veil-browser 0.1.0

package/dist/commands/search.js

@@ -0,0 +1,196 @@
+import chalk from 'chalk';
+import ora from 'ora';
+import { getBrowser, closeBrowser, humanDelay } from '../browser.js';
+// ─── DuckDuckGo (default, no CAPTCHA) ────────────────────────────────────────
+async function searchDuckDuckGo(query, headed) {
+    const { page } = await getBrowser({ headed });
+    try {
+        await page.goto(`https://duckduckgo.com/?q=${encodeURIComponent(query)}&ia=web`, {
+            waitUntil: 'domcontentloaded',
+            timeout: 30000,
+        });
+        await humanDelay(1200, 2000);
+        return await page.evaluate(() => {
+            return [...document.querySelectorAll('article[data-testid="result"]')]
+                .slice(0, 10)
+                .map((el) => ({
+                title: el.querySelector('h2')?.textContent?.trim() ?? '',
+                url: el.querySelector('a[data-testid="result-extras-url-link"]')?.getAttribute('href') ??
+                    el.querySelector('a[href^="http"]')?.getAttribute('href') ??
+                    '',
+                snippet: el.querySelector('[data-result="snippet"]')?.textContent?.trim() ??
+                    el.querySelector('span[class]')?.textContent?.trim() ??
+                    '',
+                source: 'duckduckgo',
+            }))
+                .filter((r) => r.title && r.url);
+        });
+    }
+    finally {
+        await closeBrowser();
+    }
+}
+// ─── Google (requires warmed session or CAPTCHA handling) ────────────────────
+async function searchGoogle(query, headed) {
+    const { page } = await getBrowser({ headed, platform: 'google' });
+    try {
+        await page.goto(`https://www.google.com/search?q=${encodeURIComponent(query)}&hl=en`, {
+            waitUntil: 'domcontentloaded',
+            timeout: 30000,
+        });
+        await humanDelay(1200, 2000);
+        // Check for CAPTCHA
+        const blocked = await page.evaluate(() => document.body.innerHTML.includes('unusual traffic') ||
+            document.body.innerHTML.includes('recaptcha'));
+        if (blocked) {
+            // Fall back to DDG silently
+            console.log(chalk.yellow('  ⚠️  Google blocked request, falling back to DuckDuckGo...'));
+            await closeBrowser('google');
+            return searchDuckDuckGo(query, headed);
+        }
+        const results = await page.evaluate(() => {
+            const items = [];
+            // Modern Google result selectors (2024-2026)
+            const containers = document.querySelectorAll('div[data-hveid][data-ved] h3, div.g h3, div[jscontroller] h3');
+            containers.forEach((h3) => {
+                const parent = h3.closest('div[data-hveid], div.g, div[jscontroller]') ?? h3.parentElement;
+                if (!parent)
+                    return;
+                const linkEl = parent.querySelector('a[href^="http"], a[href^="/url"]');
+                let url = linkEl?.href ?? '';
+                if (url.startsWith('/url?')) {
+                    const u = new URL('https://google.com' + url);
+                    url = u.searchParams.get('q') ?? url;
+                }
+                const snippetEl = parent.querySelector('[data-sncf], div.VwiC3b, span.aCOpRe, div[style*="-webkit-line-clamp"]');
+                const title = h3.textContent?.trim() ?? '';
+                if (title && url && url.startsWith('http')) {
+                    items.push({ title, url, snippet: snippetEl?.textContent?.trim() ?? '', source: 'google' });
+                }
+            });
+            return items.slice(0, 10);
+        });
+        await closeBrowser('google');
+        return results;
+    }
+    catch (err) {
+        await closeBrowser('google');
+        throw err;
+    }
+}
+// ─── Bing ───────────────────────────────────────────────────────────────────
+async function searchBing(query, headed) {
+    const { page } = await getBrowser({ headed });
+    try {
+        await page.goto(`https://www.bing.com/search?q=${encodeURIComponent(query)}`, {
+            waitUntil: 'domcontentloaded',
+            timeout: 30000,
+        });
+        await humanDelay(1000, 1800);
+        return await page.evaluate(() => [...document.querySelectorAll('li.b_algo')]
+            .slice(0, 10)
+            .map((el) => {
