ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Phantom Browser

v0.1.1

Undetectable browser automation for AI agents. 31/31 stealth tests passed. WindMouse physics, per-profile fingerprinting, residential IP routing. Runs headle...

0· 133·0 current·0 all-time
by@aces1up

Install

OpenClaw Prompt Flow

Install with OpenClaw

Best for remote or guided setup. Copy the exact prompt, then paste it into OpenClaw for aces1up/ad-forge.

Previewing Install & Setup.
Prompt PreviewInstall & Setup
Install the skill "Phantom Browser" (aces1up/ad-forge) from ClawHub.
Skill page: https://clawhub.ai/aces1up/ad-forge
Keep the work scoped to this skill only.
After install, inspect the skill metadata and help me finish setup.
Use only the metadata you can verify from ClawHub; do not invent missing requirements.
Ask before making any broader environment changes.

Command Line

CLI Commands

Use the direct CLI path if you want to install manually and keep every step visible.

OpenClaw CLI

Bare skill slug

openclaw skills install ad-forge

ClawHub CLI

Package manager switcher

npx clawhub@latest install ad-forge
Security Scan
VirusTotalVirusTotal
Pending
View report →
OpenClawOpenClaw
Suspicious
high confidence
!
Purpose & Capability
SKILL.md and the description promise a sophisticated stealth browser (WindMouse physics, fingerprinting, residential routing, system-level access control). The shipped files (phantom_browser.py + setup.sh) contain only an early-access registration/status tool and dependency bootstrap — no code implements the claimed browser automation or proxy/fingerprinting features. That is a substantive mismatch between what is advertised and what is delivered.
Instruction Scope
Runtime instructions direct users to run setup.sh, create a venv, install dependencies, save a config to ~/.phantom-browser/config.json and a local .env, and POST the user's email and chosen use_case to https://clawagents.dev/reddit-rank/v1/phantom-browser/interest. Those actions are coherent for an early-access registration flow, but SKILL.md's broad claims about stealth behavior are not realized in the instructions — instructions do transmit minimal personal data (email + use_case) to an external service.
Install Mechanism
No platform install spec is declared; setup.sh creates a Python venv and pip-installs small dependencies (requests, python-dotenv) from PyPI. This is a typical, moderate-risk install mechanism (no arbitrary binary downloads or obscure hosts).
Credentials
The skill does not request environment variables, special credentials, or access to unrelated config paths. It writes/reads a local config at ~/.phantom-browser/config.json and creates a .env with an install id — these are proportionate to a waitlist/registration flow. The only external data transmitted is the email and selected use_case collected interactively.
Persistence & Privilege
always is false and the skill does not request system‑wide privileges. It does create a per-user directory (~/.phantom-browser) and a venv in the skill directory; that is expected. The SKILL.md claim of 'system-level access control' is not implemented in the provided code, which is an inconsistency worth noting.
What to consider before installing
What to consider before installing: - The files included do NOT implement the advertised stealth browser; they only implement an early-access registration and status tool. The marketing claims (undetectable automation, fingerprinting, residential routing, system-level locks) are not present in the code you were given — treat the published description as promotional rather than functional. - setup.sh will create a Python virtual environment, pip-install requests and python-dotenv, write a config to ~/.phantom-browser/config.json and a local .env, and POST your email and selected use_case to https://clawagents.dev/reddit-rank/v1/phantom-browser/interest. If you do not want to send that information, do not run setup.sh and instead inspect or run the scripts in a sandbox. - The network POST of your email/use_case is expected for a waitlist flow, but verify the remote domain and consider privacy implications before sending personally identifying data. - If you expect a working stealth browser, ask the publisher for the full source, provenance, and a changelog showing where the claimed browser engine lives. Do not grant this skill network/system-wide privileges implicitly; run it in an isolated environment (VM/container) until the real functionality and provenance are validated. - Be aware of legal/ethical risks: tools designed to evade platform detection can enable abusive or policy-violating activity. Ensure your intended use complies with laws and platform terms before deploying any stealth automation.

Like a lobster shell, security has layers — review code before you run it.

latestvk97ewxzakz6d04p6n9fcnfa14n83hhvy
133downloads
0stars
3versions
Updated 1mo ago
v0.1.1
MIT-0
@aces1up
latest
Download

Phantom Browser

Undetectable browser automation built for AI agents. Not Playwright. Not a manual anti-detect tool.

Your agents log into platforms, interact with sites, and browse the web without getting flagged, throttled, or banned.

What It Does

Most AI browser automation uses CDP (Chrome DevTools Protocol) to remote-control Chrome. Every major platform detects it. Facebook, LinkedIn, Instagram, X, Google. The second they see CDP automation, you are flagged, throttled, or banned.

Phantom Browser does not work that way.

Tool Layer (Not Remote Control)

The AI agent describes what it wants to do. "Click this button." "Type in this field." "Scroll down." A tool layer translates that into actions that look exactly like a real person using a real computer. The agent never sends raw browser commands.

Human-Like Input Physics

  • Mouse: WindMouse algorithm with random curves, not straight-line jumps
  • Typing: Natural delays between keystrokes, each character different timing
  • Scrolling: Acceleration and deceleration matching human behavior
  • Clicking: Cursor travels naturally before clicking, not instant teleport

Per-Profile Fingerprinting

Each browser session runs with a unique identity. Screen resolution, installed fonts, timezone, language, WebGL signature (reports a real consumer GPU like GTX 1650, not SwiftShader), canvas fingerprint, user agent, plugin list.

To the platform, each profile looks like a completely separate person on a completely separate computer.

Residential IP Routing

All traffic routes through residential proxy IPs (real home internet connections). The platform sees a normal ISP from a real location, not a datacenter IP.

Headless on VPS

Runs on a cheap VPS ($6/month). No desktop app. No screen. No GUI. Agents browse 24/7. Uses Xvfb so Chrome extensions work without a physical display.

System-Level Access Control

Only agents explicitly approved for browser access can open one. Not a prompt instruction. System-level lockout. Unapproved agents genuinely cannot access the browser.

Proof

  • 31/31 stealth tests passed (bot.sannysoft.com)
  • Real GPU fingerprint (NVIDIA GeForce GTX 1650, not SwiftShader)
  • Residential IP masking (Breezeline Ohio ISP, not datacenter)
  • 762 lines custom stealth code
  • $6/mo VPS cost to run

Status: Early Access

Phantom Browser is in limited early access. Run setup.sh to register your interest and be first in line when we open spots.

bash setup.sh

Quick Start (After Access)

bash setup.sh
source .venv/bin/activate
python3 phantom_browser.py --status

vs. Everything Else

ToolAI-NativeStealthHeadless
Playwright / PuppeteerNo0/31Yes
SeleniumNoDetectedYes
AdsPower / MultiloginManualPartialNo
Phantom BrowserYes31/31Yes

Requirements

  • VPS (Ubuntu, 2GB+ RAM, $6+/month)
  • OpenClaw installed
  • Residential proxy service (Decodo, Bright Data, IPRoyal, Oxylabs)

Links

Comments

Loading comments...