{ "schemaVersion": "1.0", "item": { "slug": "camoufox-stealth", "name": "Camoufox Stealth Browser", "source": "tencent", "type": "skill", "category": "ꕈēŽ‡ęå‡", "sourceUrl": "https://clawhub.ai/kesslerio/camoufox-stealth", "canonicalUrl": "https://clawhub.ai/kesslerio/camoufox-stealth", "targetPlatform": "OpenClaw" }, "install": { "downloadMode": "redirect", "downloadUrl": "/downloads/camoufox-stealth", "sourceDownloadUrl": "https://wry-manatee-359.convex.site/api/v1/download?slug=camoufox-stealth", "sourcePlatform": "tencent", "targetPlatform": "OpenClaw", "installMethod": "Manual import", "extraction": "Extract archive", "prerequisites": [ "OpenClaw" ], "packageFormat": "ZIP package", "includedAssets": [ "README.md", "SKILL.md", "references/fingerprint-checks.md", "references/proxy-setup.md", "scripts/camoufox-fetch.py", "scripts/camoufox-session.py" ], "primaryDoc": "SKILL.md", "quickSetup": [ "Download the package from Yavira.", "Extract the archive and review SKILL.md first.", "Import or place the package into your OpenClaw setup." ], "agentAssist": { "summary": "Hand the extracted package to your coding agent with a concrete install brief instead of figuring it out manually.", "steps": [ "Download the package from Yavira.", "Extract it into a folder your agent can access.", "Paste one of the prompts below and point your agent at the extracted folder." ], "prompts": [ { "label": "New install", "body": "I downloaded a skill package from Yavira. Read SKILL.md from the extracted folder and install it by following the included instructions. Then review README.md for any prerequisites, environment setup, or post-install checks. Tell me what you changed and call out any manual steps you could not complete." }, { "label": "Upgrade existing", "body": "I downloaded an updated skill package from Yavira. Read SKILL.md from the extracted folder, compare it with my current installation, and upgrade it while preserving any custom configuration unless the package docs explicitly say otherwise. Then review README.md for any prerequisites, environment setup, or post-install checks. Summarize what changed and any follow-up checks I should run." } ] }, "sourceHealth": { "source": "tencent", "status": "healthy", "reason": "direct_download_ok", "recommendedAction": "download", "checkedAt": "2026-04-23T16:43:11.935Z", "expiresAt": "2026-04-30T16:43:11.935Z", "httpStatus": 200, "finalUrl": "https://wry-manatee-359.convex.site/api/v1/download?slug=4claw-imageboard", "contentType": "application/zip", "probeMethod": "head", "details": { "probeUrl": "https://wry-manatee-359.convex.site/api/v1/download?slug=4claw-imageboard", "contentDisposition": "attachment; filename=\"4claw-imageboard-1.0.1.zip\"", "redirectLocation": null, "bodySnippet": null }, "scope": "source", "summary": "Source download looks usable.", "detail": "Yavira can redirect you to the upstream package for this source.", "primaryActionLabel": "Download for OpenClaw", "primaryActionHref": "/downloads/camoufox-stealth" }, "validation": { "installChecklist": [ "Use the Yavira download entry.", "Review SKILL.md after the package is downloaded.", "Confirm the extracted package contains the expected setup assets." ], "postInstallChecks": [ "Confirm the extracted package includes the expected docs or setup files.", "Validate the skill or prompts are available in your target agent workspace.", "Capture any manual follow-up steps the agent could not complete." ] }, "downloadPageUrl": "https://openagent3.xyz/downloads/camoufox-stealth", "agentPageUrl": "https://openagent3.xyz/skills/camoufox-stealth/agent", "manifestUrl": "https://openagent3.xyz/skills/camoufox-stealth/agent.json", "briefUrl": "https://openagent3.xyz/skills/camoufox-stealth/agent.md" }, "agentAssist": { "summary": "Hand the extracted package to your coding agent with a concrete install brief instead of figuring it out manually.", "steps": [ "Download the package from Yavira.", "Extract it into a folder your agent can access.", "Paste one of the prompts below and point your agent at the extracted folder." ], "prompts": [ { "label": "New install", "body": "I downloaded a