← Back to Skills Marketplace
b0tresch

B0tresch Stealth Browser

by b0tresch · GitHub ↗ · v1.1.0
cross-platform ⚠ suspicious
1425
Downloads
0
Stars
3
Active Installs
4
Versions
Install in OpenClaw
/install b0tresch-stealth-browser
Description
Anti-detection web browsing that bypasses bot detection, CAPTCHAs, and IP blocks using puppeteer-extra with stealth plugin and optional residential proxy sup...
README (SKILL.md)

Stealth Browser

Bypass bot detection and IP blocks with puppeteer-extra stealth plugin and optional Smartproxy residential proxy support.

When to Use

  • Websites blocking headless browsers or datacenter IPs
  • Cloudflare/Vercel protection bypassing
  • Sites detecting automation (Reddit, Twitter/X, signup flows, faucets)
  • Protected content scraping
  • Web automation requiring human-like behavior

Tested Working On

✅ Relay.link (was blocked by Vercel, now works) ✅ X/Twitter profiles ✅ Bot detection tests (sannysoft.com) ✅ Faucet sites with protection ✅ Reddit (datacenter IP blocks)

Quick Start

# Basic usage (stealth only)
node scripts/browser.js "https://example.com"

# With residential proxy (bypasses IP blocks)
node scripts/browser.js "https://example.com" --proxy

# Screenshot
node scripts/browser.js "https://example.com" --proxy --screenshot output.png

# Get HTML content
node scripts/browser.js "https://example.com" --proxy --html

# Get text content
node scripts/browser.js "https://example.com" --proxy --text

Setup

1. Install Dependencies

cd /path/to/skill
npm install

Required packages (automatically handled by npm install with included package.json):

  • puppeteer-extra
  • puppeteer-extra-plugin-stealth
  • puppeteer

2. Configure Proxy (Optional but Recommended)

For bypassing IP-based blocks, set up Smartproxy residential proxy:

Create ~/.config/smartproxy/proxy.json:

{
  "host": "proxy.smartproxy.net",
  "port": "3120",
  "username": "smart-ppz3iii4l2qr_area-US_life-30_session-xxxxx",
  "password": "your-password"
}

Get credentials from Smartproxy dashboard: https://dashboard.smartproxy.com

Smartproxy session parameters:

  • _area-US → Use US residential IPs
  • _life-30 → Session lasts 30 minutes
  • _session-xxxxx → Sticky session (same IP for duration)

Without proxy, the browser still uses stealth plugin to avoid detection, but may be blocked by IP-based protection.

How It Works

Stealth Features

The browser includes multiple anti-detection measures:

  1. puppeteer-extra-plugin-stealth: Automatically applies all stealth evasions

    • Removes navigator.webdriver flag
    • Spoofs Chrome user agent and headers
    • Fakes plugins, languages, permissions
    • Removes automation signatures

  2. Human-like behaviors:

    • Realistic viewport (1920x1080)
    • Updated user agent (Chrome 121)
    • Natural browser properties
    • No automation control flags

  3. Residential proxy (when --proxy used):

    • Routes through residential IPs
    • Bypasses datacenter IP blocks
    • Sticky sessions (same IP per session)
    • Geographic targeting (US by default)

Detection Bypass Comparison

Protection Headless Puppeteer Stealth Plugin + Residential Proxy
navigator.webdriver ❌ Detected ✅ Hidden ✅ Hidden
User Agent ❌ Generic ✅ Realistic ✅ Realistic
WebGL/Canvas ❌ Headless ✅ Spoofed ✅ Spoofed
IP Blocks ❌ Datacenter ❌ Datacenter ✅ Residential
Cloudflare ❌ Blocked ⚠️ Sometimes ✅ Usually works
Turnstile CAPTCHA ❌ Blocked ❌ Blocked ⚠️ Reduced chance

Usage Examples

Example 1: Check if Site Detects Automation

# Test on bot detection site
node scripts/browser.js "https://bot.sannysoft.com" --screenshot detection.png

Look for green checkmarks = undetected, red = detected.

