Bb project id optional

[filip-michalsky]

Description

This PR makes the Browserbase project ID optional across the browser integration.

BrowserEnv now accepts Browserbase credentials as direct overrides and only forwards a project ID when one is explicitly provided. In DOM mode,
Stagehand is initialized without browserbase_project_id when it is omitted, allowing Browserbase to use the account default project. The DOM
browser example and browser integration docs were updated to reflect the new behavior, and regression tests were added for the optional project-ID
flow.

Type of Change

• Bug fix (non-breaking change which fixes an issue)
• New feature (non-breaking change which adds functionality)
• Breaking change (fix or feature that would cause existing functionality to not work as expected)
• Documentation update
• Test improvement

Testing

• All existing tests pass when running uv run pytest locally.
• New tests have been added to cover the changes

Focused verification run locally:

• uv run pytest tests/test_browser_env.py
• uv run ruff check verifiers/envs/integrations/browser_env/modes/dom_mode.py verifiers/scripts/gepa.py
• uv run ty check verifiers
• uv run pre-commit run --files verifiers/envs/integrations/browser_env/browser_env.py verifiers/envs/integrations/browser_env/modes/dom_mode.py verifiers/envs/integrations/browser_env/README.md verifiers/envs/integrations/README.md environments/browser_dom_example/browser_dom_example.py environments/browser_dom_example/README.md environments/browser_cua_example/browser_cua_example.py environments/browser_cua_example/README.md tests/test_browser_env.py tests/test_envs.py

Checklist

• My code follows the style guidelines of this project as outlined in [AGENTS.md](https://github.com/PrimeIntellect-ai/verifiers/blob/main/
  AGENTS.md)
• I have performed a self-review of my own code
• I have commented my code, particularly in hard-to-understand areas
• I have made corresponding changes to the documentation
• My changes generate no new warnings
• Any dependent changes have been merged and published

Additional Notes

• This change preserves backward compatibility with project_id while also supporting browserbase_project_id.
• If no project ID is provided, Browserbase falls back to the account default project.
• The PR also includes a small ty cleanup in verifiers/scripts/gepa.py so the repo’s pre-push hook passes with the current local toolchain.

---

Note

Medium Risk
Medium risk because it changes how Browserbase/Stagehand sessions are initialized (conditionally omitting project_id) and updates the CUA sandbox runtime image/build pipeline; failures would surface as runtime session creation or sandbox startup issues.

Overview
Browserbase project ID is now optional across the browser integration: BrowserEnv/examples no longer require BROWSERBASE_PROJECT_ID, and DOM mode session creation is validated to pass browserbase_project_id=None when unset.

CUA prebuilt image workflow is updated: defaults move to browserbase/cua-server:latest, the CUA runtime Dockerfile.runtime now builds the SEA binary in a multi-stage image build, and build-and-push.sh switches from Docker Hub to prime images push with readiness polling.

Docs and tests are updated to reflect the new defaults, required keys (notably OPENAI_API_KEY for CUA server session creation), and the Prime Image publishing flow.

^{Reviewed by Cursor Bugbot for commit e075ac6. Bugbot is set up for automated code reviews on this repo. Configure here.}

[cursor]

Cursor Bugbot has reviewed your changes and found 2 potential issues.

^{Bugbot Autofix is OFF. To automatically fix reported issues with cloud agents, enable autofix in the Cursor dashboard.}

[cursor]

Pipeline env vars not visible to node process

Medium Severity

In resolve_from_list and get_status, the env var prefix (REQUESTED_IMAGE=... prime images list | node -e '...') only applies to the first command in the pipeline (prime images list), not to node. Since REQUESTED_IMAGE and IMAGE_REF are never exported, process.env.REQUESTED_IMAGE and process.env.IMAGE_REF are undefined inside the node scripts, causing both functions to always return empty output. This breaks the entire image resolution and status-polling flow, so ./build-and-push.sh will always fail at the "Could not resolve" error.

Additional Locations (1)

• assets/templates/browserbase/cua/build-and-push.sh#L106-L110

 

[cursor]

Duplicated extractRef/extractTimestamp in inline node scripts

Low Severity

The extractRef and extractTimestamp JavaScript functions are duplicated verbatim between the resolve_from_list (lines 55–87) and get_status (lines 122–154) inline node scripts — about 30 lines each. If the JSON schema changes or a bug is found, both copies must be updated in sync, which is error-prone.

Additional Locations (1)

• assets/templates/browserbase/cua/build-and-push.sh#L121-L154