@xbrowser/cli 0.14.0

package/dist/chunk-ZZ2TFWIV.js

@@ -0,0 +1,1382 @@
+// src/cdp-interceptor/proxy.ts
+import { WebSocketServer, WebSocket } from "ws";
+
+// src/cdp-interceptor/rules/shared.ts
+var PLAYWRIGHT_INTERNAL_MARKERS = [
+  "__commonJS",
+  "module.exports",
+  "__require",
+  "__toESM",
+  "inject_utils"
+];
+function isPlaywrightInternal(code) {
+  return PLAYWRIGHT_INTERNAL_MARKERS.some((marker) => code.includes(marker));
+}
+function extractUserCode(ctx) {
+  if (ctx.method === "Runtime.evaluate") {
+    const expr = ctx.params.expression;
+    if (typeof expr === "string") {
+      if (isPlaywrightInternal(expr)) return null;
+      return expr;
+    }
+  }
+  if (ctx.method === "Runtime.callFunctionOn") {
+    const decl = ctx.params.functionDeclaration;
+    if (typeof decl === "string" && decl.includes("utilityScript.evaluate")) {
+      return extractAllStrings(ctx.params.arguments);
+    }
+    if (typeof decl === "string") return decl;
+  }
+  return null;
+}
+function extractAllStrings(rawArgs) {
+  if (!Array.isArray(rawArgs)) return null;
+  const strings = [];
+  for (const arg of rawArgs) {
+    if (arg && typeof arg === "object" && "value" in arg) {
+      const val = arg.value;
+      if (typeof val === "string" && val.length > 5 && !["true", "false"].includes(val)) {
+        strings.push(val);
+      }
+    }
+  }
+  return strings.length > 0 ? strings.join("\n") : null;
+}
+
+// src/cdp-interceptor/rules/dom-mutation.ts
+var DOM_PATTERNS = [
+  // ── P0: Value/Checked (bypasses React onChange) ────────────
+  { pattern: /\.value\s*=\s*(?!["'\s]*$)/, name: ".value =", severity: "danger", action: "block", errorCode: -32001, suggestion: "Use page.fill(selector, value) which dispatches proper input/change events." },
+  { pattern: /\.checked\s*=\s*(?:true|false)/, name: ".checked =", severity: "danger", action: "block", errorCode: -32001, suggestion: "Use page.check(selector) or page.uncheck(selector)." },
+  { pattern: /\.indeterminate\s*=\s*true/, name: ".indeterminate =", severity: "warn", action: "block", errorCode: -32021, suggestion: "No human can set indeterminate state \u2014 remove this call." },
+  { pattern: /\.valueAsDate\s*=/, name: ".valueAsDate =", severity: "warn", action: "block", errorCode: -32022, suggestion: "Use page.fill() with formatted date string instead." },
+  { pattern: /\.valueAsNumber\s*=/, name: ".valueAsNumber =", severity: "warn", action: "block", errorCode: -32022, suggestion: "Use page.fill() with numeric string instead." },
+  // ── P1: Select/Option (bypasses React onChange on select) ─
+  { pattern: /\.selectedIndex\s*=\s*\d+/, name: ".selectedIndex =", severity: "danger", action: "block", errorCode: -32003, suggestion: "Use page.selectOption(selector, value)." },
+  { pattern: /(?:options|children)\s*\[[^\]]*\]\s*\.\s*selected\s*=\s*(?:true|false)/, name: "options[N].selected =", severity: "danger", action: "block", errorCode: -32003, suggestion: "Use page.selectOption(selector, value)." },
+  { pattern: /\.value\s*=\s*["'][^"']*["']\s*[;)]?\s*$/, name: "selectElement.value =", severity: "warn", action: "block", errorCode: -32023, suggestion: "For select elements, use page.selectOption(selector, value)." },
+  // ── P2: Content properties (bypasses virtual DOM diffing) ──
+  { pattern: /\.innerHTML\s*=/, name: ".innerHTML =", severity: "info", action: "pass", errorCode: -32007, suggestion: ".innerHTML bypasses React/Vue diffing. Use component state or page.setContent()." },
+  { pattern: /\.outerHTML\s*=/, name: ".outerHTML =", severity: "info", action: "pass", errorCode: -32007, suggestion: "outerHTML replacement destroys React fiber tree. Use page.setContent()." },
+  { pattern: /\.innerText\s*=/, name: ".innerText =", severity: "warn", action: "block", errorCode: -32024, suggestion: "Framework components should be updated via state, not innerText." },
+  { pattern: /\.textContent\s*=/, name: ".textContent =", severity: "warn", action: "block", errorCode: -32024, suggestion: "textContent bypasses React/Vue diffing. Use component state instead." },
+  { pattern: /\.outerText\s*=/, name: ".outerText =", severity: "warn", action: "block", errorCode: -32024, suggestion: "Non-standard property \u2014 use proper framework update methods." },
+  { pattern: /nodeValue\s*=/, name: "node.nodeValue =", severity: "info", action: "block", errorCode: -32025, suggestion: "Direct text node mutation. Use textContent instead if needed." },
+  // ── P3: Style properties ──────────────────────────────────
+  { pattern: /\.style\s*=\s*["']/, name: ".style = (string override)", severity: "info", action: "pass", errorCode: -32008, suggestion: 'Setting style as a string overwrites CSSStyleDeclaration. Use element.style.prop = "value".' },
+  { pattern: /\.style\.cssText\s*=/, name: ".style.cssText =", severity: "info", action: "pass", errorCode: -32008, suggestion: "style.cssText replacement destroys inline styles \u2014 use individual property set." },
+  { pattern: /\.style\.setProperty\s*\(/, name: ".style.setProperty()", severity: "info", action: "pass", errorCode: -32008, suggestion: "Direct style property set bypasses CSS transitions." },
+  { pattern: /\.style\.removeProperty\s*\(/, name: ".style.removeProperty()", severity: "info", action: "pass", errorCode: -32026, suggestion: "Style removal without user interaction is suspicious." },
+  { pattern: /\.style\.animation\s*=/, name: ".style.animation =", severity: "info", action: "pass", errorCode: -32027, suggestion: "Forcing animation state via CDP is detectable." },
+  { pattern: /\.style\.transition\s*=/, name: ".style.transition =", severity: "info", action: "pass", errorCode: -32027, suggestion: "Manipulating CSS transitions is rare in normal browsing." },
+  // ── P4: Class/Attribute properties ────────────────────────
+  { pattern: /\.className\s*=/, name: ".className =", severity: "info", action: "pass", errorCode: -32009, suggestion: "Use component state or a Playwright locator instead." },
+  { pattern: /\.classList\.add\s*\(/, name: ".classList.add()", severity: "info", action: "pass", errorCode: -32009, suggestion: "classList manipulation via CDP bypasses framework state tracking." },
+  { pattern: /\.classList\.remove\s*\(/, name: ".classList.remove()", severity: "info", action: "pass", errorCode: -32009, suggestion: "Use component state or attribute selectors instead." },
+  { pattern: /\.classList\.toggle\s*\(/, name: ".classList.toggle()", severity: "info", action: "pass", errorCode: -32009, suggestion: "Toggle without user interaction is detectable." },
+  { pattern: /\.classList\.replace\s*\(/, name: ".classList.replace()", severity: "info", action: "pass", errorCode: -32028, suggestion: "Rare operation \u2014 likely automated." },
+  // ── P5: Attribute manipulation ────────────────────────────
+  { pattern: /\.setAttribute\s*\(/, name: ".setAttribute()", severity: "info", action: "pass", errorCode: -32010, suggestion: "setAttribute bypasses framework attribute tracking. Use component state." },
+  { pattern: /\.removeAttribute\s*\(/, name: ".removeAttribute()", severity: "info", action: "pass", errorCode: -32010, suggestion: "Attribute removal without user interaction is suspicious." },
+  { pattern: /\.toggleAttribute\s*\(/, name: ".toggleAttribute()", severity: "info", action: "pass", errorCode: -32029, suggestion: "Attribute toggling via CDP is detectable." },
+  { pattern: /\.dataset\.\w+\s*=/, name: ".dataset.* =", severity: "info", action: "pass", errorCode: -32030, suggestion: "dataset mutations via evaluate bypass native mutation observers." },
+  // ── P6: Focus/Selection properties ────────────────────────
+  { pattern: /\.selectionStart\s*=/, name: ".selectionStart =", severity: "info", action: "pass", errorCode: -32011, suggestion: "Setting cursor position without focus is detectable." },
+  { pattern: /\.selectionEnd\s*=/, name: ".selectionEnd =", severity: "info", action: "pass", errorCode: -32011, suggestion: "Selection range manipulation without user input is suspicious." },
+  { pattern: /\.selectionDirection\s*=/, name: ".selectionDirection =", severity: "info", action: "pass", errorCode: -32031, suggestion: "Selection direction changes normally via mouse drag." },
+  // ── P7: Boolean properties ────────────────────────────────
+  { pattern: /\.disabled\s*=/, name: ".disabled =", severity: "info", action: "pass", errorCode: -32012, suggestion: "Disabling elements via CDP mid-interaction is detectable." },
+  { pattern: /\.readOnly\s*=/, name: ".readOnly =", severity: "info", action: "pass", errorCode: -32032, suggestion: "readOnly changes without user action." },
+  { pattern: /\.hidden\s*=/, name: ".hidden =", severity: "info", action: "pass", errorCode: -32012, suggestion: "Hiding elements is a common scraper tactic \u2014 detectable." },