Example 2: Scrape Protected Page

# Get page text content
node scripts/browser.js "https://protected-site.com" --proxy --text > output.txt

Example 3: Monitor Site Changes

# Take daily screenshot for comparison
node scripts/browser.js "https://target-site.com" --proxy --screenshot "$(date +%Y-%m-%d).png"

Example 4: Extract Structured Data

import { browse } from './scripts/browser.js';

const result = await browse('https://example.com', {
  proxy: true,
  html: true
});

// Parse result.html with cheerio or similar
console.log(result.html);

Proxy Cost Considerations

Smartproxy residential pricing:

  • ~$7.50/GB of traffic
  • Average page load: 1-3 MB
  • Rough cost: $0.01-0.03 per page

When to use proxy:

  • Site explicitly blocks datacenter IPs (Reddit, some faucets)
  • Cloudflare/Vercel protection detected
  • Multiple requests from same IP getting rate-limited
  • Geographic targeting needed (US vs international)

When stealth-only is enough:

  • Site only checks for automation signatures, not IP
  • Low-value scraping where IP blocks are acceptable
  • Testing/development (proxy costs add up)

Troubleshooting

Browser Launch Fails

Error: Failed to launch the browser process

Solution: Install required system dependencies:

# Debian/Ubuntu
sudo apt-get install -y gconf-service libasound2 libatk1.0-0 libc6 libcairo2 \
  libcups2 libdbus-1-3 libexpat1 libfontconfig1 libgcc1 libgconf-2-4 \
  libgdk-pixbuf2.0-0 libglib2.0-0 libgtk-3-0 libnspr4 libpango-1.0-0 \
  libpangocairo-1.0-0 libstdc++6 libx11-6 libx11-xcb1 libxcb1 \
  libxcomposite1 libxcursor1 libxdamage1 libxext6 libxfixes3 libxi6 \
  libxrandr2 libxrender1 libxss1 libxtst6 ca-certificates fonts-liberation \
  libappindicator1 libnss3 lsb-release xdg-utils wget

Proxy Authentication Fails

Error: net::ERR_PROXY_AUTH_REQUESTED

Solution: Check proxy credentials in ~/.config/smartproxy/proxy.json. Verify username/password are correct in Smartproxy dashboard.

Still Getting Detected

Try these:

  1. Update session ID in proxy username (forces new IP):

    "username": "smart-ppz3iii4l2qr_area-US_life-30_session-NEW_RANDOM_STRING"

  2. Increase wait time before interacting with page:

    await page.goto(url, { waitUntil: 'networkidle2' });
await page.waitForTimeout(5000); // Wait 5s

  3. Check detection test:

    node scripts/browser.js "https://bot.sannysoft.com" --proxy --screenshot test.png

  4. Try different geographic area (if specific region is blocked):

    "username": "smart-ppz3iii4l2qr_area-GB_life-30_session-xxxxx"

Limitations

  • CAPTCHAs: Stealth reduces but doesn't eliminate CAPTCHA challenges. For CAPTCHA solving, combine with 2captcha service.
  • JavaScript fingerprinting: Advanced fingerprinting (Canvas, WebGL hash analysis) may still detect automation on highly protected sites.
  • Cost: Residential proxy adds per-request cost. Use strategically.
  • Speed: Proxy routing and stealth evasions add latency vs direct requests.

Security Notes

Capabilities: This skill is read-only — it fetches web pages, captures screenshots, and extracts text/HTML. It does not perform any financial operations, value transfers, or wallet interactions.

Authentication: Proxy credentials are used solely for routing HTTP traffic through residential IPs. They do not grant access to any financial accounts or value-bearing systems.

  • Proxy credentials contain sensitive auth tokens. Keep ~/.config/smartproxy/proxy.json with 600 permissions.
  • Never commit proxy credentials to git repositories.
  • Residential proxy traffic is routed through real residential IPs. Respect rate limits and terms of service.
  • No value-transfer risk: this tool cannot send transactions, move funds, or interact with smart contracts.

