agentic-stealth-browser 2.3.0__tar.gz → 2.4.0__tar.gz

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (136) hide show
  1. {agentic_stealth_browser-2.3.0 → agentic_stealth_browser-2.4.0}/CHANGELOG.md +46 -0
  2. {agentic_stealth_browser-2.3.0 → agentic_stealth_browser-2.4.0}/PKG-INFO +42 -12
  3. {agentic_stealth_browser-2.3.0 → agentic_stealth_browser-2.4.0}/README.md +41 -11
  4. {agentic_stealth_browser-2.3.0 → agentic_stealth_browser-2.4.0}/agentic_stealth_browser.egg-info/PKG-INFO +42 -12
  5. {agentic_stealth_browser-2.3.0 → agentic_stealth_browser-2.4.0}/agentic_stealth_browser.egg-info/SOURCES.txt +2 -0
  6. {agentic_stealth_browser-2.3.0 → agentic_stealth_browser-2.4.0}/audit/logger.py +0 -6
  7. {agentic_stealth_browser-2.3.0 → agentic_stealth_browser-2.4.0}/core/agent_browser.py +247 -3
  8. {agentic_stealth_browser-2.3.0 → agentic_stealth_browser-2.4.0}/production/hermes_dashboard.py +11 -1
  9. {agentic_stealth_browser-2.3.0 → agentic_stealth_browser-2.4.0}/production/mcp_input_validator.py +13 -0
  10. {agentic_stealth_browser-2.3.0 → agentic_stealth_browser-2.4.0}/production/mcp_server.py +256 -0
  11. {agentic_stealth_browser-2.3.0 → agentic_stealth_browser-2.4.0}/proxy/proxy_manager.py +7 -7
  12. {agentic_stealth_browser-2.3.0 → agentic_stealth_browser-2.4.0}/pyproject.toml +1 -1
  13. {agentic_stealth_browser-2.3.0 → agentic_stealth_browser-2.4.0}/sessions/cookie_manager.py +74 -33
  14. {agentic_stealth_browser-2.3.0 → agentic_stealth_browser-2.4.0}/stealth/presets.py +24 -0
  15. agentic_stealth_browser-2.4.0/tests/test_attach_over_cdp.py +377 -0
  16. {agentic_stealth_browser-2.3.0 → agentic_stealth_browser-2.4.0}/tests/test_cookie_manager_unit.py +10 -10
  17. agentic_stealth_browser-2.4.0/tests/test_mcp_url_safety.py +56 -0
  18. {agentic_stealth_browser-2.3.0 → agentic_stealth_browser-2.4.0}/.env.example +0 -0
  19. {agentic_stealth_browser-2.3.0 → agentic_stealth_browser-2.4.0}/LICENSE +0 -0
  20. {agentic_stealth_browser-2.3.0 → agentic_stealth_browser-2.4.0}/MANIFEST.in +0 -0
  21. {agentic_stealth_browser-2.3.0 → agentic_stealth_browser-2.4.0}/agentic_stealth_browser.egg-info/dependency_links.txt +0 -0
  22. {agentic_stealth_browser-2.3.0 → agentic_stealth_browser-2.4.0}/agentic_stealth_browser.egg-info/entry_points.txt +0 -0
  23. {agentic_stealth_browser-2.3.0 → agentic_stealth_browser-2.4.0}/agentic_stealth_browser.egg-info/requires.txt +0 -0
  24. {agentic_stealth_browser-2.3.0 → agentic_stealth_browser-2.4.0}/agentic_stealth_browser.egg-info/top_level.txt +0 -0
  25. {agentic_stealth_browser-2.3.0 → agentic_stealth_browser-2.4.0}/ai/__init__.py +0 -0
  26. {agentic_stealth_browser-2.3.0 → agentic_stealth_browser-2.4.0}/ai/ai_hooks.py +0 -0
  27. {agentic_stealth_browser-2.3.0 → agentic_stealth_browser-2.4.0}/audit/__init__.py +0 -0
  28. {agentic_stealth_browser-2.3.0 → agentic_stealth_browser-2.4.0}/behavior/__init__.py +0 -0
  29. {agentic_stealth_browser-2.3.0 → agentic_stealth_browser-2.4.0}/behavior/adaptive_tuner.py +0 -0
  30. {agentic_stealth_browser-2.3.0 → agentic_stealth_browser-2.4.0}/behavior/human_behavior.py +0 -0
  31. {agentic_stealth_browser-2.3.0 → agentic_stealth_browser-2.4.0}/behavior/orchestration.py +0 -0
  32. {agentic_stealth_browser-2.3.0 → agentic_stealth_browser-2.4.0}/behavior/persona_rotator.py +0 -0
  33. {agentic_stealth_browser-2.3.0 → agentic_stealth_browser-2.4.0}/core/__init__.py +0 -0
  34. {agentic_stealth_browser-2.3.0 → agentic_stealth_browser-2.4.0}/core/account_health.py +0 -0