+  { pattern: /\.required\s*=/, name: ".required =", severity: "info", action: "pass", errorCode: -32032, suggestion: "Validation constraint changes mid-session." },
+  { pattern: /\.multiple\s*=/, name: ".multiple =", severity: "info", action: "pass", errorCode: -32032, suggestion: "Multiple attribute toggle is rare in normal browsing." },
+  { pattern: /\.autofocus\s*=/, name: ".autofocus =", severity: "info", action: "pass", errorCode: -32032, suggestion: "autofocus changes mid-session are suspicious." },
+  // ── P8: Frame/Navigation properties ───────────────────────
+  { pattern: /\.src\s*=/, name: ".src = (on img/iframe/script)", severity: "info", action: "pass", errorCode: -32013, suggestion: "Changing src via CDP bypasses user interaction. Use page.click() on the element." },
+  { pattern: /\.href\s*=/, name: ".href =", severity: "info", action: "pass", errorCode: -32033, suggestion: "Changing anchor href via evaluate \u2014 use page.click() instead." },
+  { pattern: /\.action\s*=/, name: "form.action =", severity: "info", action: "pass", errorCode: -32034, suggestion: "Changing form action URL is highly suspicious." },
+  { pattern: /\.method\s*=/, name: "form.method =", severity: "info", action: "pass", errorCode: -32034, suggestion: "Form method changes without user interaction." },
+  { pattern: /\.target\s*=/, name: "link/area.target =", severity: "info", action: "pass", errorCode: -32034, suggestion: "Link target manipulation via CDP." },
+  // ── P9: Media properties ──────────────────────────────────
+  { pattern: /\.currentTime\s*=/, name: "media.currentTime = (seeking)", severity: "info", action: "pass", errorCode: -32014, suggestion: "Video seeking without user interaction \u2014 common scraper pattern." },
+  { pattern: /\.playbackRate\s*=/, name: "media.playbackRate =", severity: "info", action: "pass", errorCode: -32014, suggestion: "Changing playback speed is detectable automation signal." },
+  { pattern: /\.volume\s*=/, name: "media.volume =", severity: "info", action: "pass", errorCode: -32035, suggestion: "Volume setting via evaluate is suspicious." },
+  { pattern: /\.muted\s*=/, name: "media.muted =", severity: "info", action: "pass", errorCode: -32035, suggestion: "Muting media without user click is suspicious." },
+  // ── P10: Element geometry ─────────────────────────────────
+  { pattern: /\.scrollTop\s*=/, name: ".scrollTop =", severity: "info", action: "pass", errorCode: -32015, suggestion: "Programmatic scroll without user gesture. Use page.mouse.wheel()." },
+  { pattern: /\.scrollLeft\s*=/, name: ".scrollLeft =", severity: "info", action: "pass", errorCode: -32015, suggestion: "Horizontal scroll without user gesture." },
+  { pattern: /\.scrollTo\s*\(/, name: ".scrollTo()", severity: "info", action: "pass", errorCode: -32015, suggestion: "ScrollTo bypasses user scroll detection." },
+  { pattern: /\.scrollBy\s*\(/, name: ".scrollBy()", severity: "info", action: "pass", errorCode: -32015, suggestion: "ScrollBy without user gesture." },
+  { pattern: /\.scrollIntoView\s*\(/, name: ".scrollIntoView()", severity: "info", action: "pass", errorCode: -32015, suggestion: "scrollIntoView is a common bot pattern. Let Playwright handle scrolling." },
+  // ── P11: Shadow DOM ───────────────────────────────────────
+  { pattern: /\.shadowRoot\s*=/, name: ".shadowRoot = (override)", severity: "info", action: "block", errorCode: -32036, suggestion: "ShadowRoot is read-only \u2014 this set attempt is detectable." },
+  // ── P12: Force reflow / layout thrashing ──────────────────
+  { pattern: /\.offsetHeight\b(?!\s*===?\s*)/, name: ".offsetHeight read (forced reflow)", severity: "warn", action: "pass", errorCode: -32016, suggestion: "Reading offsetHeight triggers forced reflow \u2014 anti-crawlers detect this as layout probing." },
+  { pattern: /\.offsetWidth\b(?!\s*===?\s*)/, name: ".offsetWidth read (forced reflow)", severity: "warn", action: "pass", errorCode: -32016, suggestion: "Reading offsetWidth triggers forced reflow \u2014 detectable." },
+  { pattern: /getBoundingClientRect\s*\(/, name: "getBoundingClientRect()", severity: "warn", action: "pass", errorCode: -32037, suggestion: "getBoundingClientRect triggers reflow. Minimize calls." },
+  { pattern: /getComputedStyle\s*\(/, name: "getComputedStyle()", severity: "info", action: "pass", errorCode: -32038, suggestion: "getComputedStyle can trigger style recalculation." },
+  { pattern: /\.clientHeight\b/, name: ".clientHeight read", severity: "info", action: "pass", errorCode: -32038, suggestion: "clientHeight read triggers layout." },
+  { pattern: /\.clientWidth\b/, name: ".clientWidth read", severity: "info", action: "pass", errorCode: -32038, suggestion: "clientWidth read triggers layout." }
+];
+var domMutationRule = {
+  id: "dom-mutation",
+  name: "DOM Property Mutation Detection (50+ setters)",
+  priority: 10,
+  canHandle(ctx) {
+    return ctx.method === "Runtime.evaluate" || ctx.method === "Runtime.callFunctionOn";
+  },
+  evaluate(ctx) {
+    const userCode = extractUserCode(ctx);
+    if (!userCode) return null;
+    for (const p of DOM_PATTERNS) {
+      if (p.pattern.test(userCode)) {
+        return {
+          ruleId: "dom-mutation",
+          action: p.action,
+          severity: p.severity,
+          reason: `Direct DOM property setter: "${p.name}". This bypasses framework event systems and is detectable as automation.`,
+          suggestion: p.suggestion,
+          errorCode: p.errorCode,
+          errorMessage: p.severity === "danger" ? `[CDP Firewall] ${p.name} blocked \u2014 bypasses framework reactivity` : `[CDP Firewall] ${p.name} detected \u2014 use proper interaction API`
+        };
+      }
+    }
+    return null;
+  }
+};
+
+// src/cdp-interceptor/rules/mouse-trajectory.ts
+var TRACKER_KEY = "mouse-trajectory-tracker";
+var MAX_SAMPLES = 200;
+var MIN_SAMPLES_FOR_ANALYSIS = 5;
+var mouseTrajectoryRule = {
+  id: "mouse-trajectory",
+  name: "Mouse Trajectory Analysis",
+  priority: 20,
+  canHandle(ctx) {
+    return ctx.method === "Input.dispatchMouseEvent";
+  },
+  evaluate(ctx) {
+    const type = ctx.params.type;
+    const x = ctx.params.x;
+    const y = ctx.params.y;
+    if (typeof x !== "number" || typeof y !== "number") return null;
+    let tracker = ctx.sessionState.get(TRACKER_KEY);
+    if (!tracker) {
+      tracker = { samples: [], lastMouseDownAt: 0, isDragging: false };
+      ctx.sessionState.set(TRACKER_KEY, tracker);
+    }
+    if (type === "mousePressed") {
+      const priorResult = analyzeTrajectory(tracker.samples);
+      tracker.lastMouseDownAt = Date.now();
+      tracker.isDragging = true;
+      tracker.samples = [];
+      return priorResult;
+    }
+    if (type === "mouseReleased") {
+      tracker.isDragging = false;
+      const result = analyzeTrajectory(tracker.samples);
+      tracker.samples = [];
+      return result;
+    }
+    if (type === "mouseMoved") {
+      const now = Date.now();
+      const prevSample = tracker.samples[tracker.samples.length - 1];
+      const distanceTraveled = prevSample ? prevSample.distanceTraveled + distance(prevSample.x, prevSample.y, x, y) : 0;
+      const sample = { x, y, timestamp: now, distanceTraveled };
+      tracker.samples.push(sample);
+      if (tracker.samples.length > MAX_SAMPLES) {
+        tracker.samples.shift();
+      }
+      return null;
+    }
+    if (type === "mouseReleased" && tracker.samples.length < MIN_SAMPLES_FOR_ANALYSIS) {
+      tracker.samples = [];
+      return null;
+    }
+    return null;
+  }
+};
+function analyzeTrajectory(samples) {
+  if (samples.length < MIN_SAMPLES_FOR_ANALYSIS) return null;
+  const issues = [];
+  const startX = samples[0].x;
+  const startY = samples[0].y;
+  const endX = samples[samples.length - 1].x;
+  const endY = samples[samples.length - 1].y;
+  const lineLength = distance(startX, startY, endX, endY);
+  const collinearityResult = checkCollinearity(samples, startX, startY, endX, endY, lineLength);
+  if (collinearityResult) {
+    issues.push(collinearityResult);
+  }
+  const velocityResult = checkConstantVelocity(samples);
+  if (velocityResult) {
+    issues.push(velocityResult);
+  }
+  const jitterResult = checkJitter(samples);
+  if (jitterResult) {
+    issues.push(jitterResult);
+  }
+  if (issues.length === 0) return null;
+  const stopX = samples[samples.length - 1].x;
+  const stopY = samples[samples.length - 1].y;
+  return {
+    ruleId: "mouse-trajectory",
+    action: "block",
+    severity: "danger",
+    reason: `Suspicious mouse trajectory: ${issues.join("; ")}`,
+    suggestion: `This mouse movement appears automated (straight line A\u2192B, no natural variation).
+  Use a humanized mouse API that generates:
+  - Bezier curves instead of straight lines
+  - Random acceleration/deceleration
+  - 1-3px micro-jitter per sample
+
+  Example: The 'faker' or 'ghost-cursor' libraries generate realistic mouse paths.
