# Kuri

> Browser automation and web crawling tool for AI agents, written in Zig with zero Node.js dependencies, offering token-efficient CDP snapshots, HAR recording, and a standalone fetcher.

Kuri is a browser automation and web crawling toolkit built specifically for AI agent loops, written entirely in Zig with no Node.js or Playwright dependencies. It ships as a 464 KB binary with ~3 ms cold start, providing four modes: a CDP server for Chrome automation, a standalone fetcher with QuickJS, an interactive terminal browser, and an agentic CLI. On real-world benchmarks like Google Flights, Kuri delivers 16% fewer tokens per agent workflow cycle compared to alternatives, compounding savings across multi-step tasks.

- **`kuri` CDP server** — *Start with `./kuri` to launch a managed Chrome instance and expose a full HTTP API for browser control, accessibility snapshots, HAR recording, and more.*
- **`kuri-fetch` standalone fetcher** — *Run `kuri-fetch https://example.com` for no-Chrome HTTP fetching with QuickJS JS execution, outputting markdown, HTML, links, text, or JSON.*
- **`kuri-browse` terminal browser** — *Launch `kuri-browse https://example.com` for an interactive REPL browser with numbered links, history, and in-page search.*
- **`kuri-agent` agentic CLI** — *Use `kuri-agent` commands to script Chrome automation, take accessibility snapshots, click elements by ref, and run security audits from the terminal.*
- **Token-optimized snapshots** — *Use `?filter=interactive` on the `/snapshot` endpoint to get only interactive elements, reducing token cost to ~1,927 tokens vs 31,280 for raw JSON.*
- **HAR recording & replay** — *Start/stop HAR recording per tab and replay captured API calls with generated curl/fetch/Python code snippets.*
- **Stealth & bot evasion** — *Automatic anti-detection patches on startup including navigator.webdriver spoofing, WebGL/Canvas fingerprint spoofing, and UA rotation.*
- **Security testing** — *Run `kuri-agent audit`, `kuri-agent cookies`, and `kuri-agent headers` for browser-native security reconnaissance and header/cookie audits.*
- **Arena-per-request memory model** — *No GC; all per-request memory freed in a single `deinit()` call, with `errdefer` guards for clean partial-failure rollback.*
- **SSRF defense** — *Built-in URL validator blocks private IPs, metadata endpoints, and non-HTTP schemes in `kuri-fetch`.*

## Features
- CDP browser automation
- Token-optimized accessibility snapshots
- HAR recording and API replay
- Standalone HTTP fetcher with QuickJS
- Interactive terminal browser
- Agentic CLI for Chrome automation
- Stealth and bot evasion patches
- Security testing and header audits
- Snapshot delta diffing
- Device emulation
- Geolocation spoofing
- Session and auth profile management
- Video and screencast recording
- Request interception
- SSRF defense
- Proxy support
- Arena-per-request memory model
- Zero Node.js dependencies
- 464 KB binary size

## Integrations
Chrome, Chromium, QuickJS, CDP (Chrome DevTools Protocol), HAR 1.2, Akamai, Cloudflare, PerimeterX, DataDome

## Platforms
MACOS, LINUX, API, CLI

## Pricing
Open Source

## Version
0.4.0

## Links
- Website: https://kuri.trilok.ai
- Documentation: https://github.com/justrach/kuri#readme
- Repository: https://github.com/justrach/kuri
- EveryDev.ai: https://www.everydev.ai/tools/kuri