+            const titleEl = el.querySelector('h2 a');
+            return {
+                title: titleEl?.textContent?.trim() ?? '',
+                url: titleEl?.href ?? '',
+                snippet: el.querySelector('.b_caption p')?.textContent?.trim() ?? '',
+                source: 'bing',
+            };
+        })
+            .filter((r) => r.title && r.url));
+    }
+    finally {
+        await closeBrowser();
+    }
+}
+// ─── Twitter/X ──────────────────────────────────────────────────────────────
+async function searchTwitter(query, headed) {
+    const { page } = await getBrowser({ headed, platform: 'x' });
+    try {
+        await page.goto(`https://x.com/search?q=${encodeURIComponent(query)}&src=typed_query&f=live`, { waitUntil: 'domcontentloaded', timeout: 30000 });
+        await humanDelay(2000, 3000);
+        return await page.evaluate(() => [...document.querySelectorAll('[data-testid="tweet"]')]
+            .slice(0, 20)
+            .map((el) => {
+            const text = el.querySelector('[data-testid="tweetText"]')?.textContent?.trim() ?? '';
+            const author = el.querySelector('[data-testid="User-Name"]')?.textContent?.trim() ?? '';
+            const link = el.querySelector('a[href*="/status/"]')?.getAttribute('href') ?? '';
+            return {
+                title: author,
+                url: `https://x.com${link}`,
+                snippet: text,
+                source: 'twitter',
+            };
+        })
+            .filter((r) => r.snippet));
+    }
+    finally {
+        await closeBrowser('x');
+    }
+}
+// ─── Main command ────────────────────────────────────────────────────────────
+export async function searchCommand(query, opts) {
+    const limit = parseInt(opts.limit ?? '10');
+    const rawEngines = opts.engine ?? 'duckduckgo';
+    const engines = rawEngines.split(',').map((e) => e.trim().toLowerCase());
+    const spinner = ora({
+        text: `🔍 Searching "${query}" on ${engines.join(', ')}...`,
+        color: 'cyan',
+    }).start();
+    try {
+        const tasks = [];
+        for (const engine of engines) {
+            if (engine === 'google')
+                tasks.push(searchGoogle(query, opts.headed ?? false));
+            else if (engine === 'bing')
+                tasks.push(searchBing(query, opts.headed ?? false));
+            else if (engine === 'twitter' || engine === 'x')
+                tasks.push(searchTwitter(query, opts.headed ?? false));
+            else
+                tasks.push(searchDuckDuckGo(query, opts.headed ?? false)); // default + 'duckduckgo'
+        }
+        const settled = await Promise.allSettled(tasks);
+        const allResults = [];
+        for (const r of settled) {
+            if (r.status === 'fulfilled')
+                allResults.push(...r.value);
+            else
+                spinner.warn(chalk.yellow(`One engine failed: ${r.reason?.message}`));
+        }
+        // Deduplicate by URL
+        const seen = new Set();
+        const deduped = allResults
+            .filter((r) => {
+            if (!r.url || seen.has(r.url))
+                return false;
+            seen.add(r.url);
+            return true;
+        })
+            .slice(0, limit);
+        spinner.succeed(chalk.green(`Found ${deduped.length} results`));
+        if (opts.json) {
+            console.log(JSON.stringify({ success: true, query, results: deduped }, null, 2));
+        }
+        else {
+            console.log('');
+            deduped.forEach((r, i) => {
+                const badge = r.source === 'google' ? chalk.red('[G]')
+                    : r.source === 'bing' ? chalk.blue('[B]')
+                        : r.source === 'twitter' ? chalk.cyan('[X]')
+                            : chalk.yellow('[D]');
+                console.log(`${badge} ${chalk.bold(`${i + 1}. ${r.title}`)}`);
+                console.log(`   ${chalk.blue(r.url)}`);
+                if (r.snippet)
+                    console.log(`   ${chalk.gray(r.snippet.slice(0, 140))}`);
+                console.log('');
+            });
+        }
+    }
+    catch (err) {
+        spinner.fail(chalk.red(`Search failed: ${err.message}`));
+        if (opts.json)
+            console.log(JSON.stringify({ success: false, error: err.message }));
+        process.exit(1);
+    }
+}

