VulpineOS
Operate Stealth and Secure OpenClaw Agents at Scale
VulpineOS is the operating system for AI browser agents — a hardened Firefox fork (based on Camoufox / Firefox 146.0.1) for managing hundreds of OpenClaw agents with unique identities, full security, and zero detection. It solves the critical problems that make current browser-based agents fragile and exploitable.
The Problem
AI agents browsing the web face three unsolved challenges:
-
Prompt Injection — Malicious websites hide invisible text in the DOM that hijacks the agent’s instructions. Current agents have zero defense against this.
-
Page Mutation — The page changes between when the agent reads it and when it acts. JavaScript timers, animations, and network callbacks mutate the DOM mid-decision, causing the agent to click on elements that no longer exist or have moved.
-
Token Waste — Accessibility trees are bloated with structural noise. Agents burn 50-70% of their context window on wrapper divs, generic groups, and redundant whitespace that carry no semantic value.
The Solution
VulpineOS addresses each problem at the browser engine level — not with JavaScript hacks or post-processing, but with C++ patches to Firefox’s core:
| Phase | Feature | Layer |
|---|---|---|
| 1 | Injection-Proof Filter | Accessibility tree pruning |
| 2 | Action Lock | C++ page freeze (nsDocShell) |
| 3 | Optimized DOM Export | Token-compressed snapshots |
| 4 | Trust Warming | Background profile warming |
Quick Start
# Clone and build
git clone https://github.com/PopcornDev1/VulpineOS
cd VulpineOS
make fetch && make setup && make dir && make build
# Launch the TUI
./vulpineosOn first launch, the setup wizard walks you through selecting an AI provider and model. Each AI browser agent gets its own fingerprint, proxy, and isolated browser context. See Getting Started for full instructions.
Platform Features
Beyond the browser engine security phases, VulpineOS is a complete agent management platform:
| Feature | Description |
|---|---|
| Web Panel | Browser-based dashboard with 11 pages — manage agents, proxies, contexts, security, scripts, logs, and settings from anywhere |
| TUI Workbench | Terminal-based 3-column interface for SSH/server environments |
| Agent Scripting DSL | JSON scripting for repetitive browser tasks — zero LLM tokens |
| Token Optimization | Viewport pruning, result caching, incremental snapshots, batch execution |
| Advanced Security | CSP injection, DOM mutation monitoring, 13 injection signatures, sandboxed JS evaluation |
| Cost Tracking | Per-agent token usage, USD cost estimation, budget limits with alerts |
| Agent Communication | Agent-to-agent message bus with approval policies and audit trail |
| Foxbridge CDP Proxy | Embedded CDP server — OpenClaw controls Camoufox as if it were Chrome |
| MCP Browser Tools | 36 tools for browser control, reliability checks, human-like actions, extension surfaces, and Android device bridging |
| Vulpine API Features | Public product surface for Vulpine Vault, AudioBridge, MobileBridge, Vulpine Mark, hosted extraction, recurring monitors, and planned commercial products |
| Remote Access | TLS WebSocket server for headless VPS deployment |
| Docker | One-click container with Vulpine-Box |
| Per-Agent Fingerprints | BrowserForge pipeline — unique UA, screen, WebGL, canvas/audio seeds per agent |
| Context Pool | Pre-warm 10 contexts, max 20 concurrent, auto-recycle after 50 uses |
| Proxy Rotation | Per-agent rotation on rate limit/block, auto-sync fingerprint geo |
| Session Recording | Record and replay browser action timelines |
| Persistent Page Cache | Save/restore page state across agent restarts |
| Webhook Notifications | HTTP webhooks for agent completion, rate limits, injection, budget events |
| Kernel Watchdog | Auto-restart Camoufox on crash (up to 3 attempts) |
Architecture
VulpineOS ships as a single Go binary with 36 packages, an embedded web panel, and an embedded foxbridge CDP server — all sharing a single Camoufox instance:
┌─────────────────────────────────────────┐
│ Web Panel (React, embedded) │
│ TUI Workbench (Bubbletea) │
├─────────────────────────────────────────┤
│ Orchestrator · Pool · Vault · MCP │
│ AgentBus · CostTracker · Webhooks │
│ Recording · PageCache · Security │
│ TokenOpt · Scripting · ProxyRotation │
├─────────────────────────────────────────┤
│ Embedded Foxbridge CDP Server (:9222) │
│ Juggler Protocol (FD 3/4 pipe) │
├─────────────────────────────────────────┤
│ Camoufox (Firefox 146.0.1) │
│ C++ Patches: Action Lock, AX Filter │
│ BrowserForge Fingerprints per Context │
└─────────────────────────────────────────┘Credits
VulpineOS is a personal project by Elliot, forked from Camoufox — originally created by daijro and now maintained by Clover Labs (where Elliot works and contributed per-context fingerprint spoofing to Camoufox).
See also
- Getting Started — install and launch your first agent
- Architecture — single-process runtime overview
- Injection-Proof Filter — how VulpineOS blocks prompt injection
- MCP Browser Tools — 36 tools for AI agent browser control
- Foxbridge CDP Proxy — embedded CDP server for OpenClaw