Getting Started
chrome-use
chrome-use lets any AI agent drive your real, logged-in Chrome — Claude Code, Cursor, Codex, your own scripts. It shares your existing login sessions and is undetectable by anti-bot systems because it is your real browser: CreepJS scores it 0% bot.
# install the CLI — no npm, no tokens
$ curl -fsSL https://raw.githubusercontent.com/leeguooooo/chrome-use/main/install.sh | sh
Why chrome-use
No fresh Chrome. No re-login. No "are you a robot?" walls. Typical browser automation boots an empty browser with a blank profile — so you redo every login, fight every captcha, and still get flagged as automation. chrome-use points the agent at the Chrome you're already signed into everything on. It clicks in your window, so you watch it work and grab the wheel the moment it hits a 2FA prompt or captcha, then let it continue.
Your cookies, sessions, and fingerprint are all real — because it IS your real browser. Undetectable by anti-bot systems.
A one-click Store extension over native messaging — no --remote-debugging-port, so it never pops "Allow remote debugging?".
Each --session gets its own colored tab group, so many agents share one real Chrome without stepping on each other.
Runs entirely in the background — new tabs open un-focused, the agent never force-fronts a tab or steals your foreground.
Why not just use…
- Playwright / Puppeteer / browser-use? They boot an empty browser — you redo every login, fight every captcha, and still get flagged as automation. chrome-use uses the session you already have.
- Claude's Chrome extension? Great, but it only drives Claude. chrome-use drives any agent or CLI over the same real browser.
- A raw
--remote-debugging-port? Chrome 136+ pops "Allow remote debugging?" on every connect. chrome-use never does — one-click Store extension, native messaging.
Runtime.enable CDP leak (off by default), and a small permission footprint —
7 permissions, no <all_urls>. See Real Chrome & Anti-detection.
Why it doesn't get banned
Many sites actively ban browser automation, and tripping their anti-bot systems takes your account down with it. chrome-use's answer is to treat anti-detection as a first-class capability: it doesn't simulate a human — it is your already-logged-in real browser, so sites read it as 100% human and there's nothing to ban.
When it drives your real Chrome over the extension it injects no JS patches — no disguise means no seams for the lie-detectors to catch. bot.incolumitas / sannysoft / BrowserScan all green.
The --launch standalone browser uses native overrides: navigator.webdriver=false (Emulation.setAutomationOverride), timezone, WebRTC local IP, canvas/audio noise — none of them redefined getters that can be probed back. Headless is disabled by default (it's a bot tell in itself).
--humanize beats behavioral detectionBeyond fingerprints, Akamai / PerimeterX / DataDome also score behavior. Turn it on and the cursor follows curved Bézier paths, lands on jittered points inside the element, and typing cadence varies — and it's adaptive: it escalates on pages from those vendors, and stays instant with zero overhead on ordinary sites.
The cf_clearance earned by clearing a challenge once (bound to IP+UA) is saved and reused, so you don't re-solve it every time. Run chrome-use stealth status anytime to self-check the webdriver / chrome / plugins / UA probes.
Get started
A few short reads take you from zero to driving your own Chrome:
One-line installer, then the browser extension + native-messaging bridge.
snapshot → find → act: the read/interact rhythm behind every task.
Pull a structured, agent-friendly view of any page with snapshot.
For hosts that can't shell out — Claude Desktop, ChatGPT connectors — via chrome-use mcp.
The *-use family
Same idea across the board: don't build a simulated environment — drive the real, already-logged-in device you're holding.
Drives your real, logged-in Chrome.
Drives your real iPhone.
Pulls passwords, 2FA, and passkeys from your Bitwarden vault so an agent can log in with credentials.
Apache-2.0 · GitHub · part of the leeguoo.com *-use family.
Originally based on vercel-labs/agent-browser (Apache-2.0), now standalone · Lineage & Upstream · Privacy