Pack de Agente de Navegador + Automatización Web

What's in this pack

This is the stack you assemble when the goal is not "play with Browser-Use for an afternoon" but ship an agent that browses the web on a user's behalf, in production, against sites that fight back. The Browser Automation pack on TokRepo is a framework round-up — three SDKs side by side. This pack is the next layer: framework + headless runtime + anti-bot countermeasures + content extraction + memory + orchestrator, chained in install order.

Every pick earns its spot by handling one stage of the pipeline. Together they answer the real questions: where does the browser run, how does it stay un-fingerprinted, what does the agent feed back into the LLM, what does it remember between sessions, and how do you go from one tab to ten thousand without writing a queue.

The target user is the dev building a research / lead-gen / form-filling / checkout / monitoring agent — anything where the LLM has to drive a real browser, deal with login walls and Cloudflare, and accumulate context over weeks instead of one prompt.

Install in this order (framework → headless → anti-bot → memory → orchestrator)

1. browser-use Python skill — agent framework. The Python toolkit that lets an Agent control a real browser with an LLM provider of your choice. Start here because it's the lowest-friction way to feel the loop: prompt → page → action → DOM → next action. The skill format installs cleanly into Claude Code, Codex, and Gemini CLI workflows.
2. Playwright MCP — Browser Automation for Agents — protocol-level entry. Wraps Playwright as an MCP server so any MCP-aware agent (Claude Code, Cursor, ChatGPT desktop) can drive Chrome / Firefox / WebKit without bespoke glue code. This is the wire you plug the agent into the browser through.
3. Browserbase — Cloud Browser Infra for AI Agents — managed headless. Spin up thousands of stealth Chromium sessions over HTTPS, no VPS, no Docker, no captcha-driven IP burns. Use this once you outgrow a single laptop's Chrome and don't want to operate a fleet.
4. Obscura — Headless Browser Built for AI Agents and Web Scraping — self-hosted stealth. The DIY counterpart to Browserbase when you need data residency or a per-session cost floor of $0. Ships anti-fingerprinting defaults out of the box.
5. Pydoll — Browser Automation Without WebDriver — first anti-bot layer. The dirty secret of bot detection is that the navigator.webdriver=true flag still trips most filters. Pydoll drives Chrome via the DevTools Protocol directly, so that flag never lights up. Use it when Cloudflare and DataDome start serving 403s to your Playwright runs.
6. Scrapling — Adaptive Web Scraping Framework for Python — adaptive selectors. Sites change DOM nightly to break scrapers; Scrapling fingerprints the elements you care about by structural and text similarity so your extractor survives a re-skin. The right pair to whatever browser you chose above.
7. Firecrawl — Web Scraping API for AI Applications — clean markdown. When the agent only needs the content (not the page chrome), Firecrawl converts a URL into LLM-ready markdown with images, links, and structure preserved. Cheaper than running Playwright when no interaction is needed.
8. Jina Reader — Convert Any URL to LLM-Ready Text — fallback fetcher. Free r.jina.ai/<url> endpoint that strips chrome, ads, and nav. Use it when Firecrawl rate-limits, when the site is light enough to skip the browser entirely, or as a sanity-check second source.
9. Mem0 — Memory Layer for AI Applications — persistent memory. The agent needs to remember which sites it has visited, which credentials are stored, which selectors broke last week, and what the user told it three sessions ago. Mem0 is the persistence layer that keeps that out of your prompt.
10. Apify MCP Server — 8,000+ Web Scrapers for Agents — orchestrator. The escape hatch for "this site already has a battle-tested scraper somewhere." Exposes Apify's Actor library to your agent over MCP, so instead of writing a Twitter scraper at 2am, the agent calls a pre-built one. The right top of the funnel when the agent doesn't know in advance which site it will hit.

How they fit together (ASCII pipeline)