+  Target was: (${Math.round(startX)}, ${Math.round(startY)}) \u2192 (${Math.round(stopX)}, ${Math.round(stopY)})`,
+    errorCode: -32002,
+    errorMessage: "[CDP Firewall] Automated mouse trajectory blocked \u2014 appears non-human"
+  };
+}
+function distance(x1, y1, x2, y2) {
+  return Math.sqrt((x2 - x1) ** 2 + (y2 - y1) ** 2);
+}
+function checkCollinearity(samples, x1, y1, x2, y2, lineLength) {
+  if (lineLength < 5) return null;
+  let maxDeviation = 0;
+  const dx = x2 - x1;
+  const dy = y2 - y1;
+  for (let i = 1; i < samples.length - 1; i++) {
+    const { x, y } = samples[i];
+    const cross = Math.abs(dy * x - dx * y + x2 * y1 - y2 * x1);
+    const dev = cross / lineLength;
+    if (dev > maxDeviation) maxDeviation = dev;
+  }
+  if (maxDeviation < 1.5 && lineLength > 20) {
+    return `Perfectly straight line (max deviation ${maxDeviation.toFixed(1)}px over ${lineLength.toFixed(0)}px)`;
+  }
+  if (maxDeviation < 0.5 && lineLength > 10) {
+    return `Near-perfect straight line (max deviation ${maxDeviation.toFixed(1)}px)`;
+  }
+  return null;
+}
+function checkConstantVelocity(samples) {
+  if (samples.length < 3) return null;
+  const speeds = [];
+  for (let i = 1; i < samples.length; i++) {
+    const d = distance(
+      samples[i - 1].x,
+      samples[i - 1].y,
+      samples[i].x,
+      samples[i].y
+    );
+    const dt = samples[i].timestamp - samples[i - 1].timestamp;
+    if (dt > 0) speeds.push(d / dt);
+  }
+  if (speeds.length < 2) return null;
+  const mean = speeds.reduce((a, b) => a + b, 0) / speeds.length;
+  if (mean === 0) return null;
+  const variance = speeds.reduce((sum, v) => sum + (v - mean) ** 2, 0) / speeds.length;
+  const stddev = Math.sqrt(variance);
+  const cv = stddev / mean;
+  if (cv < 0.05) {
+    return `Constant velocity (CV=${cv.toFixed(3)}, mean=${mean.toFixed(1)} px/ms)`;
+  }
+  return null;
+}
+function checkJitter(samples) {
+  if (samples.length < 4) return null;
+  let totalLateralChange = 0;
+  for (let i = 1; i < samples.length; i++) {
+    const d = distance(
+      samples[i - 1].x,
+      samples[i - 1].y,
+      samples[i].x,
+      samples[i].y
+    );
+    totalLateralChange += d;
+  }
+  const avgLateral = totalLateralChange / (samples.length - 1);
+  if (avgLateral < 0.3) {
+    return "No micro-jitter (sub-pixel precision, impossible for human)";
+  }
+  return null;
+}
+
+// src/cdp-interceptor/rules/input-keystroke.ts
+var TRACKER_KEY2 = "keystroke-tracker";
+var MIN_KEYS_FOR_ANALYSIS = 4;
+var inputKeystrokeRule = {
+  id: "input-keystroke",
+  name: "Input Keystroke Timing Analysis",
+  priority: 40,
+  canHandle(ctx) {
+    return ctx.method === "Input.dispatchKeyEvent" || ctx.method === "Input.insertText";
+  },
+  evaluate(ctx) {
+    if (ctx.method === "Input.insertText") {
+      return {
+        ruleId: "input-keystroke",
+        action: "pass",
+        severity: "info",
+        reason: "Input.insertText bypasses native keyboard events. Playwright uses this internally for page.fill().",
+        suggestion: "Prefer page.type() with variable delay for human-like input.",
+        errorCode: -32004,
+        errorMessage: "[CDP Firewall] Input.insertText detected \u2014 note: Playwright uses this for fill()"
+      };
+    }
+    let tracker = ctx.sessionState.get(TRACKER_KEY2);
+    if (!tracker) {
+      tracker = { samples: [] };
+      ctx.sessionState.set(TRACKER_KEY2, tracker);
+    }
+    const type = ctx.params.type;
+    const code = ctx.params.code;
+    const key = ctx.params.key;
+    if (type === "keyDown" && key && key.length === 1) {
+      tracker.samples.push({
+        code,
+        key,
+        timestamp: Date.now(),
+        type
+      });
+    }
+    if (tracker.samples.length >= MIN_KEYS_FOR_ANALYSIS && (type === "keyUp" || type === "keyDown")) {
+      return analyzeKeyTiming(tracker.samples);
+    }
+    return null;
+  }
+};
+function analyzeKeyTiming(samples) {
+  if (samples.length < MIN_KEYS_FOR_ANALYSIS) return null;
+  const intervals = [];
+  for (let i = 1; i < samples.length; i++) {
+    const dt = samples[i].timestamp - samples[i - 1].timestamp;
+    if (dt > 0) intervals.push(dt);
+  }
+  if (intervals.length < 3) return null;
+  const mean = intervals.reduce((a, b) => a + b, 0) / intervals.length;
+  if (mean === 0) return null;
+  const variance = intervals.reduce((sum, v) => sum + (v - mean) ** 2, 0) / intervals.length;
+  const stddev = Math.sqrt(variance);
+  const cv = stddev / mean;
+  const uniqueIntervals = new Set(intervals);
+  const allIdentical = uniqueIntervals.size === 1;
+  if (allIdentical) {
+    return {
+      ruleId: "input-keystroke",
+      action: "block",
+      severity: "danger",
+      reason: `All ${intervals.length} keystroke intervals are exactly ${intervals[0]}ms \u2014 impossible for human typing.`,
+      suggestion: `Use page.fill(selector, text) instead of page.type() with delay.
+Or add random variation: page.type(selector, text, {delay: 50 + Math.random() * 80}).`,
+      errorCode: -32004,
+      errorMessage: "[CDP Firewall] Constant keystroke timing detected \u2014 automated typing pattern"
+    };
+  }
+  if (cv < 0.08) {
+    return {
+      ruleId: "input-keystroke",
+      action: "block",
+      severity: "warn",
+      reason: `Unnatural keystroke timing (CV=${cv.toFixed(3)}). Human typing has CV > 0.2 on average.`,
+      suggestion: `Add random variation to your typing delay: page.type(selector, text, {delay: 50 + Math.random() * 80}).`,
+      errorCode: -32004,
+      errorMessage: "[CDP Firewall] Suspicious keystroke timing \u2014 likely automated"
+    };
+  }
+  return null;
+}
+
+// src/cdp-interceptor/rules/automation-signals.ts
+var AUTOMATION_PATTERNS = [
+  // ── Playwright markers ─────────────────────────
+  { pattern: /window\s*\.\s*__playwright/, name: "window.__playwright", severity: "danger", errorCode: -32040 },
+  { pattern: /window\s*\.\s*__pw_[a-zA-Z]/, name: "window.__pw_*", severity: "danger", errorCode: -32040 },
+  { pattern: /window\s*\.\s*__pw_paused/, name: "window.__pw_paused", severity: "danger", errorCode: -32040 },
+  { pattern: /window\s*\.\s*playwright\b/, name: "window.playwright", severity: "danger", errorCode: -32040 },
+  { pattern: /window\s*\.\s*__pw_recorder/, name: "window.__pw_recorder", severity: "warn", errorCode: -32041 },
+  { pattern: /window\s*\.\s*__pw_trace/, name: "window.__pw_trace", severity: "warn", errorCode: -32041 },
+  // ── Puppeteer markers ──────────────────────────
+  { pattern: /window\s*\.\s*__puppeteer\b/, name: "window.__puppeteer", severity: "danger", errorCode: -32040 },
+  { pattern: /window\s*\.\s*__puppeteer_evaluation_script/, name: "window.__puppeteer_evaluation_script", severity: "danger", errorCode: -32040 },
+  { pattern: /window\s*\.\s*__puppeteer_testId/, name: "window.__puppeteer_testId", severity: "warn", errorCode: -32041 },
+  { pattern: /window\s*\.\s*__puppeteer_/, name: "window.__puppeteer_*", severity: "danger", errorCode: -32040 },
+  { pattern: /window\s*\.\s*_puppeteer\b/, name: "window._puppeteer", severity: "warn", errorCode: -32041 },
+  // ── Selenium / WebDriver markers ───────────────
+  { pattern: /window\s*\.\s*__webdriver_script_fn/, name: "window.__webdriver_script_fn", severity: "danger", errorCode: -32040 },
+  { pattern: /window\s*\.\s*__selenium\b/, name: "window.__selenium", severity: "danger", errorCode: -32040 },
+  { pattern: /window\s*\.\s*__selenium_evaluate/, name: "window.__selenium_evaluate", severity: "danger", errorCode: -32040 },
+  { pattern: /window\s*\.\s*__driver_evaluate/, name: "window.__driver_evaluate", severity: "warn", errorCode: -32041 },
+  { pattern: /window\s*\.\s*__webdriver_evaluate/, name: "window.__webdriver_evaluate", severity: "danger", errorCode: -32040 },
+  { pattern: /document\.\$cdc_/, name: "document.$cdc_* (Selenium marker)", severity: "danger", errorCode: -32040 },
+  { pattern: /document\.\$chrome_asyncScriptInfo/, name: "document.$chrome_asyncScriptInfo", severity: "danger", errorCode: -32040 },
+  // ── navigator.webdriver detection ─────────────
+  { pattern: /navigator\s*\.\s*webdriver/, name: "navigator.webdriver read", severity: "danger", errorCode: -32042 },
+  { pattern: /navigator\[["']webdriver["']\]/, name: 'navigator["webdriver"]', severity: "danger", errorCode: -32042 },
+  // ── Chrome headless API surface checks ────────
+  { pattern: /chrome\s*\.\s*app/, name: "chrome.app detection", severity: "danger", errorCode: -32043 },
+  { pattern: /chrome\s*\.\s*runtime/, name: "chrome.runtime detection", severity: "danger", errorCode: -32043 },
+  { pattern: /chrome\s*\.\s*loadTimes/, name: "chrome.loadTimes detection", severity: "warn", errorCode: -32044 },
+  { pattern: /chrome\s*\.\s*csi\b/, name: "chrome.csi detection", severity: "warn", errorCode: -32044 },
+  { pattern: /window\s*\.\s*chrome\b/, name: "window.chrome object probe", severity: "warn", errorCode: -32044 },
+  { pattern: /navigator\s*\.\s*plugins\b/, name: "navigator.plugins enumeration", severity: "warn", errorCode: -32044 },
+  { pattern: /navigator\s*\.\s*mimeTypes/, name: "navigator.mimeTypes enumeration", severity: "warn", errorCode: -32044 },
+  { pattern: /navigator\s*\.\s*hardwareConcurrency/, name: "navigator.hardwareConcurrency", severity: "warn", errorCode: -32044 },
+  { pattern: /navigator\s*\.\s*deviceMemory/, name: "navigator.deviceMemory", severity: "info", errorCode: -32045 },
+  { pattern: /navigator\s*\.\s*maxTouchPoints/, name: "navigator.maxTouchPoints", severity: "warn", errorCode: -32044 },
+  { pattern: /navigator\s*\.\s*languages/, name: "navigator.languages", severity: "info", errorCode: -32045 },
+  { pattern: /navigator\s*\.\s*platform/, name: "navigator.platform", severity: "info", errorCode: -32045 },
+  // ── Anti-detection injection attempts ─────────
+  { pattern: /navigator\.webdriver\s*=\s*(false|undefined|null)/, name: "navigator.webdriver override attempt", severity: "danger", errorCode: -32046, suggestionOverride: "Overriding navigator.webdriver is detectable. Use CDP Page.addScriptToEvaluateOnNewDocument instead." },