skill package from Yavira. Read SKILL.md from the extracted folder and install it by following the included instructions. Then review README.md for any prerequisites, environment setup, or post-install checks. Tell me what you changed and call out any manual steps you could not complete." }, { "label": "Upgrade existing", "body": "I downloaded an updated skill package from Yavira. Read SKILL.md from the extracted folder, compare it with my current installation, and upgrade it while preserving any custom configuration unless the package docs explicitly say otherwise. Then review README.md for any prerequisites, environment setup, or post-install checks. Summarize what changed and any follow-up checks I should run." } ] }, "documentation": { "source": "clawhub", "primaryDoc": "SKILL.md", "sections": [ { "title": "Camoufox Stealth Browser šŸ¦Š", "body": "C++ level anti-bot evasion using Camoufox ā€” a custom Firefox fork with stealth patches compiled into the browser itself, not bolted on via JavaScript." }, { "title": "Why Camoufox > Chrome-based Solutions", "body": "ApproachDetection LevelToolsCamoufox (this skill)C++ compiled patchesUndetectable fingerprints baked into browserundetected-chromedriverJS runtime patchesCan be detected by timing analysispuppeteer-stealthJS injectionPatches applied after page load = detectableplaywright-stealthJS injectionSame limitations\n\nCamoufox patches Firefox at the source code level ā€” WebGL, Canvas, AudioContext fingerprints are genuinely spoofed, not masked by JavaScript overrides that anti-bot systems can detect." }, { "title": "Key Advantages", "body": "C++ Level Stealth ā€” Fingerprint spoofing compiled into the browser, not JS hacks\nContainer Isolation ā€” Runs in distrobox, keeping your host system clean\nDual-Tool Approach ā€” Camoufox for browsers, curl_cffi for API-only (no browser overhead)\nFirefox-Based ā€” Less fingerprinted than Chrome (everyone uses Chrome for bots)" }, { "title": "When to Use", "body": "Standard Playwright/Selenium gets blocked\nSite shows Cloudflare challenge or \"checking your browser\"\nNeed to scrape Airbnb, Yelp, or similar protected sites\npuppeteer-stealth or undetected-chromedriver stopped working\nYou need actual stealth, not JS band-aids" }, { "title": "Tool Selection", "body": "ToolLevelBest ForCamoufoxC++ patchesAll protected sites - Cloudflare, Datadome, Yelp, Airbnbcurl_cffiTLS spoofingAPI endpoints only - no JS needed, very fast" }, { "title": "Quick Start", "body": "All scripts run in pybox distrobox for isolation.\n\nāš ļø Use python3.14 explicitly - pybox may have multiple Python versions with different packages installed." }, { "title": "1. Setup (First Time)", "body": "# Install tools in pybox (use python3.14)\ndistrobox-enter pybox -- python3.14 -m pip install camoufox curl_cffi\n\n# Camoufox browser downloads automatically on first run (~700MB Firefox fork)" }, { "title": "2. Fetch a Protected Page", "body": "Browser (Camoufox):\n\ndistrobox-enter pybox -- python3.14 scripts/camoufox-fetch.py \"https://example.com\" --headless\n\nAPI only (curl_cffi):\n\ndistrobox-enter pybox -- python3.14 scripts/curl-api.py \"https://api.example.com/endpoint\"" }, { "title": "Architecture", "body": "ā”Œā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”\nā”‚ OpenClaw Agent ā”‚\nā”œā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”¤\nā”‚ distrobox-enter pybox -- python3.14 scripts/xxx.py ā”‚\nā”œā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”¤\nā”‚ pybox Container ā”‚\nā”‚ ā”Œā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā” ā”Œā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā” ā”‚\nā”‚ ā”‚ Camoufox ā”‚ ā”‚ curl_cffi ā”‚ ā”‚\nā”‚ ā”‚ (Firefox) ā”‚ ā”‚ (TLS spoof)ā”‚ ā”‚\nā”‚ ā””ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”˜ ā””ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”˜ ā”‚\nā””ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”˜" }, { "title": "Camoufox", "body": "What: Custom Firefox build with C++ level stealth patches\nPros: Best fingerprint evasion, passes Turnstile automatically\nCons: ~700MB download, Firefox-based\nBest for: All protected