         ┌── user request ──┐
         │ "book me a ..." │
         └─────────┬────────┘
                   ▼
   ┌─── agent loop ──────────────────────────────┐
   │  browser-use skill / Playwright MCP        │
   │  (LLM ↔ browser ↔ DOM action loop)         │
   └────────────────┬───────────────────────────┘
                    ▼
   ┌─── headless runtime ────────────────────────┐
   │  Browserbase (cloud, managed stealth)      │
   │       OR                                    │
   │  Obscura (self-hosted, data residency)     │
   └────────────────┬───────────────────────────┘
                    ▼
   ┌─── anti-bot layer ──────────────────────────┐
   │  Pydoll (no WebDriver flag → defeat naive  │
   │           Cloudflare / DataDome filters)    │
   │  Scrapling (adaptive selectors → survive   │
   │             nightly DOM rewrites)           │
   └────────────────┬───────────────────────────┘
                    ▼
   ┌─── content extraction ──────────────────────┐
   │  Firecrawl (URL → clean markdown)          │
   │  Jina Reader (free fallback fetch)         │
   │  → LLM-ready text + structured data        │
   └────────────────┬───────────────────────────┘
                    ▼
   ┌─── memory ──────────────────────────────────┐
   │  Mem0 (cross-session facts, broken         │
   │        selectors, user preferences)         │
   └────────────────┬───────────────────────────┘
                    ▼
   ┌─── orchestrator ────────────────────────────┐
   │  Apify MCP (8,000+ pre-built scrapers      │
   │             when you don't want to roll     │
   │             your own per site)              │
   └─────────────────────────────────────────────┘

The pipeline has two entry points on purpose: the agent can drive the browser itself (browser-use + Playwright MCP), or it can delegate to Apify MCP when a pre-built scraper already exists for the target site. Real production agents do both — drive Chrome for the long-tail sites they hit once, call Apify Actors for the 50 sites they hit constantly.

Tradeoffs you'll hit

• browser-use vs Playwright MCP — browser-use is a Python framework you import; Playwright MCP is a server your agent talks to over JSON-RPC. Import the framework when you control the agent's runtime (Python service you wrote). Use the MCP when the agent is a third-party tool (Claude Code, Cursor) you can't modify.
• Browserbase vs Obscura — Browserbase is the AWS of headless browsers: zero ops, per-minute billing, stealth handled for you. Obscura is the self-host: zero per-session cost after the box is paid for, but you operate it. Pick by total monthly browser-hours: under ~200 hours/month, Browserbase wins on TCO; above, Obscura's break-even kicks in.
• Pydoll vs Playwright — Playwright is the industry standard but every detection vendor knows its fingerprint. Pydoll connects via raw CDP, which is harder for filters to identify generically. Trade-off: Pydoll's API is younger and less ergonomic. Use Playwright (or Playwright MCP) for sites that don't fight, switch the specific runs that get blocked over to Pydoll.
• Scrapling vs hand-written selectors — Hand-written CSS/XPath are fast to write and brittle. Scrapling spends extra ms per query computing similarity, but the selector survives the next deploy. Use hand-written for one-off scrapes; Scrapling for anything that runs more than once a week.
• Firecrawl vs Jina Reader — Firecrawl is paid, batch-friendly, handles JS rendering. Jina Reader is free, single-URL, serves cached snapshots when the live site is slow. Start with Jina for prototyping; move to Firecrawl when rate limits or coverage gaps bite.
• Mem0 vs prompt-stuffing — You can shove the whole history into the system prompt and pay tokens for it every turn. Mem0 retrieves only the relevant facts (last broken selector, user's preferred date format) so each turn pays for ~200 tokens instead of 20,000.
• Apify MCP vs roll-your-own — Apify's 8,000+ Actors are maintained by people who specialize in one site. For Twitter/X, LinkedIn, Amazon, Google Maps, Apify wins on reliability and stays current after the next anti-bot upgrade. Roll your own when the target is a long-tail site or your data needs are too custom for any existing Actor.

Common pitfalls

• Running Browser-Use and Playwright MCP against the same Chrome profile. Two agents on the same user-data-dir race for the active tab and corrupt session state. Always use separate profile dirs, or move one of them to a Browserbase/Obscura session.
• Forgetting the navigator.webdriver flag exists. Standard Playwright leaves it set to true. That single boolean is the first thing every commercial bot detector reads. Either patch it via CDP, use Pydoll, or accept that anything with Cloudflare in front will eventually 403 you.
• Treating Apify Actors like local code. Apify Actors run in the cloud and charge by compute units. If the agent calls one in a loop without rate-limiting, the bill arrives. Wrap Apify MCP calls with a per-day budget the agent can read from Mem0.
• Storing credentials in the agent's prompt or in Mem0 as plain text. Use the host CLI's secret manager (Claude Code's ~/.claude/secrets, environment variables in your service) and let the agent read them by name, not value. Mem0 should remember that a credential exists, never its contents.
• Indexing too aggressively. A research agent that hits every link on every page recursively will exhaust Firecrawl quota in an afternoon. Cap depth at 2, dedupe by URL hash, and reuse Mem0 to skip URLs visited last week.
• Skipping the content-extraction step. Feeding the raw HTML into the LLM is expensive and noisy. Always route through Firecrawl or Jina Reader so the LLM sees markdown, not nav menus and tracking scripts.