The first SDK that detects AI agents — not just bots.

Anthropic Computer Use. OpenAI Operator. browser-use, Cline, Skyvern, Manus, BrowserBase. They drive real browsers, on residential proxies, with real cookies. Burein names them anyway.

The new attack class

Bot detection was solved. Agent detection isn't.

CAPTCHAs and headless tells were tuned against scripted bots from 2018. The class of attacker that matters in 2026 is an LLM driving a real Chrome window through a real residential ISP, with a real cookie jar, doing tasks indistinguishable from a careful user — except in how they do them. Burein focuses on the how.

Detection families

Four ways Burein names an AI agent.

Vision-loop cadence

LLMs that drive UIs follow a screenshot → reason → small action → screenshot loop. Burein measures the cadence between user-visible state changes and the next action. Real humans are bursty; agents are metronomic.

Token-boundary typing

Synthetic typing inherits the LLM's token boundaries: chunks of 3–6 chars emitted at near-constant intervals, with no typos and no backspaces. We measure inter-keystroke entropy and error-correction frequency.

Kinematic implausibility

Cursors that move in straight Manhattan paths, that teleport, that arrive precisely on the centroid of a button — no human hand produces these trajectories. Burein scores each path against a kinematics model.

Stack fingerprints

Playwright, Puppeteer, Puppeteer-extra-stealth, Selenium, CDP, browser-use, BrowserBase, Skyvern — each leaves environment, header, JS-global, and timing tells. We track ~90 of them.

Specific agents

Named agents Burein currently detects.

Threat IDWhat it isSeverity
AGENTIC_COMPUTER_USEAnthropic Computer Use cadence and display-server pattern.Critical
AGENTIC_OPERATOROpenAI Operator action-cadence + browser environment.Critical
AGENTIC_BROWSER_USEbrowser-use Python library signatures.Critical
AGENTIC_SKYVERNSkyvern automation harness.High
AGENTIC_MANUSManus task agent.High
AGENTIC_BROWSERBASEBrowserBase remote browser session tells.High
PLAYWRIGHT_DETECTEDPlaywright runtime hooks & env.High
PUPPETEER_DETECTEDPuppeteer & Puppeteer-extra-stealth bypass detection.High
AI_SYNTHETIC_TYPINGToken-boundary cadence with no error-correction.High
AI_SYNTHETIC_MOUSEKinematically implausible trajectories.High
HEADLESS_CHROMEHeadless Chrome inconsistency triad.High
CDP_PRESENTChrome DevTools Protocol attached.High
ANTI_DETECT_BROWSERMultilogin / Kameleo / AdsPower / Dolphin / GoLogin.High

Want to go deeper?

Talk to us about your fraud and integrity goals — we'll show you the signals that matter for your stack.

Talk to us See the platform