  35. {agentic_stealth_browser-2.3.0 → agentic_stealth_browser-2.4.0}/core/account_warming.py +0 -0
  36. {agentic_stealth_browser-2.3.0 → agentic_stealth_browser-2.4.0}/core/connection_pool.py +0 -0
  37. {agentic_stealth_browser-2.3.0 → agentic_stealth_browser-2.4.0}/core/error_messages.py +0 -0
  38. {agentic_stealth_browser-2.3.0 → agentic_stealth_browser-2.4.0}/core/feature_flags.py +0 -0
  39. {agentic_stealth_browser-2.3.0 → agentic_stealth_browser-2.4.0}/core/py.typed +0 -0
  40. {agentic_stealth_browser-2.3.0 → agentic_stealth_browser-2.4.0}/core/session_checkpoint.py +0 -0
  41. {agentic_stealth_browser-2.3.0 → agentic_stealth_browser-2.4.0}/core/types.py +0 -0
  42. {agentic_stealth_browser-2.3.0 → agentic_stealth_browser-2.4.0}/examples/recipes/README.md +0 -0
  43. {agentic_stealth_browser-2.3.0 → agentic_stealth_browser-2.4.0}/examples/recipes/linkedin.md +0 -0
  44. {agentic_stealth_browser-2.3.0 → agentic_stealth_browser-2.4.0}/linkedin/__init__.py +0 -0
  45. {agentic_stealth_browser-2.3.0 → agentic_stealth_browser-2.4.0}/linkedin/actions.py +0 -0
  46. {agentic_stealth_browser-2.3.0 → agentic_stealth_browser-2.4.0}/production/Dockerfile +0 -0
  47. {agentic_stealth_browser-2.3.0 → agentic_stealth_browser-2.4.0}/production/__init__.py +0 -0
  48. {agentic_stealth_browser-2.3.0 → agentic_stealth_browser-2.4.0}/production/approval_gate.py +0 -0
  49. {agentic_stealth_browser-2.3.0 → agentic_stealth_browser-2.4.0}/production/audit_enrichment.py +0 -0
  50. {agentic_stealth_browser-2.3.0 → agentic_stealth_browser-2.4.0}/production/cli.py +0 -0
  51. {agentic_stealth_browser-2.3.0 → agentic_stealth_browser-2.4.0}/production/deprecations.py +0 -0
  52. {agentic_stealth_browser-2.3.0 → agentic_stealth_browser-2.4.0}/production/docker-compose.yml +0 -0
  53. {agentic_stealth_browser-2.3.0 → agentic_stealth_browser-2.4.0}/production/docker-healthcheck.py +0 -0
  54. {agentic_stealth_browser-2.3.0 → agentic_stealth_browser-2.4.0}/production/mcp_session_isolation.py +0 -0
  55. {agentic_stealth_browser-2.3.0 → agentic_stealth_browser-2.4.0}/production/metrics.py +0 -0
  56. {agentic_stealth_browser-2.3.0 → agentic_stealth_browser-2.4.0}/production/otel_export.py +0 -0
  57. {agentic_stealth_browser-2.3.0 → agentic_stealth_browser-2.4.0}/production/policy_engine.py +0 -0
  58. {agentic_stealth_browser-2.3.0 → agentic_stealth_browser-2.4.0}/production/profiler.py +0 -0
  59. {agentic_stealth_browser-2.3.0 → agentic_stealth_browser-2.4.0}/production/rate_limiter.py +0 -0
  60. {agentic_stealth_browser-2.3.0 → agentic_stealth_browser-2.4.0}/production/workflow_orchestrator.py +0 -0
  61. {agentic_stealth_browser-2.3.0 → agentic_stealth_browser-2.4.0}/proxy/__init__.py +0 -0
  62. {agentic_stealth_browser-2.3.0 → agentic_stealth_browser-2.4.0}/recovery/__init__.py +0 -0
  63. {agentic_stealth_browser-2.3.0 → agentic_stealth_browser-2.4.0}/recovery/anti_block_orchestrator.py +0 -0
  64. {agentic_stealth_browser-2.3.0 → agentic_stealth_browser-2.4.0}/recovery/detectors.py +0 -0
  65. {agentic_stealth_browser-2.3.0 → agentic_stealth_browser-2.4.0}/recovery/explain_blocked.py +0 -0
  66. {agentic_stealth_browser-2.3.0 → agentic_stealth_browser-2.4.0}/scraping/__init__.py +0 -0
  67. {agentic_stealth_browser-2.3.0 → agentic_stealth_browser-2.4.0}/scraping/scraper.py +0 -0
  68. {agentic_stealth_browser-2.3.0 → agentic_stealth_browser-2.4.0}/sessions/__init__.py +0 -0
  69. {agentic_stealth_browser-2.3.0 → agentic_stealth_browser-2.4.0}/sessions/session_manager.py +0 -0