+  { pattern: /Object\.defineProperty\s*\([^)]*webdriver/, name: "Object.defineProperty navigator.webdriver", severity: "danger", errorCode: -32046, suggestionOverride: "Object.defineProperty patches are detectable via Function.prototype.toString checks." },
+  { pattern: /delete\s+navigator\s*\.\s*webdriver/, name: "delete navigator.webdriver", severity: "danger", errorCode: -32046, suggestionOverride: "Deleting webdriver flag is detectable \u2014 the delete itself is visible." },
+  // ── PhantomJS / Headless markers ──────────────
+  { pattern: /window\s*\.\s*callPhantom/, name: "window.callPhantom", severity: "danger", errorCode: -32040 },
+  { pattern: /window\s*\.\s*_phantom/, name: "window._phantom", severity: "danger", errorCode: -32040 },
+  { pattern: /window\s*\.\s*phantom\b/, name: "window.phantom", severity: "danger", errorCode: -32040 },
+  { pattern: /window\s*\.\s*Buffer\b/, name: "window.Buffer (Node.js leak)", severity: "danger", errorCode: -32040 },
+  { pattern: /window\s*\.\s*process\b/, name: "window.process (Node.js leak)", severity: "danger", errorCode: -32040 },
+  { pattern: /window\s*\.\s*global\b/, name: "window.global (Node.js leak)", severity: "danger", errorCode: -32040 },
+  { pattern: /window\s*\.\s*__dirname/, name: "window.__dirname (Node.js leak)", severity: "danger", errorCode: -32040 }
+];
+var automationSignalsRule = {
+  id: "automation-signals",
+  name: "Browser Automation Signal Detection (35+ markers)",
+  priority: 20,
+  canHandle(ctx) {
+    return ctx.method === "Runtime.evaluate" || ctx.method === "Runtime.callFunctionOn" || ctx.method === "Page.addScriptToEvaluateOnNewDocument";
+  },
+  evaluate(ctx) {
+    if (ctx.method === "Page.addScriptToEvaluateOnNewDocument") {
+      const source = ctx.params.source;
+      if (typeof source === "string") {
+        for (const p of AUTOMATION_PATTERNS) {
+          if (p.pattern.test(source)) {
+            return makeDecision(p, source.substring(0, 60));
+          }
+        }
+      }
+      return null;
+    }
+    const userCode = extractUserCode(ctx);
+    if (!userCode) return null;
+    for (const p of AUTOMATION_PATTERNS) {
+      if (p.pattern.test(userCode)) {
+        return makeDecision(p, userCode.substring(0, 60));
+      }
+    }
+    return null;
+  }
+};
+function makeDecision(p, context) {
+  const suggestion = p.suggestionOverride ?? `Detected: "${p.name}" \u2014 an automation tool marker that anti-crawler systems immediately flag. Remove this pattern from your code.`;
+  return {
+    ruleId: "automation-signals",
+    action: "block",
+    severity: p.severity,
+    reason: `Automation marker detected: "${p.name}". Context: "${context}..."`,
+    suggestion,
+    errorCode: p.errorCode,
+    errorMessage: p.severity === "danger" ? `[CDP Firewall] ${p.name} blocked \u2014 automation tool marker detected` : `[CDP Firewall] ${p.name} detected \u2014 potential automation signal`
+  };
+}
+
+// src/cdp-interceptor/rules/fingerprinting.ts
+var FP_PATTERNS = [
+  // ── Canvas Rendering fingerprinting ────────────────────
+  { pattern: /\.toDataURL\s*\(/, name: "canvas.toDataURL()", severity: "danger", errorCode: -32050, suggestion: "canvas.toDataURL() returns a unique hash that identifies the browser engine. Minimize calls." },
+  { pattern: /\.toBlob\s*\(/, name: "canvas.toBlob()", severity: "danger", errorCode: -32050, suggestion: "canvas.toBlob() is used for canvas fingerprinting. Avoid if possible." },
+  { pattern: /getImageData\s*\(/, name: "CanvasRenderingContext2D.getImageData()", severity: "danger", errorCode: -32050, suggestion: "getImageData reads pixel-level data used for fingerprinting." },
+  { pattern: /measureText\s*\(/, name: "CanvasRenderingContext2D.measureText()", severity: "warn", errorCode: -32051, suggestion: "Font metrics reveal installed fonts \u2014 a fingerprinting vector." },
+  { pattern: /OffscreenCanvas\s*\(/, name: "new OffscreenCanvas()", severity: "warn", errorCode: -32051, suggestion: "OffscreenCanvas is sometimes used to avoid visibility detection." },
+  { pattern: /convertToBlob\s*\(/, name: "OffscreenCanvas.convertToBlob()", severity: "warn", errorCode: -32051, suggestion: "Headless OffscreenCanvas rendering differs from real browser." },
+  // ── WebGL Fingerprinting ──────────────────────────────
+  { pattern: /getParameter\s*\([^)]*(?:VENDOR|RENDERER|VERSION)/, name: "WebGL getParameter(VENDOR/RENDERER)", severity: "danger", errorCode: -32052, suggestion: "WebGL VENDOR/RENDERER returns emulated values in headless. Cannot be reliably spoofed." },
+  { pattern: /getSupportedExtensions\s*\(/, name: "WebGL getSupportedExtensions()", severity: "warn", errorCode: -32053, suggestion: "WebGL extension list differs in headless mode." },
+  { pattern: /getShaderPrecisionFormat\s*\(/, name: "WebGL getShaderPrecisionFormat()", severity: "info", errorCode: -32054, suggestion: "Shader precision differs between headless and real GPU." },
+  { pattern: /UNMASKED_VENDOR_WEBGL/, name: "WEBGL_debug_renderer_info UNMASKED_VENDOR", severity: "warn", errorCode: -32053, suggestion: "Unmasked vendor info reveals the real GPU \u2014 blocked in many envs." },
+  { pattern: /UNMASKED_RENDERER_WEBGL/, name: "WEBGL_debug_renderer_info UNMASKED_RENDERER", severity: "warn", errorCode: -32053, suggestion: "Unmasked renderer string reveals the real GPU." },
+  // ── AudioContext Fingerprinting ────────────────────────
+  { pattern: /AnalyserNode\s*\(/, name: "new AnalyserNode()", severity: "warn", errorCode: -32055, suggestion: "Audio fingerprinting via AnalyserNode \u2014 produces silence in headless." },
+  { pattern: /getFloatFrequencyData\s*\(/, name: "AnalyserNode.getFloatFrequencyData()", severity: "danger", errorCode: -32050, suggestion: "Audio frequency data in headless returns silence (all zeros) \u2014 detectable." },
+  { pattern: /getByteFrequencyData\s*\(/, name: "AnalyserNode.getByteFrequencyData()", severity: "danger", errorCode: -32050, suggestion: "Audio byte frequency data in headless returns zeros." },
+  { pattern: /getByteTimeDomainData\s*\(/, name: "AnalyserNode.getByteTimeDomainData()", severity: "danger", errorCode: -32050, suggestion: "Time domain audio data in headless is a flat line \u2014 detectable." },
+  { pattern: /OfflineAudioContext\s*\(/, name: "new OfflineAudioContext()", severity: "warn", errorCode: -32055, suggestion: "Offline audio rendering is a known fingerprinting method." },
+  { pattern: /OscillatorNode\s*\(/, name: "new OscillatorNode()", severity: "info", errorCode: -32056, suggestion: "Audio oscillator used in fingerprinting probes." },
+  // ── Navigator property probing ───────────────────────
+  { pattern: /navigator\s*\.\s*connection\b/, name: "navigator.connection", severity: "info", errorCode: -32057, suggestion: 'Network connection info is used for fingerprinting (always "4g" in bots).' },
+  { pattern: /navigator\s*\.\s*getBattery\s*\(/, name: "navigator.getBattery()", severity: "warn", errorCode: -32058, suggestion: "Battery API is a fingerprinting vector. Returns fixed values in headless." },
+  { pattern: /navigator\s*\.\s*mediaDevices\s*\.\s*enumerateDevices/, name: "navigator.mediaDevices.enumerateDevices()", severity: "warn", errorCode: -32058, suggestion: "Media device enumeration returns empty/no devices in headless." },
+  { pattern: /navigator\s*\.\s*permissions\s*\.\s*query/, name: "navigator.permissions.query()", severity: "info", errorCode: -32059, suggestion: "Permission queries can reveal automation environment." },
+  // ── Screen / Window geometry probing ──────────────────
+  { pattern: /screen\.avail(Width|Height|Left|Top)/, name: "screen.avail*", severity: "warn", errorCode: -32060, suggestion: "screen.avail* values differ in headless (no OS chrome)." },
+  { pattern: /window\.outerWidth\s*-?\s*window\.innerWidth/, name: "window.outerWidth - window.innerWidth", severity: "danger", errorCode: -32050, suggestion: "This difference is 0 in headless (no browser chrome) \u2014 100% detection rate." },
+  { pattern: /window\.outerHeight\s*-?\s*window\.innerHeight/, name: "window.outerHeight - window.innerHeight", severity: "danger", errorCode: -32050, suggestion: "This difference is 0 in headless \u2014 immediate automation detection." },
+  { pattern: /screen\.width\b/, name: "screen.width", severity: "info", errorCode: -32061, suggestion: "Screen dimensions can be spoofed but inconsistencies with viewport are detectable." },
+  { pattern: /screen\.height\b/, name: "screen.height", severity: "info", errorCode: -32061, suggestion: "Screen dimension probes for viewport inconsistency detection." },
+  { pattern: /window\.devicePixelRatio/, name: "window.devicePixelRatio", severity: "warn", errorCode: -32060, suggestion: "devicePixelRatio is always 1 in headless \u2014 differs from real displays." },
+  { pattern: /matchMedia\s*\(/, name: "window.matchMedia()", severity: "warn", errorCode: -32060, suggestion: "matchMedia can detect CDP overridden viewport dimensions." },
+  // ── Performance / Timing API ──────────────────────────
+  { pattern: /performance\s*\.\s*now\s*\(/, name: "performance.now()", severity: "info", errorCode: -32062, suggestion: "High-resolution timer used for timing attacks and bot detection." },
+  { pattern: /performance\s*\.\s*memory/, name: "performance.memory", severity: "warn", errorCode: -32063, suggestion: "performance.memory shows VM memory limits in containers." },
+  { pattern: /performance\.getEntriesByType\s*\(\s*["']navigation["']\s*\)/, name: 'performance.getEntriesByType("navigation")', severity: "info", errorCode: -32062, suggestion: "Navigation timing reveals request pattern inconsistencies." },
+  { pattern: /performance\.getEntriesByType\s*\(\s*["']resource["']\s*\)/, name: 'performance.getEntriesByType("resource")', severity: "info", errorCode: -32062, suggestion: "Resource loading timing analysis for bot detection." },
+  // ── Font Detection ────────────────────────────────────
+  { pattern: /document\.fonts\.check\s*\(/, name: "document.fonts.check()", severity: "warn", errorCode: -32064, suggestion: "Font availability checks are used for fingerprinting. Installed font list is unique per user." },