sites - Cloudflare, Datadome, Yelp, Airbnb" }, { "title": "curl_cffi", "body": "What: Python HTTP client with browser TLS fingerprint spoofing\nPros: No browser overhead, very fast\nCons: No JS execution, API endpoints only\nBest for: Known API endpoints, mobile app reverse engineering" }, { "title": "Critical: Proxy Requirements", "body": "Datacenter IPs (AWS, DigitalOcean) = INSTANT BLOCK on Airbnb/Yelp\n\nYou MUST use residential or mobile proxies:\n\n# Example proxy config\nproxy = \"http://user:pass@residential-proxy.example.com:8080\"\n\nSee references/proxy-setup.md for proxy configuration." }, { "title": "Behavioral Tips", "body": "Sites like Airbnb/Yelp use behavioral analysis. To avoid detection:\n\nWarm up: Don't hit target URL directly. Visit homepage first, scroll, click around.\nMouse movements: Inject random mouse movements (Camoufox handles this).\nTiming: Add random delays (2-5s between actions), not fixed intervals.\nSession stickiness: Use same proxy IP for 10-30 min sessions, don't rotate every request." }, { "title": "Headless Mode Warning", "body": "āš ļø Old --headless flag is DETECTED. Options:\n\nNew Headless: Use headless=\"new\" (Chrome 109+)\nXvfb: Run headed browser in virtual display\nHeaded: Just run headed if you can (most reliable)\n\n# Xvfb approach (Linux)\nXvfb :99 -screen 0 1920x1080x24 &\nexport DISPLAY=:99\npython scripts/camoufox-fetch.py \"https://example.com\"" }, { "title": "Troubleshooting", "body": "ProblemSolution\"Access Denied\" immediatelyUse residential proxyCloudflare challenge loopsTry Camoufox instead of NodriverBrowser crashes in pyboxInstall missing deps: sudo dnf install gtk3 libXtTLS fingerprint blockedUse curl_cffi with impersonate=\"chrome120\"Turnstile checkbox appearsAdd mouse movement, increase wait timeModuleNotFoundError: camoufoxUse python3.14 not python or python3greenlet segfault (exit 139)Python version mismatch - use python3.14 explicitlylibstdc++.so.6 errorsNixOS lib path issue - use python3.14 in pybox" }, { "title": "Python Version Issues (NixOS/pybox)", "body": "The pybox container may have multiple Python versions with separate site-packages:\n\n# Check which Python has camoufox\ndistrobox-enter pybox -- python3.14 -c \"import camoufox; print('OK')\"\n\n# Wrong (may use different Python)\ndistrobox-enter pybox -- python3.14 scripts/camoufox-session.py ...\n\n# Correct (explicit version)\ndistrobox-enter pybox -- python3.14 scripts/camoufox-session.py ...\n\nIf you get segfaults or import errors, always use python3.14 explicitly." }, { "title": "Scrape Airbnb Listing", "body": "distrobox-enter pybox -- python3.14 scripts/camoufox-fetch.py \\\n \"https://www.airbnb.com/rooms/12345\" \\\n --headless --wait 10 \\\n --screenshot airbnb.png" }, { "title": "Scrape Yelp Business", "body": "distrobox-enter pybox -- python3.14 scripts/camoufox-fetch.py \\\n \"https://www.yelp.com/biz/some-restaurant\" \\\n --headless --wait 8 \\\n --output yelp.html" }, { "title": "API Scraping with TLS Spoofing", "body": "distrobox-enter pybox -- python3.14 scripts/curl-api.py \\\n \"https://api.yelp.com/v3/businesses/search?term=coffee&location=SF\" \\\n --headers '{\"Authorization\": \"Bearer xxx\"}'" }, { "title": "Session Management", "body": "Persistent sessions allow reusing authenticated state across runs without re-logging in." }, { "title": "Quick Start", "body": "# 1. Login interactively (headed browser opens)\ndistrobox-enter pybox -- python3.14 scripts/camoufox-session.py \\\n --profile airbnb --login \"https://www.airbnb.com/account-settings\"\n\n# Complete login in browser, then press Enter to save session\n\n# 2. Reuse session in headless mode\ndistrobox-enter pybox -- python3.14 scripts/camoufox-session.py \\\n --profile airbnb --headless \"https://www.airbnb.com/trips\"\n\n# 3. Check session status\ndistrobox-enter pybox -- python3.14 scripts/camoufox-session.py \\\n --profile airbnb --status \"https://www.airbnb.com\"" }, { "title": "Flags", "body": "FlagDescription--profile NAMENamed profile for session storage (required)--loginInteractive login mode - opens headed browser--headlessUse saved session in