功能描述

Stealth browser automation with anti-detection. Launches Chromium with fingerprint randomization, webdriver flag removal, Canvas/WebGL spoofing, and permissi...

使用说明 (SKILL.md)

agent-browser-stealth

Name: Agent Browser Stealth
Author: bfchain2-hub

Anti-detection browser automation built on Playwright. Launches Chromium with layered stealth to evade bot detection on protected sites.

Architecture

agent-browser-stealth
└── stealth-launch.js    # Playwright + CDP stealth wrapper
    ├── Removes navigator.webdriver
    ├── Spoofs Canvas/WebGL fingerprints
    ├── Masks chrome.runtime
    ├── Patches Permissions API
    ├── Hides automation CSS flags
    └── Preserves full Playwright functionality

Commands

# Launch and navigate
node scripts/stealth-launch.js open https://example.com

# Get interactive elements (ref-based)
node scripts/stealth-launch.js snapshot
# → Returns refs e1, e2, e3... with element metadata

# Interact
node scripts/stealth-launch.js click e3
node scripts/stealth-launch.js fill e2 "text to fill"
node scripts/stealth-launch.js type e2 "typed slowly"
node scripts/stealth-launch.js press Enter

# Inspect
node scripts/stealth-launch.js screenshot [path]
node scripts/stealth-launch.js get text e1
node scripts/stealth-launch.js get attr e5 href
node scripts/stealth-launch.js get value e2

# Close
node scripts/stealth-launch.js close

Snapshot Refs

snapshot returns numbered refs (e1, e2, ...) — use these for subsequent interactions:

1. [a] "Sign In" → /login
2. [input] placeholder="Email"
3. [input] type=password
4. [button] "Submit"

Then:

node scripts/stealth-launch.js click e1    # click Sign In
node scripts/stealth-launch.js fill e2 "[email protected]"
node scripts/stealth-launch.js fill e3 "password"
node scripts/stealth-launch.js click e4      # Submit

Stealth Layers

Layer	Technique
WebDriver Flag	`Object.defineProperty(navigator, 'webdriver', { get: () => undefined })`
Chrome Runtime	`chrome.runtime` nullified
Canvas Fingerprint	`getImageData` returns noise instead of real data
WebGL Vendor/Renderer	Spoofed to Intel Iris OpenGL Engine
Permissions API	Returns `granted` for notifications/geolocation
getComputedStyle	Animations/transition stripped
Viewport	Randomized within 1280-1330 × 900-950

Installation

npm install -g playwright
npx playwright install chromium

The skill uses Playwright as a local dependency via npx — no global install of stealth plugins needed.

Session Persistence

For login persistence, use Playwright's built-in storageState:

// In scripts/stealth-session.js — save auth after login
import { chromium } from 'playwright';

const browser = await chromium.launch({ 
  headless: true,
  args: ['--disable-blink-features=AutomationControlled', '--no-sandbox']
});
const page = await browser.newPage();
// ... perform login ...
await page.context().storageState({ path: 'auth.json' });
// Next run:
const browser = await chromium.launch({ headless: true });
const context = await browser.newContext({ storageState: 'auth.json' });

Anti-Detection Testing

Test stealth effectiveness:

node scripts/stealth-launch.js open https://bot.sannysoft.com
node scripts/stealth-launch.js snapshot
# All checks should show green/undetected

Limitations

Cloudflare JS Challenge: May require headed mode + manual solve
CAPTCHAs: Requires external solver (2Captcha, etc.) — not built in
Very aggressive sites: May need proxy rotation (residential proxies)

Examples

Login to a Protected Site

node scripts/stealth-launch.js open https://target-site.com/login
node scripts/stealth-launch.js snapshot
node scripts/stealth-launch.js fill e1 "[email protected]"
node scripts/stealth-launch.js fill e2 "password"
node scripts/stealth-launch.js click e3
node scripts/stealth-launch.js screenshot
node scripts/stealth-launch.js close

Scrape Dynamic Content

node scripts/stealth-launch.js open https://news.site.com
node scripts/stealth-launch.js snapshot
# Identify article refs, then extract
node scripts/stealth-launch.js get html e5
node scripts/stealth-launch.js close

Stealth vs agent-browser

Feature	agent-browser	agent-browser-stealth
Anti-detection	❌ None	✅ 8 layers
Fingerprint spoofing	❌ None	✅ Canvas + WebGL
CDP-based	✅ Native Rust	✅ Playwright
Session isolation	✅	✅
Complexity	Lightweight	Slightly heavier
Best for	General automation	Protected sites

