Claude + Playwright agent tackles CAPTCHA-heavy signups with adaptive reasoning
Henry Knight details an AI-powered browser agent that uses Claude as a reasoning layer to adaptively handle modern bot-protection systems like PerimeterX, DataDome, and Cloudflare during automated signups.
Score breakdown
Using Claude as a dynamic reasoning layer — rather than hardcoded CAPTCHA-solving conditionals — lets browser automation agents adapt to new bot-protection patterns without requiring code changes between runs.
- 01Author Henry Knight spent two months building the AI-powered browser agent described in the post.
- 02Modern bot-protection systems (PerimeterX, DataDome, Cloudflare) fingerprint browsers via canvas fingerprinting, TLS mismatch, CDP detection, mouse movement analysis, and request timing — before any CAPTCHA is shown.
- 03Claude (`claude-sonnet-4-6`) acts as the reasoning layer, receiving a structured DOM snapshot and returning a JSON action object with action, selector, value, and reasoning fields.
Henry Knight argues that most browser automation tutorials ignore the real challenge: modern bot-protection systems like PerimeterX, DataDome, and Cloudflare fingerprint browsers before a CAPTCHA ever appears. The fingerprinting happens at the JavaScript, TLS, and mouse-movement layers — meaning a solved CAPTCHA still results in a block if the automation signature was already flagged. His core architectural insight is to treat Claude as the reasoning layer rather than the execution layer: instead of hardcoded conditional logic, the agent captures a structured DOM snapshot (URL, title, body text, and a list of visible inputs) and passes it to `claude-sonnet-4-6`, which responds with a JSON action object containing the action, selector, value, and reasoning. This loop keeps Claude's role lightweight and fast, avoiding the cost of screenshot-based vision.
The source text is truncated before the full architecture is described.
For fingerprint evasion, the post shows a stealth init script injected via Playwright's `addInitScript` that removes the `navigator.webdriver` flag, restores `window.chrome` runtime properties, fakes a realistic browser plugin list, and locks `navigator.languages` to `['en-US', 'en']`. For CAPTCHA handling, a `handle_captcha` function maps challenge types — `recaptcha_v2`, `recaptcha_v3`, `hcaptcha`, `perimeterx`, `cloudflare` — to ordered lists of strategies (e.g., `solve_2captcha`, `rotate_fingerprint`, `wait_5min_retry`, `request_manual`). Each strategy attempt is logged to a SQLite `browser_memory` table, and on subsequent runs against the same domain the agent reads this history to skip strategies that previously failed, giving the system cross-session learning. The source text is truncated before the full architecture is described.
Key facts
- 01Author Henry Knight spent two months building the AI-powered browser agent described in the post.
- 02Modern bot-protection systems (PerimeterX, DataDome, Cloudflare) fingerprint browsers via canvas fingerprinting, TLS mismatch, CDP detection, mouse movement analysis, and request timing — before any CAPTCHA is shown.
- 03Claude (`claude-sonnet-4-6`) acts as the reasoning layer, receiving a structured DOM snapshot and returning a JSON action object with action, selector, value, and reasoning fields.
- 04A stealth init script patches `navigator.webdriver`, `window.chrome`, `navigator.plugins`, and `navigator.languages` to reduce browser fingerprint detection.
- 05A `handle_captcha` function maps five challenge types (`recaptcha_v2`, `recaptcha_v3`, `hcaptcha`, `perimeterx`, `cloudflare`) to prioritized lists of solver strategies.
- 06Strategy outcomes are logged to a SQLite `browser_memory` table, allowing the agent to skip known-failing strategies on future runs against the same domain.
Topics
Summary and scoring are generated automatically from the original article. We always link back to the publisher and never republish images or paywalled content. Last processed Jun 8, 2026 · 15:36 UTC. How this works →