leapfrog-mcp 0.0.1 → 0.6.2

package/LICENSE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2026 Anthony Bono
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

package/README.md

@@ -0,0 +1,380 @@
+<p align="center">
+<img src="hero.png" alt="Leapfrog" width="400" />
+</p>
+
+<h1 align="center">Leapfrog</h1>
+<p align="center"><strong>Multi-session browser MCP for AI agents.</strong><br/>36 tools. 15 parallel sessions. Stealth. HUD. Self-improvement. Up to 10x fewer tokens.</p>
+
+<p align="center">
+<code>npm i leapfrog-mcp</code>&nbsp;&nbsp;|&nbsp;&nbsp;Works with Claude Code, Cursor, Windsurf
+</p>
+
+---
+
+## The Problem
+
+Playwright MCP sends **~14,000 tokens** for a content-heavy page like Hacker News. Most of that is noise. Your context window fills up. Your agent gets confused. You pay for it.
+
+Leapfrog sends **~1,400 tokens**. Same page. Same information. Up to 10x less noise.
+
+```
+┌─────────────────────────────────────────────────────┐
+│  Playwright MCP                                     │
+│  ████████████████████████████████████████  ~14,000   │
+│                                                     │
+│  Leapfrog                                           │
+│  █████                                    ~1,400    │
+└─────────────────────────────────────────────────────┘
+          tokens per page (Hacker News, real test)
+```
+
+Savings range from 2-10x depending on page complexity. Content-heavy pages see the biggest wins. Dense forms see the smallest. The median across real-world sites is **~4-5x**.
+
+## Quick Start
+
+```bash
+npx leapfrog-mcp --doctor          # verify everything works
+npx leapfrog-mcp --stealth-audit   # test all 19 stealth patches
+npx leapfrog-mcp --config          # print MCP config to paste
+```
+
+Add to `~/.mcp.json` (Claude Code) or your editor's MCP config:
+
+```json
+{
+  "leapfrog": {
+    "command": "npx",
+    "args": ["-y", "leapfrog-mcp"],
+    "env": {
+      "LEAP_MAX_SESSIONS": "15",
+      "LEAP_TILE": "true",
+      "LEAP_HUD": "true",
+      "LEAP_AUTO_CONSENT": "true"
+    }
+  }
+}
+```
+
+Leapfrog uses `playwright-core` (15MB) instead of `playwright` (1.6GB) and does **not** bundle a browser. Either:
+- Set `LEAP_CHANNEL=chrome` to use your installed Chrome/Chromium (recommended)
+- Or run `npx playwright-core install chromium` to install the bundled Chromium binary
+- Or set `LEAP_CDP_ENDPOINT` to connect to an already-running Chrome instance
+
+## Feature Matrix
+
+| | Leapfrog | Playwright MCP | agent-browser |
+|---|:---:|:---:|:---:|
+| Tokens per page | **~1,200-2,500** | ~3,800-15,000 | ~300 |
+| Parallel sessions | **15** | 1 | 1 |
+| Session isolation | Yes | No | No |
+| Multi-tab / popups | Yes | No | No |
+| Network intercept | Yes | No | No |
+| Console capture | Yes | Yes | No |
+| Stealth / anti-bot | Yes | No | No |
+| Smart wait (5 types) | Yes | Basic | No |
+| Crash recovery | Yes | No | No |
+| Batch actions (100/call) | Yes | No | No |
+| Init script injection | Yes | Yes | No |
+| Drag / upload / resize | Yes | Yes | No |
+| Per-session proxy | Yes | No | No |
+| Humanization (opt-in) | Yes | No | No |
+| Auth profile reuse | Yes | No | No |
+| Cookie persistence | Yes | No | No |
+| Page classification (18) | Yes | No | No |
+| Session memory | Yes | No | No |
+| API intelligence | Yes | No | No |
+| Adaptive wait + auto-retry | Yes | No | No |
+| CAPTCHA auto-resolve | Yes | No | No |
+| Self-improvement (9 dims) | Yes | No | No |
+| Record / replay | Yes | No | No |
+| Pagination extraction | Yes | No | No |
+| Incremental snapshots (diff) | Yes | No | No |
+| Stealth self-test CLI | Yes | No | No |
+| SSRF protection | Yes | No | No |
+
+## Stealth
+
+Leapfrog ships 19 anti-detection patches enabled by default (`LEAP_STEALTH=true`). Four modes:
+
+- **`true`** (default) — all 19 patches active
+- **`passive`** — removes automation signals only (webdriver, HeadlessChrome). Does NOT fake identity (WebGL, fonts, audio). Better for sites where trust matters more than evasion.
