MCP Path

Browser Tabs Runtime-Port

Browser Tabs Runtime-Port is a public reference for embedded agent runtimes and runtime communication. It names the signal, policy, or flow an agent should understand before choosing a concrete tool.

Catalog path

Reference page for a documented MCP capability path.

Type: MCP path
Family: Plugin Runtime APIs (Agent-side)
Effect: sensitive
Status: Reference
Path: 40.10

Purpose

What this entry explains

What it does

This reference explains Browser Tabs Runtime-Port for embedded agent runtimes and runtime communication. It is kept as a named reference so agents can cite the flow without inventing a tool name.

Use when

Use this entry when an agent needs to handle the sensitive path "Browser Tabs Runtime-Port" for embedded agent runtimes and runtime communication.
Use it as a reference path when the catalog describes a capability but no single public tool name is explicit.
Use it before chaining follow-up tools so the next step is based on current evidence.

Reference Use

How agents should cite and apply this area

Examples are maintained at family level and use only public tool names or reference paths already present in the catalog.

Signal, gate, behavior, boundary

Browser Tabs Runtime-Port describes a gate for embedded agent runtimes and runtime communication. The path shows which signal, gate, behavior, or boundary must be checked before choosing a concrete tool.

When agents cite it

An agent cites this path when it needs Browser Tabs Runtime-Port as context for a decision, block, target check, or follow-up tool choice.

Why no callable name

The public source does not name one callable tool for this path. The documentation therefore keeps it as a reference path and does not invent a callable name.

Signals and rule

Relevant response signals: browser.tabs, tabsSnapshot.currentSessionId, queryTab, querySession. Safety axes: Browser state, Sensitive, User confirmation. The reference path alone is not permission to execute. Before acting, check current MCP discovery, visible target, scope, and the actual response.

Family example

A task in embedded agent runtimes and runtime communication can trigger powerful execution and therefore needs target, approval, and result check before the step.

The agent starts with nova.plugin_icons_list, reads the current response or reference, and only then chooses the concrete next tool.

nova.plugin_icons_list nova.plugin_security_log nova.plugin_logs

Current discovery, target, user control, warning signals, and result check come before execution.

Contract

Inputs and important response fields

This page is a public reference. Agents and integrators should still read current MCP tool discovery before execution, because schemas can be gated by settings or version.

Inputs

No stable public input field is derived from the catalog source for this path. Read current MCP discovery before execution.

Response field	Explanation
`browser.tabs`	Response field named by the catalog source. Treat it as current evidence for the next decision.
`tabsSnapshot.currentSessionId`	Identifier or reference value. Do not guess it from memory; read it from the current response.
`queryTab`	Runtime or communication signal for agent-facing integrations. It is not a normal human UI control.
`querySession`	Runtime or communication signal for agent-facing integrations. It is not a normal human UI control.

Safety

Boundary before execution

Effect

May touch sensitive data, permissions, credentials, identity, or external connection paths. Use only with explicit scope and visible user control.

Agent rule

Require explicit purpose and current context, avoid exposing secrets in prompts or logs, and stop when permission or identity state is unclear.

Human control

For humans, this entry marks the sensitive surface in embedded agent runtimes and runtime communication and keeps permission, credential, or external-connection handling explicit.

High-Impact Review

Execution boundary and recheck hints

Review category: Plugin runtime

Execution boundary

Plugin code and runtime calls stay limited to explicitly approved tools, permissions, and target contexts.

Typical false assumption

False assumption: an installed or loaded plugin may use all available browser data.

Visible user control

Approval, active tab, permission, and test result must remain visible user controls.

Agent rule

Execute plugin capabilities only after current tool discovery and permission checks; do not blindly chain external runtime output.

Abort or recheck

Recheck when permissions are missing, a plugin is unknown, or runtime status diverges from expected scope.

Safety Axes

How this path can affect work

Axes are stable catalog signals for humans, agents, and LLM discovery. One path can carry several axes.

Browser state browser_state_change

Changes tab, navigation, focus, claim, scroll position, window state, or browser environment.

Confirm the target context visibly before execution and verify that the expected browser state was reached afterwards.

Sensitive sensitive_data

Touches cookies, storage, clipboard, credentials, tokens, user content, identity, or private data.

Use only with bounded purpose and visible user control; do not guess, log, or forward sensitive values.

User confirmation user_confirmation

Requires visible confirmation, target review, approval, or deliberate user control.

Do not proceed until the required confirmation is visible or unambiguous in the current context.