功能描述

Anti-detection browser automation MCP skill for OpenClaw agents with 41 tools for navigation, interaction, extraction, downloads, profiles, sessions, and ste...

使用说明 (SKILL.md)

CamoFox MCP Skill

Name: CamoFox MCP
Author: redf0x1

CamoFox MCP gives OpenClaw agents a production-ready anti-detection browser automation toolkit over MCP HTTP transport. It connects OpenClaw to CamoFox Browser so agents can browse, click, type, extract content, manage cookies/sessions, run stealth search workflows, and download resources without the high block rates common with standard automation stacks.

Why this skill exists

Most browser automation flows eventually hit CAPTCHAs, fingerprint checks, or bot detection. CamoFox is purpose-built for that reality:

Anti-detection fingerprinting per tab/session
Better resilience on sites that aggressively detect automation
Token-efficient accessibility snapshots for agent reasoning
Session persistence via cookie/profile tools
Built-in search macros across 14 engines

Setup

1) Start CamoFox Browser

CamoFox Browser must be running first (default http://localhost:9377).

2) Start CamoFox MCP in HTTP mode

CAMOFOX_TRANSPORT=http npx [email protected]

Optional examples:

CAMOFOX_TRANSPORT=http CAMOFOX_API_KEY=your-key npx [email protected] CAMOFOX_TRANSPORT=http CAMOFOX_HTTP_PORT=8080 npx [email protected]

3) Configure OpenClaw

Add this MCP server:

{"mcpServers":{"camofox":{"url":"http://localhost:3000/mcp"}}}

Alternative skill-generation flow:

npx @filiksyos/mcptoskill http://localhost:3000/mcp

Trigger phrases

Use this skill when the user asks for tasks like:

Browse this site and extract the data
Automate this login/search/form flow
Use a stealth or anti-detection browser
Take a snapshot and click/type through this workflow
Collect all links/images/PDFs from this page section
Persist session cookies and restore later
Run web search in browser and summarize results
Download files and return metadata/content

Tool catalog (41 tools)

Health (1)

server_status: Check CamoFox server health and browser connection.

Tabs (3)

create_tab: Create a new browser tab with anti-detection fingerprinting.
close_tab: Close a browser tab and release resources.
list_tabs: List all open browser tabs with URLs and titles.

Navigation (4)

navigate: Navigate a tab to a URL.
go_back: Navigate backward in browser history.
go_forward: Navigate forward in browser history.
refresh: Reload the current page.

Interaction (8)

click: Click an element by ref or CSS selector.
type_text: Type text into an input field.
scroll: Scroll page up or down by pixel amount.
camofox_scroll_element: Scroll a specific container element.
camofox_evaluate_js: Execute JavaScript in isolated page context.
camofox_hover: Hover over an element.
camofox_wait_for: Wait for page readiness.
camofox_press_key: Press a keyboard key.

Observation (4)

snapshot: Get accessibility tree snapshot (PRIMARY way to read page content).
screenshot: Take visual screenshot as base64 PNG.
get_links: Get all hyperlinks on page.
camofox_wait_for_text: Wait for specific text to appear.

Downloads (3)

list_downloads: List downloaded files with optional filtering.
get_download: Get a downloaded file with optional inline content.
delete_download: Delete a downloaded file from disk.

Extraction (3)

extract_resources: Extract images, links, media, documents from a DOM scope.
batch_download: Extract and download scoped resources in one call.
resolve_blobs: Resolve blob URLs to downloadable base64 data.

Search (1)

web_search: Search across 14 engines (Google, YouTube, Amazon, Reddit, etc.).

Session (3)

import_cookies: Import cookies for authenticated sessions.
get_stats: Get session usage and performance statistics.
camofox_close_session: Close all tabs for a user session.

Batch workflows (6)

fill_form: Fill multiple form fields in one operation.
type_and_submit: Type text and press key in one step.
navigate_and_snapshot: Navigate, wait, and snapshot in a single call.
scroll_and_snapshot: Scroll then snapshot to reveal below-fold content.
camofox_scroll_element_and_snapshot: Scroll container element and snapshot.
batch_click: Click multiple elements sequentially.

Profiles (4)

save_profile: Save tab cookies to a named profile.
load_profile: Load saved profile cookies into a tab.
list_profiles: List saved profiles and metadata.
delete_profile: Delete a saved profile.

Presets (1)

list_presets: List available geo presets.