+- **`auto`** — per-domain EXP3 bandit selects the optimal stealth configuration based on what's worked before
+- **`false`** — no stealth patches
+
+These cover the vectors that fingerprint services like CreepJS and fingerprint-pro actually check:
+
+- Client Hints brands (strips HeadlessChrome)
+- `navigator.webdriver` forced to `undefined`
+- WebGL vendor/renderer (replaces SwiftShader with real GPU strings)
+- Connection RTT (non-zero)
+- Alert dismiss timing (human-speed delay)
+- Window outer/inner height offset
+- MIME type array population
+- Platform inference from user agent
+- `chrome.app` emulation
+- iframe `contentWindow` protection
+- Media codec spoofing (`canPlayType`)
+- `document.hasFocus()` override
+- Source URL comment stripping
+- Custom UA + stealth coexistence (custom user agents no longer disable stealth context)
+- CDP `Runtime.enable` detection (`Error.prepareStackTrace` filter)
+- Permissions API spoofing (20+ permission types)
+- AudioContext fingerprint noise (`getChannelData`/`getFloatFrequencyData`)
+- WebRTC IP leak prevention (ICE candidate filtering)
+- Font enumeration fingerprint spoofing
+
+Per-session stealth control: pass `stealth: false` in `session_create` to disable for a specific session.
+
+## Humanization (Experimental)
+
+Set `LEAP_HUMANIZE=true` to enable human-like browser interaction. This is opt-in and adds latency in exchange for more realistic behavior. Six modules:
+
+- **Mouse** — Bezier curve paths with Fitts's Law timing and micro-tremor jitter
+- **Typing** — Log-normal inter-key delays (200ms median), key dwell time, bigram-aware speed, rollover typing
+- **Scroll** — Inertial simulation with ramp-up and momentum decay (touchpad/mouse-wheel physics)
+- **Pause** — Inter-action "think" delays that simulate cognitive gaps between actions
+- **Fingerprint** — Coherent browser fingerprint generation (platform, device memory, GPU, timezone)
+- **Utils** — Shared math primitives (Box-Muller gaussian, distributions)
+
+## Page Classification
+
+Every `navigate` and `snapshot` call automatically classifies the page type using weighted signal scoring (no LLM required). 18 types:
+
+`login` · `search-results` · `product` · `product-list` · `checkout` · `article` · `dashboard` · `form` · `error` · `challenge` · `landing` · `documentation` · `profile` · `media` · `feed` · `qa` · `ecommerce` · `unknown`
+
+Classification drives smarter snapshot extraction — login pages surface form fields, articles surface content, dashboards surface interactive elements.
+
+## Harness Intelligence
+
+The harness tracks every action in a session and classifies outcomes:
+
+- **Action outcome classification** — `SUCCESS`, `SILENT_CLICK`, `NAVIGATION`, `WRONG_ELEMENT`, `BLOCKED`, `ERROR`, `PENDING`
+- **Bot redirect detection** — detects when a site redirects to a challenge or block page after an action
+- **Loop detection** — warns when the agent is stuck clicking the same element, ping-ponging between URLs, or repeating actions
+- **Session memory** — `session_memory` tool recalls actions after context window compression
+
+## Cookie Persistence
+
+Persistent browser profiles now use `context.cookies()` + `addCookies()` instead of `storageState()`, which returns empty on persistent contexts. Auth state survives across sessions.
