Camoufox is the open-source, fingerprint-coherent Firefox fork at the core of VulpineOS. We extend it with prompt-injection filtering, deterministic execution, token-optimized DOM export, and identity warming — turning a stealth browser into an agent-grade runtime.
Camoufox is a fork of Firefox 146.0.1 designed for browser automation that doesn't get fingerprinted out. It rewrites the parts of Firefox that bot detection systems probe — WebGL parameters, font metrics, screen properties, navigator properties — to produce an OS-coherent, indistinguishable-from-real fingerprint.
It's MPL 2.0 licensed, like upstream Firefox. VulpineOS uses it as the rendering and execution surface for every agent.
Four security primitives, all applied to the Camoufox base. Each one patches Firefox internals where an extension or wrapper layer can't reach.
Strips invisible DOM nodes from the accessibility tree before they reach the agent. Stops indirect prompt injection at the DOM layer, not at the model.
Freezes the page completely while the agent is thinking. No JS, no timers, no reflows. Implemented at the C++ docShell level so it can't be bypassed by page script.
Token-compressed semantic snapshot for LLM context. Real benchmark: 93.1% reduction vs Chrome's standard accessibility tree, 74.6% vs Playwright's ariaSnapshot.
Background service that warms browser profiles with human-like interactions while the agent is idle. Off by default; opt-in for long-lived identities.
All four primitives patch C++ inside the Firefox core: nsDocShell, the accessibility tree, the refresh driver. Action lock alone is impossible from a WebExtension — you can't suspend the JS event loop from JS. The fork lets us put security where it belongs: below the agent's reach.
VulpineOS contributes upstream where it makes sense. Patches that aren't operator-specific (fingerprint coherence improvements, rendering bug fixes) get sent to Camoufox. The operator-specific ones (action lock, injection filter) live in the VulpineOS patch set.
docs.vulpineos.com/architecture — every patch and how it wires up.
docs.vulpineos.com/camoufox-vs-chrome — why Firefox, why patches.
github.com/CloverLabsAI/camoufox — base fork that VulpineOS patches.
github.com/VulpineOS/VulpineOS — runtime, patches, and additions.
Pull the source, build the binary, or run the container. Camoufox plus the four VulpineOS phases, end to end.
