惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

Threat Intelligence Blog | Flashpoint
Threat Intelligence Blog | Flashpoint
量子位
M
MIT News - Artificial intelligence
Y
Y Combinator Blog
钛媒体:引领未来商业与生活新知
钛媒体:引领未来商业与生活新知
Google DeepMind News
Google DeepMind News
Hugging Face - Blog
Hugging Face - Blog
博客园_首页
雷峰网
雷峰网
I
InfoQ
罗磊的独立博客
博客园 - 聂微东
酷 壳 – CoolShell
酷 壳 – CoolShell
大猫的无限游戏
大猫的无限游戏
D
Docker
H
Hackread – Cybersecurity News, Data Breaches, AI and More
腾讯CDC
博客园 - 三生石上(FineUI控件)
The GitHub Blog
The GitHub Blog
K
Kaspersky official blog
P
Privacy & Cybersecurity Law Blog
S
SegmentFault 最新的问题
T
Threat Research - Cisco Blogs
H
Help Net Security
小众软件
小众软件
Cyber Security Advisories - MS-ISAC
Cyber Security Advisories - MS-ISAC
C
CERT Recently Published Vulnerability Notes
WordPress大学
WordPress大学
T
Tenable Blog
T
The Blog of Author Tim Ferriss
C
Cisco Blogs
Simon Willison's Weblog
Simon Willison's Weblog
博客园 - Franky
A
Arctic Wolf
T
Threatpost
Scott Helme
Scott Helme
C
Cybersecurity and Infrastructure Security Agency CISA
D
Darknet – Hacking Tools, Hacker News & Cyber Security
T
The Exploit Database - CXSecurity.com
G
GRAHAM CLULEY
Security Latest
Security Latest
Spread Privacy
Spread Privacy
L
LINUX DO - 热门话题
V
Vulnerabilities – Threatpost
P
Privacy International News Feed
S
Schneier on Security
Latest news
Latest news
cs.CL updates on arXiv.org
cs.CL updates on arXiv.org
C
Cyber Attacks, Cyber Crime and Cyber Security
C
CXSECURITY Database RSS Feed - CXSecurity.com