+
+## Adaptive Wait + Stealth Escalation
+
+Navigate automatically retries with fallback strategies when pages fail to load:
+
+1. Try `load` (fastest) — if empty, retry with `networkidle` (10s cap)
+2. If `networkidle` times out (Amazon, ad-heavy sites), fall back to `domcontentloaded`
+3. If blocked/challenged, escalate stealth: random delays → wait for JS challenge → rotate session with fresh fingerprint
+4. Profile sessions (auth'd) never have their session destroyed — hard-capped at Level 2
+
+Opt-out with `autoRetry: false` on `navigate`. Control max escalation with `maxRetryLevel` (0-5, default 3).
+
+## Record / Replay
+
+Export a session's action history as a replayable recording, then replay it in new sessions:
+
+- **`session_export`** — creates parameterized JSON or Playwright script from session history. `@eN` refs resolved to stable CSS selectors. Auto-detects emails, passwords, URLs as `{{placeholders}}`.
+- **`session_replay`** — replays a recording with parameter overrides. Supports `onError: 'stop'` or `'skip'`.
+
+Turn one-off agent workflows into reusable automations.
+
+## Pagination Extraction
+
+Extract data across multiple pages in a single tool call:
+
+- **Click-next** — auto-detects "Next" buttons, pagination links, "Load more" buttons
+- **Infinite scroll** — scrolls and waits for new content via DOM hash comparison
+- **URL pattern** — increments `?page={page}` or custom patterns
+
+Replaces 3-4 tool calls per page. Cap: 50 pages, 100K total chars. Stops on: no next button, empty page, duplicate content, or bot detection.
+
+## Incremental Snapshots
+
+The `diff` tool returns only what changed since the last snapshot — additions, removals, changes. Massive token savings for monitoring and polling workflows.
+
+## HUD Overlays (`LEAP_HUD=true`)
+
+When running headed, Leapfrog overlays visual feedback on every session:
+
+- **Click ripple** — expanding green circle at click coordinates (agent actions only)
+- **Zoom-to-target** — browser zooms to 1.15x on the clicked element briefly so agents (and humans) can visually track what's happening in tiled windows
+- **Scroll-to-target** — scrollIntoView before clicks so you can see what the agent is about to click
+
+Minimal by design. No borders, no status bars, no cursor overlay — just the feedback that matters.
+
+## Multi-Terminal Tiling (`LEAP_TILE=true`)
+
+Multiple Leapfrog instances share the screen via file-based coordination. Each instance tracks its own windows and a TilesCoordinator assigns global grid slots — no overlap, no manual arrangement. Set `LEAP_TILE=true` (or `LEAP_TILE=master` for the primary instance). Padding between tiles is configurable with `LEAP_TILE_PADDING` (default 8px).
+
+## Human Intervention
+
+Leapfrog auto-detects situations that need a human — CAPTCHAs, login forms, OAuth redirects, Cloudflare challenges — and tries to self-resolve before pausing.
+
+- **Auto-resolves first:** clicks reCAPTCHA checkboxes, Cloudflare verify buttons, generic verify/continue buttons, then a second-pass retry — all before asking for help
+- **External solvers:** set `LEAP_CAPTCHA_PROVIDER` + `LEAP_CAPTCHA_API_KEY` for CapSolver, 2Captcha, or NopeCHA integration
+- **Learns what works:** remembers which resolution method succeeded per domain and tries the known-good method first on revisit
+- Detects reCAPTCHA, hCaptcha, Turnstile, login forms, OAuth redirects, Cloudflare challenges
+- Tab title changes to "NEEDS HUMAN" when intervention is needed
+- `wait_for_human` tool — agent calls when stuck, blocks until you resolve it or navigate past
+
+## Cookie Consent Auto-Dismiss (`LEAP_AUTO_CONSENT=true`)
+
+Automatically dismisses cookie consent banners across 10 frameworks (OneTrust, CookieBot, TrustArc, Quantcast, Didomi, Cookielaw, Osano, Usercentrics, + generic) plus text-matching fallback. Per-domain selector caching for instant replay on revisit.