  70. {agentic_stealth_browser-2.3.0 → agentic_stealth_browser-2.4.0}/setup.cfg +0 -0
  71. {agentic_stealth_browser-2.3.0 → agentic_stealth_browser-2.4.0}/stealth/__init__.py +0 -0
  72. {agentic_stealth_browser-2.3.0 → agentic_stealth_browser-2.4.0}/stealth/advanced_stealth.py +0 -0
  73. {agentic_stealth_browser-2.3.0 → agentic_stealth_browser-2.4.0}/stealth/cache.py +0 -0
  74. {agentic_stealth_browser-2.3.0 → agentic_stealth_browser-2.4.0}/stealth/firefox_adapter.py +0 -0
  75. {agentic_stealth_browser-2.3.0 → agentic_stealth_browser-2.4.0}/stealth/headers.py +0 -0
  76. {agentic_stealth_browser-2.3.0 → agentic_stealth_browser-2.4.0}/stealth/profiles.py +0 -0
  77. {agentic_stealth_browser-2.3.0 → agentic_stealth_browser-2.4.0}/stealth/tls_fingerprint.py +0 -0
  78. {agentic_stealth_browser-2.3.0 → agentic_stealth_browser-2.4.0}/stealth/tls_ja3_ja4.py +0 -0
  79. {agentic_stealth_browser-2.3.0 → agentic_stealth_browser-2.4.0}/tests/debug_nowsecure.py +0 -0
  80. {agentic_stealth_browser-2.3.0 → agentic_stealth_browser-2.4.0}/tests/detection_check.py +0 -0
  81. {agentic_stealth_browser-2.3.0 → agentic_stealth_browser-2.4.0}/tests/detection_runner.py +0 -0
  82. {agentic_stealth_browser-2.3.0 → agentic_stealth_browser-2.4.0}/tests/fingerprint_scorecard.py +0 -0
  83. {agentic_stealth_browser-2.3.0 → agentic_stealth_browser-2.4.0}/tests/run_detection_tests.py +0 -0
  84. {agentic_stealth_browser-2.3.0 → agentic_stealth_browser-2.4.0}/tests/test_account_health.py +0 -0
  85. {agentic_stealth_browser-2.3.0 → agentic_stealth_browser-2.4.0}/tests/test_account_warming.py +0 -0
  86. {agentic_stealth_browser-2.3.0 → agentic_stealth_browser-2.4.0}/tests/test_adaptive_tuner.py +0 -0
  87. {agentic_stealth_browser-2.3.0 → agentic_stealth_browser-2.4.0}/tests/test_basic.py +0 -0
  88. {agentic_stealth_browser-2.3.0 → agentic_stealth_browser-2.4.0}/tests/test_cdp_snapshots.py +0 -0
  89. {agentic_stealth_browser-2.3.0 → agentic_stealth_browser-2.4.0}/tests/test_connection_pool.py +0 -0
  90. {agentic_stealth_browser-2.3.0 → agentic_stealth_browser-2.4.0}/tests/test_contract_agent_browser.py +0 -0
  91. {agentic_stealth_browser-2.3.0 → agentic_stealth_browser-2.4.0}/tests/test_detectors.py +0 -0
  92. {agentic_stealth_browser-2.3.0 → agentic_stealth_browser-2.4.0}/tests/test_differential.py +0 -0
  93. {agentic_stealth_browser-2.3.0 → agentic_stealth_browser-2.4.0}/tests/test_docker_config.py +0 -0
  94. {agentic_stealth_browser-2.3.0 → agentic_stealth_browser-2.4.0}/tests/test_e2e_anti_block_recovery.py +0 -0
  95. {agentic_stealth_browser-2.3.0 → agentic_stealth_browser-2.4.0}/tests/test_e2e_protected_sites_placeholder.py +0 -0
  96. {agentic_stealth_browser-2.3.0 → agentic_stealth_browser-2.4.0}/tests/test_golden_master.py +0 -0
  97. {agentic_stealth_browser-2.3.0 → agentic_stealth_browser-2.4.0}/tests/test_hermes_dashboard.py +0 -0
  98. {agentic_stealth_browser-2.3.0 → agentic_stealth_browser-2.4.0}/tests/test_human_behavior_fuzz.py +0 -0
  99. {agentic_stealth_browser-2.3.0 → agentic_stealth_browser-2.4.0}/tests/test_integration_modules.py +0 -0
  100. {agentic_stealth_browser-2.3.0 → agentic_stealth_browser-2.4.0}/tests/test_linkedin_actions.py +0 -0
  101. {agentic_stealth_browser-2.3.0 → agentic_stealth_browser-2.4.0}/tests/test_mcp_contract.py +0 -0
  102. {agentic_stealth_browser-2.3.0 → agentic_stealth_browser-2.4.0}/tests/test_mcp_server_runtime.py +0 -0
  103. {agentic_stealth_browser-2.3.0 → agentic_stealth_browser-2.4.0}/tests/test_mcp_stealth_workflows.py +0 -0