package/dist/commands/session.d.ts

@@ -0,0 +1,2 @@
+export declare function sessionListCommand(): Promise<void>;
+export declare function logoutCommand(platform: string): Promise<void>;

package/dist/commands/session.js

@@ -0,0 +1,23 @@
+import chalk from 'chalk';
+import { listSessions, deleteSession } from '../session.js';
+export async function sessionListCommand() {
+    const sessions = await listSessions();
+    if (sessions.length === 0) {
+        console.log(chalk.gray('No saved sessions. Run: veil login <platform>'));
+        return;
+    }
+    console.log(chalk.cyan('\n🔐 Saved sessions:\n'));
+    for (const s of sessions) {
+        console.log(`  ${chalk.green('●')} ${chalk.bold(s)}`);
+    }
+    console.log('');
+}
+export async function logoutCommand(platform) {
+    const deleted = await deleteSession(platform.toLowerCase());
+    if (deleted) {
+        console.log(chalk.green(`✅ Session for ${chalk.bold(platform)} removed.`));
+    }
+    else {
+        console.log(chalk.yellow(`⚠️  No session found for ${chalk.bold(platform)}.`));
+    }
+}

package/dist/index.d.ts

@@ -0,0 +1,2 @@
+#!/usr/bin/env node
+export {};

