# Send Camoufox Stealth Browser to your agent
Hand the extracted package to your coding agent with a concrete install brief instead of figuring it out manually.
## Fast path
- Download the package from Yavira.
- Extract it into a folder your agent can access.
- Paste one of the prompts below and point your agent at the extracted folder.
## Suggested prompts
### New install

```text
I downloaded a skill package from Yavira. Read SKILL.md from the extracted folder and install it by following the included instructions. Then review README.md for any prerequisites, environment setup, or post-install checks. Tell me what you changed and call out any manual steps you could not complete.
```
### Upgrade existing

```text
I downloaded an updated skill package from Yavira. Read SKILL.md from the extracted folder, compare it with my current installation, and upgrade it while preserving any custom configuration unless the package docs explicitly say otherwise. Then review README.md for any prerequisites, environment setup, or post-install checks. Summarize what changed and any follow-up checks I should run.
```
## Machine-readable fields
```json
{
  "schemaVersion": "1.0",
  "item": {
    "slug": "camoufox-stealth",
    "name": "Camoufox Stealth Browser",
    "source": "tencent",
    "type": "skill",
    "category": "效率提升",
    "sourceUrl": "https://clawhub.ai/kesslerio/camoufox-stealth",
    "canonicalUrl": "https://clawhub.ai/kesslerio/camoufox-stealth",
    "targetPlatform": "OpenClaw"
  },
  "install": {
    "downloadUrl": "/downloads/camoufox-stealth",
    "sourceDownloadUrl": "https://wry-manatee-359.convex.site/api/v1/download?slug=camoufox-stealth",
    "sourcePlatform": "tencent",
    "targetPlatform": "OpenClaw",
    "packageFormat": "ZIP package",
    "primaryDoc": "SKILL.md",
    "includedAssets": [
      "README.md",
      "SKILL.md",
      "references/fingerprint-checks.md",
      "references/proxy-setup.md",
      "scripts/camoufox-fetch.py",
      "scripts/camoufox-session.py"
    ],
    "downloadMode": "redirect",
    "sourceHealth": {
      "source": "tencent",
      "status": "healthy",
      "reason": "direct_download_ok",
      "recommendedAction": "download",
      "checkedAt": "2026-04-23T16:43:11.935Z",
      "expiresAt": "2026-04-30T16:43:11.935Z",
      "httpStatus": 200,
      "finalUrl": "https://wry-manatee-359.convex.site/api/v1/download?slug=4claw-imageboard",
      "contentType": "application/zip",
      "probeMethod": "head",
      "details": {
        "probeUrl": "https://wry-manatee-359.convex.site/api/v1/download?slug=4claw-imageboard",
        "contentDisposition": "attachment; filename=\"4claw-imageboard-1.0.1.zip\"",
        "redirectLocation": null,
        "bodySnippet": null
      },
      "scope": "source",
      "summary": "Source download looks usable.",
      "detail": "Yavira can redirect you to the upstream package for this source.",
      "primaryActionLabel": "Download for OpenClaw",
      "primaryActionHref": "/downloads/camoufox-stealth"
    },
    "validation": {
      "installChecklist": [
        "Use the Yavira download entry.",
        "Review SKILL.md after the package is downloaded.",
        "Confirm the extracted package contains the expected setup assets."
      ],
      "postInstallChecks": [
        "Confirm the extracted package includes the expected docs or setup files.",
        "Validate the skill or prompts are available in your target agent workspace.",
        "Capture any manual follow-up steps the agent could not complete."
      ]
    }
  },
  "links": {
    "detailUrl": "https://openagent3.xyz/skills/camoufox-stealth",
    "downloadUrl": "https://openagent3.xyz/downloads/camoufox-stealth",
    "agentUrl": "https://openagent3.xyz/skills/camoufox-stealth/agent",
    "manifestUrl": "https://openagent3.xyz/skills/camoufox-stealth/agent.json",
    "briefUrl": "https://openagent3.xyz/skills/camoufox-stealth/agent.md"
  }
}
```
## Documentation

### Camoufox Stealth Browser 🦊

C++ level anti-bot evasion using Camoufox — a custom Firefox fork with stealth patches compiled into the browser itself, not bolted on via JavaScript.

### Why Camoufox > Chrome-based Solutions

ApproachDetection LevelToolsCamoufox (this skill)C++ compiled patchesUndetectable fingerprints baked into browserundetected-chromedriverJS runtime patchesCan be detected by timing analysispuppeteer-stealthJS injectionPatches applied after page load = detectableplaywright-stealthJS injectionSame limitations

Camoufox patches Firefox at the source code level — WebGL, Canvas, AudioContext fingerprints are genuinely spoofed, not masked by JavaScript overrides that anti-bot systems can detect.