+  { pattern: /document\.fonts\.ready/, name: "document.fonts.ready", severity: "info", errorCode: -32065, suggestion: "Font loading state probe for fingerprinting." },
+  // ── WebRTC / Connectivity ────────────────────────────
+  { pattern: /RTCPeerConnection\s*\(/, name: "new RTCPeerConnection()", severity: "warn", errorCode: -32066, suggestion: "WebRTC can leak internal IP and is used for connectivity fingerprinting." },
+  { pattern: /navigator\.mediaDevices\.getUserMedia/, name: "navigator.mediaDevices.getUserMedia()", severity: "info", errorCode: -32067, suggestion: "getUserMedia always fails in headless (no camera)." },
+  // ── Feature Consistency Checks ─────────────────────────
+  { pattern: /Intl\.DateTimeFormat.*resolvedOptions.*timeZone/, name: "Intl.DateTimeFormat timezone check", severity: "warn", errorCode: -32068, suggestion: "Timezone from Intl API vs Emulation.setTimezoneOverride will be inconsistent when mocked." },
+  { pattern: /new\s+Date\s*\(\s*\)\s*\.\s*getTimezoneOffset/, name: "Date.getTimezoneOffset()", severity: "info", errorCode: -32069, suggestion: "Timezone offset used for timing consistency cross-checks." },
+  { pattern: /Error\s*\(\s*\)\s*\.\s*stack/, name: "Error().stack format check", severity: "info", errorCode: -32070, suggestion: "Stack trace format differs between headless and full Chrome." },
+  { pattern: /Function\.prototype\.toString/, name: "Function.prototype.toString on native fn", severity: "info", errorCode: -32070, suggestion: "Native function toString() format can reveal patched APIs." }
+];
+var fingerprintingRule = {
+  id: "fingerprinting",
+  name: "Browser Fingerprinting Access Detection (35+ APIs)",
+  priority: 30,
+  canHandle(ctx) {
+    return ctx.method === "Runtime.evaluate" || ctx.method === "Runtime.callFunctionOn";
+  },
+  evaluate(ctx) {
+    const userCode = extractUserCode(ctx);
+    if (!userCode) return null;
+    for (const p of FP_PATTERNS) {
+      if (p.pattern.test(userCode)) {
+        return {
+          ruleId: "fingerprinting",
+          action: "block",
+          severity: p.severity,
+          reason: `Browser fingerprinting API accessed: "${p.name}". Anti-crawler systems use this to identify your browser.`,
+          suggestion: p.suggestion,
+          errorCode: p.errorCode,
+          errorMessage: `[CDP Firewall] ${p.name} blocked \u2014 fingerprinting API access detected`
+        };
+      }
+    }
+    return null;
+  }
+};
+
+// src/cdp-interceptor/rules/event-simulation.ts
+var EVENT_PATTERNS = [
+  // ── Direct method calls (all isTrusted=false) ─────────
+  { pattern: /\.click\s*\(\s*\)/, name: "el.click()", severity: "danger", errorCode: -32070, suggestion: "el.click() fires isTrusted=false events. Use page.click(selector) which uses Input.dispatchMouseEvent (isTrusted=true)." },
+  { pattern: /\.focus\s*\(\s*\)/, name: "el.focus()", severity: "danger", errorCode: -32071, suggestion: "el.focus() without user interaction is detectable. Use page.click(selector) which naturally focuses." },
+  { pattern: /\.blur\s*\(\s*\)/, name: "el.blur()", severity: "danger", errorCode: -32071, suggestion: "el.blur() without user interaction. Avoid in automation scripts." },
+  { pattern: /\.submit\s*\(\s*\)/, name: "el.submit()", severity: "danger", errorCode: -32072, suggestion: `form.submit() bypasses onSubmit handlers. Click the submit button: page.click('button[type="submit"]').` },
+  { pattern: /\.reset\s*\(\s*\)/, name: "el.reset()", severity: "danger", errorCode: -32072, suggestion: "form.reset() without user action. Let the user clear fields manually." },
+  { pattern: /\.select\s*\(\s*\)/, name: "el.select()", severity: "warn", errorCode: -32073, suggestion: "input.select() selects text without user interaction. Use page.click(selector) instead." },
+  { pattern: /dialog\.close\s*\(\s*\)|showModal\(\)/, name: "dialog.showModal()/close()", severity: "danger", errorCode: -32074, suggestion: "dialog.showModal() requires user gesture. Let the user open the dialog naturally." },
+  { pattern: /\.showPopover\s*\(\s*\)/, name: "el.showPopover()", severity: "warn", errorCode: -32073, suggestion: "Popover.show() requires user gesture. Simulate a click on the popover trigger." },
+  { pattern: /\.hidePopover\s*\(\s*\)/, name: "el.hidePopover()", severity: "warn", errorCode: -32073, suggestion: "Hiding popovers via CDP is detectable." },
+  { pattern: /\.requestFullscreen\s*\(\s*\)/, name: "el.requestFullscreen()", severity: "danger", errorCode: -32074, suggestion: "Fullscreen requests require user gesture. Cannot be triggered by automation." },
+  { pattern: /\.requestPointerLock\s*\(\s*\)/, name: "el.requestPointerLock()", severity: "danger", errorCode: -32074, suggestion: "Pointer lock requires user gesture. Blocked in automation." },
+  { pattern: /\.setSelectionRange\s*\(/, name: "el.setSelectionRange()", severity: "warn", errorCode: -32073, suggestion: "Setting selection range without user interaction is suspicious." },
+  { pattern: /\.setRangeText\s*\(/, name: "el.setRangeText()", severity: "info", errorCode: -32076, suggestion: "Range text replacement without user input is detectable." },
+  { pattern: /\.showPicker\s*\(\s*\)/, name: "HTMLInputElement.showPicker()", severity: "info", errorCode: -32076, suggestion: "Date/color picker shown without click \u2014 detectable." },
+  { pattern: /\.reportValidity\s*\(\s*\)/, name: "el.reportValidity()", severity: "info", errorCode: -32076, suggestion: "Validity reporting without form submission attempt." },
+  // ── dispatchEvent with synthetic events (isTrusted=false) ──
+  { pattern: /dispatchEvent\s*\(\s*new\s+(?:Event|CustomEvent)\s*\(/, name: "dispatchEvent(new Event/CustomEvent)", severity: "danger", errorCode: -32077, suggestion: "Synthetic events have isTrusted=false. Use Input.dispatch* CDP methods for trusted events." },
+  { pattern: /dispatchEvent\s*\(\s*new\s+MouseEvent\s*\(/, name: "dispatchEvent(new MouseEvent)", severity: "danger", errorCode: -32077, suggestion: "Synthetic mouse events (isTrusted=false). Use Input.dispatchMouseEvent CDP method." },
+  { pattern: /dispatchEvent\s*\(\s*new\s+KeyboardEvent\s*\(/, name: "dispatchEvent(new KeyboardEvent)", severity: "danger", errorCode: -32077, suggestion: "Synthetic keyboard events (isTrusted=false). Use Input.dispatchKeyEvent CDP method." },
+  { pattern: /dispatchEvent\s*\(\s*new\s+FocusEvent\s*\(/, name: "dispatchEvent(new FocusEvent)", severity: "warn", errorCode: -32078, suggestion: "Synthetic focus events bypass user interaction." },
+  { pattern: /dispatchEvent\s*\(\s*new\s+InputEvent\s*\(/, name: "dispatchEvent(new InputEvent)", severity: "danger", errorCode: -32077, suggestion: "Synthetic input events (isTrusted=false). Use page.fill() or page.type()." },
+  { pattern: /dispatchEvent\s*\(\s*new\s+(?:Event)\s*\(\s*["'](?:input|change|submit|reset)/, name: 'dispatchEvent("input"/"change"/"submit")', severity: "danger", errorCode: -32077, suggestion: "Synthetic input/change/submit events are trusted=false. Always detectable." },
+  { pattern: /dispatchEvent\s*\(\s*new\s+PointerEvent\s*\(/, name: "dispatchEvent(new PointerEvent)", severity: "danger", errorCode: -32077, suggestion: "Synthetic pointer events bypass the trusted input pipeline." },
+  { pattern: /dispatchEvent\s*\(\s*new\s+TouchEvent\s*\(/, name: "dispatchEvent(new TouchEvent)", severity: "danger", errorCode: -32077, suggestion: "Synthetic touch events on mobile are detectable." },
+  { pattern: /dispatchEvent\s*\(\s*new\s+WheelEvent\s*\(/, name: "dispatchEvent(new WheelEvent)", severity: "warn", errorCode: -32078, suggestion: "Synthetic scroll events (isTrusted=false). Use Input.dispatchMouseEvent with wheel type." },
+  { pattern: /dispatchEvent\s*\(\s*new\s+ClipboardEvent\s*\(/, name: "dispatchEvent(new ClipboardEvent)", severity: "warn", errorCode: -32078, suggestion: "Synthetic clipboard events are detectable." },
+  { pattern: /dispatchEvent\s*\(\s*new\s+DragEvent\s*\(/, name: "dispatchEvent(new DragEvent)", severity: "warn", errorCode: -32078, suggestion: "Synthetic drag events bypass real user interaction." },
+  { pattern: /dispatchEvent\s*\(\s*new\s+CompositionEvent\s*\(/, name: "dispatchEvent(new CompositionEvent)", severity: "info", errorCode: -32079, suggestion: "Synthetic IME composition events \u2014 detectable pattern." },
+  { pattern: /dispatchEvent\s*\(\s*new\s+AnimationEvent\s*\(/, name: "dispatchEvent(new AnimationEvent)", severity: "info", errorCode: -32079, suggestion: "Forcing animation state transitions via fake events." },
+  { pattern: /dispatchEvent\s*\(\s*new\s+TransitionEvent\s*\(/, name: "dispatchEvent(new TransitionEvent)", severity: "info", errorCode: -32079, suggestion: "Forcing CSS transition end via fake events." }
+];
+var eventSimulationRule = {
+  id: "event-simulation",
+  name: "Event Simulation Detection (30+ patterns)",
+  priority: 40,
+  canHandle(ctx) {
+    return ctx.method === "Runtime.evaluate" || ctx.method === "Runtime.callFunctionOn";
+  },
+  evaluate(ctx) {
+    const userCode = extractUserCode(ctx);
+    if (!userCode) return null;
+    for (const p of EVENT_PATTERNS) {
+      if (p.pattern.test(userCode)) {
+        return {
+          ruleId: "event-simulation",
+          action: "block",
+          severity: p.severity,
+          reason: `Event simulation detected: "${p.name}". Synthetic events have isTrusted=false and are 100% detectable.`,
+          suggestion: p.suggestion,
+          errorCode: p.errorCode,
+          errorMessage: p.severity === "danger" ? `[CDP Firewall] ${p.name} blocked \u2014 synthetic event (isTrusted=false)` : `[CDP Firewall] ${p.name} detected \u2014 event simulation`
+        };
+      }
+    }
+    return null;
+  }
+};
+
+// src/cdp-interceptor/rules/emulation-override.ts
+var OVERRIDE_PATTERNS = [
+  // ── Emulation overrides ──────────────────────────────
+  // NOTE: Emulation.setDeviceMetricsOverride is NOT included here because
+  // Playwright calls it internally for every new page (viewport setup).
+  // Blocking it would break page creation.
