Connecting to the user's real Chrome via CDP will be more resistant to bot detection than Playwright's bundled Chromium with stealth scripts
HypothesisConnecting to the user's real Chrome via CDP will be more resistant to bot detection than Playwright's bundled Chromium with stealth scripts
CDP mode disables ALL stealth scripts, relying entirely on real Chrome session. 22-38s click gaps were pure LLM inference, not humanization. Real Chrome with a user profile + cookies + extensions is inherently undetectable because it IS a real browser. The 275-line stealth module was unnecessary.
Changelog
| Date | Summary |
|---|---|
| 2026-04-07 | Created during temporal gap audit |
| 2026-03-22 | Original audit (JOBHUNTR_AUDIT_2026-03-22.md) |
Hypothesis
Real Chrome via CDP is more resistant to bot detection than Playwright Chromium with stealth script injection.
Method
Produced JOBHUNTR_AUDIT_2026-03-22.md (274 lines) comparing the two strategies. In CDP mode: connects to user’s real Chrome on port 9222, uses their profile/cookies/extensions, zero stealth scripts. In bundled mode: Playwright Chromium with 12 stealth injections (navigator.webdriver, fake window.chrome, plugin spoofing, etc.).
Results
CDP mode confirmed superior. The real browser has no detectable artifacts because there are no artifacts to detect. The 12 stealth scripts in bundled mode each add a potential detection surface : the scripts themselves can be detected. Click timing analysis showed 22-38s gaps between actions were pure LLM inference time, not humanization : revealing that perceived “slowness” was the AI thinking, not intentional delays.