package/dist/index.js

@@ -0,0 +1,123 @@
+#!/usr/bin/env node
+import { Command } from 'commander';
+import chalk from 'chalk';
+import { veilStartup } from './startup.js';
+import { loginCommand } from './commands/login.js';
+import { navigateCommand } from './commands/navigate.js';
+import { actCommand } from './commands/act.js';
+import { extractCommand } from './commands/extract.js';
+import { screenshotCommand } from './commands/screenshot.js';
+import { sessionListCommand, logoutCommand } from './commands/session.js';
+import { searchCommand } from './commands/search.js';
+import { startMcpServer } from './mcp.js';
+const program = new Command();
+program
+    .name('veil')
+    .description(chalk.cyan('🕶️  Stealth browser CLI for AI agents'))
+    .version('0.1.0');
+// --- Auth ---
+program
+    .command('login <platform>')
+    .description('Open visible browser for manual login, save session')
+    .action(loginCommand);
+program
+    .command('logout <platform>')
+    .description('Remove saved session for a platform')
+    .action(logoutCommand);
+// --- Browse ---
+program
+    .command('navigate <url>')
+    .description('Navigate to a URL in headless stealth mode')
+    .option('-p, --platform <platform>', 'Use saved session for this platform')
+    .option('-H, --headed', 'Run in visible browser mode')
+    .option('--json', 'Output JSON')
+    .action((url, opts) => navigateCommand(url, opts));
+program
+    .command('act <instruction>')
+    .description('Perform a natural language action in the browser')
+    .option('-p, --platform <platform>', 'Use saved session for this platform')
+    .option('-u, --url <url>', 'Navigate to this URL first')
+    .option('-H, --headed', 'Run in visible browser mode')
+    .option('--json', 'Output JSON')
+    .action((instruction, opts) => actCommand(instruction, opts));
+program
+    .command('extract <query>')
+    .description('Extract data from current page as JSON')
+    .option('-p, --platform <platform>', 'Use saved session for this platform')
+    .option('-u, --url <url>', 'Navigate to this URL first')
+    .option('-H, --headed', 'Run in visible browser mode')
+    .option('--json', 'Output JSON')
+    .action((query, opts) => extractCommand(query, opts));
+program
+    .command('screenshot')
+    .description('Take a screenshot of the current page')
+    .option('-p, --platform <platform>', 'Use saved session for this platform')
+    .option('-u, --url <url>', 'Navigate to this URL first')
+    .option('-o, --output <path>', 'Output file path')
+    .option('-H, --headed', 'Run in visible browser mode')
+    .option('--json', 'Output JSON')
+    .action((opts) => screenshotCommand(opts));
+// --- Search ---
+program
+    .command('search <query>')
+    .description('Search the web — google, bing, duckduckgo, or twitter')
+    .option('-e, --engine <engines>', 'Comma-separated engines: google,bing,duckduckgo,twitter', 'google')
+    .option('-p, --platform <platform>', 'Use saved session for platform search')
+    .option('-l, --limit <n>', 'Max results', '10')
+    .option('-H, --headed', 'Run in visible browser mode')
+    .option('--json', 'Output JSON')
+    .action((query, opts) => searchCommand(query, opts));
+// --- Sessions ---
+const sessionCmd = program.command('session').description('Manage saved sessions');
+sessionCmd.command('list').description('List all saved sessions').action(sessionListCommand);
+// --- Config ---
+program
+    .command('config')
+    .description('Set veil configuration (captcha provider, proxy, etc)')
+    .argument('<key>', 'Config key, e.g. captcha.provider')
+    .argument('<value>', 'Config value')
+    .action(async (key, value) => {
+    const { promises: fs } = await import('fs');
+    const { homedir } = await import('os');
+    const { join } = await import('path');
+    const configFile = join(homedir(), '.veil', 'config.json');
+    await fs.mkdir(join(homedir(), '.veil'), { recursive: true });
+    let config = {};
+    try {
+        config = JSON.parse(await fs.readFile(configFile, 'utf-8'));
+    }
+    catch { }
+    const parts = key.split('.');
+    let obj = config;
+    for (let i = 0; i < parts.length - 1; i++) {
+        obj[parts[i]] = obj[parts[i]] ?? {};
+        obj = obj[parts[i]];
+    }
+    obj[parts[parts.length - 1]] = value;
+    await fs.writeFile(configFile, JSON.stringify(config, null, 2), 'utf-8');
+    console.log(chalk.green(`✅ Set ${key} = ${value}`));
+});
+// --- MCP Server ---
+program
+    .command('serve')
+    .description('Start veil as an MCP tool server for AI agents')
+    .option('--port <port>', 'Port to listen on', '3456')
+    .action((opts) => startMcpServer(parseInt(opts.port)));
+// --- Status ---
+program
+    .command('status')
+    .description('Show veil status and saved sessions')
+    .action(async () => {
+    const { listSessions } = await import('./session.js');
+    const { isFlareSolverrUp } = await import('./local-captcha.js');
+    const sessions = await listSessions();
+    const flare = await isFlareSolverrUp();
+    console.log(chalk.cyan('\n🕶️  veil v0.1.0\n'));
+    console.log(`  Sessions:     ${sessions.length > 0 ? chalk.bold.green(sessions.join(', ')) : chalk.gray('none')}`);
+    console.log(`  FlareSolverr: ${flare ? chalk.green('running') : chalk.gray('not running')}`);
+    console.log(`  MCP:          ${chalk.gray('veil serve --port 3456')}`);
+    console.log('');
+});
+// Boot FlareSolverr in background on any command
+veilStartup();
+program.parse();

package/dist/local-captcha.d.ts

@@ -0,0 +1,17 @@
+import type { Page } from 'playwright';
+export declare function isFlareSolverrUp(): Promise<boolean>;
+export declare function ensureFlareSolverr(): Promise<boolean>;
+export declare function stopFlareSolverr(): Promise<void>;
+export declare function solveWithFlareSolverr(url: string): Promise<{
+    cookies: Array<{
+        name: string;
+        value: string;
+        domain: string;
+        path: string;
+    }>;
+    userAgent: string;
+    response: string;
+} | null>;
+export type CaptchaType = 'turnstile' | 'recaptcha-image' | 'recaptcha-v3' | 'hcaptcha' | 'text' | 'cloudflare' | null;
+export declare function detectCaptcha(page: Page): Promise<CaptchaType>;
+export declare function handleCaptchaLocally(page: Page): Promise<boolean>;