Hacker News

Introducing Claude Opus 4.7 Qwen Studio The Future of Everything is Lies, I Guess: Where Do We Go From Here? GitHub - SeanFDZ/macmind: Single-layer transformer in HyperTalk for the classic Macintosh Show HN: Agent-cache – Multi-tier LLM/tool/session caching for Valkey and Redis Moving a large-scale metrics pipeline from StatsD to OpenTelemetry / Prometheus GitHub - Nightmare-Eclipse/RedSun: The Red Sun vulnerability repository GitHub - SethPyle376/hiraeth: Local AWS emulator focused on fast integration testing, with SQS support, SQLite-backed state, and a debug-friendly web UI. GitHub - macOS26/Agent: Any AI, replaces Claude Code, Cursor, OpenClaw. Over 18 LLM providers (Claude, OpenAI, Gemini, Ollama, Zai, HF, Qwen) wired into a native Mac app that writes code, builds Xcode projects, bumps versions, manages git, automates Safari, use AppleScript, JS or Accessibility, extend Agent! w/ MCP Servers, run tasks from your iPhone via Messages. YouTube now lets you turn off Shorts I Made a Terminal Pager Burgers | マクドナルド公式 Commands — HackerNews CLI documentation ChatGPT for Excel PiCore - Raspberry Pi Port of Tiny Core Linux Live Nation illegally monopolized ticketing market, jury finds Google Broke Its Promise to Me. Now ICE Has My Data. Founding Engineer at Adaptional | Y Combinator CRISPR takes important step toward silencing Down syndrome’s extra chromosome GitHub - saffron-health/libretto: The AI toolkit for building reliable browser automations US v. Heppner (S.D.N.Y. 2026) no attorney-client privilege for AI chats [pdf] Unexpected €54k billing spike in 13 hours: Firebase browser key without API restrictions used for Gemini requests Retrofitting JIT Compilers into C Interpreters IPv6 – Google The Accursèd Alphabetical Clock Cybersecurity Looks Like Proof of Work Now Fragments: April 14 Cal.com Goes Closed Source: Why AI Security Is Forcing Our Decision | Cal.com - Scheduling Software for Online Bookings Laravel raised money and now injects ads directly into your agent When moving fast, talking is the first thing to break Too much Discussion of the XOR swap trick – Heather Cafe Introduction to Spherical Harmonics for Graphics Programmers The Grand Line Building a Z-Machine in the worst possible language High-Level Rust: Getting 80% of the Benefits with 20% of the Pain GitHub - duguyue100/midnight-captain: Inspired by Midnight Commander, tailored to my taste. How to build a `git diff` driver · Jamie Tanna | Software Engineer Center for Responsible, Decentralized Intelligence at Berkeley The Local Universe’s Expansion Rate Is Clearer Than Ever, but Still Doesn’t Add Up - A new synthesis of astronomical measurements confirms a persistent mismatch that could point to physics beyond current models The air throughout our homes is infused with microplastics. But there are things you can do to breathe less of them The disturbing white paper Red Hat is trying to erase from the internet – OSnews The Future of Everything is Lies, I Guess: Annoyances ‘Abhorrent’: the inside story of the Polymarket gamblers betting millions on war Productive procrastination — Max van IJsselmuiden maps, territory and LMs 447 Terabytes per Square Centimetre at Zero Retention Energy: Non-Volatile Memory at the Atomic Scale on Fluorographane Show HN: Pardonned.com – A searchable database of US Pardons 20 Years on AWS and Never Not My Job The Seasons are Wrong Artemis II crew splashes down near San Diego after historic moon mission We gave an AI a 3 year retail lease in SF and asked it to make a profit | Andon Labs How a dancer with ALS used brainwaves to perform live On filing the corners off my MacBooks Installing every* Firefox extension OpenClaw’s memory is unreliable, and you don’t know when it will break Steve Blank Nowhere Is Safe Chimpanzees in Uganda locked in vicious 'civil war', say researchers watgo - a WebAssembly Toolkit for Go linux/Documentation/process/coding-assistants.rst at master · torvalds/linux GitHub - callumlocke/json-formatter: Makes JSON easy to read. Founding Product Engineer at Bild AI | Y Combinator A compelling title that is cryptic enough to get you to take action on it GitHub - Keychron/Keychron-Keyboards-Hardware-Design: Industrial design files for Keychron keyboards and mice. 100+ models with CAD assets in STEP, DXF, DWG, and PDF. Source-available, with commercial use allowed for original compatible accessories within the license terms. [ANNOUNCE] WireGuardNT v0.11 and WireGuard for Windows v0.6 Released 1D-Chess Helium Is Hard to Replace Cooperative Vectors Introduction | Evolve Keeping a Postgres queue healthy — PlanetScale Our response to the Axios developer tool compromise Do Americans read print books, e-books or audiobooks more? The Zettelkasten Method in Obsidian: A Practical Setup Guide Artemis II Is Competency Porn and We Are Starving For It WeakC4 Flight Viz — Cockpit View A Mexican surveillance giant you’ve never heard of is now watching the U.S. border Surelock: Deadlock-Free Mutexes for Rust RISC-V 101 – what is it and what does it mean for Canonical? | Ubuntu The Problem That Built an Industry How Much Linear Memory Access Is Enough? | Solidean Investigating Split Locks on x86-64 Simplest hash functions Sybilproof reputation mechanisms (2005) [pdf] What is a property? How Complex is my Code? Static code analysis in Kotlin — tools overview Toffoli gates are all you need PGLite evangelism dcmake: a new CMake debugger UI Clojure on Fennel part one: Persistent Data Structures Fragments: April 2 Python Release Python install manager 26.1 The Life and Death of the Book Review - Liberties Introducing Database Traffic Control — PlanetScale Bitcoin miners are losing $19,000 on every BTC produced as difficulty drops 7.8% God sleeps in the minerals Building slogbox Apple Silicon and Virtual Machines: Beating the 2 VM Limit Who was “Not Even Wrong” first? Pokemon Evolution Vs Darwinian Evolution The APL Programming Language Source Code
GitHub - MonkeySee-AI/rotunda: 🏛 An agent-first web browser
icyfox · 2026-05-13 · via Hacker News

Rotunda Logo

Giving your agents the power to browse the web is like giving them superpowers. You can automate almost anything. Rotunda is a browser built for agents from the ground up. Sick of seeing more captchas in Claude than when you open Chrome and do it yourself? Try Rotunda.

