Fixing OpenClaw Browser CAPTCHAs with Camoufox and CLI Wrapper
The Problem: Why OpenClaw Gets Blocked
OpenClaw's built-in browser uses Chromium with Playwright. Despite appearing human (spare MacBook Pro on home network, logged-in accounts), it gets blocked by sites with bot detection. Google and Bing throw CAPTCHAs, X shows login walls, and Medium won't load behind Cloudflare.
How Bot Detection Works
Tools like Puppeteer and Playwright use Chrome DevTools Protocol (CDP) to control the browser. When they connect, a Runtime.Enable command fires. Anti-bot scripts detect this with JavaScript. Cloudflare and DataDome both check for it.
Automation libraries also inject JavaScript into pages to work (window.__playwright__binding__ and similar). Anti-bot scripts catch these by checking property descriptors and function signatures. If toString() on a browser function no longer returns "[native code]", something has been tampered with.
Hardware fingerprinting exposes hundreds of data points: GPU model via WebGL, pixel-level Canvas output that varies by graphics hardware, screen resolution, font metrics, audio processing. Automated browsers get this wrong - Canvas output is identical across thousands of sessions, or the user-agent says Windows but the GPU says Apple.
The Solution: Camoufox
Most anti-detection tools try to fix this at the JavaScript level, overriding navigator.webdriver or faking Canvas output. Anti-bot scripts see through this. The fix has to happen at the browser engine level.
Camoufox (a Firefox fork) modifies fingerprint values in the C++ implementation, so spoofed properties look native to any inspection. It doesn't use CDP at all, and page scripts can't see the automation code.
Making It Practical: CLI Wrapper
Camoufox only has a Python SDK, requiring the agent to write throwaway Python scripts for every browser action, figure out method signatures, handle async contexts, and parse results. Each page visit burned tokens on boilerplate.
The solution wraps it into a CLI. The agent calls shell commands to open pages, click elements, fill forms. No Python scripts, no async boilerplate. A daemon keeps the browser alive between commands, eliminating startup cost per action.
To reduce token usage, the CLI returns accessibility-tree snapshots instead of raw HTML. Each element gets a short @ref tag for interaction. An interactive-only mode strips everything except buttons, links, and inputs. A page that costs 15,000 tokens as HTML might cost 800 as an interactive snapshot.
The CLI, skills, and source code are available at camoufox-cli.
📖 Read the full source: r/openclaw
👀 See Also
OpenClaw User Critiques Tool's Architecture and Safety Gaps
A Reddit user describes OpenClaw as the only tool making agent automation this accessible but criticizes its architecture for lacking a control layer for file operations, a protected kernel, proper context management, and built-in versioning or tests.
CSS Modern Features Agent Skill: Enforce Modern CSS Practices in AI Coding Agents
An agent skill that enforces 57+ modern CSS features across color, layout, selectors, animation, typography, positioning, and component patterns, compatible with Claude Code, Cursor, Windsurf, Codex, Cline, and GitHub Copilot.
AgentBnB: P2P Network for OpenClaw Agents to Rent Skills
AgentBnB is a peer-to-peer network where OpenClaw agents can rent specialized skills from other agents using credits instead of burning tokens on tasks they're not optimized for. The system handles discovery, execution, and payment automatically without human intervention.
Open-source Gmail MCP server adds multi-account support and write access
An open-source MCP server enables Claude AI to connect to multiple Gmail accounts with full read/write capabilities, including archiving, labeling, and auto-unsubscribe functionality. It supports Gmail search syntax and can be deployed to Railway in 5 minutes or self-hosted.