Since what you're building is similar to a password manager, you should probably do it the way they do. A browser extension + a native app for mobile. Mobile platforms have autofill APIs that password managers use to fill forms.
I think this would probably be the closest comparison.
The password manager model seems like the most realistic way to achieve a good user experience on mobile devices while maintaining strong context and domain validation on desktops.
One difference I'm exploring is that Injectless is intentionally declarative and website-based (sites publish what they can inject, rather than the tool heuristically completing everything).
Thanks for the link; I wasn't familiar with Magical.
From what I can see, Magical focuses on general autofill, while Injectless is exploring a more declarative, least-privilege approach, where each site explicitly defines which fields it can expose and on which domains, with domain-level validation and explicit user control.
Even so, comparing UX, adoption, and technical trade-offs with products like this is exactly the kind of signal I was looking for.
Since what you're building is similar to a password manager, you should probably do it the way they do. A browser extension + a native app for mobile. Mobile platforms have autofill APIs that password managers use to fill forms.
I think this would probably be the closest comparison.
The password manager model seems like the most realistic way to achieve a good user experience on mobile devices while maintaining strong context and domain validation on desktops.
One difference I'm exploring is that Injectless is intentionally declarative and website-based (sites publish what they can inject, rather than the tool heuristically completing everything).
I appreciate the perspective.
These guys solve same problem https://www.getmagical.com/ worth researching their experience
Thanks for the link; I wasn't familiar with Magical.
From what I can see, Magical focuses on general autofill, while Injectless is exploring a more declarative, least-privilege approach, where each site explicitly defines which fields it can expose and on which domains, with domain-level validation and explicit user control.
Even so, comparing UX, adoption, and technical trade-offs with products like this is exactly the kind of signal I was looking for.
They have pr had that as one of their initial features. Recently thy pivoted away from that to more ai and corporate use cases