← Back to changelog
v1.10

Built-in Browser, Universal Canvas, & Agent Profiles

April 28, 2026

v1.10 introduces Agent Zero's new direct Playwright-powered Browser, ChatGPT/Codex account OAuth, Time Travel workspace history, Universal and Office Canvas surfaces, context-scoped Agent Profiles, project-scoped LLM presets, and a broad set of connector, UI, integration, and security improvements.

✨ Highlights

  • New built-in Browser — The legacy browser-use agent is replaced by a direct Playwright-powered browser with a live WebUI viewer, CDP screencast streaming, floating or dockable canvas mode, tab management, Chrome extension support, annotation mode, and persistent Chromium runtime.
  • ChatGPT/Codex Account OAuth — Connect an existing OpenAI Codex plan through device-code OAuth. Agent Zero exposes a local OpenAI-compatible wrapper so LiteLLM can use account-backed models without a separate API key, including SSE streaming support and an integrations discovery banner.
  • Time Travel workspace history — Shadow Git snapshots for /a0/usr workspaces add history, diff, preview, travel, and revert APIs with watchdog debouncing. This replaces the earlier _diff_viewer plugin.
  • Universal Canvas and dockable panels — Browser and Office surfaces can run in the right canvas or as floating modals, with automatic canvas handoffs from tool results and a redesigned right-canvas rail that preserves chat space.
  • Office Canvas — DOCX, XLSX, and PPTX artifacts now support read/edit workflows, version history, native XLSX chart creation, file tabs with session switching, dashboard previews, and more accurate auto-handoff rules.
  • Agent Profile switcher — Profiles are now context-scoped and switchable from the chat composer. The new a0-create-agent skill guides profile creation through scope, behavior, and prompt overrides.
  • Project-scoped LLM presets — Projects can now carry their own LLM presets, copying chat and utility settings into project config while keeping embeddings aligned with the effective global configuration.

🛡️ Security

  • CVE-2026-32871 remediation — FastMCP was upgraded to 3.2.4 and MCP to 1.27.0 to fix an OpenAPI path-parameter traversal vulnerability, with regression coverage added for path-encoding safety.

🔌 Connector & Remote Tools

  • Connector execution config handshakeexec_config is now sent in the connector WebSocket hello, removing an implicit host-side Core dependency and fixing Windows remote execution.
  • Safer remote text editing — Remote patch operations now include stale-read protection with freshness checks before edits are applied.
  • Lazy-loaded remote tool guidance — Remote tool guidance is now loaded as skills and gated on actual CLI capabilities instead of being injected unconditionally.
  • Read-only shell guardrails — Shell write actions are blocked when a remote session is in read-only mode.

✏️ Text Editor

  • Context-based patch_text — The Docker-local text editor now supports context-based patching with the same validation and freshness logic used by the remote editor, while preserving legacy line-number edits.

🎨 UI & Settings

  • Model setup is easier to reach — API key fields moved out of collapsed Advanced Settings into the main model form, active model names now appear in the chat model switcher, and onboarding progression improved for Main and Utility model setup.
  • Plugin Hub discovery improved — Plugin Hub now includes a New filter for plugins added in the last 14 days, newest-sort behavior, badge styling, and plugin settings modal titles that show the active plugin name.
  • Settings and modals restyled — Settings and modal surfaces now use a left-rail layout, clearer visual hierarchy, and advanced disclosures.
  • Email and Remote Link flows refreshed — Email integration now uses provider-first selection with guided defaults, and Remote Link/tunnel UX adds clearer QR and mobile affordances.
  • Skills and voice refinements — The active skills cap is raised to 20 with a simpler checklist UI, and STT transcription now correctly writes recognized text into the chat input through the Alpine store.

⚙️ Integrations & Infrastructure

  • Messaging integration persistence — Telegram and WhatsApp configuration persistence and project binding were fixed.
  • SearXNG bootstrap fix — The wikidata engine is disabled to prevent Docker bootstrap failures.
  • Socket.IO compatibility — The disconnect handler now accepts the reason parameter for compatibility with python-socketio 5.14.2 and newer.
  • Tool request validation fix — Tool validation no longer crashes on non-canonical field names.

⚠️ Breaking Changes

  • _browser_agent removed from core — Users relying on the browser-use-based agent will be able to install it from the Plugin Index as a community plugin after its release.
  • browser-use Python dependency removed — The dependency is no longer bundled and is only needed if you install the community browser-use plugin.
  • Image attachments stored as path refs — Vision and computer-use captures are now file-path references in history. Inline base64/data-URL attachments are rejected on the connector WebSocket path.
  • FastMCP 3.x upgrade — FastMCP moved from 2.x to 3.x, so plugins using FastMCP internals may need updates.