+
+## Tracing (`LEAP_TRACE=true`)
+
+Per-session Playwright tracing with screenshots + DOM snapshots. Export ZIP files viewable at `trace.playwright.dev` via the `session_export_trace` tool. Auto-saves on session destroy.
+
+## Self-Improvement
+
+Leapfrog learns from every visit. Per-domain knowledge persists at `~/.leapfrog/domains/{domain}.json` — 9 dimensions, all automatic:
+
+| # | Dimension | What it does |
+|---|---|---|
+| 1 | **Wait strategies** | Learns optimal wait method per domain (`networkidle` vs `domcontentloaded` vs `load`) + running average timing |
+| 2 | **Stealth tiers** | Auto-escalates 0→3 when blocks are detected (2+ blocks in 1 hour). Starts at learned tier on revisit |
+| 3 | **Consent selectors** | Remembers cookie banner dismiss selectors, auto-clicks on revisit |
+| 4 | **Challenge resolution** | Records which CAPTCHA method worked (reCAPTCHA checkbox, Cloudflare verify, etc.), tries known-good method first |
+| 5 | **Stable element suppression** | Identifies nav/footer/sidebar elements seen 3+ visits, suppresses from snapshots (30-40% token savings on mature domains) |
+| 6 | **Selector healing** | Remembers element fingerprints → selectors, heals broken refs across visits |
+| 7 | **API endpoint caching** | Discovered API endpoints persist across sessions |
+| 8 | **Interaction heat maps** | Tracks which elements agents actually use, suppresses untouched elements _(coming)_ |
+| 9 | **Strategy selection** | Adversarial bandit (EXP3) for stealth config optimization. Use `LEAP_STEALTH=auto` to enable. |
+
+LRU eviction at 500 domains. Inspect with the `domain_knowledge` tool.
+
+## SSRF Hardening
+
+URL validation blocks hex-encoded IPs (`0x7f000001`), octal notation (`0177.0.0.1`), CGNAT ranges (`100.64.0.0/10`), and redirect chains that resolve to internal addresses. Localhost and `127.0.0.0/8` are allowed by default for local dev workflows — set `LEAP_BLOCK_LOCALHOST=true` to block them.
+
+## The Ecosystem
+
+Leapfrog uses pond metaphors to keep things memorable. Your agent is the frog.
+
+| Concept | Leapfrog term | What it means |
+|---|---|---|
+| Sessions | **Ponds** | Isolated browser contexts — cookies, storage, state |
+| Tabs | **Lily pads** | Where the frog lands within a pond |
+| Navigate | **Leap** | Jump to a URL, get a compact snapshot back |
+| Snapshots | **Surface** | What you see on the surface — interactive `@eN` refs |
+| Network traffic | **Ripple** | HTTP requests flowing under the surface |
+| Console errors | **Croak** | Something went wrong in the browser |
+| Stealth mode | **Camouflage** | Anti-bot evasion patches |
+
+## All 36 Tools
+
+### Pond Management (11)
+
+| Tool | What it does |
+|---|---|
+| `session_create` | Open a new pond — isolated cookies, state, viewport, locale, timezone, stealth, proxy |
+| `session_destroy` | Drain a pond and free the slot |
+| `session_list` | See all active ponds with URLs and idle times |
+| `session_save_profile` | Save auth state to disk for future ponds |
+| `session_list_profiles` | List saved auth profiles |
+| `pool_status` | Pool stats, memory, uptime |
+| `session_health` | Is the pond healthy? Browser connected, page responsive? |
+| `profile_list` | List saved persistent browser profiles |
+| `profile_delete` | Delete a saved persistent browser profile and its data |
+| `profile_import_from_chrome` | Import cookies and state from an installed Chrome profile |
+| `profile_warm` | Pre-warm a profile by loading key URLs to establish cookies/state |
