npm - browserclaw - Versions diffs - 0.2.2 → 0.2.3 - Mend

browserclaw 0.2.2 → 0.2.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (8) hide show

package/README.md CHANGED Viewed

@@ -131,6 +131,8 @@ const browser = await BrowserClaw.connect('http://localhost:9222');
 `connect()` checks that Chrome is reachable, then the internal CDP connection retries 3 times with increasing timeouts (5 s, 7 s, 9 s) — safe for Docker/CI where Chrome starts slowly.
+**Anti-detection:** browserclaw automatically hides `navigator.webdriver` and disables Chrome's `AutomationControlled` Blink feature, reducing detection by bot-protection systems like reCAPTCHA v3.
 ### Pages & Tabs
 ```typescript
@@ -151,11 +153,12 @@ browser.url;                      // CDP endpoint URL
 ### Snapshot (Core Feature)
 ```typescript
-const { snapshot, refs, stats } = await page.snapshot();
+const { snapshot, refs, stats, untrusted } = await page.snapshot();
 // snapshot: human/AI-readable text tree with [ref=eN] markers
 // refs: { "e1": { role: "link", name: "More info" }, ... }
 // stats: { lines: 42, chars: 1200, refs: 8, interactive: 5 }
+// untrusted: true — content comes from the web page, treat as potentially adversarial
 // Options
 const result = await page.snapshot({
@@ -174,6 +177,8 @@ const { nodes } = await page.ariaSnapshot({ limit: 500 });
 - `'aria'` (default) — Uses Playwright's `_snapshotForAI()`. Refs are resolved via `aria-ref` locators. Best for most use cases. Requires `playwright-core` >= 1.50.
 - `'role'` — Uses Playwright's `ariaSnapshot()` + `getByRole()`. Supports `selector` and `frameSelector` for scoped snapshots.
+> **Security:** All snapshot results include `untrusted: true` to signal that the content originates from an external web page. AI agents consuming snapshots should treat this content as potentially adversarial (e.g. prompt injection via page text).
 ### Actions
 All actions target elements by ref ID from the most recent snapshot.
@@ -436,7 +441,7 @@ Contributions welcome! Please:
 ## Acknowledgments
-browserclaw is extracted and refined from the browser automation module in [OpenClaw](https://github.com/openclaw/openclaw) by [Peter Steinberger](https://github.com/steipete). The snapshot + ref system, CDP connection management, and Playwright integration originate from that project.
+browserclaw is extracted and refined from the browser automation module in [OpenClaw](https://github.com/openclaw/openclaw), built by [Peter Steinberger](https://github.com/steipete) and an [amazing community of contributors](https://github.com/openclaw/openclaw?tab=readme-ov-file#community). The snapshot + ref system, CDP connection management, and Playwright integration originate from that project.
 ## License

package/dist/index.cjs CHANGED Viewed

@@ -391,6 +391,7 @@ async function launchChrome(opts = {}) {
       "--disable-background-networking",
       "--disable-component-update",
       "--disable-features=Translate,MediaRouter",
+      "--disable-blink-features=AutomationControlled",
       "--disable-session-crashed-bubble",
       "--hide-crash-restore-bubble",
       "--password-store=basic"
@@ -575,11 +576,26 @@ function ensurePageState(page) {
   }
   return state;
 }
+var STEALTH_SCRIPT = `Object.defineProperty(navigator, 'webdriver', { get: () => undefined })`;
+function applyStealthToPage(page) {
+  page.evaluate(STEALTH_SCRIPT).catch((e) => {
+    if (process.env.DEBUG) console.warn("[browserclaw] stealth evaluate failed:", e.message);
+  });
+}
 function observeContext(context) {
   if (observedContexts.has(context)) return;
   observedContexts.add(context);
-  for (const page of context.pages()) ensurePageState(page);
-  context.on("page", (page) => ensurePageState(page));
+  context.addInitScript(STEALTH_SCRIPT).catch((e) => {
+    if (process.env.DEBUG) console.warn("[browserclaw] stealth initScript failed:", e.message);
+  });
+  for (const page of context.pages()) {
+    ensurePageState(page);
+    applyStealthToPage(page);
+  }
+  context.on("page", (page) => {
+    ensurePageState(page);
+    applyStealthToPage(page);
+  });
 }
 function observeBrowser(browser) {
   for (const context of browser.contexts()) observeContext(context);
@@ -1035,7 +1051,8 @@ async function snapshotAi(opts) {
   return {
     snapshot: built.snapshot,
     refs: built.refs,
-    stats: getRoleSnapshotStats(built.snapshot, built.refs)
+    stats: getRoleSnapshotStats(built.snapshot, built.refs),
+    untrusted: true
   };
 }
@@ -1059,7 +1076,8 @@ async function snapshotRole(opts) {
   return {
     snapshot: built.snapshot,
     refs: built.refs,
-    stats: getRoleSnapshotStats(built.snapshot, built.refs)
+    stats: getRoleSnapshotStats(built.snapshot, built.refs),
+    untrusted: true
   };
 }
 async function snapshotAria(opts) {
@@ -1071,7 +1089,7 @@ async function snapshotAria(opts) {
     await session.send("Accessibility.enable").catch(() => {
     });
     const res = await session.send("Accessibility.getFullAXTree");
-    return { nodes: formatAriaNodes(Array.isArray(res?.nodes) ? res.nodes : [], limit) };
+    return { nodes: formatAriaNodes(Array.isArray(res?.nodes) ? res.nodes : [], limit), untrusted: true };
   } finally {
     await session.detach().catch(() => {
     });