headless mode--statusCheck if session appears valid--export-cookies FILEExport cookies to JSON for backup--import-cookies FILEImport cookies from JSON file" }, { "title": "Storage", "body": "Location: ~/.stealth-browser/profiles//\nPermissions: Directory 700, files 600\nProfile names: Letters, numbers, _, - only (1-63 chars)" }, { "title": "Cookie Handling", "body": "Save: All cookies from all domains stored in browser profile\nRestore: Only cookies matching target URL domain are used\nSSO: If redirected to Google/auth domain, re-authenticate once and profile updates" }, { "title": "Login Wall Detection", "body": "The script detects session expiry using multiple signals:\n\nHTTP status: 401, 403\nURL patterns: /login, /signin, /auth\nTitle patterns: \"login\", \"sign in\", etc.\nContent keywords: \"captcha\", \"verify\", \"authenticate\"\nForm detection: Password input fields\n\nIf detected during --headless mode, you'll see:\n\nšŸ”’ Login wall signals: url-path, password-form\n\nRe-run with --login to refresh the session." }, { "title": "Remote Login (SSH)", "body": "Since --login requires a visible browser, you need display forwarding:\n\nX11 Forwarding (Preferred):\n\n# Connect with X11 forwarding\nssh -X user@server\n\n# Run login (opens browser on your local machine)\ndistrobox-enter pybox -- python3.14 scripts/camoufox-session.py \\\n --profile mysite --login \"https://example.com\"\n\nVNC Alternative:\n\n# On server: start VNC session\nvncserver :1\n\n# On client: connect to VNC\nvncviewer server:1\n\n# In VNC session: run login\ndistrobox-enter pybox -- python3.14 scripts/camoufox-session.py \\\n --profile mysite --login \"https://example.com\"" }, { "title": "Security Notes", "body": "āš ļø Cookies are credentials. Treat profile directories like passwords:\n\nProfile dirs have chmod 700 (owner only)\nCookie exports have chmod 600\nDon't share profiles or exported cookies over insecure channels\nConsider encrypting backups" }, { "title": "Limitations", "body": "LimitationReasonlocalStorage/sessionStorage not exportedUse browser profile instead (handles automatically)IndexedDB not portableStored in browser profile, not cookie exportNo parallel profile accessNo file locking in v1; use one process per profile" }, { "title": "References", "body": "references/proxy-setup.md ā€” Proxy configuration guide\nreferences/fingerprint-checks.md ā€” What anti-bot systems check" } ], "body": "Camoufox Stealth Browser šŸ¦Š\n\nC++ level anti-bot evasion using Camoufox ā€” a custom Firefox fork with stealth patches compiled into the browser itself, not bolted on via JavaScript.\n\nWhy Camoufox > Chrome-based Solutions\nApproach\tDetection Level\tTools\nCamoufox (this skill)\tC++ compiled patches\tUndetectable fingerprints baked into browser\nundetected-chromedriver\tJS runtime patches\tCan be detected by timing analysis\npuppeteer-stealth\tJS injection\tPatches applied after page load = detectable\nplaywright-stealth\tJS injection\tSame limitations\n\nCamoufox patches Firefox at the source code level ā€” WebGL, Canvas, AudioContext fingerprints are genuinely spoofed, not masked by JavaScript overrides that anti-bot systems can detect.\n\nKey Advantages\nC++ Level Stealth ā€” Fingerprint spoofing compiled into the browser, not JS hacks\nContainer Isolation ā€” Runs in distrobox, keeping your host system clean\nDual-Tool Approach ā€” Camoufox for browsers, curl_cffi for API-only (no browser overhead)\nFirefox-Based ā€” Less fingerprinted than Chrome (everyone uses Chrome for bots)\nWhen to Use\nStandard Playwright/Selenium gets blocked\nSite shows Cloudflare challenge or \"checking your browser\"\nNeed to scrape Airbnb, Yelp, or similar protected sites\npuppeteer-stealth or undetected-chromedriver stopped working\nYou need actual stealth, not JS band-aids\nTool Selection\nTool\tLevel\tBest For\nCamoufox\tC++ patches\tAll protected sites - Cloudflare, Datadome, Yelp, Airbnb\ncurl_cffi\tTLS spoofing\tAPI endpoints only - no JS needed, very fast\nQuick Start\n\nAll scripts run in pybox distrobox for isolation.\n\nāš ļø Use python3.14 explicitly - pybox may have multiple Python versions with different packages installed.