Getting started

Install Rotunda into your Python project with uv, then fetch the latest Rotunda browser build:

uv add rotunda
uv run rotunda fetch

rotunda fetch syncs the available browser releases and installs the latest build for the active channel.

Then use Rotunda from Playwright by swapping in the Rotunda launch helper and creating contexts with NewContext:

from playwright.sync_api import sync_playwright
from rotunda import NewBrowser, NewContext


with sync_playwright() as playwright:
    browser = NewBrowser(playwright, headless=False)
    context = NewContext(browser)
    page = context.new_page()

    page.goto("https://pierce.dev", wait_until="domcontentloaded")
    first_article_text = page.locator("main article article").first.inner_text()
    print(first_article_text)

    browser.close()

Agent

You can also drive Rotunda directly from the command line with uvx, without adding it to a project first. The agent commands keep browser profiles, daemon sessions, and short resource indexes under ~/.rotunda, so later uvx rotunda ... calls can attach to the same profile.

For the daemon, resource-index, heartbeat, and singleton process model behind these commands, see Agent CLI Architecture. For manually launching a browser first and connecting to it from another local process, see Remote Juggler.

First install the active browser build and create a profile:

uvx rotunda fetch
uvx rotunda agent new-profile --name agent-demo

Create a browser context by passing the profile name to new-context, then navigate the printed page index. The page number below is an example; use the index printed by your commands:

uvx rotunda agent new-context agent-demo
uvx rotunda agent navigate 3 https://pierce.dev

Describe the page to get element refs:

uvx rotunda agent describe 3

Use those refs directly for actions. You do not need to pass the page index once a ref has been described:

uvx rotunda agent click <ref>
uvx rotunda agent hover <ref>
uvx rotunda agent info <select-ref>
uvx rotunda agent select <select-ref> "option-value"
uvx rotunda agent fill <input-ref> "replacement text"
uvx rotunda agent type <input-ref> "additional text"
uvx rotunda agent press <input-ref> Enter
uvx rotunda agent scroll down
uvx rotunda agent check <checkbox-ref>

info prints the full attributes, state, bounds, and select options for one element. select chooses dropdown options by value by default; use --by label or --by index when that is more convenient. fill replaces the field contents, while type appends at the focused cursor position. Both use Rotunda's humanized text input path, and mouse actions use Rotunda's path prediction when humanization is enabled.

After an action, the CLI reports whether the page had a full refresh or mostly stayed the same. Same-page updates print a compact +/- element delta; run describe again when you want the full current DOM.

The agent CLI also includes broader browser primitives for less form-like tasks:

uvx rotunda agent pages
uvx rotunda agent screenshot 3 --full-page
uvx rotunda agent wait 3 --for text "Done"
uvx rotunda agent back 3
uvx rotunda agent forward 3
uvx rotunda agent reload 3
uvx rotunda agent extract 3 --format markdown
uvx rotunda agent upload <file-input-ref> ./document.pdf
uvx rotunda agent downloads
uvx rotunda agent save-download <download-ref> ./download.bin
uvx rotunda agent dialog 3 accept
uvx rotunda agent close-page 3

screenshot can capture the viewport, full page, or one described element with --element <ref>; when no path is provided, it writes a randomly named PNG under the system temp directory and prints the absolute filepath. wait supports load states, URL patterns, visible text, selectors, and fixed timeouts. extract can return text, HTML, markdown, links, or form metadata. dialog arms how the next browser dialog on a page should be handled; unarmed dialogs are dismissed and recorded so the browser does not hang.

Stop the profile daemon when you are done:

uvx rotunda agent stop 1

On stealth browsing

Web automation is incredible. Unfortunately for us, so many people have abused the automation powers of browsers in the past (ticket scalpers, shoe resellers) that sites have poured billions into detecting anything that's not a human. If you run Chrome over CDP with Playwright you'll know what I'm talking about. You get recaptchas, refusals to login, or subtle changes in behavior.