+
+### Navigation & Snapshots (12)
+
+| Tool | What it does |
+|---|---|
+| `navigate` | Leap to a URL, return a compact `@eN` snapshot. Adaptive wait + stealth escalation built in. |
+| `snapshot` | Re-read the surface (scope with CSS selector) |
+| `diff` | Incremental snapshot — returns only what changed since last snapshot |
+| `act` | Click, fill, type, check, select, press, scroll, hover, mousemove, drag, upload, resize, back, forward |
+| `batch_actions` | Up to 100 sequential actions in one MCP call — eliminates round-trip overhead |
+| `paginate` | Extract data across multiple pages in one call (click-next, scroll, URL pattern) |
+| `add_init_script` | Inject JS that runs before every page load, persists across navigations |
+| `wait_for` | Wait for element / text / network idle / navigation / JS expression |
+| `screenshot` | Capture PNG (full page or element) |
+| `extract` | Pull text, HTML, title, URL, or evaluate JS |
+| `session_memory` | Recall actions performed in this session — recovers context after compression |
+| `session_export` | Export session history as a replayable JSON recording or Playwright script |
+
+### Tab Management (3)
+
+| Tool | What it does |
+|---|---|
+| `tabs_list` | List all pads in a pond |
+| `tab_switch` | Hop to another pad (-1 for most recent popup) |
+| `tab_close` | Close a pad (can't close the last one) |
+
+### Agent Intelligence (3)
+
+| Tool | What it does |
+|---|---|
+| `wait_for_human` | Pause for human intervention — blocks until user clicks Done on the `@..@` overlay |
+| `domain_knowledge` | Inspect what Leapfrog has learned about a domain (wait strategies, stealth tiers, endpoints) |
+| `session_export_trace` | Export a Playwright trace ZIP — viewable at trace.playwright.dev |
+
+### Network & API Intelligence (7)
+
+| Tool | What it does |
+|---|---|
+| `network_log` | See HTTP traffic — filter by URL, method, status, content-type |
+| `console_log` | Read browser console output, filtered by level |
+| `network_intercept` | Block, mock, or log requests by URL pattern |
+| `api_discover` | List JSON APIs the page has called, classified by category (data, tracking, auth, cdn, ads) |
+| `api_export` | Generate an OpenAPI v3 spec from observed API traffic |
+| `execute` | Run a Playwright script in a sandboxed environment — replaces 5-20 sequential MCP round trips |
+| `session_replay` | Replay a recording in the current session with parameter overrides |
+
+## Environment Variables
+
+| Variable | Default | Description |
+|---|---|---|
+| `LEAP_MAX_SESSIONS` | `15` | Max concurrent sessions |
+| `LEAP_IDLE_TIMEOUT` | `1800000` | Session idle timeout in ms (30 min). Set `0` to disable. |
+| `LEAP_HEADLESS` | `true` | Set `false` to watch the browser |
+| `LEAP_HEADED` | `false` | Set `true` to watch the browser (positive alternative to `LEAP_HEADLESS`) |
+| `LEAP_CHANNEL` | _(bundled chromium)_ | Set `chrome` to use your installed Chrome |
+| `LEAP_CDP_ENDPOINT` | _(none)_ | Connect to a running Chrome instance (e.g. `http://localhost:9222`) |
+| `LEAP_EXTENSIONS` | _(none)_ | Comma-separated paths to browser extensions to load |
+| `LEAP_ALLOW_JS` | `true` | Allow JS evaluation in `extract` and `wait_for` |
+| `LEAP_STEALTH` | `true` | Stealth mode: `true` \| `passive` \| `auto` \| `false`. See Stealth section. |
+| `LEAP_STEALTH_PROFILES` | `false` | Enable stealth patches on profile (auth'd) sessions |
+| `LEAP_CDP_STEALTH` | `true` | CDP detection evasion (`Runtime.enable` filtering) |