+  { method: "Emulation.setUserAgentOverride", name: "Emulation.setUserAgentOverride", severity: "danger", errorCode: -32080, suggestion: "navigator.userAgent override can be detected by checking consistency with navigator.plugins, WebGL vendor, etc." },
+  { method: "Emulation.setTouchEmulationEnabled", name: "Emulation.setTouchEmulationEnabled", severity: "warn", errorCode: -32081, suggestion: "Touch emulation creates inconsistent touch/mouse state. Windows touch events without real touch hardware." },
+  { method: "Emulation.setGeolocationOverride", name: "Emulation.setGeolocationOverride", severity: "danger", errorCode: -32082, suggestion: "Geolocation changing mid-session without user travel is impossible. Detectable via IP geo vs overridden geo." },
+  { method: "Emulation.setLocaleOverride", name: "Emulation.setLocaleOverride", severity: "warn", errorCode: -32081, suggestion: "Locale change without browser restart detectable via navigator.languages vs Accept-Language consistency." },
+  { method: "Emulation.setTimezoneOverride", name: "Emulation.setTimezoneOverride", severity: "danger", errorCode: -32082, suggestion: "Timezone mismatch vs IP geolocation + Date() is 100% detectable." },
+  { method: "Emulation.setDisabledImageTypes", name: "Emulation.setDisabledImageTypes", severity: "info", errorCode: -32083, suggestion: "Disabling image types prevents normal resource loading \u2014 visible to performance API." },
+  { method: "Emulation.setScriptExecutionDisabled", name: "Emulation.setScriptExecutionDisabled", severity: "info", errorCode: -32083, suggestion: "Disabling JS mid-session kills page interactivity \u2014 immediately obvious." },
+  { method: "Emulation.setCPUThrottlingRate", name: "Emulation.setCPUThrottlingRate", severity: "info", errorCode: -32083, suggestion: "CPU throttling creates unrealistic performance.now() profiles." },
+  { method: "Emulation.setVirtualTimePolicy", name: "Emulation.setVirtualTimePolicy", severity: "info", errorCode: -32083, suggestion: "Virtual time breaks Date.now() and performance.now() based detections \u2014 detectable via timer drift." },
+  // ── Network overrides ────────────────────────────────
+  { method: "Network.setUserAgentOverride", name: "Network.setUserAgentOverride (HTTP layer)", severity: "danger", errorCode: -32080, suggestion: "HTTP User-Agent vs navigator.userAgent inconsistency = immediate detection." },
+  { method: "Network.setExtraHTTPHeaders", name: "Network.setExtraHTTPHeaders", severity: "danger", errorCode: -32084, suggestion: "Custom headers can conflict with browser-generated headers. Missing client hints (Sec-CH-UA) are also detectable." },
+  { method: "Network.emulateNetworkConditions", name: "Network.emulateNetworkConditions", severity: "warn", errorCode: -32081, suggestion: "Network throttling creates unrealistic load timing patterns." },
+  { method: "Network.setCookie", name: "Network.setCookie", severity: "warn", errorCode: -32085, suggestion: "CDP-injected cookies are detectable via document.cookie vs Network.getCookies inconsistency." },
+  { method: "Network.deleteCookies", name: "Network.deleteCookies", severity: "warn", errorCode: -32085, suggestion: "Cookie deletion via CDP bypasses HTTP cookie expiration \u2014 detectable." },
+  // ── Security overrides ──────────────────────────────
+  { method: "Security.setIgnoreCertificateErrors", name: "Security.setIgnoreCertificateErrors", severity: "info", errorCode: -32086, suggestion: "Ignoring certificate errors creates unusual TLS behavior visible at network level." },
+  // ── Page overrides ──────────────────────────────────
+  { method: "Page.setDownloadBehavior", name: "Page.setDownloadBehavior", severity: "info", errorCode: -32087, suggestion: "Bypassing download dialogs \u2014 detectable via download event flow." },
+  { method: "Page.setWebLifecycleState", name: "Page.setWebLifecycleState", severity: "info", errorCode: -32087, suggestion: "Forcing page lifecycle transitions is unnatural." },
+  // ── Storage / Permissions ───────────────────────────
+  { method: "Storage.clearDataForOrigin", name: "Storage.clearDataForOrigin", severity: "info", errorCode: -32089, suggestion: "Clearing storage mid-session is unnatural for real users." },
+  { method: "Browser.grantPermissions", name: "Browser.grantPermissions", severity: "warn", errorCode: -32090, suggestion: "Granting permissions via CDP is detectable as the permission flow skips the user prompt." },
+  { method: "Browser.resetPermissions", name: "Browser.resetPermissions", severity: "info", errorCode: -32089, suggestion: "Permission resets without user action are unnatural." }
+];
+var emulationOverrideRule = {
+  id: "emulation-override",
+  name: "CDP Emulation / Override Detection (20+ methods)",
+  priority: 60,
+  canHandle(ctx) {
+    for (const p of OVERRIDE_PATTERNS) {
+      if (ctx.method === p.method) return true;
+    }
+    return false;
+  },
+  evaluate(ctx) {
+    for (const p of OVERRIDE_PATTERNS) {
+      if (ctx.method !== p.method) continue;
+      return {
+        ruleId: "emulation-override",
+        action: "block",
+        severity: p.severity,
+        reason: `CDP emulation/override detected: "${p.name}". This creates detectable inconsistencies between the JS environment and real browser state.`,
+        suggestion: p.suggestion,
+        errorCode: p.errorCode,
+        errorMessage: `[CDP Firewall] ${p.name} blocked \u2014 creates detectable browser state inconsistency`
+      };
+    }
+    return null;
+  }
+};
+
+// src/cdp-interceptor/rules/network-anomaly.ts
+var networkAnomalyRule = {
+  id: "network-anomaly",
+  name: "Network Anomaly Detection (8+ patterns)",
+  priority: 70,
+  canHandle(ctx) {
+    const m = ctx.method;
+    return m === "Network.setExtraHTTPHeaders" || m === "Network.clearBrowserCache" || m === "Network.clearBrowserCookies" || m === "Network.setBlockedURLs" || m === "Network.setBypassServiceWorker" || m === "Fetch.enable" || m === "Network.enable";
+  },
+  evaluate(ctx) {
+    switch (ctx.method) {
+      case "Network.setExtraHTTPHeaders": {
+        const headers = ctx.params.headers;
+        if (headers) {
+          const headerStr = JSON.stringify(headers).toLowerCase();
+          if (!headerStr.includes("sec-ch-ua")) {
+            return {
+              ruleId: "network-anomaly",
+              action: "block",
+              severity: "warn",
+              reason: "Network.setExtraHTTPHeaders called without Sec-CH-UA client hints \u2014 browser normally sends these.",
+              suggestion: "Modern browsers send Sec-CH-UA headers automatically. Adding custom headers without them creates detectable inconsistency.",
+              errorCode: -32110,
+              errorMessage: "[CDP Firewall] Missing client hints in custom headers"
+            };
+          }
+        }
+        return null;
+      }
+      case "Network.clearBrowserCache": {
+        return {
+          ruleId: "network-anomaly",
+          action: "block",
+          severity: "warn",
+          reason: "Network.clearBrowserCache called \u2014 cache clearing mid-session is unnatural for real users.",
+          suggestion: "Avoid cache clearing during sessions. Start with a fresh profile if needed.",
+          errorCode: -32111,
+          errorMessage: "[CDP Firewall] Cache clearing detected"
+        };
+      }
+      case "Network.clearBrowserCookies": {
+        return {
+          ruleId: "network-anomaly",
+          action: "block",
+          severity: "warn",
+          reason: "Network.clearBrowserCookies called \u2014 wiping cookies mid-session is a scraper optimization.",
+          suggestion: "Cookies should only be cleared via normal browser flow (expiration, user action).",
+          errorCode: -32112,
+          errorMessage: "[CDP Firewall] Cookie clearing detected"
+        };
+      }
+      case "Network.setBlockedURLs": {
+        return {
+          ruleId: "network-anomaly",
+          action: "block",
+          severity: "warn",
+          reason: "Network.setBlockedURLs blocks resource loading \u2014 this changes the page behavior and is detectable.",
+          suggestion: "Blocking images/fonts/etc creates measurable differences in performance and page rendering.",
+          errorCode: -32113,
+          errorMessage: "[CDP Firewall] URL blocking detected"
+        };
+      }
+      case "Network.setBypassServiceWorker": {
+        return {
+          ruleId: "network-anomaly",
+          action: "block",
+          severity: "info",
+          reason: "Network.setBypassServiceWorker called \u2014 bypassing service workers for content extraction.",
+          suggestion: "Service worker bypass changes fetch behavior and is detectable server-side.",
+          errorCode: -32114,
+          errorMessage: "[CDP Firewall] Service worker bypass detected"
+        };
+      }
+      case "Fetch.enable": {
+        return {
+          ruleId: "network-anomaly",
+          action: "block",
+          severity: "warn",
+          reason: "Fetch.enable intercepts all network requests \u2014 a man-in-the-middle approach used by scrapers.",
+          suggestion: "Do not use Fetch domain for network interception if avoiding detection.",
+          errorCode: -32115,
+          errorMessage: "[CDP Firewall] Fetch interception detected"
+        };
+      }
+      default:
+        return null;
+    }
+  }
+};
+
+// src/cdp-interceptor/rules/page-lifecycle.ts
+var STAT_KEY = "lifecycle-tracker";
+var pageLifecycleRule = {
+  id: "page-lifecycle",
+  name: "Page Lifecycle Anomaly Detection (10+ patterns)",
+  priority: 80,
+  canHandle(ctx) {
+    const m = ctx.method;
+    return m === "Page.navigate" || m === "Page.captureScreenshot" || m === "Page.printToPDF" || m === "Page.reload" || m === "Page.close" || m === "Runtime.evaluate" || m === "Runtime.callFunctionOn";
+  },
+  evaluate(ctx) {
+    let state = ctx.sessionState.get(STAT_KEY);
+    if (!state) {
+      state = { navigations: [], screenshots: 0, printToPDF: false, evaluateCount: 0, lastNavTime: 0, lastEvalTime: 0 };
+      ctx.sessionState.set(STAT_KEY, state);
+    }
+    const now = Date.now();
+    switch (ctx.method) {
+      case "Page.navigate": {
+        state.navigations.push(now);
+        if (state.navigations.length >= 2) {
+          const prev = state.navigations[state.navigations.length - 2];
+          const interval = now - prev;
+          if (interval < 100) {
+            return {
+              ruleId: "page-lifecycle",
+              action: "block",
+              severity: "warn",
+              reason: `Multiple Page.navigate calls within ${interval}ms of each other \u2014 unnatural rapid navigation.`,
+              suggestion: "Add proper waits between navigations: wait for page load before navigating again.",
+              errorCode: -32100,
+              errorMessage: "[CDP Firewall] Rapid navigation sequence detected"
+            };
+          }
+        }
+        state.lastNavTime = now;
+        return null;
