Shlumi is an AI agent firewall that detects and blocks automated browser agents — including Claude, Gemini, GPT-Operator, Playwright, Puppeteer, and Selenium — in real time using a lightweight JavaScript detection script.

How does Shlumi detect AI browser agents?

Shlumi collects 30+ browser fingerprinting signals including navigator.webdriver, Chrome DevTools Protocol (CDP) leaks, Playwright globals, headless Chrome indicators, and behavioral patterns. Each session is scored 0–100 and assigned a verdict of clean, suspicious, or bot.

How do I integrate Shlumi on my website?

Add a single script tag to your website's HTML with your API key. Shlumi works with any stack including Next.js, React, plain HTML, WordPress, and Webflow.

Can Shlumi block Claude and Gemini browser use?

Yes. Shlumi specifically detects Claude computer use, Gemini browser automation, and other AI agent tools by identifying CDP-based automation, Chrome object integrity anomalies, and behavioral signals unique to AI-driven browsing.

AgentShield — AI Agent Detection Platform

What is Claude Browser Automation?

Anthropic's Claude AI includes a "computer use" capability that allows the model to control a real Chrome browser via the Chrome DevTools Protocol (CDP). Unlike traditional bots that use Puppeteer or Playwright with obvious fingerprints, Claude computer use operates on a real Chrome instance — making it significantly harder to detect with conventional methods.

When Claude browses your website, it does so through a CDP-controlled browser that can interact with DOM elements, fill forms, click buttons, and read page content — all while appearing to be a normal Chrome user. This has significant implications for websites that rely on CAPTCHA, rate limiting, or simple user-agent checks to block automated access.

Why Traditional Bot Detection Fails Against Claude

Most bot detection solutions look for obvious signals: navigator.webdriver === true, missing browser plugins, or known Puppeteer globals like window.__playwright. Claude computer use bypasses all of these because:

It uses a real Chrome installation, not a headless build
The navigator.webdriver flag is patched to return false
Browser plugins, fonts, and screen resolution match a real desktop environment
User-agent strings are authentic Chrome user agents

This means that a naive bot detection system will classify Claude computer use sessions as "clean" — giving the AI full access to your content, APIs, and workflows.

Signals That Reveal Claude Browser Automation

Despite its stealth, Claude computer use leaves detectable traces. The key is to look for composite signals — no single signal is definitive, but a cluster of 3 or more soft signals indicates CDP-based automation with high confidence.

1. Chrome Object Integrity Checks

A real Chrome browser exposes a rich window.chrome object with nested APIs including chrome.runtime, chrome.loadTimes(), and chrome.csi(). CDP-controlled browsers often have an incomplete or missing chrome object. Check for:

const hasChrome = typeof window.chrome !== 'undefined';
const hasRuntime = typeof window.chrome?.runtime !== 'undefined';
const hasLoadTimes = typeof window.chrome?.loadTimes === 'function';
// All three should be true in a real Chrome browser

2. Permission API Anomalies

Real browsers return consistent permission states. CDP-controlled browsers often return denied for permissions that would normally be prompt in a fresh browser session:

const result = await navigator.permissions.query({ name: 'notifications' });
// CDP browsers often return 'denied' instead of 'prompt'

3. Behavioral Timing Patterns

AI agents interact with pages in ways that differ from humans. They tend to:

Interact immediately after page load (no "reading" pause)
Move the mouse in straight lines or right angles
Click precisely on element centers rather than slightly off-center
Scroll in uniform increments rather than variable human scrolling

4. CDP Leak Detection

Some CDP commands leave detectable artifacts. The Runtime.enable CDP command, used by automation frameworks to inject scripts, can be detected by monitoring for unexpected script injection patterns.

5. Hardware Concurrency Mismatch

Claude computer use environments typically run in containers with limited CPU cores. A browser reporting navigator.hardwareConcurrency === 2 on a modern "desktop" Chrome session is suspicious.

Implementing Claude Detection with Shlumi

Shlumi's detection script collects all of the above signals automatically. When you embed the script on your website, it runs a battery of 30+ checks and sends the results to the Shlumi API for scoring. Sessions with 3 or more CDP-related soft signals receive a verdict: bot with action: block.

<script
  src="https://www.shlumi.com/agentshield.js"
  data-key="as_live_your_api_key"
  data-action="block">
</script>

The script handles the redirect to your block page automatically — no server-side code required for basic enforcement.

Server-Side Enforcement

For stronger protection, combine client-side detection with server-side enforcement. After the Shlumi script runs, it sets a session ID in a cookie. Your backend can then query the Shlumi API before serving sensitive content:

const sessionId = req.cookies['__as_sid'];
const res = await fetch(`https://www.shlumi.com/api/shield/check?sessionId=${sessionId}`);
const { action, verdict, score } = await res.json();
if (action === 'block') return res.status(403).json({ error: 'Access denied' });

Conclusion

Detecting Claude browser automation requires a multi-signal approach. No single check is sufficient — but a combination of Chrome object integrity, permission anomalies, behavioral timing, and CDP leak detection provides high-confidence identification. Shlumi automates this entire detection pipeline with a single script tag, making it the fastest way to protect your website from AI agent browser automation.

How to Detect Claude Browser Automation on Your Website