Feat/browser privacy consent

[kunal-10-cloud]

Summary

This PR implements privacy enhancements for the Browser Agent, adding a first-run privacy disclosure and ensuring data collection flags are passed according to user preferences.

Details

1. Privacy Flags
   Opts out of usage statistics and performance tracking in chrome-devtools-mcp if the user has disabled usage statistics.

2. Interactive Consent
   A new utility prompts users with a privacy notice on their first browser agent invocation.

3. Persistent Choice
   User acknowledgement is stored locally to avoid re-prompting.

Related Issues

Fixes #21101

How to Validate

** 1. Clear Existing Consent**

Delete the browser consent acknowledgment file from your local profile directory to trigger the first-run experience.

2. Test Interactive Notice
Run a browser agent command:

npm run start -- --agent browser "open google.com" 

Verify the privacy notice appears.
Type n and press enter; verify the agent aborts.
Run again, type y and press enter; verify the agent proceeds.

3. Verify Privacy Flags
Disable statistics in your config:

gemini config set privacy.usageStatisticsEnabled false

Run with debug logging and verify --no-usage-statistics and --no-performance-crux appear in the launch arguments:

GEMINI_DEBUG=core npm run start -- --agent browser "open google.com"

Search the output for Launching chrome-devtools-mcp and verify --no-usage-statistics and --no-performance-crux are present in the arguments.

4. Automated Tests

npm test -w @google/gemini-cli-core -- src/utils/browserConsent.test.ts
npm test -w @google/gemini-cli-core -- src/agents/browser/browserManager.test.ts

Attaching screencast for POC:

Screen.Recording.2026-03-08.at.6.28.02.AM.mov

Pre-Merge Checklist

• Updated relevant documentation and README (if needed)
• Added/updated tests (if needed)
• Noted breaking changes (if any)
• Validated on required platforms/methods:
  • MacOS
    • npm run
    • npx
    • Docker
    • Podman
    • Seatbelt
  • Windows
    • npm run
    • npx
    • Docker
  • Linux
    • npm run
    • npx
    • Docker

[gemini-code-assist]

Summary of Changes

Hello, I'm Gemini Code Assist¹! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!

This pull request significantly enhances the privacy features of the Browser Agent. It introduces a mandatory, interactive consent mechanism for first-time users, ensuring they are informed about data collection and browser content exposure to the AI model. Furthermore, it integrates user configuration preferences to control the passing of privacy-related flags to the underlying browser automation tool, thereby respecting user choices regarding usage statistics and performance tracking.

Highlights

• Interactive Privacy Consent: Implemented a first-run privacy disclosure for the Browser Agent, prompting users to acknowledge data collection practices before proceeding.
• Persistent Consent Choice: User consent is now stored locally, preventing repeated prompts on subsequent invocations of the Browser Agent.
• Data Collection Flag Enforcement: Ensured that the chrome-devtools-mcp process is launched with --no-usage-statistics and --no-performance-crux flags when the user has disabled usage statistics in their configuration.

Changelog

• packages/core/src/agents/browser/browserManager.test.ts
  • Added mocking for the new browser consent utility to ensure tests run without interactive prompts.
  • Included new test cases to verify that privacy flags (--no-usage-statistics, --no-performance-crux) are correctly passed or omitted based on the usageStatisticsEnabled configuration.
• packages/core/src/agents/browser/browserManager.ts
  • Imported the new getBrowserConsentIfNeeded utility.
  • Integrated a call to getBrowserConsentIfNeeded within the ensureConnection method, making consent a prerequisite for the browser agent to connect.
  • Added logic to conditionally append privacy-related command-line arguments to chrome-devtools-mcp based on the user's usageStatisticsEnabled setting.
• packages/core/src/utils/browserConsent.test.ts
  • Added a new test file to thoroughly unit test the getBrowserConsentIfNeeded function.
  • Covered scenarios including existing consent, auto-acceptance in non-interactive environments, interactive acceptance, user decline, and the content of the privacy prompt.
• packages/core/src/utils/browserConsent.ts
  • Created a new utility file containing the getBrowserConsentIfNeeded function.
  • Implemented logic to check for a persistent consent file, display an interactive privacy notice if needed, and store the user's decision.
  • Defined constants for the consent flag file and browser profile directory.

Activity

• The author has updated relevant documentation and READMEs.
• New tests have been added and existing ones updated to cover the new privacy features.
• The changes have been validated on MacOS using npm run.

Using Gemini Code Assist

The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.

Invoking Gemini

You can request assistance from Gemini at any point by creating a comment using either /gemini <command> or @gemini-code-assist <command>. Below is a summary of the supported commands on the current page.

Feature	Command	Description
Code Review	/gemini review	Performs a code review for the current pull request in its current state.
Pull Request Summary	/gemini summary	Provides a summary of the current pull request in its current state.
Comment	@gemini-code-assist	Responds in comments when explicitly tagged, both in pull request comments and review comments.
Help	/gemini help	Displays a list of available commands.

Customization

To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/ folder in the base of the repository. Detailed instructions can be found here.

Limitations & Feedback

Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for Github and other Google products, sign up here.

You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension.

Footnotes

1. Review the Privacy Notices, Generative AI Prohibited Use Policy, Terms of Service, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution. ↩

[kunal-10-cloud]

Hi @gsquared94, I have added a screencast in the PR description as POC, please review this once and let me know if any changes are required

[gsquared94]

LGTM

[kunal-10-cloud]

@gsquared94 I have made the appropriate changes. Can you please re-run the checks again