package/dist/local-captcha.js

@@ -0,0 +1,285 @@
+import { execSync } from 'child_process';
+import chalk from 'chalk';
+import ora from 'ora';
+const FLARESOLVERR_PORT = 8191;
+const FLARESOLVERR_IMAGE = 'ghcr.io/flaresolverr/flaresolverr:latest';
+const FLARESOLVERR_CONTAINER = 'veil-flaresolverr';
+// ─── Docker / FlareSolverr lifecycle ────────────────────────────────────────
+function isDockerAvailable() {
+    try {
+        execSync('docker info --format json', { stdio: 'pipe' });
+        return true;
+    }
+    catch {
+        return false;
+    }
+}
+function isFlareSolverrRunning() {
+    try {
+        const out = execSync(`docker ps --filter "name=${FLARESOLVERR_CONTAINER}" --filter "status=running" --format "{{.Names}}"`, { stdio: 'pipe' }).toString().trim();
+        return out.includes(FLARESOLVERR_CONTAINER);
+    }
+    catch {
+        return false;
+    }
+}
+async function pingFlareSolverr() {
+    try {
+        const res = await fetch(`http://localhost:${FLARESOLVERR_PORT}/v1`, {
+            method: 'POST',
+            headers: { 'Content-Type': 'application/json' },
+            body: JSON.stringify({ cmd: 'sessions.list' }),
+            signal: AbortSignal.timeout(3000),
+        });
+        return res.ok;
+    }
+    catch {
+        return false;
+    }
+}
+export async function isFlareSolverrUp() {
+    return pingFlareSolverr();
+}
+export async function ensureFlareSolverr() {
+    if (!isDockerAvailable()) {
+        console.log(chalk.yellow('⚠️  Docker not available — Cloudflare CAPTCHA bypass disabled'));
+        return false;
+    }
+    // Already up?
+    if (await pingFlareSolverr())
+        return true;
+    const spinner = ora({ text: '🐳 Starting FlareSolverr...', color: 'cyan' }).start();
+    try {
+        // Pull image if needed (silently)
+        if (!isFlareSolverrRunning()) {
+            try {
+                execSync(`docker inspect ${FLARESOLVERR_IMAGE}`, { stdio: 'pipe' });
+            }
+            catch {
+                spinner.text = '🐳 Pulling FlareSolverr image (first time only)...';
+                execSync(`docker pull ${FLARESOLVERR_IMAGE}`, { stdio: 'pipe' });
+            }
+            // Remove old stopped container if exists
+            try {
+                execSync(`docker rm -f ${FLARESOLVERR_CONTAINER}`, { stdio: 'pipe' });
+            }
+            catch { }
+            // Start container
+            execSync(`docker run -d --name ${FLARESOLVERR_CONTAINER} ` +
+                `-p ${FLARESOLVERR_PORT}:8191 ` +
+                `-e LOG_LEVEL=error ` +
+                `--restart unless-stopped ` +
+                `${FLARESOLVERR_IMAGE}`, { stdio: 'pipe' });
+        }
+        // Wait for it to be ready (up to 15s)
+        for (let i = 0; i < 15; i++) {
+            await new Promise(r => setTimeout(r, 1000));
+            if (await pingFlareSolverr()) {
+                spinner.succeed(chalk.green('✅ FlareSolverr ready'));
+                return true;
+            }
+        }
+        spinner.fail(chalk.red('FlareSolverr failed to start in time'));
+        return false;
+    }
+    catch (err) {
+        spinner.fail(chalk.red(`FlareSolverr error: ${err.message}`));
+        return false;
+    }
+}
+export async function stopFlareSolverr() {
+    try {
+        execSync(`docker stop ${FLARESOLVERR_CONTAINER}`, { stdio: 'pipe' });
+        console.log(chalk.gray('FlareSolverr stopped.'));
+    }
+    catch { }
+}
+// ─── Ollama vision solver (reCAPTCHA image grids) ───────────────────────────
+async function isOllamaAvailable() {
+    try {
+        const res = await fetch('http://localhost:11434/api/tags', { signal: AbortSignal.timeout(2000) });
+        return res.ok;
+    }
+    catch {
+        return false;
+    }
+}
+async function getOllamaVisionModel() {
+    try {
+        const res = await fetch('http://localhost:11434/api/tags');
