This week split cleanly into two tracks: new primitives that make agents more capable in production, and a string of security findings that should make you paranoid about every agent you're already running. Neither track can be ignored right now—the capability and the risk are arriving on the same schedule.
Agents SDK adds durable browser and code execution
The Agents SDK now exposes Chrome DevTools Protocol directly to models via Browser Run, and adds durable execution logs with approval gates in Code Mode. The key architectural shift is that pause-resume logic is handled by the framework rather than your orchestration layer—backed by Cloudflare Workers and Durable Objects, agents survive deploys and dropped connections without you writing a single line of recovery code.
What this replaces is the fragile hand-rolled browser tool wrapper pattern: fixed action lists, custom CDP wrappers, and bespoke approval-gate logic that breaks on network churn or redeploys. The approval gate integration is the part worth paying attention to—sensitive actions can halt and wait for human sign-off without any custom state machine on your end.
Verdict: Ship. If you're building agents that touch browser automation or need human-in-the-loop approval on production actions, update the SDK and wire it in. The Cloudflare infrastructure dependency is real, but the reduction in orchestration code is worth the coupling.
