Thanks for the link; I wasn't familiar with Magical.
From what I can see, Magical focuses on general autofill, while Injectless is exploring a more declarative, least-privilege approach, where each site explicitly defines which fields it can expose and on which domains, with domain-level validation and explicit user control.
Even so, comparing UX, adoption, and technical trade-offs with products like this is exactly the kind of signal I was looking for.
Since what you're building is similar to a password manager, you should probably do it the way they do. A browser extension + a native app for mobile. Mobile platforms have autofill APIs that password managers use to fill forms.
I think this would probably be the closest comparison.
The password manager model seems like the most realistic way to achieve a good user experience on mobile devices while maintaining strong context and domain validation on desktops.
One difference I'm exploring is that Injectless is intentionally declarative and website-based (sites publish what they can inject, rather than the tool heuristically completing everything).
These guys solve same problem https://www.getmagical.com/ worth researching their experience
Thanks for the link; I wasn't familiar with Magical.
From what I can see, Magical focuses on general autofill, while Injectless is exploring a more declarative, least-privilege approach, where each site explicitly defines which fields it can expose and on which domains, with domain-level validation and explicit user control.
Even so, comparing UX, adoption, and technical trade-offs with products like this is exactly the kind of signal I was looking for.
They have pr had that as one of their initial features. Recently thy pivoted away from that to more ai and corporate use cases
Since what you're building is similar to a password manager, you should probably do it the way they do. A browser extension + a native app for mobile. Mobile platforms have autofill APIs that password managers use to fill forms.
I think this would probably be the closest comparison.
The password manager model seems like the most realistic way to achieve a good user experience on mobile devices while maintaining strong context and domain validation on desktops.
One difference I'm exploring is that Injectless is intentionally declarative and website-based (sites publish what they can inject, rather than the tool heuristically completing everything).
I appreciate the perspective.