Asteroid Builds Browser Bots That Won't Go Rogue on You

The Macro: Everyone Has a Browser Agent, Nobody Has Guardrails

The AI browser agent space got crowded fast. UiPath and Automation Anywhere have been doing robotic process automation for years, but their tools are brittle, script-based, and break every time a website changes its layout. The new wave of AI-native browser agents, companies like Induced AI, Browserflow, and Browser Base, use language models to navigate websites the way a human would. They can read the page, figure out what to click, fill in forms, and handle variations in UI without hardcoded selectors.

The problem nobody is talking about enough is what happens when these agents make mistakes at scale. If you deploy a browser agent to process insurance claims across 50,000 records, and it misclicks on 2% of them, you’ve just created a thousand errors that a human has to find and fix. In regulated industries like healthcare, finance, and insurance, a 2% error rate isn’t a minor inconvenience. It’s a compliance violation.

This is the gap. The underlying browser agent technology is getting good enough to be useful. But the infrastructure around it, the monitoring, the guardrails, the ability for a human to review decisions before they’re executed, barely exists. Most browser agent startups are building for speed and capability. Very few are building for reliability and oversight. That’s where Asteroid comes in.

The Micro: Fraud Hunters Turned Agent Wranglers

Asteroid builds and hosts AI browser agents for back-office operations, with an emphasis on guardrails, evaluations, and human oversight. The pitch isn’t “our agent is smarter.” It’s “our agent won’t silently break things.” They’re targeting enterprises that need to automate millions of browser-based operations but can’t afford the kind of errors that unsupervised AI agents produce.

The team behind this is well-matched to the problem. David Mlcoch, the CEO, has an AI background from Edinburgh University and co-founded Trident AI. He also spent time in robotics and worked at EUSPA and SpaceKnow on space-related projects. Joe Hewett, the CTO, was at Netcraft where he built agents that find bank accounts used for fraud. That last detail is the one I keep coming back to. If you’ve built systems that detect fraud by navigating the web programmatically, you understand exactly how browser agents fail, how they get tripped up, how edge cases compound, and why oversight matters. They’re a five-person team in San Francisco, YC Winter 2025.

The open-source angle is interesting too. Their GitHub has public repos, which suggests they’re building developer trust and community adoption alongside their enterprise sales motion. That’s a smart dual strategy in a space where developers are the first users and enterprise procurement follows.

The Verdict

I think Asteroid is positioned correctly in a market that’s about to hit its “oh wait, we need guardrails” moment. Right now, browser agent companies are competing on demos. Who can show the most impressive automation? But the enterprises writing six-figure checks for this technology aren’t buying demos. They’re buying reliability guarantees. They want to know: what happens when the agent encounters something unexpected? Who reviews the decisions? How do we audit what it did?

Asteroid’s answer to those questions is their product. That’s a strong position.

The risk is timing and perception. If the browser agent market remains in “cool demo” phase for another year, Asteroid’s emphasis on guardrails might feel premature. Enterprises might not be ready to deploy browser agents at scale yet, which means the guardrails story doesn’t land because nobody has enough agents running to need them. There’s also the competitive threat from UiPath and Automation Anywhere pivoting into AI-native agents with their existing enterprise relationships and sales teams.

In 30 days, I’d look at whether they have production deployments processing real operations, not proofs of concept. At 60 days, the number that matters is error rate compared to unguarded agents, because that’s the whole value proposition in one metric. By 90 days, the question is whether regulated industries (healthcare, finance, insurance) are signing on, because those are the customers who will pay premium prices for the oversight layer. The team understands the problem from first principles. That counts for a lot in a space where most competitors are still chasing the wow factor.