  104. {agentic_stealth_browser-2.3.0 → agentic_stealth_browser-2.4.0}/tests/test_metrics_collector_unit.py +0 -0
  105. {agentic_stealth_browser-2.3.0 → agentic_stealth_browser-2.4.0}/tests/test_mutation_stealth.py +0 -0
  106. {agentic_stealth_browser-2.3.0 → agentic_stealth_browser-2.4.0}/tests/test_persona_rotator.py +0 -0
  107. {agentic_stealth_browser-2.3.0 → agentic_stealth_browser-2.4.0}/tests/test_phase7_fixes.py +0 -0
  108. {agentic_stealth_browser-2.3.0 → agentic_stealth_browser-2.4.0}/tests/test_player.py +0 -0
  109. {agentic_stealth_browser-2.3.0 → agentic_stealth_browser-2.4.0}/tests/test_proxy_config_unit.py +0 -0
  110. {agentic_stealth_browser-2.3.0 → agentic_stealth_browser-2.4.0}/tests/test_proxy_manager.py +0 -0
  111. {agentic_stealth_browser-2.3.0 → agentic_stealth_browser-2.4.0}/tests/test_rate_limiter_unit.py +0 -0
  112. {agentic_stealth_browser-2.3.0 → agentic_stealth_browser-2.4.0}/tests/test_recorder.py +0 -0
  113. {agentic_stealth_browser-2.3.0 → agentic_stealth_browser-2.4.0}/tests/test_recovery.py +0 -0
  114. {agentic_stealth_browser-2.3.0 → agentic_stealth_browser-2.4.0}/tests/test_recovery_phase1.py +0 -0
  115. {agentic_stealth_browser-2.3.0 → agentic_stealth_browser-2.4.0}/tests/test_recovery_state_machine.py +0 -0
  116. {agentic_stealth_browser-2.3.0 → agentic_stealth_browser-2.4.0}/tests/test_rehearsal_validation.py +0 -0
  117. {agentic_stealth_browser-2.3.0 → agentic_stealth_browser-2.4.0}/tests/test_selector_auto_heal.py +0 -0
  118. {agentic_stealth_browser-2.3.0 → agentic_stealth_browser-2.4.0}/tests/test_session_checkpoint.py +0 -0
  119. {agentic_stealth_browser-2.3.0 → agentic_stealth_browser-2.4.0}/tests/test_stealth_cache.py +0 -0
  120. {agentic_stealth_browser-2.3.0 → agentic_stealth_browser-2.4.0}/tests/test_stealth_coverage.py +0 -0
  121. {agentic_stealth_browser-2.3.0 → agentic_stealth_browser-2.4.0}/tests/test_stealth_modules.py +0 -0
  122. {agentic_stealth_browser-2.3.0 → agentic_stealth_browser-2.4.0}/tests/test_stress_multi_account.py +0 -0
  123. {agentic_stealth_browser-2.3.0 → agentic_stealth_browser-2.4.0}/tests/test_tls_ja3_ja4.py +0 -0
  124. {agentic_stealth_browser-2.3.0 → agentic_stealth_browser-2.4.0}/tests/test_workflow_orchestrator.py +0 -0
  125. {agentic_stealth_browser-2.3.0 → agentic_stealth_browser-2.4.0}/tests/test_workflow_schema.py +0 -0
  126. {agentic_stealth_browser-2.3.0 → agentic_stealth_browser-2.4.0}/tests/test_workflow_schema_unit.py +0 -0
  127. {agentic_stealth_browser-2.3.0 → agentic_stealth_browser-2.4.0}/tests/test_workflow_versioning.py +0 -0
  128. {agentic_stealth_browser-2.3.0 → agentic_stealth_browser-2.4.0}/workflows/__init__.py +0 -0
  129. {agentic_stealth_browser-2.3.0 → agentic_stealth_browser-2.4.0}/workflows/action_interpreter.py +0 -0
  130. {agentic_stealth_browser-2.3.0 → agentic_stealth_browser-2.4.0}/workflows/player.py +0 -0
  131. {agentic_stealth_browser-2.3.0 → agentic_stealth_browser-2.4.0}/workflows/recorder.py +0 -0
  132. {agentic_stealth_browser-2.3.0 → agentic_stealth_browser-2.4.0}/workflows/recovery.py +0 -0
  133. {agentic_stealth_browser-2.3.0 → agentic_stealth_browser-2.4.0}/workflows/schema.py +0 -0
  134. {agentic_stealth_browser-2.3.0 → agentic_stealth_browser-2.4.0}/workflows/selector_generator.py +0 -0
  135. {agentic_stealth_browser-2.3.0 → agentic_stealth_browser-2.4.0}/workflows/test-echo.yaml +0 -0
  136. {agentic_stealth_browser-2.3.0 → agentic_stealth_browser-2.4.0}/workflows/variable_resolver.py +0 -0
@@ -7,6 +7,52 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
7
7
 