"Stealth" plugins advertise that they're able to evade these detections. But all stealth plugins are flawed. They often rely on overriding Javascript properties to return fake values that simulate another browser. Fingerprinters will check if these function implementations are native or non-native. Non-native never happens in the wild so you're flagged as a bot. Other plugins will fork Chromium and patch code that do the same things on the backend, so you'll be unable to detect them by sniffing Javascript state. Fingerprinters then use browser accessories like the canvas or audio drivers to detect anomalies with known devices. And so you're flagged as a bot. And on and on.

This cat and mouse game has been around since the beginning of the web. As fingerprinting has switched from adhoc to statistical, the burden has shifted dramatically to the stealth implementers. Our view at Rotunda is it's impossible to compellingly lie about your browser fingerprint. In the law of large numbers, and the surface area of APIs that browsers have to support, there's some way to detect that you're anomalous. The sites only need one thing wrong to prove that you're faking your whole identity. You need to patch every surface area, simulate the subtleties of every GPU driver, and honestly it's just not a game worth playing.

Instead Rotunda focuses on providing a browser that looks fully human, without lying about its underlying identity. We want to look like it's actually running on your laptop - and instead focus on making sure no automation signatures can be detected. This includes making sure that Playwright can't be detected as the driver controlling your screen, and that any cursor movements tween as if you're moving a mouse, and that keyboard clicks have some occasional errors. Instead of lying about your fingerprint it's better to fib: tell them what GPU and audio drivers you're running on, but lie about some specifics like accessible fonts or extensions or screen size. It's not out of the ordinary for 10 M1 chips to be browsing their site at the same time - but it is impossible for a Linux GPU to be claiming its macos.

This results in a browser that's not suitable for crawling. For public sites you should be automating that in the cloud anyway via Browserbase, Kernel, or ScrapingBee. But it's very suitable when you're delegating tasks to your Agents. It's like having a fleet of interns that are doing useful work on your home network.

Fingerprint blocked?

You're a lot less likely to get flagged as a bot with our host-passthrough approach. But that doesn't mean it's impossible. First we recommend you open the same site in Chrome/Firefox and see if you still start seeing flags. If you do it might be because of your IP reputation.

If other browsers work fine and you suspect it's at the Rotunda level, run the same site with our debugging handlers. This echos the calls that the site makes into the Javascript VM, the return values from those calls, console output, and outgoing page requests sent to their servers. 99.99% of the time these payloads reveal that the site picked up on something anomalous. The only thing they don't really cover is the TCP handshake, but we're using the authentic Firefox protocol for that anyway.

export ROTUNDA_DEBUG_DUMP_DIR=/tmp/rotunda-fingerprint-debug
export ROTUNDA_DEBUG_DUMP=manifest,network,console,vm,returns
export ROTUNDA_VM_ACCESS_SAMPLE_RATE=10

python your_repro_script.py
zip -r rotunda-fingerprint-debug.zip "$ROTUNDA_DEBUG_DUMP_DIR"

Attach rotunda-fingerprint-debug.zip to a GitHub Issue with the site URL, what you expected to happen, and what the site reported instead. The dump includes request/response bodies, so review it before sharing and do not set ROTUNDA_DEBUG_DUMP_RAW=1 unless a maintainer asks for it.

Want to help?

There are a ton of ways to get involved. Check the Issues for any good getting started tickets and chime that you're interested in helping out. Also hit me up on X or subscribe to my newsletter if you want to chat about agents and support the development.

Credits

This repository builds on daijro's original Firefox patching work, which laid the foundation - via much trial and error - for the browser patching techniques used here. They made the case for using Firefox because Juggler is isolated from the browser context (unlike CDP).

Their main focus, however, is on stealth whereas ours is on automation. We want to give your Agents access to a browser that works almost identically to your daily driver.

camoufox

FAQ

Can't I just control Chrome with computer vision?

You certainly can try! Computer vision isn't a perfect answer here because it's so slow, fills up your context window, and doesn't allow your agent to see any content that's not in the viewport. It's much more convenient to grab the current DOM and parse it into an LLM friendly representation of the page. But grabbing this representation opens you up to the same question of Playwright/CDP control that we were trying to avoid.

Launching in most cloud VMs to use computer vision also risks leaking state about the underlying host. Most use the same stealth plugins that are pretty easy to detect, which means you're going to eventually get flagged if you use them naturally.

Plus computer vision sometimes makes it hard to click around some websites because direct click events are hard to translate cleanly (see reports of Claude being unable to select dropdowns from form lists).