\n\n1. Setup (First Time)\n# Install tools in pybox (use python3.14)\ndistrobox-enter pybox -- python3.14 -m pip install camoufox curl_cffi\n\n# Camoufox browser downloads automatically on first run (~700MB Firefox fork)\n\n2. Fetch a Protected Page\n\nBrowser (Camoufox):\n\ndistrobox-enter pybox -- python3.14 scripts/camoufox-fetch.py \"https://example.com\" --headless\n\n\nAPI only (curl_cffi):\n\ndistrobox-enter pybox -- python3.14 scripts/curl-api.py \"https://api.example.com/endpoint\"\n\nArchitecture\nā”Œā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”\nā”‚ OpenClaw Agent ā”‚\nā”œā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”¤\nā”‚ distrobox-enter pybox -- python3.14 scripts/xxx.py ā”‚\nā”œā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”¤\nā”‚ pybox Container ā”‚\nā”‚ ā”Œā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā” ā”Œā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā” ā”‚\nā”‚ ā”‚ Camoufox ā”‚ ā”‚ curl_cffi ā”‚ ā”‚\nā”‚ ā”‚ (Firefox) ā”‚ ā”‚ (TLS spoof)ā”‚ ā”‚\nā”‚ ā””ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”˜ ā””ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”˜ ā”‚\nā””ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”˜\n\nTool Details\nCamoufox\nWhat: Custom Firefox build with C++ level stealth patches\nPros: Best fingerprint evasion, passes Turnstile automatically\nCons: ~700MB download, Firefox-based\nBest for: All protected sites - Cloudflare, Datadome, Yelp, Airbnb\ncurl_cffi\nWhat: Python HTTP client with browser TLS fingerprint spoofing\nPros: No browser overhead, very fast\nCons: No JS execution, API endpoints only\nBest for: Known API endpoints, mobile app reverse engineering\nCritical: Proxy Requirements\n\nDatacenter IPs (AWS, DigitalOcean) = INSTANT BLOCK on Airbnb/Yelp\n\nYou MUST use residential or mobile proxies:\n\n# Example proxy config\nproxy = \"http://user:pass@residential-proxy.example.com:8080\"\n\n\nSee references/proxy-setup.md for proxy configuration.\n\nBehavioral Tips\n\nSites like Airbnb/Yelp use behavioral analysis. To avoid detection:\n\nWarm up: Don't hit target URL directly. Visit homepage first, scroll, click around.\nMouse movements: Inject random mouse movements (Camoufox handles this).\nTiming: Add random delays (2-5s between actions), not fixed intervals.\nSession stickiness: Use same proxy IP for 10-30 min sessions, don't rotate every request.\nHeadless Mode Warning\n\nāš ļø Old --headless flag is DETECTED. Options:\n\nNew Headless: Use headless=\"new\" (Chrome 109+)\nXvfb: Run headed browser in virtual display\nHeaded: Just run headed if you can (most reliable)\n# Xvfb approach (Linux)\nXvfb :99 -screen 0 1920x1080x24 &\nexport DISPLAY=:99\npython scripts/camoufox-fetch.py \"https://example.com\"\n\nTroubleshooting\nProblem\tSolution\n\"Access Denied\" immediately\tUse residential proxy\nCloudflare challenge loops\tTry Camoufox instead of Nodriver\nBrowser crashes in pybox\tInstall missing deps: sudo dnf install gtk3 libXt\nTLS fingerprint blocked\tUse curl_cffi with impersonate=\"chrome120\"\nTurnstile checkbox appears\tAdd mouse movement, increase wait time\nModuleNotFoundError: camoufox\tUse python3.14 not python or python3\ngreenlet segfault (exit 139)\tPython version mismatch - use python3.14 explicitly\nlibstdc++.so.6 errors\tNixOS lib path issue - use python3.14 in pybox\nPython Version Issues (NixOS/pybox)\n\nThe pybox container may have multiple Python versions with separate site-packages:\n\n# Check which Python has camoufox\ndistrobox-enter pybox -- python3.14 -c \"import camoufox; print('OK')\"\n\n# Wrong (may use different Python)\ndistrobox-enter pybox -- python3.14 scripts/camoufox-session.py ...\n\n# Correct (explicit version)\ndistrobox-enter pybox -- python3.14 scripts/camoufox-session.py ...\n\n\nIf you get segfaults or import errors, always use python3.14 explicitly.