8
8
  ---
9
9
 
10
+ ## [2.4.0] — Attach-Mode Hardening (2026-06-01)
11
+
12
+ ### Fixed
13
+ - **#438** `stealth_attach_over_cdp` loopback gate reused `is_url_safe` — DNS rebinding / hostname→private-IP bypass closed. Replaces string match with full RFC-1918 + link-local + cloud-metadata check. The gate is now a two-layer check: `is_loopback_host` first, then `is_url_safe` only when `allow_remote=true` (so even explicitly-allowed remote hosts can't be RFC-1918 or link-local).
14
+ - **#441** Link-local IPv6 (`fe80::/10`) added to `_BLOCKED_NETWORKS`. Side-effect of #438's refactor — `is_url_safe` now rejects IPv6 link-local the same way it rejects IPv4 `169.254.0.0/16`.
15
+ - **#440** `add_init_script` install failure now surfaces in the return payload as `stealth_applied: false` + `stealth_error: "<ExceptionType>: <message>"`. Previously silent. New `stealth_requested` field distinguishes caller intent from actual install result.
16
+ - **#439** `AgentBrowser.close()` teardown logic now uses a typed `TeardownMode` enum (`LAUNCHED | POOLED | ATTACHED_OWNED_CTX | ATTACHED_ADOPTED_CTX`) instead of 3 scattered `getattr` flag checks. Each branch owns exactly one teardown. Easier to reason about, easier to extend.
17
+
18
+ ### Added
19
+ - **`is_loopback_host(url: str) -> bool`** helper in `production/mcp_server.py` — literal/IP/DNS loopback check. Used by the attach loopback gate.
20
+ - **6 new tests in `tests/test_mcp_url_safety.py`** covering loopback literal, `localhost`, bare `host:port` normalization, RFC-1918 rejection, link-local IPv6 rejection.
21
+ - **4 new tests in `tests/test_attach_over_cdp.py`** covering the two-layer gate (RFC-1918, link-local IPv6, with/without `allow_remote=true`).
22
+ - **4 new tests in `tests/test_attach_over_cdp.py`** for `TeardownMode` enum and stealth-failure surface (monkeypatched `add_init_script` rejection).
23
+
24
+ ### Changed
25
+ - `production/mcp_server.py`: new `is_loopback_host` helper. `_BLOCKED_NETWORKS` extended with `fe80::/10`. `_tool_stealth_attach_over_cdp` rewritten as a two-layer gate.
26
+ - `core/agent_browser.py`: new `TeardownMode` enum. `close()` branches on the enum. `attach_over_cdp` return dict now includes `stealth_requested` and `stealth_error` fields.
27
+ - `pyproject.toml`: `version` bumped 2.3.0 → 2.4.0.
28
+
29
+ ### Test coverage
30
+ - 22/22 pass in `tests/test_attach_over_cdp.py` + `tests/test_mcp_url_safety.py`
31
+ - No new regressions in the unit-test suite (3 pre-existing failures on master — `test_human_behavior_fuzz` MockPage signature mismatch + `test_phase7_fixes` merge conflict — both unrelated to this release)
32
+
33
+ ### Closes
34
+ - #438, #439, #440, #441
35
+
36
+ ---
37
+
38
+ ## [Unreleased]
39
+
40
+ ### Added
41
+ - **`AgentBrowser.attach_over_cdp(cdp_url, ...)`**: connect to an already-running
42
+ browser exposed via Chrome DevTools Protocol (e.g. Chrome launched with
43
+ `--remote-debugging-port=9222`) instead of spawning a new Chromium. Complements
44
+ the existing `debug_cdp=True` launch flag — that one *exposes* an endpoint, this
45
+ one *consumes* one. Primary use case: drive a real desktop browser from a
46
+ different host (WSL → Windows, container → host, dev box → remote display).
47
+ Runtime stealth init scripts (navigator/canvas/WebGL/audio patches) are still
48
+ injected on the chosen context; launch-time stealth (TLS/JA3, regional preset,
49
+ user-data-dir) is unavailable in attach mode and listed in the return payload's
50
+ `degradation` field. `close()` disconnects without terminating the external
51
+ browser. (#attach-cdp)
52
+ - **MCP tool `stealth_attach_over_cdp`**: surfaces `attach_over_cdp` through the
53
+ MCP server. Defaults to loopback-only; non-loopback hosts require explicit
54
+ `allow_remote=true` and raise `MCP_REMOTE_CDP_BLOCKED` otherwise. (#attach-cdp)
55
+
10
56
  ## [2.3.0] — Show HN & Community Launch (2026-05-28)
11
57
 
12
58
  ### Added
@@ -1,6 +1,6 @@
1
1
  Metadata-Version: 2.4
2
2
  Name: agentic-stealth-browser
3
- Version: 2.3.0
3
+ Version: 2.4.0
4
4
  Summary: Production-grade, human-mimicking browser automation framework for autonomous agents. Survives modern anti-bot systems.
5
5
  Author-email: Shane W <shanewas@users.noreply.github.com>
6
6
  License-Expression: MIT
@@ -45,7 +45,8 @@ Dynamic: license-file
45
45
  [![License: MIT](https://img.shields.io/badge/License-MIT-blue.svg)](LICENSE)
46
46
  [![Python 3.11+](https://img.shields.io/badge/python-3.11+-blue.svg)](https://www.python.org/downloads/)
47
47
  [![PyPI](https://img.shields.io/pypi/v/agentic-stealth-browser.svg)](https://pypi.org/project/agentic-stealth-browser/)
48
- [![Tests](https://img.shields.io/badge/tests-880%2B%20passing-brightgreen)](tests/)
48
+ [![Tests](https://img.shields.io/badge/tests-890%2B%20passing-brightgreen)](tests/)
49
+ [![GitHub Stars](https://img.shields.io/github/stars/shanewas/agentic-stealth-browser?style=flat&logo=github)](https://github.com/shanewas/agentic-stealth-browser)
49
50
  [![Buy Me A Coffee](https://img.shields.io/badge/Buy%20Me%20A%20Coffee-support-ffdd00?logo=buy-me-a-coffee&logoColor=black)](https://buymeacoffee.com/shanewas)
50
51
 
51
52
  <p align="center">
@@ -129,6 +130,25 @@ async with AgentBrowser(
129
130
 
130
131
  Then: `stealth_launch` → `stealth_navigate` → `stealth_scrape` → `stealth_close`.
131
132
 
133
+ ### Attach to an existing browser (WSL → Windows, container → host)
134
+
135
+ Instead of launching a new Chromium, you can attach to a Chrome you already
136
+ have running with `--remote-debugging-port=9222`:
137
+
138
+ ```python
139
+ async with AgentBrowser(session_name="attached") as browser:
140
+ await browser.attach_over_cdp(
141
+ "http://127.0.0.1:9222", # or the Windows host IP from WSL
142
+ new_context=True, # don't disturb the user's tabs
143
+ )
144
+ await browser.safe_goto("https://bot.sannysoft.com")
145
+ # close() will NOT terminate the external browser
146
+ ```
147
+
148
+ See [docs/ATTACH_OVER_CDP.md](docs/ATTACH_OVER_CDP.md) for the WSL→Windows
149
+ walkthrough, the MCP `stealth_attach_over_cdp` tool, and the stealth
150
+ degradation matrix (init-script stealth still applies; TLS/JA3 does not).
151
+
132
152
  ---
133
153
 