### Key Advantages

C++ Level Stealth — Fingerprint spoofing compiled into the browser, not JS hacks
Container Isolation — Runs in distrobox, keeping your host system clean
Dual-Tool Approach — Camoufox for browsers, curl_cffi for API-only (no browser overhead)
Firefox-Based — Less fingerprinted than Chrome (everyone uses Chrome for bots)

### When to Use

Standard Playwright/Selenium gets blocked
Site shows Cloudflare challenge or "checking your browser"
Need to scrape Airbnb, Yelp, or similar protected sites
puppeteer-stealth or undetected-chromedriver stopped working
You need actual stealth, not JS band-aids

### Tool Selection

ToolLevelBest ForCamoufoxC++ patchesAll protected sites - Cloudflare, Datadome, Yelp, Airbnbcurl_cffiTLS spoofingAPI endpoints only - no JS needed, very fast

### Quick Start

All scripts run in pybox distrobox for isolation.

⚠️ Use python3.14 explicitly - pybox may have multiple Python versions with different packages installed.

### 1. Setup (First Time)

# Install tools in pybox (use python3.14)
distrobox-enter pybox -- python3.14 -m pip install camoufox curl_cffi

# Camoufox browser downloads automatically on first run (~700MB Firefox fork)

### 2. Fetch a Protected Page

Browser (Camoufox):

distrobox-enter pybox -- python3.14 scripts/camoufox-fetch.py "https://example.com" --headless

API only (curl_cffi):

distrobox-enter pybox -- python3.14 scripts/curl-api.py "https://api.example.com/endpoint"

### Architecture

┌─────────────────────────────────────────────────────────┐
│                     OpenClaw Agent                       │
├─────────────────────────────────────────────────────────┤
│  distrobox-enter pybox -- python3.14 scripts/xxx.py         │
├─────────────────────────────────────────────────────────┤
│                      pybox Container                     │
│         ┌─────────────┐  ┌─────────────┐               │
│         │  Camoufox   │  │  curl_cffi  │               │
│         │  (Firefox)  │  │  (TLS spoof)│               │
│         └─────────────┘  └─────────────┘               │
└─────────────────────────────────────────────────────────┘

### Camoufox

What: Custom Firefox build with C++ level stealth patches
Pros: Best fingerprint evasion, passes Turnstile automatically
Cons: ~700MB download, Firefox-based
Best for: All protected sites - Cloudflare, Datadome, Yelp, Airbnb

### curl_cffi

What: Python HTTP client with browser TLS fingerprint spoofing
Pros: No browser overhead, very fast
Cons: No JS execution, API endpoints only
Best for: Known API endpoints, mobile app reverse engineering

### Critical: Proxy Requirements

Datacenter IPs (AWS, DigitalOcean) = INSTANT BLOCK on Airbnb/Yelp

You MUST use residential or mobile proxies:

# Example proxy config
proxy = "http://user:pass@residential-proxy.example.com:8080"

See references/proxy-setup.md for proxy configuration.

### Behavioral Tips

Sites like Airbnb/Yelp use behavioral analysis. To avoid detection:

Warm up: Don't hit target URL directly. Visit homepage first, scroll, click around.
Mouse movements: Inject random mouse movements (Camoufox handles this).
Timing: Add random delays (2-5s between actions), not fixed intervals.
Session stickiness: Use same proxy IP for 10-30 min sessions, don't rotate every request.

### Headless Mode Warning

⚠️ Old --headless flag is DETECTED. Options:

New Headless: Use headless="new" (Chrome 109+)
Xvfb: Run headed browser in virtual display
Headed: Just run headed if you can (most reliable)

# Xvfb approach (Linux)
Xvfb :99 -screen 0 1920x1080x24 &
export DISPLAY=:99
python scripts/camoufox-fetch.py "https://example.com"

### Troubleshooting

ProblemSolution"Access Denied" immediatelyUse residential proxyCloudflare challenge loopsTry Camoufox instead of NodriverBrowser crashes in pyboxInstall missing deps: sudo dnf install gtk3 libXtTLS fingerprint blockedUse curl_cffi with impersonate="chrome120"Turnstile checkbox appearsAdd mouse movement, increase wait timeModuleNotFoundError: camoufoxUse python3.14 not python or python3greenlet segfault (exit 139)Python version mismatch - use python3.14 explicitlylibstdc++.so.6 errorsNixOS lib path issue - use python3.14 in pybox

### Python Version Issues (NixOS/pybox)

The pybox container may have multiple Python versions with separate site-packages:

# Check which Python has camoufox
distrobox-enter pybox -- python3.14 -c "import camoufox; print('OK')"

# Wrong (may use different Python)
distrobox-enter pybox -- python3.14 scripts/camoufox-session.py ...

# Correct (explicit version)
distrobox-enter pybox -- python3.14 scripts/camoufox-session.py ...

If you get segfaults or import errors, always use python3.14 explicitly.

