Production-grade, human-mimicking browser automation framework for autonomous agents. Survives modern anti-bot systems.
Project description
Agentic Stealth Browser
Python framework for browser automation that looks human. Handles Cloudflare, LinkedIn, Amazon, and other anti-bot systems. v2.0.0 GA — SDK, orchestration, security governance, adaptive stealth, plugins.
Why This Exists
Standard page.goto() / page.click() gets detected instantly. This solves it with:
- TLS fingerprint spoofing — region-specific TLS handshakes (US, Japan, EU, Korea)
- Human behavior — Bézier mouse curves, natural typing, distraction simulation
- Auto recovery — detects CAPTCHAs, rate limits, blocks and recovers automatically
- Workflow Teach/Replay — record real browser actions via CDP, replay as YAML
Quick Start
pip install agentic-stealth-browser
playwright install --with-deps chromium
from core.agent_browser import AgentBrowser
async with AgentBrowser(session_name="demo") as browser:
await browser.launch(headless=True)
await browser.safe_goto("https://example.com")
MCP + Dashboard Quick Start
Run the MCP server when an agent client needs tool access to the browser:
python -m production.mcp_server
Add this server to your MCP client config:
{
"mcpServers": {
"stealth-browser": {
"command": "python",
"args": ["-m", "production.mcp_server"]
}
}
}
Common MCP flow:
1. stealth_launch -> start a named browser session
2. stealth_navigate -> open a URL with recovery behavior
3. stealth_tabs_list -> inspect current tabs/pages
4. stealth_tab_snapshot -> capture screenshot + metadata
5. stealth_teach -> save a demonstrated workflow
6. stealth_replay -> replay a saved workflow YAML
7. stealth_close -> close the session
For a human-agent shared browser console, start the Hermes dashboard:
export HERMES_DASHBOARD_PASSWORD="replace-me"
agentic-stealth-browser dashboard --host 127.0.0.1 --port 8443
Open http://127.0.0.1:8443 in Edge and log in with that password. Use the dashboard to watch the live browser, switch backends, pause/resume automation, solve CAPTCHA/login challenges, record workflows, and replay them. See docs/HERMES_BROWSER_DASHBOARD.md.
Workflow System
Record real interactions and replay autonomously:
from workflows.recorder import WorkflowRecorder
from workflows.player import WorkflowPlayer
from workflows.schema import load_workflow
recorder = WorkflowRecorder(cdp_url="http://localhost:9222")
workflow = await recorder.record("upwork_update_title")
player = WorkflowPlayer(browser, workflow)
result = await player.execute()
13 step types: navigate · click · fill · type · select · verify · wait · wait_for_element · scroll · screenshot · execute_js · conditional · run_workflow
Key Features
| Feature | What It Does |
|---|---|
| TLS Fingerprinting | JA3/JA4 region profiles |
| Human Behavior | Mouse wobble, typing mistakes, fatigue, distraction |
| Auto Recovery | Block detection → proxy/session rotation → retry |
| Account Warming | 14-day gradual ramp-up for new accounts |
| Workflow Orchestrator | Queue, schedule, domain concurrency, retries, persistence |
| Python SDK | StealthClient — async API without MCP |
| Security Governance | Input validation, session isolation, policy engine, approval gates |
| Adaptive Stealth | Per-domain behavior profiles with FeedbackStore telemetry |
| Plugin System | Lifecycle hooks via BasePlugin (launch, navigate, scrape, close) |
| Feature Flags | Runtime capability discovery per browser backend |
| Migration Tools | v1→v2 script, deprecation shims, migration guide |
| Performance Profiling | Timing decorators + perf_benchmark.py |
MCP Setup
Add to claude_desktop_config.json or the equivalent MCP client config:
{
"mcpServers": {
"stealth-browser": {
"command": "python",
"args": ["-m", "production.mcp_server"]
}
}
}
Tools: stealth_launch, stealth_navigate, stealth_load_cookies, stealth_scrape, stealth_teach, stealth_replay, stealth_tabs_list, stealth_session_timeline, stealth_close, stealth_capabilities, and more.