\n\nExamples\nScrape Airbnb Listing\ndistrobox-enter pybox -- python3.14 scripts/camoufox-fetch.py \\\n \"https://www.airbnb.com/rooms/12345\" \\\n --headless --wait 10 \\\n --screenshot airbnb.png\n\nScrape Yelp Business\ndistrobox-enter pybox -- python3.14 scripts/camoufox-fetch.py \\\n \"https://www.yelp.com/biz/some-restaurant\" \\\n --headless --wait 8 \\\n --output yelp.html\n\nAPI Scraping with TLS Spoofing\ndistrobox-enter pybox -- python3.14 scripts/curl-api.py \\\n \"https://api.yelp.com/v3/businesses/search?term=coffee&location=SF\" \\\n --headers '{\"Authorization\": \"Bearer xxx\"}'\n\nSession Management\n\nPersistent sessions allow reusing authenticated state across runs without re-logging in.\n\nQuick Start\n# 1. Login interactively (headed browser opens)\ndistrobox-enter pybox -- python3.14 scripts/camoufox-session.py \\\n --profile airbnb --login \"https://www.airbnb.com/account-settings\"\n\n# Complete login in browser, then press Enter to save session\n\n# 2. Reuse session in headless mode\ndistrobox-enter pybox -- python3.14 scripts/camoufox-session.py \\\n --profile airbnb --headless \"https://www.airbnb.com/trips\"\n\n# 3. Check session status\ndistrobox-enter pybox -- python3.14 scripts/camoufox-session.py \\\n --profile airbnb --status \"https://www.airbnb.com\"\n\nFlags\nFlag\tDescription\n--profile NAME\tNamed profile for session storage (required)\n--login\tInteractive login mode - opens headed browser\n--headless\tUse saved session in headless mode\n--status\tCheck if session appears valid\n--export-cookies FILE\tExport cookies to JSON for backup\n--import-cookies FILE\tImport cookies from JSON file\nStorage\nLocation: ~/.stealth-browser/profiles//\nPermissions: Directory 700, files 600\nProfile names: Letters, numbers, _, - only (1-63 chars)\nCookie Handling\nSave: All cookies from all domains stored in browser profile\nRestore: Only cookies matching target URL domain are used\nSSO: If redirected to Google/auth domain, re-authenticate once and profile updates\nLogin Wall Detection\n\nThe script detects session expiry using multiple signals:\n\nHTTP status: 401, 403\nURL patterns: /login, /signin, /auth\nTitle patterns: \"login\", \"sign in\", etc.\nContent keywords: \"captcha\", \"verify\", \"authenticate\"\nForm detection: Password input fields\n\nIf detected during --headless mode, you'll see:\n\nšŸ”’ Login wall signals: url-path, password-form\n\n\nRe-run with --login to refresh the session.\n\nRemote Login (SSH)\n\nSince --login requires a visible browser, you need display forwarding:\n\nX11 Forwarding (Preferred):\n\n# Connect with X11 forwarding\nssh -X user@server\n\n# Run login (opens browser on your local machine)\ndistrobox-enter pybox -- python3.14 scripts/camoufox-session.py \\\n --profile mysite --login \"https://example.com\"\n\n\nVNC Alternative:\n\n# On server: start VNC session\nvncserver :1\n\n# On client: connect to VNC\nvncviewer server:1\n\n# In VNC session: run login\ndistrobox-enter pybox -- python3.14 scripts/camoufox-session.py \\\n --profile mysite --login \"https://example.com\"\n\nSecurity Notes\n\nāš ļø Cookies are credentials. Treat profile directories like passwords:\n\nProfile dirs have chmod 700 (owner only)\nCookie exports have chmod 600\nDon't share profiles or exported cookies over insecure channels\nConsider encrypting backups\nLimitations\nLimitation\tReason\nlocalStorage/sessionStorage not exported\tUse browser profile instead (handles automatically)\nIndexedDB not portable\tStored in browser profile, not cookie export\nNo parallel profile access\tNo file locking in v1; use one process per profile\nReferences\nreferences/proxy-setup.md ā€” Proxy configuration guide\nreferences/fingerprint-checks.md ā€” What anti-bot systems check" }, "trust": { "sourceLabel": "tencent", "provenanceUrl": "https://clawhub.ai/kesslerio/camoufox-stealth", "publisherUrl": "https://clawhub.ai/kesslerio/camoufox-stealth", "owner": "kesslerio", "version": "1.0.0", "license": null, "verificationStatus": "Indexed source record" }, "links": { "detailUrl": "https://openagent3.xyz/skills/camoufox-stealth", "downloadUrl": "https://openagent3.xyz/downloads/camoufox-stealth", "agentUrl": "https://openagent3.xyz/skills/camoufox-stealth/agent", "manifestUrl": "https://openagent3.xyz/skills/camoufox-stealth/agent.json", "briefUrl": "https://openagent3.xyz/skills/camoufox-stealth/agent.md" } }