+      }
+      case "Page.captureScreenshot": {
+        state.screenshots++;
+        if (state.lastNavTime > 0 && now - state.lastNavTime < 500) {
+          return {
+            ruleId: "page-lifecycle",
+            action: "block",
+            severity: "danger",
+            reason: "Page.captureScreenshot called within 500ms of navigation \u2014 content extraction pattern.",
+            suggestion: "Wait for the page to fully render before taking screenshots: wait for load/networkidle.",
+            errorCode: -32101,
+            errorMessage: "[CDP Firewall] Pre-render screenshot blocked \u2014 content extraction pattern"
+          };
+        }
+        if (state.screenshots > 3 && state.navigations.length < 2) {
+          return {
+            ruleId: "page-lifecycle",
+            action: "block",
+            severity: "warn",
+            reason: "Multiple screenshots on a single page without navigation \u2014 suspicious extraction behavior.",
+            suggestion: "Consider if all screenshots are necessary.",
+            errorCode: -32102,
+            errorMessage: "[CDP Firewall] Excessive screenshot detection"
+          };
+        }
+        return null;
+      }
+      case "Page.printToPDF": {
+        return {
+          ruleId: "page-lifecycle",
+          action: "block",
+          severity: "danger",
+          reason: "Page.printToPDF called \u2014 this is a telltale scraper pattern that gives away automation intent.",
+          suggestion: "Avoid PDF generation. If you must, add significant delays and user-like interaction first.",
+          errorCode: -32103,
+          errorMessage: "[CDP Firewall] printToPDF blocked \u2014 scraper intent detected"
+        };
+      }
+      case "Page.reload": {
+        if (state.lastNavTime > 0 && now - state.lastNavTime < 1e3) {
+          return {
+            ruleId: "page-lifecycle",
+            action: "block",
+            severity: "warn",
+            reason: "Page.reload called immediately after navigate \u2014 unnatural fast-reload pattern.",
+            suggestion: "Introduce delays between navigation and reload to simulate human behavior.",
+            errorCode: -32104,
+            errorMessage: "[CDP Firewall] Rapid reload detected"
+          };
+        }
+        return null;
+      }
+      case "Page.close": {
+        if (state.navigations.length < 2) {
+          return {
+            ruleId: "page-lifecycle",
+            action: "block",
+            severity: "info",
+            reason: "Page.close called after minimal interaction \u2014 zombie pages common in automation.",
+            suggestion: "Ensure meaningful interaction before closing pages.",
+            errorCode: -32105,
+            errorMessage: "[CDP Firewall] Page close after minimal interaction"
+          };
+        }
+        return null;
+      }
+      case "Runtime.evaluate":
+      case "Runtime.callFunctionOn": {
+        state.evaluateCount++;
+        if (state.evaluateCount > 50 && state.navigations.length === 0) {
+          return {
+            ruleId: "page-lifecycle",
+            action: "block",
+            severity: "info",
+            reason: "50+ evaluate calls without any Page.navigate \u2014 data extraction without real browsing.",
+            suggestion: "Navigate to a real page first. Evaluate on about:blank is suspicious.",
+            errorCode: -32106,
+            errorMessage: "[CDP Firewall] Excessive evaluate without navigation"
+          };
+        }
+        return null;
+      }
+      default:
+        return null;
+    }
+  }
+};
+
+// src/cdp-interceptor/rules-engine.ts
+var BUILTIN_RULES = [
+  domMutationRule,
+  automationSignalsRule,
+  fingerprintingRule,
+  eventSimulationRule,
+  mouseTrajectoryRule,
+  inputKeystrokeRule,
+  emulationOverrideRule,
+  networkAnomalyRule,
+  pageLifecycleRule
+];
+function createRuleEngine(customRules) {
+  const rules = [...BUILTIN_RULES, ...customRules ?? []].sort((a, b) => a.priority - b.priority);
+  const sessionStates = /* @__PURE__ */ new Map();
+  function getSessionState(sessionId) {
+    let state = sessionStates.get(sessionId);
+    if (!state) {
+      state = /* @__PURE__ */ new Map();
+      sessionStates.set(sessionId, state);
+    }
+    return state;
+  }
+  return {
+    start() {
+      sessionStates.clear();
+    },
+    stop() {
+      sessionStates.clear();
+    },
+    evaluate(ctx) {
+      const fullCtx = {
+        ...ctx,
+        sessionState: getSessionState(ctx.sessionId)
+      };
+      for (const rule of rules) {
+        if (rule.canHandle && !rule.canHandle(fullCtx)) continue;
+        const decision = rule.evaluate(fullCtx);
+        if (!decision) continue;
+        if (decision.action !== "pass") return decision;
+      }
+      return null;
+    }
+  };
+}
+
+// src/cdp-interceptor/logger.ts
+function createLogger(config) {
+  const buffer = [];
+  const MAX_BUFFER = 2e3;
+  return {
+    info(message, meta) {
+      if (!config.enableLogging) return;
+      const ts = (/* @__PURE__ */ new Date()).toISOString();
+      if (meta) {
+        console.log(`[CDPInterceptor ${ts}] ${message}`, JSON.stringify(meta));
+      } else {
+        console.log(`[CDPInterceptor ${ts}] ${message}`);
+      }
+    },
+    log(method, direction, sessionId, payload, decision) {
+      const entry = {
+        timestamp: Date.now(),
+        direction,
+        sessionId,
+        method,
+        payload: sanitizePayload(payload),
+        decision: decision ?? void 0
+      };
+      if (config.enableLogging) {
+        buffer.push(entry);
+        if (buffer.length > MAX_BUFFER) buffer.shift();
+        const tag = decision ? decision.action === "block" ? "\u{1F6AB}BLOCK" : decision.action === "transform" ? "\u{1F504}XFMR" : "\u2705" : "  ";
+        const reason = decision ? ` [${decision.severity}] ${decision.reason}` : "";
+        console.log(`[CDP] ${tag} ${direction} ${method}${reason}`);
+      }
+      return entry;
+    },
+    getRecent(count) {
+      return buffer.slice(-count);
+    },
+    flush() {
+      buffer.length = 0;
+    }
+  };
+}
+function sanitizePayload(payload) {
+  if (typeof payload !== "object" || payload === null) return { raw: String(payload) };
+  const obj = payload;
+  const cleaned = {};
+  for (const [key, value] of Object.entries(obj)) {
+    if (key === "data" && typeof value === "string" && value.length > 200) {
+      cleaned[key] = `<binary: ${value.length} chars>`;
+    } else if (key === "expression" && typeof value === "string" && value.length > 500) {
+      cleaned[key] = value.substring(0, 500) + "...";
+    } else {
+      cleaned[key] = value;
+    }
+  }
+  return cleaned;
+}
+
+// src/cdp-interceptor/advisor.ts
+function formatBlockMessage(decision, method) {
+  const adv = advise(decision, method);
+  const lines = [
+    `[CDP-FIREWALL-BLOCK] rule=${decision.ruleId}`,
+    `method=${method}`,
+    `reason=${decision.reason}`,
+    `suggestion=${decision.suggestion ?? adv.detail}`
+  ];
+  if (adv.codeExample) {
+    lines.push(`code-example=`);
+    lines.push(adv.codeExample);
+  }
+  return lines.join("\n");
+}
+function advise(decision, originalMethod) {
+  const baseAdvice = getBaseAdvice(decision, originalMethod);
+  return {
+    ruleId: decision.ruleId,
+    title: baseAdvice.title,
+    detail: decision.suggestion ?? baseAdvice.detail,
+    codeExample: baseAdvice.codeExample
+  };
+}
+function getBaseAdvice(decision, method) {
+  switch (decision.ruleId) {
+    case "dom-mutation":
+      return {
+        title: "Direct DOM property mutation blocked",
+        detail: `Your ${method} call tried to set a DOM property directly. In React/Vue/Angular, this bypasses the framework's virtual DOM completely meaning onChange/onInput never fires. The website CAN detect this mismatch as automation.`,
+        codeExample: [
+          "# \u274C BLOCKED \u2014 what you tried to do:",
+          `page.evaluate(\`el.value = 'hello'\`)  # triggers isTrusted=false`,
+          "",
+          "# \u2705 USE INSTEAD \u2014 proper CDP input dispatch:",
+          "page.fill('#selector', 'hello')           # Playwright: dispatches input+change events",
+          "page.type('#selector', 'hello', {delay})  # Playwright: real keystrokes",
+          "page.locator('#selector').fill('hello')   # Playwright: recommended API"
+        ].join("\n")
+      };
+    case "mouse-trajectory":
+      return {
+        title: "Unnatural mouse trajectory blocked",
+        detail: `Your ${method} sequence formed a perfectly linear path. Human hands have micro-tremors (1-3px variation at any point along the arc), acceleration curves, and never draw straight lines between distant points.`,
+        codeExample: [
+          "# \u274C BLOCKED \u2014 linear interpolation:",
+          "for i in range(20):",
+          "    page.mouse.move(x0 + (x1-x0)*(i/20), y0 + (y1-y0)*(i/20))",
+          "",
+          "# \u2705 USE INSTEAD \u2014 Bezier curves with overshoot:",
+          '# Use "ghost-cursor" or similar library',
+          "from ghost_cursor import path_to",
+          "path_to(page, (x1, y1))"
+        ].join("\n")
+      };
+    case "input-keystroke":
+      if (method === "Input.insertText") {
+        return {
+          title: "Input.insertText detected (logged, not blocked)",
+          detail: "Input.insertText bypasses native keyDown\u2192keyPress\u2192input\u2192keyUp events. Playwright uses this internally for page.fill(). Logged for observability."
+        };
+      }
+      return {
+        title: "Unnatural keystroke timing blocked",
+        detail: `Your ${method} calls have unnaturally constant timing (e.g., exact 50ms intervals). Human typing always has variation (CV > 0.2).`,
+        codeExample: [
+          "# \u274C BLOCKED \u2014 exact constant delay:",
+          "page.type('#input', 'hello', {delay: 50})  # every keystroke exactly 50ms apart",
+          "",
+          "# \u2705 USE INSTEAD \u2014 variable delay (human-like):",
+          "page.fill('#input', 'hello')               # recommended, dispatches events properly",
+          "# OR: type with randomized delay",
+          "page.type('#input', 'hello', {delay: 50 + Math.floor(Math.random() * 80)})"
+        ].join("\n")
+      };
+    case "automation-signals":
+      return {
+        title: "Browser automation marker detected",
+        detail: `Your ${method} call accessed a property/marker that anti-crawler systems check to detect automation. These markers (navigator.webdriver, window.__playwright, etc.) are the #1 detection vector.`,
+        codeExample: [
+          "# \u274C BLOCKED \u2014 don't check for automation markers:",
+          "navigator.webdriver      # NEVER check this",
+          "window.__playwright      # NEVER check this",
+          "chrome.runtime           # NEVER check this",
+          "",
+          "# \u2705 Just go about your business normally.",
+          "# Anti-detection is handled by the CDP firewall automatically."