+| `LEAP_HUMANIZE` | `false` | Experimental. Human-like mouse movement, typing cadence, and scroll behavior. |
+| `LEAP_ALLOW_EXECUTE` | `true` | Allow the `execute` tool (sandboxed Playwright scripts) |
+| `LEAP_BLOCK_LOCALHOST` | `false` | Block localhost/127.x.x.x (allowed by default for local dev) |
+| `LEAP_PROFILES_DIR` | `~/.leapfrog/chrome-profiles` | Directory for persistent browser profiles |
+| `LEAP_TILE` | `false` | Tile sessions in a grid (`true` \| `master` \| `false`) |
+| `LEAP_TILE_PADDING` | `8` | Padding between tiled windows (px) |
+| `LEAP_MULTI_TILE` | `false` | Multi-terminal tiling coordination across Leapfrog instances |
+| `LEAP_SCREEN_WIDTH` | _(auto)_ | Explicit screen width for tiling calculations |
+| `LEAP_SCREEN_HEIGHT` | _(auto)_ | Explicit screen height for tiling calculations |
+| `LEAP_HUD` | `false` | Click ripple, zoom-to-target, scroll-to-target on agent actions |
+| `LEAP_AUTO_CONSENT` | `true` | Auto-dismiss cookie consent banners (10 frameworks + fallback) |
+| `LEAP_TRACE` | `false` | Per-session Playwright tracing (screenshots + DOM snapshots) |
+| `LEAP_RECORD` | `false` | Session recording (action history export) |
+| `LEAP_REBROWSER` | `false` | Enable Rebrowser integration |
+| `LEAP_AUTO_WARM` | `false` | Auto-warm profiles by loading key URLs on session create |
+| `LEAP_CAPTCHA_PROVIDER` | _(none)_ | External CAPTCHA solver: `capsolver` \| `2captcha` \| `nopecha` |
+| `LEAP_CAPTCHA_API_KEY` | _(none)_ | API key for the configured CAPTCHA provider |
+| `LEAP_MAX_SESSIONS_PER_CLIENT` | _(none)_ | Per-client session pool limit |
+| `LEAP_LOG_LEVEL` | `info` | `debug` / `info` / `warn` / `error` |
+
+## Tests
+
+```
+ 769 passing across 31 suites
+```
+
+Session management, snapshot engine, snapshot differ, network intelligence, tab management, security, SSRF protection, stealth patches (19), stealth enhanced, humanization (mouse, typing, scroll), page classification, harness intelligence, API intelligence, script executor, extended actions, HUD overlays, human intervention, cookie consent, domain knowledge, selector healing, stable elements, tile manager, bug regression, integration smoke, stress tests, benchmarks.
+
+```bash
+npm test
+```
+
+## Requirements
+
+- Node.js >= 20
+- Chromium — use system Chrome (`LEAP_CHANNEL=chrome`) or install via `npx playwright-core install chromium`
+
+## License
+
+MIT

package/dist/browser-launcher.d.ts

@@ -0,0 +1,15 @@
+import type { BrowserType, Browser } from "playwright-core";
+declare const LEAP_REBROWSER: boolean;
+export { LEAP_REBROWSER };
+/**
+ * Returns the `chromium` browser type from either rebrowser-playwright-core
+ * (when LEAP_REBROWSER=true and installed) or standard playwright-core.
+ * Result is cached after first resolution.
+ */
+/**
+ * Resolve the full (non-headless-shell) Chromium executable path.
+ * Playwright ships two binaries: chrome-headless-shell (default) and full chrome.
+ * When launching headed, we MUST use the full binary or windows are invisible.
+ */
+export declare function resolveHeadedExecutablePath(): string | undefined;
+export declare function getChromium(): Promise<BrowserType<Browser>>;

package/dist/browser-launcher.js

@@ -0,0 +1,86 @@
+// ─── Browser Launcher ──────────────���───────────────────────────────────────
+//
+// Dynamic browser launcher that switches between standard playwright-core
+// and rebrowser-playwright-core based on the LEAP_REBROWSER env var.