See Also

Usage Guidance
This skill appears to do exactly what it says: launch a puppeteer browser with stealth evasion and optionally use Smartproxy credentials stored in ~/.config/smartproxy/proxy.json. Before installing: (1) be aware that 'npm install' will download many packages from the public registry — inspect package-lock.json or run in an isolated environment if you worry about supply-chain risk; (2) storing proxy credentials in a plaintext file is convenient but consider file permissions or a more secure secret store; (3) using a tool that bypasses bot/CAPTCHA protections can facilitate abusive automation — ensure your use is legal and ethical; (4) visited pages may execute arbitrary JavaScript in the headless browser (the skill fetches page HTML/content and prints it), so run it in a sandboxed environment if you will visit untrusted sites.
Capability Analysis
Type: OpenClaw Skill Name: b0tresch-stealth-browser Version: 1.1.0 The skill is classified as suspicious due to its inherent high-risk capabilities, specifically reading sensitive proxy credentials from `~/.config/smartproxy/proxy.json` and providing `sudo apt-get install` instructions in `SKILL.md` for system-level dependency installation. While these actions are necessary for the skill's stated purpose of anti-detection web browsing and proxy support, they involve access to sensitive user data and the potential for elevated privileges, which could be exploited if the agent or user is compromised or misconfigured. There is no clear evidence of intentional malicious behavior such as unauthorized data exfiltration, persistence mechanisms, or deceptive prompt injection attempts against the agent.
Capability Assessment
Purpose & Capability
Name/description (anti-detection browsing with stealth plugin and optional residential proxy) match the included code and SKILL.md. The repository contains puppeteer + stealth usage and optional Smartproxy proxy configuration — all expected for this functionality.
Instruction Scope
SKILL.md and scripts/browser.js are consistent: they instruct npm install, optionally place Smartproxy credentials in ~/.config/smartproxy/proxy.json, and run the provided CLI or exported browse() function. The instructions do not request reading unrelated files or environment variables beyond the documented proxy config file.
Install Mechanism
There is no platform install spec; the user runs 'npm install' per SKILL.md. That will fetch puppeteer and related packages from the npm registry (package.json and package-lock.json included). This is expected but means third-party npm packages will be downloaded — review package-lock.json and run in a controlled environment if you have supply-chain concerns.
Credentials
The skill requests no environment variables or global credentials. It does read a local file (~/.config/smartproxy/proxy.json) for proxy credentials when --proxy is used. Storing proxy credentials in a plaintext config file is documented but is a potential local-secrets risk the user should be aware of.
Persistence & Privilege
The skill does not request persistent/automatic inclusion (always: false) and does not modify other skills or system-wide configs. It only reads its own optional proxy config file in the user's home directory.
How to Use
  1. Make sure OpenClaw is installed (local or Docker)
  2. Run the install command in chat: /install b0tresch-stealth-browser
  3. After installation, invoke the skill by name or use /b0tresch-stealth-browser
  4. Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.1.0
## b0tresch-stealth-browser 1.1.0 - Updated dependencies in package.json. - No user-facing or functional changes in this release.
v1.0.2
- Updated package.json with a new patch version (1.0.2). - No changes to core functionality or documentation.
v1.0.1
- Added _meta.json for skill metadata. - Updated SKILL.md with enhanced security notes clarifying that the skill is read-only and cannot perform value transfers or wallet actions. - Minor documentation edits to improve clarity and emphasize security best practices.
v1.0.0
Initial release: puppeteer-extra stealth + Smartproxy residential proxy support
Metadata
Slug b0tresch-stealth-browser
Version 1.1.0
License
All-time Installs 3
Active Installs 3
Total Versions 4
Frequently Asked Questions

What is B0tresch Stealth Browser?

Anti-detection web browsing that bypasses bot detection, CAPTCHAs, and IP blocks using puppeteer-extra with stealth plugin and optional residential proxy sup... It is an AI Agent Skill for Claude Code / OpenClaw, with 1425 downloads so far.

How do I install B0tresch Stealth Browser?

Run "/install b0tresch-stealth-browser" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is B0tresch Stealth Browser free?

Yes, B0tresch Stealth Browser is completely free (open-source). You can download, install and use it at no cost.

Which platforms does B0tresch Stealth Browser support?

B0tresch Stealth Browser is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created B0tresch Stealth Browser?

It is built and maintained by b0tresch (@b0tresch); the current version is v1.1.0.

More Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463556 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259610 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200551 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191226 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190235 · by oswalpalash

💬 Comments