134
154
  ## Key Features
@@ -150,18 +170,28 @@ Then: `stealth_launch` → `stealth_navigate` → `stealth_scrape` → `stealth_
150
170
 
151
171
  ---
152
172
 
173
+ ## New in v2.3.0
174
+
175
+ - **Show HN launch** — README overhaul, demo GIF, streamlined community onboarding
176
+ - **Buy Me A Coffee** — sponsor the project directly
177
+ - **PID tracking** — `AgentBrowser._browser_process` for external process monitoring
178
+ - **PyPI publish automation** — OIDC trusted publishing on every release tag
179
+
180
+ See [CHANGELOG.md](CHANGELOG.md) for the full release history.
181
+
182
+ ---
183
+
153
184
  ## Full Documentation
154
185
 
155
- - **Workflow System** — record real browser actions via CDP, replay as YAML (13 step types)
156
- - **Operator Dashboard** — Grok/X-inspired dark UI, live browser view, CAPTCHA solving, workflow recording
157
- - **Orchestrator** — queue, schedule, chain workflows with domain-aware concurrency
158
- - **Security** — input validation, session isolation, policy engine, approval gates
159
- - **SDK** — `StealthClient` async API without MCP
160
- - **Plugins** — lifecycle hooks for custom behavior
161
- - **VPS Deployment** — systemd, Caddy reverse proxy, Cloudflare Tunnel patterns
162
- - **Migration v1 → v2** — deprecation shims, migration guide, script
186
+ - **[Operator Dashboard](production/hermes_dashboard.py)** — Grok/X-inspired dark UI, live browser view, CAPTCHA solving, workflow recording
187
+ - **[Workflow Orchestrator](production/workflow_orchestrator.py)** — queue, schedule, chain workflows with domain-aware concurrency
188
+ - **[Security](production/)** — input validation, session isolation, policy engine, approval gates
189
+ - **[SDK](production/sdk/)** — `StealthClient` async API without MCP
190
+ - **[Plugins](plugins/)** — lifecycle hooks for custom behavior
191
+ - **[VPS Deployment](scripts/setup_rbb.sh)** — systemd, Caddy reverse proxy, Cloudflare Tunnel patterns
192
+ - **[Migration v1 → v2](scripts/migrate_v1_to_v2.py)** — deprecation shims, migration guide, script
163
193
 
164
- See sections below for each topic. For release history: [CHANGELOG.md](CHANGELOG.md).
194
+ Additional references: [CHANGELOG.md](CHANGELOG.md) · [Workflow Library](workflows/library/) · [Migration Guide](scripts/migrate_v1_to_v2.py)
165
195
 