+        const data = await res.json();
+        const models = (data.models ?? []).map((m) => m.name);
+        // Prefer these vision models in order
+        const preferred = ['llava', 'moondream', 'llava-phi3', 'bakllava', 'minicpm-v'];
+        for (const p of preferred) {
+            const found = models.find(m => m.toLowerCase().includes(p));
+            if (found)
+                return found;
+        }
+        return null;
+    }
+    catch {
+        return null;
+    }
+}
+async function solveImageCaptchaWithOllama(imageBase64, prompt, model) {
+    const res = await fetch('http://localhost:11434/api/generate', {
+        method: 'POST',
+        headers: { 'Content-Type': 'application/json' },
+        body: JSON.stringify({
+            model,
+            prompt,
+            images: [imageBase64],
+            stream: false,
+        }),
+    });
+    const data = await res.json();
+    return data.response?.trim() ?? '';
+}
+// ─── Tesseract OCR (text CAPTCHAs) ──────────────────────────────────────────
+async function solveTextCaptchaWithTesseract(imageBuffer) {
+    try {
+        // Dynamic import so it doesn't fail if not installed
+        const { createWorker } = await import('tesseract.js');
+        const worker = await createWorker('eng');
+        const { data: { text } } = await worker.recognize(imageBuffer);
+        await worker.terminate();
+        return text.replace(/\s+/g, '').trim();
+    }
+    catch {
+        throw new Error('tesseract.js not available — run: npm install -g tesseract.js');
+    }
+}
+// ─── FlareSolverr request proxy ─────────────────────────────────────────────
+export async function solveWithFlareSolverr(url) {
+    const available = await ensureFlareSolverr();
+    if (!available)
+        return null;
+    const spinner = ora({ text: '🛡️  Solving Cloudflare challenge...', color: 'cyan' }).start();
+    try {
+        const res = await fetch(`http://localhost:${FLARESOLVERR_PORT}/v1`, {
+            method: 'POST',
+            headers: { 'Content-Type': 'application/json' },
+            body: JSON.stringify({
+                cmd: 'request.get',
+                url,
+                maxTimeout: 60000,
+            }),
+            signal: AbortSignal.timeout(70000),
+        });
+        const data = await res.json();
+        if (data.status !== 'ok') {
+            spinner.fail(chalk.red(`FlareSolverr failed: ${data.message}`));
+            return null;
+        }
+        spinner.succeed(chalk.green('✅ Cloudflare challenge solved!'));
+        return {
+            cookies: data.solution?.cookies ?? [],
+            userAgent: data.solution?.userAgent ?? '',
+            response: data.solution?.response ?? '',
+        };
+    }
+    catch (err) {
+        spinner.fail(chalk.red(`FlareSolverr error: ${err.message}`));
+        return null;
+    }
+}
+export async function detectCaptcha(page) {
+    return await page.evaluate(() => {
+        const html = document.body?.innerHTML ?? '';
+        const bodyText = document.body?.innerText ?? '';
+        if (html.includes('challenges.cloudflare.com') || html.includes('cf-turnstile'))
+            return 'turnstile';
+        if (bodyText.includes('unusual traffic') || html.includes('recaptcha/enterprise'))
+            return 'cloudflare';
+        if (html.includes('recaptcha') && html.includes('rc-imageselect'))
+            return 'recaptcha-image';
+        if (html.includes('recaptcha'))
+            return 'recaptcha-v3';
+        if (html.includes('hcaptcha'))
+            return 'hcaptcha';
+        if (document.querySelector('img[alt*="captcha" i]'))
+            return 'text';
+        return null;
+    });
+}
+export async function handleCaptchaLocally(page) {
+    const type = await detectCaptcha(page);
+    if (!type)
+        return false;
+    console.log(chalk.yellow(`\n⚠️  CAPTCHA detected: ${chalk.bold(type)}`));