+        ].join("\n")
+      };
+    case "fingerprinting":
+      return {
+        title: "Browser fingerprinting API access blocked",
+        detail: `Your ${method} call accessed a known fingerprinting API. These APIs (canvas.toDataURL, WebGL getParameter, AudioContext, etc.) are used by anti-crawler systems to build a unique device fingerprint.`,
+        codeExample: [
+          "# \u274C BLOCKED \u2014 fingerprinting vector:",
+          "canvas.toDataURL()                        # returns unique browser hash",
+          'gl.getParameter(gl.VENDOR)                # returns "SwiftShader" in headless',
+          "screen.availWidth - screen.availHeight    # no OS chrome in headless",
+          "",
+          "# \u2705 Avoid accessing these APIs. They are only used for fingerprinting."
+        ].join("\n")
+      };
+    case "event-simulation":
+      return {
+        title: "Synthetic event simulation blocked",
+        detail: `Your ${method} call simulated user interaction via el.click() or dispatchEvent(new Event(...)). These produce isTrusted=false events, which are 100% detectable by any anti-crawler that checks isTrusted on critical events.`,
+        codeExample: [
+          "# \u274C BLOCKED \u2014 synthetic events (isTrusted=false):",
+          "el.click()                                 # isTrusted=false",
+          'el.dispatchEvent(new Event("click"))       # isTrusted=false',
+          "el.focus()                                 # isTrusted=false",
+          "",
+          "# \u2705 USE INSTEAD \u2014 CDP-level input dispatch (isTrusted=true):",
+          "page.click(selector)                       # uses Input.dispatchMouseEvent",
+          "page.fill(selector, value)                 # dispatches real input events"
+        ].join("\n")
+      };
+    case "emulation-override":
+      return {
+        title: "CDP emulation override blocked",
+        detail: `Your ${method} call overrides browser behavior in a way that creates detectable inconsistencies. Anti-crawler systems cross-check multiple sources (e.g., navigator.userAgent vs HTTP User-Agent header) to catch these mismatches.`,
+        codeExample: [
+          "# \u274C BLOCKED \u2014 detectable emulation override:",
+          "Emulation.setUserAgentOverride(...)        # JS vs HTTP header mismatch",
+          "Emulation.setGeolocationOverride(...)       # IP geo vs overridden geo mismatch",
+          "Emulation.setDeviceMetricsOverride(...)     # matchMedia vs actual viewport",
+          "",
+          "# \u2705 These are handled automatically by the CDP firewall.",
+          "# Do NOT call them manually."
+        ].join("\n")
+      };
+    case "network-anomaly":
+      return {
+        title: "Network anomaly detected",
+        detail: `Your ${method} call triggered a network pattern that is characteristic of scrapers: blocking URLs, clearing caches, or intercepting requests.`,
+        codeExample: [
+          "# \u274C BLOCKED \u2014 scraper optimization:",
+          "Network.clearBrowserCache()                # natural users never do this",
+          'Network.setBlockedURLs(["*fonts*"])        # blocking resources is detectable',
+          "Fetch.enable()                             # MITM-style interception",
+          "",
+          "# \u2705 Let the browser manage its own cache and network normally."
+        ].join("\n")
+      };
+    case "page-lifecycle":
+      return {
+        title: "Suspicious page lifecycle pattern blocked",
+        detail: `Your ${method} call reveals an unnatural page interaction sequence: navigating too fast, taking screenshots before the page renders, or generating PDFs (a telltale scraper giveaway).`,
+        codeExample: [
+          "# \u274C BLOCKED \u2014 unnatural lifecycle:",
+          "page.goto(url); page.pdf()                 # PDF = scraper giveaway",
+          "page.goto(url); page.screenshot() <500ms   # screenshot before render",
+          "page.goto(url) 3x in <100ms               # rapid navigation barrage",
+          "",
+          "# \u2705 Add proper waits between actions:",
+          'page.goto(url, {waitUntil: "networkidle"})',
+          'page.waitForSelector("body")',
+          "page.screenshot()                          # after rendering"
+        ].join("\n")
+      };
+    default:
+      return {
+        title: decision.reason,
+        detail: decision.suggestion ?? `The CDP call "${method}" was blocked by rule "${decision.ruleId}".`
+      };
+  }
+}
+
+// src/cdp-interceptor/proxy.ts
+function makeCompoundId(cdpSessionId, rawSessionId) {
+  return `${cdpSessionId ?? "nil"}::${rawSessionId ?? "nil"}`;
+}
+var CDPInterceptorProxy = class {
+  wss = null;
+  engine;
+  config;
+  logger;
+  started = false;
+  stats = {
+    totalMessages: 0,
+    blockedMessages: 0,
+    transformedMessages: 0,
+    passedMessages: 0,
+    byRule: {}
+  };
+  constructor(config) {
+    this.config = config;
+    this.engine = createRuleEngine(config.rules);
+    this.logger = createLogger({
+      enableLogging: config.enableLogging ?? true,
+      logDir: config.logDir
+    });
+  }
+  /** The port the proxy is listening on (only valid after start()) */
+  get port() {
+    const addr = this.wss?.address();
+    if (addr && typeof addr === "object") return addr.port;
+    return 0;
+  }
+  /** Start the proxy server */
+  async start() {
+    if (this.started) return this.port;
+    return new Promise((resolve, reject) => {
+      this.wss = new WebSocketServer({ port: this.config.listenPort ?? 0 }, () => {
+        const port = this.port;
+        this.engine.start();
+        this.started = true;
+        this.logger.info("CDP interceptor proxy started", { port, endpoint: this.config.cdpEndpoint });
+        resolve(port);
+      });
+      this.wss.on("error", reject);
+      this.wss.on("connection", (clientWs, _req) => {
+        this.handleConnection(clientWs);
+      });
+    });
+  }
+  /** Stop the proxy server */
+  async stop() {
+    this.engine.stop();
+    this.logger.flush();
+    this.started = false;
+    return new Promise((resolve) => {
+      if (!this.wss) return resolve();
+      this.wss.close(() => resolve());
+      this.wss = null;
+    });
+  }
+  /** Get accumulated statistics */
+  getStats() {
+    return { ...this.stats };
+  }
+  /** Get recent log entries (for inspection) */
+  getRecentLogs(count = 50) {
+    return this.logger.getRecent(count);
+  }
+  // ── Connection handling ──────────────────────────────────────
+  handleConnection(clientWs) {
+    let browserWs = null;
+    let isAlive = true;
+    const pendingMessages = [];
+    browserWs = new WebSocket(this.config.cdpEndpoint);
+    clientWs.on("message", (raw) => {
+      if (browserWs && browserWs.readyState === WebSocket.OPEN) {
+        this.handleClientMessage(clientWs, browserWs, raw);
+      } else {
+        pendingMessages.push(raw);
+      }
+    });
+    browserWs.on("open", () => {
+      for (const buf of pendingMessages) {
+        this.handleClientMessage(clientWs, browserWs, buf);
+      }
+      pendingMessages.length = 0;
+    });
+    browserWs.on("error", (err) => {
+      this.logger.info("Browser WebSocket error", { error: String(err) });
+    });
+    browserWs.on("close", (code, reason) => {
+      if (isAlive && clientWs.readyState === WebSocket.OPEN) {
+        this.logger.info("Browser WS closed, closing client", { code, reason: String(reason) });
+        clientWs.close();
+      }
+    });
+    browserWs.on("message", (raw) => {
+      this.handleBrowserMessage(clientWs, browserWs, raw);
+    });
+    const cleanup = () => {
+      isAlive = false;
+      if (browserWs && browserWs.readyState === WebSocket.OPEN) {
+        browserWs.close();
+      }
+    };
+    clientWs.on("close", cleanup);
+    clientWs.on("error", cleanup);
+    browserWs.on("close", () => {
+      if (isAlive && clientWs.readyState === WebSocket.OPEN) {
+        clientWs.close();
+      }
+    });
+    browserWs.on("error", cleanup);
+  }
+  // ── Message processing ───────────────────────────────────────
+  handleClientMessage(clientWs, browserWs, raw) {
+    const msg = this.parseMessage(raw);
+    if (!msg) return;
+    this.stats.totalMessages++;
+    if (!("method" in msg)) {
+      browserWs.send(raw.toString());
+      return;
+    }
+    const request = msg;
+    const ctx = {
+      method: request.method,
+      params: request.params ?? {},
+      sessionId: makeCompoundId(browserWs._cdpSession, request.sessionId),
+      direction: "client\u2192browser"
+    };
+    const decision = this.engine.evaluate(ctx);
+    this.logger.log(ctx.method, "client\u2192browser", ctx.sessionId, { method: ctx.method, params: ctx.params }, decision);
+    if (decision) {
+      this.recordDecision(decision);
+    }
+    if (decision?.action === "block") {
+      const blockMsg = formatBlockMessage(decision, ctx.method);
+      const errorResponse = {
+        id: request.id,
+        error: {
+          code: decision.errorCode ?? -32e3,
+          message: blockMsg
+        },
+        sessionId: request.sessionId
+      };
+      this.stats.blockedMessages++;
+      console.error(`
+${blockMsg}
+`);
+      clientWs.send(JSON.stringify(errorResponse));
+      return;
+    }
+    if (decision?.action === "transform" && decision.transformedParams) {
+      const transformed = { ...request, params: decision.transformedParams };
+      this.stats.transformedMessages++;
+      browserWs.send(JSON.stringify(transformed));
+      return;
+    }
+    this.stats.passedMessages++;
+    browserWs.send(raw.toString());
+  }
+  handleBrowserMessage(clientWs, _browserWs, raw) {
+    const msg = this.parseMessage(raw);
+    if (!msg) {
+      clientWs.send(raw.toString());
+      return;
+    }
+    if ("method" in msg) {
+      const event = msg;
+      const ctx = {
+        method: event.method,
+        params: event.params ?? {},
+        sessionId: event.sessionId ?? "browser",
+        direction: "browser\u2192client"
+      };
+      const decision = this.engine.evaluate(ctx);
+      if (decision?.action === "block") {
+        return;
+      }
+    }
+    clientWs.send(raw.toString());
+  }
+  // ── Utilities ────────────────────────────────────────────────
+  parseMessage(raw) {
+    try {
+      return JSON.parse(raw.toString());
+    } catch {
+      return null;
+    }
+  }
+  recordDecision(decision) {
+    if (!this.stats.byRule[decision.ruleId]) {
+      this.stats.byRule[decision.ruleId] = { matched: 0, blocked: 0, transformed: 0 };
+    }
+    this.stats.byRule[decision.ruleId].matched++;
+    if (decision.action === "block") {
+      this.stats.byRule[decision.ruleId].blocked++;
+    } else if (decision.action === "transform") {
+      this.stats.byRule[decision.ruleId].transformed++;
+    }
+  }
+};
+
+export {
+  domMutationRule,
+  mouseTrajectoryRule,
+  inputKeystrokeRule,
+  automationSignalsRule,
+  fingerprintingRule,
+  eventSimulationRule,
+  emulationOverrideRule,
+  networkAnomalyRule,
+  pageLifecycleRule,
+  createRuleEngine,
+  advise,
+  CDPInterceptorProxy
+};