166
196
  ---
167
197
 
@@ -176,7 +206,7 @@ See sections below for each topic. For release history: [CHANGELOG.md](CHANGELOG
176
206
  ├── production/ MCP server, SDK, orchestrator, security, profiler
177
207
  ├── plugins/ Plugin system with template
178
208
  ├── scripts/ Migration, evaluation, benchmarking
179
- └── tests/ 880+ contract + integration tests
209
+ └── tests/ 890+ contract + integration tests
180
210
  ```
181
211
 
182
212
  ## License
@@ -6,7 +6,8 @@
6
6
  [![License: MIT](https://img.shields.io/badge/License-MIT-blue.svg)](LICENSE)
7
7
  [![Python 3.11+](https://img.shields.io/badge/python-3.11+-blue.svg)](https://www.python.org/downloads/)
8
8
  [![PyPI](https://img.shields.io/pypi/v/agentic-stealth-browser.svg)](https://pypi.org/project/agentic-stealth-browser/)
9
- [![Tests](https://img.shields.io/badge/tests-880%2B%20passing-brightgreen)](tests/)
9
+ [![Tests](https://img.shields.io/badge/tests-890%2B%20passing-brightgreen)](tests/)
10
+ [![GitHub Stars](https://img.shields.io/github/stars/shanewas/agentic-stealth-browser?style=flat&logo=github)](https://github.com/shanewas/agentic-stealth-browser)
10
11
  [![Buy Me A Coffee](https://img.shields.io/badge/Buy%20Me%20A%20Coffee-support-ffdd00?logo=buy-me-a-coffee&logoColor=black)](https://buymeacoffee.com/shanewas)
11
12
 
12
13
  <p align="center">
@@ -90,6 +91,25 @@ async with AgentBrowser(
90
91
 
91
92
  Then: `stealth_launch` → `stealth_navigate` → `stealth_scrape` → `stealth_close`.
92
93
 
94
+ ### Attach to an existing browser (WSL → Windows, container → host)
95
+
96
+ Instead of launching a new Chromium, you can attach to a Chrome you already
97
+ have running with `--remote-debugging-port=9222`:
98
+
99
+ ```python
100
+ async with AgentBrowser(session_name="attached") as browser:
101
+ await browser.attach_over_cdp(
102
+ "http://127.0.0.1:9222", # or the Windows host IP from WSL
103
+ new_context=True, # don't disturb the user's tabs
104
+ )
105
+ await browser.safe_goto("https://bot.sannysoft.com")
106
+ # close() will NOT terminate the external browser
107
+ ```
108
+
109
+ See [docs/ATTACH_OVER_CDP.md](docs/ATTACH_OVER_CDP.md) for the WSL→Windows
110
+ walkthrough, the MCP `stealth_attach_over_cdp` tool, and the stealth
111
+ degradation matrix (init-script stealth still applies; TLS/JA3 does not).
112
+
93
113
  ---
94
114
 
95
115
  ## Key Features
@@ -111,18 +131,28 @@ Then: `stealth_launch` → `stealth_navigate` → `stealth_scrape` → `stealth_
111
131
 
112
132
  ---
113
133
 
134
+ ## New in v2.3.0
135
+
136
+ - **Show HN launch** — README overhaul, demo GIF, streamlined community onboarding
137
+ - **Buy Me A Coffee** — sponsor the project directly
138
+ - **PID tracking** — `AgentBrowser._browser_process` for external process monitoring
139
+ - **PyPI publish automation** — OIDC trusted publishing on every release tag
140
+
141
+ See [CHANGELOG.md](CHANGELOG.md) for the full release history.
142
+
143
+ ---
144
+
114
145
  ## Full Documentation
115
146
 
116
- - **Workflow System** — record real browser actions via CDP, replay as YAML (13 step types)
117
- - **Operator Dashboard** — Grok/X-inspired dark UI, live browser view, CAPTCHA solving, workflow recording
118
- - **Orchestrator** — queue, schedule, chain workflows with domain-aware concurrency
119
- - **Security** — input validation, session isolation, policy engine, approval gates
120
- - **SDK** — `StealthClient` async API without MCP
121
- - **Plugins** — lifecycle hooks for custom behavior
122
- - **VPS Deployment** — systemd, Caddy reverse proxy, Cloudflare Tunnel patterns
123
- - **Migration v1 → v2** — deprecation shims, migration guide, script
147
+ - **[Operator Dashboard](production/hermes_dashboard.py)** — Grok/X-inspired dark UI, live browser view, CAPTCHA solving, workflow recording
148
+ - **[Workflow Orchestrator](production/workflow_orchestrator.py)** — queue, schedule, chain workflows with domain-aware concurrency
149
+ - **[Security](production/)** — input validation, session isolation, policy engine, approval gates
150
+ - **[SDK](production/sdk/)** — `StealthClient` async API without MCP
151
+ - **[Plugins](plugins/)** — lifecycle hooks for custom behavior
152
+ - **[VPS Deployment](scripts/setup_rbb.sh)** — systemd, Caddy reverse proxy, Cloudflare Tunnel patterns
153
+ - **[Migration v1 → v2](scripts/migrate_v1_to_v2.py)** — deprecation shims, migration guide, script
124
154
 
125
- See sections below for each topic. For release history: [CHANGELOG.md](CHANGELOG.md).
155
+ Additional references: [CHANGELOG.md](CHANGELOG.md) · [Workflow Library](workflows/library/) · [Migration Guide](scripts/migrate_v1_to_v2.py)
126
156
 
127
157
  ---
128
158
 
@@ -137,7 +167,7 @@ See sections below for each topic. For release history: [CHANGELOG.md](CHANGELOG
137
167
  ├── production/ MCP server, SDK, orchestrator, security, profiler
138
168
  ├── plugins/ Plugin system with template
139
169
  ├── scripts/ Migration, evaluation, benchmarking
140
- └── tests/ 880+ contract + integration tests
170
+ └── tests/ 890+ contract + integration tests
141
171
  ```
142
172
 
143
173
  ## License
@@ -1,6 +1,6 @@
1
1
  Metadata-Version: 2.4
2
2
  Name: agentic-stealth-browser
3
- Version: 2.3.0
3
+ Version: 2.4.0
4
4
  Summary: Production-grade, human-mimicking browser automation framework for autonomous agents. Survives modern anti-bot systems.
5
5
  Author-email: Shane W <shanewas@users.noreply.github.com>
6
6
  License-Expression: MIT
@@ -45,7 +45,8 @@ Dynamic: license-file
45
45
  [![License: MIT](https://img.shields.io/badge/License-MIT-blue.svg)](LICENSE)
46
46
  [![Python 3.11+](https://img.shields.io/badge/python-3.11+-blue.svg)](https://www.python.org/downloads/)
47
47
  [![PyPI](https://img.shields.io/pypi/v/agentic-stealth-browser.svg)](https://pypi.org/project/agentic-stealth-browser/)
48
- [![Tests](https://img.shields.io/badge/tests-880%2B%20passing-brightgreen)](tests/)
48
+ [![Tests](https://img.shields.io/badge/tests-890%2B%20passing-brightgreen)](tests/)
49
+ [![GitHub Stars](https://img.shields.io/github/stars/shanewas/agentic-stealth-browser?style=flat&logo=github)](https://github.com/shanewas/agentic-stealth-browser)
49
50
  [![Buy Me A Coffee](https://img.shields.io/badge/Buy%20Me%20A%20Coffee-support-ffdd00?logo=buy-me-a-coffee&logoColor=black)](https://buymeacoffee.com/shanewas)
50
51
 
51
52
  <p align="center">
@@ -129,6 +130,25 @@ async with AgentBrowser(
129
130
 
130
131
  Then: `stealth_launch` → `stealth_navigate` → `stealth_scrape` → `stealth_close`.
131
132
 