What makes CamoFox unique

Stealth-first architecture for AI agents that need reliability on hostile sites
Rich tool surface (41 tools) combining low-level controls + high-level workflows
Snapshot-first design that reduces token burn while preserving actionable context
Built-in profile/session controls for long-running authenticated automations
Native HTTP MCP endpoint for OpenClaw and remote MCP-compatible clients

安全使用建议

This skill is coherent for anti-detection browser automation but carries practical risks you should evaluate before installing: - npx will download and run code from the npm registry at runtime. Only run it if you trust the package author; inspect the upstream package (https://github.com/redf0x1/camofox-mcp) and consider fetching a signed release or pinned checksum. - The skill exposes powerful data-handling tools (import_cookies, get_download, resolve_blobs). These can return session cookies, file contents, or internal resources — treat them as high-sensitivity operations. - Ensure the MCP server binds to localhost and is not reachable from untrusted networks (don't set ports or host bindings to 0.0.0.0 unless you intentionally want remote access). Use firewall rules or run in an isolated VM/container if possible. - If you need to run this for evaluation, do so in an isolated environment (sandbox/VM) with no access to production secrets or corporate internal networks. - If you plan production use, verify the npm package source, review the package contents, and prefer pinned versions/checksums and a private mirror or vendor review before allowing the agent to run it automatically.

功能分析

Type: OpenClaw Skill Name: camofox-mcp Version: 1.10.0 The skill is classified as suspicious primarily due to its reliance on `npx [email protected]` in `setup.sh` and `SKILL.md` for installation and execution. This command downloads and runs an external package from npm, posing a significant supply chain risk if the `camofox-mcp` package were compromised or malicious. Additionally, the `camofox_evaluate_js` tool allows arbitrary JavaScript execution within the browser, a powerful capability that could be exploited if the AI agent processes untrusted input, leading to potential client-side vulnerabilities or data leakage.

能力评估

✓ Purpose & Capability

The name/description (anti-detection browser automation) align with the declared tools (tabs, navigation, interaction, snapshotting, cookies, downloads, profiles, web_search). The manifest, SKILL.md, and tool catalog are coherent with this purpose.

⚠ Instruction Scope

SKILL.md instructs running a local MCP server and exposes many powerful ops (import/export cookies, retrieve downloaded files, resolve blobs to base64, list/get downloads). Those tools legitimately belong to a browser-automation product, but they allow reading and returning session cookies and arbitrary downloaded content (potentially sensitive). The instructions also show optional API keys and allow choosing ports — which could be used to bind the service to non-localhost and accept remote requests.

⚠ Install Mechanism

There is no packaged install spec; the runtime setup uses 'npx [email protected]', which will fetch and execute code from the npm registry at runtime. That is a moderate-to-high risk pattern because it executes third-party code with no checksum or provenance provided. The included setup.sh simply runs the npx command (no verification).

ℹ Credentials

The skill does not require environment variables or credentials by metadata, and SKILL.md only shows optional vars (CAMOFOX_API_KEY, CAMOFOX_HTTP_PORT, CAMOFOX_TRANSPORT). That is proportionate. However, the skill's ability to import cookies and download resources means it can handle secrets/data at runtime even though none are explicitly requested — users should be aware this capability can surface sensitive data stored in browser sessions.

ℹ Persistence & Privilege

always:false and model invocation is allowed (normal). The skill does not request permanent platform privileges, but running the MCP server via npx will create a local HTTP control endpoint (manifest lists http://localhost:3000/mcp). If the operator configures a non-localhost bind/port, this could expose remote control; verify binding and firewall configuration before running.

版本历史

v1.10.0

- Updated to version 1.10.0 - Now provides 41 anti-detection browser automation tools for OpenClaw agents - Enhanced skill documentation and metadata - MIT-licensed and open source - Homepage link added for more information

元数据

Slug camofox-mcp

版本 1.10.0

许可证 —

累计安装 1

当前安装数 1

历史版本数 1

常见问题

CamoFox MCP 是什么？

Anti-detection browser automation MCP skill for OpenClaw agents with 41 tools for navigation, interaction, extraction, downloads, profiles, sessions, and ste... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件，目前累计下载 651 次。

如何安装 CamoFox MCP？

在 OpenClaw 或 Claude Code 对话框中运行命令「/install camofox-mcp」即可一键安装，无需额外配置。

CamoFox MCP 是免费的吗？

是的，CamoFox MCP 完全免费（开源免费），可自由下载、安装和使用。

CamoFox MCP 支持哪些平台？

CamoFox MCP 跨平台运行，可在任意部署了 OpenClaw / Claude Code 的环境中使用（cross-platform）。

谁开发了 CamoFox MCP？

由 redf0x1（@redf0x1）开发并维护，当前版本 v1.10.0。

CamoFox MCP