resilient and Discoverable Tools
Agents often fail when they cannot recover from errors. To enable self-healing, rewrite error messages to be actionable. Instead of generic "Unable to navigate" errors, provide specific feedback like "Cannot navigate back, no previous page in history." Additionally, implement proactive detours (hard-coding specific tool paths for known tasks) and diagnostic playbooks to help agents resolve setup or execution issues without human intervention.
Regarding discoverability, moving from a monolithic "debug_webpage" tool to 25 granular tools created a new problem: agents struggled to choose the right tool. The solution is high-quality, intent-based descriptions. A tool description should clearly define its core function and provide explicit activation criteria (e.g., "Use this tool if you need to improve page load speed").
Trust Boundaries and Security
Convenience should never override security. Even when users request to remove friction (e.g., "remember my choice" for screen sharing), developers must maintain strict trust boundaries. The team categorizes agent environments into three tiers:
- Local Dev: Human-in-the-loop; requires explicit consent for every action.
- CI Environments: Controlled, isolated environments using containers and separate profiles.
- Internet-Facing Agents: "YOLO mode"; requires domain allow-lists and robust prompt injection mitigations.
Never share security models across these tiers, even if the agents share the same underlying tools.