133
+ ### Attach to an existing browser (WSL → Windows, container → host)
134
+
135
+ Instead of launching a new Chromium, you can attach to a Chrome you already
136
+ have running with `--remote-debugging-port=9222`:
137
+
138
+ ```python
139
+ async with AgentBrowser(session_name="attached") as browser:
140
+ await browser.attach_over_cdp(
141
+ "http://127.0.0.1:9222", # or the Windows host IP from WSL
142
+ new_context=True, # don't disturb the user's tabs
143
+ )
144
+ await browser.safe_goto("https://bot.sannysoft.com")
145
+ # close() will NOT terminate the external browser
146
+ ```
147
+
148
+ See [docs/ATTACH_OVER_CDP.md](docs/ATTACH_OVER_CDP.md) for the WSL→Windows
149
+ walkthrough, the MCP `stealth_attach_over_cdp` tool, and the stealth
150
+ degradation matrix (init-script stealth still applies; TLS/JA3 does not).
151
+
132
152
  ---
133
153
 
134
154
  ## Key Features
@@ -150,18 +170,28 @@ Then: `stealth_launch` → `stealth_navigate` → `stealth_scrape` → `stealth_
150
170
 
151
171
  ---
152
172
 
173
+ ## New in v2.3.0
174
+
175
+ - **Show HN launch** — README overhaul, demo GIF, streamlined community onboarding
176
+ - **Buy Me A Coffee** — sponsor the project directly
177
+ - **PID tracking** — `AgentBrowser._browser_process` for external process monitoring
178
+ - **PyPI publish automation** — OIDC trusted publishing on every release tag
179
+
180
+ See [CHANGELOG.md](CHANGELOG.md) for the full release history.
181
+
182
+ ---
183
+
153
184
  ## Full Documentation
154
185
 
155
- - **Workflow System** — record real browser actions via CDP, replay as YAML (13 step types)
156
- - **Operator Dashboard** — Grok/X-inspired dark UI, live browser view, CAPTCHA solving, workflow recording
157
- - **Orchestrator** — queue, schedule, chain workflows with domain-aware concurrency
158
- - **Security** — input validation, session isolation, policy engine, approval gates
159
- - **SDK** — `StealthClient` async API without MCP
160
- - **Plugins** — lifecycle hooks for custom behavior
161
- - **VPS Deployment** — systemd, Caddy reverse proxy, Cloudflare Tunnel patterns
162
- - **Migration v1 → v2** — deprecation shims, migration guide, script
186
+ - **[Operator Dashboard](production/hermes_dashboard.py)** — Grok/X-inspired dark UI, live browser view, CAPTCHA solving, workflow recording
187
+ - **[Workflow Orchestrator](production/workflow_orchestrator.py)** — queue, schedule, chain workflows with domain-aware concurrency
188
+ - **[Security](production/)** — input validation, session isolation, policy engine, approval gates
189
+ - **[SDK](production/sdk/)** — `StealthClient` async API without MCP
190
+ - **[Plugins](plugins/)** — lifecycle hooks for custom behavior
191
+ - **[VPS Deployment](scripts/setup_rbb.sh)** — systemd, Caddy reverse proxy, Cloudflare Tunnel patterns
192
+ - **[Migration v1 → v2](scripts/migrate_v1_to_v2.py)** — deprecation shims, migration guide, script
163
193
 
164
- See sections below for each topic. For release history: [CHANGELOG.md](CHANGELOG.md).
194
+ Additional references: [CHANGELOG.md](CHANGELOG.md) · [Workflow Library](workflows/library/) · [Migration Guide](scripts/migrate_v1_to_v2.py)
165
195
 
166
196
  ---
167
197
 
@@ -176,7 +206,7 @@ See sections below for each topic. For release history: [CHANGELOG.md](CHANGELOG
176
206
  ├── production/ MCP server, SDK, orchestrator, security, profiler
177
207
  ├── plugins/ Plugin system with template
178
208
  ├── scripts/ Migration, evaluation, benchmarking
179
- └── tests/ 880+ contract + integration tests
209
+ └── tests/ 890+ contract + integration tests
180
210
  ```
181
211
 
182
212
  ## License
@@ -79,6 +79,7 @@ tests/run_detection_tests.py
79
79
  tests/test_account_health.py
80
80
  tests/test_account_warming.py
81
81
  tests/test_adaptive_tuner.py
82
+ tests/test_attach_over_cdp.py
82
83
  tests/test_basic.py
83
84
  tests/test_cdp_snapshots.py
84
85
  tests/test_connection_pool.py
@@ -97,6 +98,7 @@ tests/test_linkedin_actions.py
97
98
  tests/test_mcp_contract.py
98
99
  tests/test_mcp_server_runtime.py
99
100
  tests/test_mcp_stealth_workflows.py
101
+ tests/test_mcp_url_safety.py
100
102
  tests/test_metrics_collector_unit.py
101
103
  tests/test_mutation_stealth.py
102
104
  tests/test_persona_rotator.py
@@ -215,12 +215,6 @@ class AuditLogger:
215
215
  Redaction is mandatory by default (opt-in to disable via AGENTIC_STEALTH_NO_REDACT
216
216
  env var, intended ONLY for local debugging).
217
217
  """
218
- if os.getenv("AGENTIC_STEALTH_NO_REDACT", "").strip().lower() in (
219
- "1",
220
- "true",
221
- "yes",
222
- ):
223
- return details if isinstance(details, dict) else details
224
218
  SENSITIVE_KEYS = frozenset(
225
219
  [
226
220
  "password",