AI open source testing, as a process tree, not a brand directory

It means the code that drives the browser, the prompt that shapes the agent, and the policy that decides when to take a screenshot all live in a repository you can clone, read, patch, and run locally. In Assrt's case the entire runtime sits in assrt-mcp, which is MIT licensed and published to npm as assrt-mcp. There are six runtime dependencies declared in package.json: @anthropic-ai/sdk, @google/genai, @modelcontextprotocol/sdk, @playwright/mcp, posthog-node, and ws. No proprietary YAML DSL, no cloud-only control plane, no signup wall to read the code. You can grep the TOOLS array in src/core/agent.ts and see exactly which tools the model can call. When people say 'open source' in a listicle they often mean 'has a GitHub repo somewhere' without the guarantee you can audit and self-host the full loop. The distinction matters because the AI decisions are the thing you most want to audit.

A single Node.js process spawns @playwright/mcp's cli.js over stdio. The full argv assembled in src/core/browser.ts is: process.execPath followed by [cliPath, '--viewport-size', '1600x900', '--output-mode', 'file', '--output-dir', '~/.assrt/playwright-output', '--caps', 'devtools']. If you pass --isolated, '--isolated' is appended. Otherwise the command adds '--user-data-dir ~/.assrt/browser-profile' so cookies persist. If you pass --headed=false (the default), '--headless' is spliced in at position 1. That subprocess manages the actual Chromium. Your assrt-mcp process talks to it via StdioClientTransport from @modelcontextprotocol/sdk and speaks the MCP protocol. There is no cloud call on this path. The LLM call is the only network hop, and even that one can be local if you run it through an Anthropic-compatible proxy or a self-hosted Gemini endpoint.

Yes. The plan is written to /tmp/assrt/scenario.md as plain UTF-8 Markdown. Metadata sits next to it at /tmp/assrt/scenario.json. Results for the last run are at /tmp/assrt/results/latest.json and every historical run is dumped to /tmp/assrt/results/<runId>.json. These paths are defined as constants in src/core/scenario-files.ts. An fs.watch subscribes to scenario.md; if you edit the file in Cursor or VS Code, the change is debounced for one second and optionally synced to the cloud scenario store. Nothing about reading or editing the plan requires a browser, a login, or a dashboard. You can commit scenario.md to git alongside the app it tests. You can diff two runs by diffing two latest.json files. This plain-file surface is what people mean when they talk about treating tests as first-class code.

Eighteen. They are declared as a const TOOLS array at the top of src/core/agent.ts, starting at line 16. In order of definition: navigate, snapshot, click, type_text, select_option, scroll, press_key, wait, screenshot, evaluate, create_temp_email, wait_for_verification_code, check_email_inbox, assert, complete_scenario, suggest_improvement, http_request, wait_for_stable. Each one has a JSON Schema input_schema the model must satisfy. The SYSTEM_PROMPT at line 198 explains how to use them. There is no external registry, no plugin loader, no secret tool surface hidden behind a feature flag. If you want to add a tool, you add a record to TOOLS and a case branch in the switch at line 766. That is the whole extension mechanism, and that is a property you only get from an open-source runtime.

Yes, on macOS. src/core/keychain.ts calls 'security find-generic-password -s Claude Code-credentials -w' to read the OAuth access token Claude Code already stored in Keychain, then sends it to Anthropic with the 'oauth-2025-04-20' beta header. The getCredential function tries ANTHROPIC_API_KEY first, then falls back to the Keychain entry, and throws a clear error on Linux if neither is present. The implication for installing the tool is that a developer with Claude Code already logged in has zero additional auth to do. That behaviour depends on the tool reading from your local system, which is only something an open-source runtime can do with your trust. A SaaS test runner cannot read your Keychain on your behalf, and it cannot use a token you have not explicitly pasted into its dashboard.

Plain JSON. The writeResultsFile function in src/core/scenario-files.ts writes a pretty-printed JSON report to /tmp/assrt/results/latest.json and a copy to /tmp/assrt/results/<runId>.json. The TestReport type in src/core/types.ts is the schema: url, scenarios, totalDuration, passedCount, failedCount, generatedAt, and each scenario has name, passed, steps, assertions, summary, duration. Steps themselves carry action, description, status, timestamp. There is no proprietary binary format, no encryption layer, no required SDK to parse the output. 'cat', 'jq', 'diff', and 'grep' work. This matters because when teams describe vendor lock-in in test tools they usually mean a proprietary test definition (like a YAML DSL) plus a proprietary result format that only renders in the vendor dashboard. Assrt exposes plain markdown in and plain JSON out.

It calls the 'snapshot' tool, which asks @playwright/mcp for the accessibility tree of the current page, written out to a file in ~/.assrt/playwright-output and returned as a text blob. Each interactive element is tagged with a ref ID like [ref=e5]. The system prompt instructs the model to cite the ref when it emits a click or type_text call. This is the standard Playwright MCP selector pattern; Assrt just wires the model's tool calls to it. If a ref goes stale because the page changed, the model re-snapshots and picks a fresh ref rather than guessing pixel coordinates. The behaviour is traceable because the snapshot output is literally saved to a file you can open: ~/.assrt/playwright-output/<uuid>.yml.

Yes, via the extension mode. Pass --extension (or extension: true to assrt_test via MCP) and the spawn command adds '--extension' instead of the user-data-dir flag. This connects to your live Chrome via the Playwright MCP Bridge extension using Chrome DevTools Protocol. The first time you run it, you will be prompted for a one-time token printed by 'npx @playwright/mcp@latest --extension' after you approve the connection in Chrome; Assrt saves that token to ~/.assrt/extension-token so future runs are zero-friction. Running against the real Chrome you sit in front of every day means you inherit your own cookies, your own 2FA state, your own Google sign-in. There is no parallel test-user-fleet to manage. Cookies stay on your laptop.

MIT. The LICENSE file in assrt-mcp reads 'MIT License, Copyright (c) 2026 Assrt'. You can fork it, change the system prompt, rip out the cloud sync, add your own tools, ship a binary to your own team. The only things Assrt does to 'check in with home' are the optional Firestore scenario store and optional PostHog telemetry; both are gated behind configuration and both can be disabled without touching the test loop. If you want a private, air-gapped AI test runner, you can build one by deleting the scenario-store import and pointing getCredential at your local LLM proxy. The licence does not constrain that, and the architecture does not either.