### Scrape Airbnb Listing

distrobox-enter pybox -- python3.14 scripts/camoufox-fetch.py \\
  "https://www.airbnb.com/rooms/12345" \\
  --headless --wait 10 \\
  --screenshot airbnb.png

### Scrape Yelp Business

distrobox-enter pybox -- python3.14 scripts/camoufox-fetch.py \\
  "https://www.yelp.com/biz/some-restaurant" \\
  --headless --wait 8 \\
  --output yelp.html

### API Scraping with TLS Spoofing

distrobox-enter pybox -- python3.14 scripts/curl-api.py \\
  "https://api.yelp.com/v3/businesses/search?term=coffee&location=SF" \\
  --headers '{"Authorization": "Bearer xxx"}'

### Session Management

Persistent sessions allow reusing authenticated state across runs without re-logging in.

### Quick Start

# 1. Login interactively (headed browser opens)
distrobox-enter pybox -- python3.14 scripts/camoufox-session.py \\
  --profile airbnb --login "https://www.airbnb.com/account-settings"

# Complete login in browser, then press Enter to save session

# 2. Reuse session in headless mode
distrobox-enter pybox -- python3.14 scripts/camoufox-session.py \\
  --profile airbnb --headless "https://www.airbnb.com/trips"

# 3. Check session status
distrobox-enter pybox -- python3.14 scripts/camoufox-session.py \\
  --profile airbnb --status "https://www.airbnb.com"

### Flags

FlagDescription--profile NAMENamed profile for session storage (required)--loginInteractive login mode - opens headed browser--headlessUse saved session in headless mode--statusCheck if session appears valid--export-cookies FILEExport cookies to JSON for backup--import-cookies FILEImport cookies from JSON file

### Storage

Location: ~/.stealth-browser/profiles/<name>/
Permissions: Directory 700, files 600
Profile names: Letters, numbers, _, - only (1-63 chars)

### Cookie Handling

Save: All cookies from all domains stored in browser profile
Restore: Only cookies matching target URL domain are used
SSO: If redirected to Google/auth domain, re-authenticate once and profile updates

### Login Wall Detection

The script detects session expiry using multiple signals:

HTTP status: 401, 403
URL patterns: /login, /signin, /auth
Title patterns: "login", "sign in", etc.
Content keywords: "captcha", "verify", "authenticate"
Form detection: Password input fields

If detected during --headless mode, you'll see:

🔒 Login wall signals: url-path, password-form

Re-run with --login to refresh the session.

### Remote Login (SSH)

Since --login requires a visible browser, you need display forwarding:

X11 Forwarding (Preferred):

# Connect with X11 forwarding
ssh -X user@server

# Run login (opens browser on your local machine)
distrobox-enter pybox -- python3.14 scripts/camoufox-session.py \\
  --profile mysite --login "https://example.com"

VNC Alternative:

# On server: start VNC session
vncserver :1

# On client: connect to VNC
vncviewer server:1

# In VNC session: run login
distrobox-enter pybox -- python3.14 scripts/camoufox-session.py \\
  --profile mysite --login "https://example.com"

### Security Notes

⚠️ Cookies are credentials. Treat profile directories like passwords:

Profile dirs have chmod 700 (owner only)
Cookie exports have chmod 600
Don't share profiles or exported cookies over insecure channels
Consider encrypting backups

### Limitations

LimitationReasonlocalStorage/sessionStorage not exportedUse browser profile instead (handles automatically)IndexedDB not portableStored in browser profile, not cookie exportNo parallel profile accessNo file locking in v1; use one process per profile

### References

references/proxy-setup.md — Proxy configuration guide
references/fingerprint-checks.md — What anti-bot systems check
## Trust
- Source: tencent
- Verification: Indexed source record
- Publisher: kesslerio
- Version: 1.0.0
## Source health
- Status: healthy
- Source download looks usable.
- Yavira can redirect you to the upstream package for this source.
- Health scope: source
- Reason: direct_download_ok
- Checked at: 2026-04-23T16:43:11.935Z
- Expires at: 2026-04-30T16:43:11.935Z
- Recommended action: Download for OpenClaw
## Links
- [Detail page](https://openagent3.xyz/skills/camoufox-stealth)
- [Send to Agent page](https://openagent3.xyz/skills/camoufox-stealth/agent)
- [JSON manifest](https://openagent3.xyz/skills/camoufox-stealth/agent.json)
- [Markdown brief](https://openagent3.xyz/skills/camoufox-stealth/agent.md)
- [Download page](https://openagent3.xyz/downloads/camoufox-stealth)