One import. Every action your agent needs — browsing, code, email, APIs, files — logged, permissioned, and safe by default.
from agentlegs import Legs
legs = Legs(api_key="al_...")
# Browse, code, email, API, files — all in one runtime
result = await legs.browse("https://example.com")
output = await legs.run_code("python", script)
await legs.send_email(to="user@co.com", body=output)
The Problem
Browser automation, sandboxed code execution, email wiring, API connectors, file handlers — built by hand, untested under edge cases, and permanently on your oncall rotation.
Spinning up Playwright or Selenium, handling authentication, managing session state, dealing with rate limits and bot detection. None of it is your product.
Code execution requires containers, timeouts, resource limits, and security isolation. Every team reinvents this. Most get it subtly wrong.
Agents that act can cause unintended consequences. Without an audit log and permission layer, you have no way to know what your agent did or why.
What's in the runtime
Five hardened action types. One unified API. Every call logged, permissioned, and observable.
Full browser automation without Playwright setup. Click, scroll, extract, fill forms, handle auth, bypass bot detection. Rendered pages, not just HTML.
Run Python, JavaScript, Bash, and more in isolated sandboxes. CPU and memory limits, timeout enforcement, output streaming. No container management.
Send transactional and agent-triggered email. HTML and plain text, attachments, threading, bounce handling. Works with any provider via SMTP or API.
Authenticated outbound HTTP to any third-party API. Secret management, retry logic, rate limit handling, and structured response parsing built in.
Read, write, transform, and transfer files across local and cloud storage. CSV, JSON, PDF, images. Structured outputs agents can actually reason over.
Every action logged with inputs, outputs, and timestamps. Permission scopes prevent agents from taking actions outside their defined role.
How it works
One package. Supports Python and JavaScript. Connect to your existing agent with your API key. No infrastructure to provision, no containers to manage.
Register browse, run_code, send_email, call_api, and manage_files as tools. Your LLM can now call them. Agent Legs executes them safely with full observability.
Every action is logged in the Agent Legs dashboard. Review what your agent did, replay failed runs, and tighten permissions as your agent matures in production.
From the blog
Why intelligence without action is just a very expensive search engine — and what changes when you give your model legs.
Read article →The right abstraction layer for browser actions, why Selenium is the wrong starting point, and what to use instead.
Read article →A complete map of the infrastructure layer that sits between your agent's decisions and real-world effects.
Read article →Free for 1,000 actions/month. No credit card required to start.
Get early access