+//
+// rebrowser-playwright-core is a patched fork that avoids Runtime.enable
+// CDP detection — the #1 automation fingerprint. When LEAP_REBROWSER=true,
+// we use it instead of standard playwright-core. If the package isn't
+// installed, we log a warning and fall back gracefully.
+//
+// Usage:
+//   const chromium = await getChromium();
+//   const browser  = await chromium.launch();
+import { logger } from "./logger.js";
+// ─── Configuration ─────────────────���──────────────────────────────────────
+const LEAP_REBROWSER = process.env.LEAP_REBROWSER === "true";
+export { LEAP_REBROWSER };
+// ─── Cached Imports ──────────────────���────────────────────────────────────
+let cachedChromium = null;
+// ─── Public API ───────��────────────────────────────────────���──────────────
+/**
+ * Returns the `chromium` browser type from either rebrowser-playwright-core
+ * (when LEAP_REBROWSER=true and installed) or standard playwright-core.
+ * Result is cached after first resolution.
+ */
+/**
+ * Resolve the full (non-headless-shell) Chromium executable path.
+ * Playwright ships two binaries: chrome-headless-shell (default) and full chrome.
+ * When launching headed, we MUST use the full binary or windows are invisible.
+ */
+export function resolveHeadedExecutablePath() {
+    try {
+        // Import synchronously from the cached module
+        const pw = require("playwright-core");
+        const shellPath = pw.chromium.executablePath();
+        // If it's already the full binary, no fixup needed
+        if (!shellPath.includes("headless_shell") && !shellPath.includes("headless-shell")) {
+            return undefined; // let Playwright handle it
+        }
+        // Map headless shell path → full chromium path
+        let fullPath = shellPath
+            .replace(/chromium_headless_shell-(\d+)/, "chromium-$1")
+            .replace(/chrome-headless-shell-win64/g, "chrome-win64")
+            .replace(/chrome-headless-shell\.exe/g, "chrome.exe")
+            .replace(/chrome-headless-shell-linux64/g, "chrome-linux64")
+            .replace(/chrome-headless-shell-mac-arm64/g, "chrome-mac-arm64")
+            .replace(/chrome-headless-shell-mac/g, "chrome-mac")
+            .replace(/chrome-headless-shell/g, "chrome");
+        // Verify the full binary exists
+        const fs = require("fs");
+        if (fs.existsSync(fullPath)) {
+            logger.info("browser-launcher:headed-binary-resolved", { from: shellPath, to: fullPath });
+            return fullPath;
+        }
+        logger.warn("browser-launcher:headed-binary-not-found", { expected: fullPath, shell: shellPath });
+        return undefined;
+    }
+    catch {
+        return undefined;
+    }
+}
+export async function getChromium() {
+    if (cachedChromium)
+        return cachedChromium;
+    if (LEAP_REBROWSER) {
+        try {
+            // Dynamic import — rebrowser-playwright-core mirrors playwright-core's API surface
+            const mod = await import(/* @vite-ignore */ "rebrowser-playwright-core");
+            cachedChromium = mod.chromium;
+            logger.info("browser-launcher:rebrowser", {
+                message: "Using rebrowser-playwright-core for enhanced stealth",
+            });
+            return cachedChromium;
+        }
+        catch {
+            logger.warn("browser-launcher:rebrowser-fallback", {
+                message: "rebrowser-playwright-core not installed. " +
+                    "Install with: npm i rebrowser-playwright-core. " +
+                    "Falling back to playwright-core.",
+            });
+        }
+    }
+    const mod = await import("playwright-core");
+    cachedChromium = mod.chromium;
+    return cachedChromium;
+}

package/dist/index.d.ts

@@ -0,0 +1,2 @@
+#!/usr/bin/env node
+export {};