安全使用建议

This skill is coherent with its stealth automation goal, but exercise caution before using it with real accounts or sensitive targets. Specific things to consider before installing or running: - 'snapshot' can capture input values (it records element.value slices), which may include passwords or tokens — avoid running snapshot on pages with credentials or remove/modify value-capture in the script. - The script writes a local session file (.session.json) and may save Playwright storageState files (auth.json) if you use session persistence; these files can contain authentication state—store them securely or disable persistence. - The --continue behavior will try to connect to http://localhost:9222 via CDP; ensure no remote-forwarded/exposed CDP ports are active to avoid unintended access. - The stealth init code overrides the Permissions API (returns 'granted') and spoofs fingerprints — that may confuse debugging and can bypass site protections; use it only where legally/ethically allowed. - The package instructs installing Playwright via npm/npx (network download). Review and run the included scripts in an isolated environment (container or VM) and read the source (scripts/stealth-launch.js) yourself. If you need a clean, lower-risk alternative: run a minimal automation wrapper that explicitly excludes capturing input values and does not persist session files, or modify the provided script to redact input values and store sessions in a secure, user-chosen path.

功能分析

Type: OpenClaw Skill Name: agent-browser-stealth-xyh Version: 1.0.0 The agent-browser-stealth skill is a legitimate browser automation utility built on Playwright, designed to bypass bot detection mechanisms. The core logic in scripts/stealth-launch.js implements standard anti-detection techniques such as spoofing navigator.webdriver, masking the Chrome runtime, and patching WebGL/Canvas fingerprints, all of which are clearly documented in SKILL.md and EXAMPLES.md. The script provides a structured interface for an AI agent to interact with web elements via reference IDs, and it lacks any indicators of malicious intent, such as unauthorized data exfiltration, hidden network calls, or persistence mechanisms.

能力评估

ℹ Purpose & Capability

Using Playwright and Chromium launch flags is consistent with the stated purpose of anti-detection automation. The included JS implements the claimed stealth techniques (navigator.webdriver masking, canvas/webgl spoofing, permissions override). However the snapshot feature also reads input 'value' attributes and returns them — a capability that can expose passwords or other sensitive fields and is not called out as a privacy/security caveat in SKILL.md.

⚠ Instruction Scope

SKILL.md instructs running the provided script and to use --continue to persist sessions but does not warn that 'snapshot' will collect element values (including input values), that a local .session.json is written, or that the script will attempt to connect to a CDP endpoint at http://localhost:9222 when resuming. The script also overrides Permissions API responses (for notifications/geolocation/etc.), which changes page behavior beyond simple navigation. These actions widen the agent's read/write scope and could leak sensitive data if used with real credentials or exposed CDP ports.

✓ Install Mechanism

There is no automated installer in the registry entry; SKILL.md recommends installing Playwright via npm/npx (a standard, expected approach). No remote, untrusted binary downloads or extract-from-arbitrary-URL installs are present in the package files. Network access to npm is required by the user to obtain Playwright.

⚠ Credentials

The skill declares no credentials or env vars, which fits its purpose, but it still reads/writes local session files (.session.json and user-provided storageState files) and returns captured page element metadata and input values. That local file I/O and the ability to capture input values are disproportionate to a user expectation of 'stealth' — they introduce a credential-exposure risk even though no external secrets are requested.

ℹ Persistence & Privilege

always:false (no forced persistence), and the skill only writes a local .session.json to track active sessions (normal for session reuse). It also attempts to connect to a local CDP at http://localhost:9222 when resuming (only localhost). These are moderate privileges but not platform-global; still, resuming via CDP could behave unexpectedly if a CDP endpoint is forwarded/exposed.

版本历史

v1.0.0

agent-browser-stealth 1.0.0 - Initial release of a stealth browser automation tool for evading detection on bot-protected sites. - Launches Chromium with multiple anti-detection techniques: fingerprint randomization, webdriver flag removal, Canvas/WebGL spoofing, and permissions API masking. - Provides CLI commands for opening pages, interacting with elements via refs, inspecting page data, and session management. - Supports Playwright session persistence for repeatable logins. - Designed for use cases like web scraping, login automation, and accessing protected content.

元数据

Slug agent-browser-stealth-xyh

版本 1.0.0

许可证 MIT-0

累计安装 0

当前安装数 0

历史版本数 1

常见问题