Useful observability tools:
stealth_tabs_list: list active tabs/pages.stealth_tab_snapshot: capture screenshot and page metadata.stealth_session_timeline: inspect recent action/recovery/debug events.stealth_debug_report: get redacted runtime diagnostics.
To expose a local CDP endpoint for supported clients, launch with debug_cdp: true, then call stealth_get_cdp_endpoint. The endpoint is localhost-only and should not be exposed directly to the internet.
Orchestrator
Queue, schedule, and chain workflows with domain-aware concurrency:
from production.workflow_orchestrator import WorkflowOrchestrator
orch = WorkflowOrchestrator(domain_concurrency={"linkedin.com": 1})
await orch.enqueue("workflows/upwork/edit-title.yaml", priority=10)
await orch.schedule_recurring("workflows/linkedin/check-notifications.yaml", interval_seconds=3600)
await orch.run()
Security
- Input validation: Type, length, pattern checks on all MCP tool params
- Session isolation: One context can't access another's browser instances
- Policy engine: YAML-based access control per site / step type
- Approval gates: Sensitive actions (navigate, execute_js) require explicit approval
SDK
Use without MCP:
from production.sdk import StealthClient
async with StealthClient(session_name="mybot") as client:
await client.navigate("https://example.com")
result = await client.execute_workflow("linkedin/send-connection-request", variables={"name": "Jane"})
Plugins
from plugins.template import ExamplePlugin
class MyPlugin(ExamplePlugin):
name = "my-plugin"
async def on_navigate(self, ctx, url):
ctx.logger.info(f"[{self.name}] Navigating to {url}")
Hooks: on_launch, on_navigate, on_page_loaded, on_scraped, on_close.
Migration v1 → v2
python scripts/migrate_v1_to_v2.py --input workflow.yaml --output workflow-v2.yaml
Deprecated APIs (self.context, ConnectionPool, ad-hoc MCP responses) have shims. See docs/rfc/v2-migration.md.
Project Structure
├── core/ AgentBrowser, connection pool, session checkpoints
├── stealth/ TLS, scripts, Firefox adapter, caching
├── behavior/ Human simulation, personas, adaptive tuning
├── recovery/ Anti-block orchestrator
├── workflows/ Recorder, player, schema, library
├── production/ MCP server, SDK, orchestrator, security, profiler
├── plugins/ Plugin system with template
├── scripts/ Migration, evaluation, benchmarking
└── docs/ ADRs, RFCs, capability map, guides
Documentation
- Architecture Decision Records
- Operator Setup Guide
- Capability Map
- MCP Browser Observability
- v2 Migration RFC
- Stealth Limitations
- Threat Model
License
MIT. See LICENSE and CHANGELOG.md.
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file agentic_stealth_browser-2.1.0.tar.gz.
File metadata
- Download URL: agentic_stealth_browser-2.1.0.tar.gz
- Upload date:
- Size: 275.3 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.11.15
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
dcc65bcf58b407b597e1e68fc7d8963584ff83f8b51efd52889764f8ea9ee58d
|
|
| MD5 |
b4a7df9abfc3566d7573b7f52ed1f26e
|
|
| BLAKE2b-256 |
d677d4e6cadcbb6e15590ec672eca3b20d95862cdad47b785e72b7899a569b5e
|
File details
Details for the file agentic_stealth_browser-2.1.0-py3-none-any.whl.
File metadata
- Download URL: agentic_stealth_browser-2.1.0-py3-none-any.whl
- Upload date:
- Size: 207.7 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.11.15
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
70f2d679cb21d90bd9d7145f6c5bbcc2e17da706ee6576b19994b9484a6bc5b4
|
|
| MD5 |
ff7c3572833aad06e276c070386d07f5
|
|
| BLAKE2b-256 |
494e166b09ed86ede62643ebadb1b51f5e22a3c2b75b2bb967395d7a0314ccfe
|