+    // Cloudflare Turnstile → FlareSolverr
+    if (type === 'turnstile' || type === 'cloudflare') {
+        const result = await solveWithFlareSolverr(page.url());
+        if (result) {
+            // Inject the solved cookies into the browser context
+            const context = page.context();
+            for (const cookie of result.cookies) {
+                await context.addCookies([{
+                        name: cookie.name,
+                        value: cookie.value,
+                        domain: cookie.domain,
+                        path: cookie.path ?? '/',
+                        expires: -1,
+                        httpOnly: false,
+                        secure: false,
+                        sameSite: 'Lax',
+                    }]).catch(() => { });
+            }
+            await page.reload({ waitUntil: 'domcontentloaded' }).catch(() => { });
+            return true;
+        }
+    }
+    // reCAPTCHA image grid → Ollama vision
+    if (type === 'recaptcha-image') {
+        const ollamaOk = await isOllamaAvailable();
+        const model = ollamaOk ? await getOllamaVisionModel() : null;
+        if (model) {
+            const spinner = ora({ text: `🤖 Solving image CAPTCHA with Ollama (${model})...`, color: 'cyan' }).start();
+            try {
+                // Screenshot just the CAPTCHA iframe area
+                const captchaEl = page.locator('iframe[src*="recaptcha"]').first();
+                const box = await captchaEl.boundingBox();
+                if (box) {
+                    const screenshotBuf = await page.screenshot({
+                        clip: { x: box.x, y: box.y, width: box.width, height: box.height }
+                    });
+                    const b64 = screenshotBuf.toString('base64');
+                    const answer = await solveImageCaptchaWithOllama(b64, 'This is a CAPTCHA image grid. Identify which tiles match the category shown. Reply with the tile positions (1-9, numbered left-to-right, top-to-bottom) that match. Be concise.', model);
+                    spinner.succeed(chalk.green(`Ollama says: ${answer}`));
+                    // Note: full injection requires more complex interaction, this is a best-effort
+                }
+            }
+            catch (err) {
+                spinner.fail(chalk.yellow(`Ollama solve failed: ${err.message}`));
+            }
+        }
+        else {
+            console.log(chalk.gray('  💡 Tip: Install a vision model with Ollama for auto-solve: ollama pull llava'));
+        }
+    }
+    // Text CAPTCHA → Tesseract
+    if (type === 'text') {
+        try {
+            const imgEl = page.locator('img[alt*="captcha" i]').first();
+            const imgSrc = await imgEl.getAttribute('src').catch(() => null);
+            if (imgSrc) {
+                const spinner = ora({ text: '🔤 Reading text CAPTCHA with Tesseract...', color: 'cyan' }).start();
+                const res = await fetch(imgSrc);
+                const buf = Buffer.from(await res.arrayBuffer());
+                const text = await solveTextCaptchaWithTesseract(buf);
+                spinner.succeed(chalk.green(`Tesseract read: "${text}"`));
+                // Fill into input
+                const input = page.locator('input[name*="captcha" i]').first();
+                await input.fill(text).catch(() => { });
+                await page.keyboard.press('Enter').catch(() => { });
+                return true;
+            }
+        }
+        catch { }
+    }
+    // Final fallback: human notification
+    console.log(chalk.cyan('\n🧑 Could not auto-solve. Please solve the CAPTCHA in a browser window.'));
+    console.log(chalk.gray('   Run: veil navigate ' + page.url() + ' --headed\n'));
+    return false;
+}

package/dist/mcp.d.ts

@@ -0,0 +1 @@
+export declare function startMcpServer(port?: number): Promise<void>;