Spaces:

senku21230
/

21

Paused

App Files Files Community

senku21230 commited on 1 day ago

Commit

bca889b

verified ·

1 Parent(s): e256ede

Update server.js

Browse files

Files changed (1) hide show

server.js +316 -378

server.js CHANGED Viewed

@@ -1,7 +1,7 @@
 /**
  * ============================================================================
- * ULTIMATE AI BROWSER ENGINE (GOD-MODE) - PART 1A
- * Architecture: Puppeteer Stealth + WebSocket + Persistent Dataset Sync
  * Repository: Senku21230/Browser-Extensions
  * ============================================================================
  */
@@ -15,7 +15,7 @@ const fs = require('fs');
 const path = require('path');
 const { execSync } = require('child_process');
-// Apply Ultimate Stealth Plugin
 puppeteer.use(StealthPlugin());
 const app = express();
@@ -26,560 +26,529 @@ const PORT = process.env.PORT || 3000;
 const DATASET_REPO = "Senku21230/Browser-Extensions";
 const EXTENSION_PATH = '/tmp/extensions';
 let browser = null;
 let pages = [];
 let activePageIndex = 0;
 let cdpSession = null;
 function syncExtensionsFromDataset() {
     console.log("[SYSTEM] Initializing Persistent Extension Storage...");
     const hfToken = process.env.HF_TOKEN;
     if (!hfToken) {
-        console.error("[CRITICAL] HF_TOKEN missing! Cannot pull dataset.");
         if (!fs.existsSync(EXTENSION_PATH)) fs.mkdirSync(EXTENSION_PATH, { recursive: true });
         return;
     }
     try {
-        if (fs.existsSync(EXTENSION_PATH)) fs.rmSync(EXTENSION_PATH, { recursive: true, force: true });
         const cloneCmd = `git clone https://oauth2:${hfToken}@huggingface.co/datasets/${DATASET_REPO} ${EXTENSION_PATH}`;
         execSync(cloneCmd, { stdio: 'ignore' });
-        console.log("[STORAGE] Extensions synced!");
     } catch (error) {
-        console.error("[ERROR] Failed to sync dataset.");
         if (!fs.existsSync(EXTENSION_PATH)) fs.mkdirSync(EXTENSION_PATH, { recursive: true });
     }
 }
 /**
  * ============================================================================
- * AI TOOL REGISTRY: CHUNK 1 (MAXIMUM DETAIL ENTERPRISE DESCRIPTIONS)
  * ============================================================================
  */
 const ai_tools = [
-    // --- 1. THE MERGED MASTER CORE TOOL ---
     {
         name: "basic_navigation_controller",
-        description: "CORE INTERACTION MASTER: Use this tool exclusively for the 5 most frequent web actions to save execution time. Parameters required: 'action_type' (must be one of: 'navigate', 'click', 'type', 'scroll', 'extract'). If 'navigate', provide 'url'. If 'click', provide 'selector' (CSS/XPath). If 'type', provide 'selector' and 'text_to_type'. If 'scroll', provide 'direction' (up/down) or 'target_selector'. If 'extract', it returns the fully rendered DOM converted to clean markdown. Do not use this tool for closed shadow DOMs, canvas interactions, or highly secured iframes. Always await completion before triggering the next action."
     },
-    // --- 2. THE GOD-TIER CYBER TOOLS (DETAILED) ---
     {
         name: "deep_network_v8_interceptor",
-        description: "CRITICAL NETWORK HACK: Deploy this tool when standard scraping fails to retrieve backend data from AI sites (e.g., Qwen, Z.ai, ChatGPT). It completely bypasses the UI layer. It hooks into the V8 engine memory via CDP, intercepts encrypted payloads before they are dispatched to the cloud, and extracts 'Authorization: Bearer <token>', 'Refresh-Cookies', and dynamic session signatures. Returns a fully formatted, ready-to-execute cURL command string that can be used in external environments (Node.js/Python) without triggering bot-protection mechanisms."
     },
     {
         name: "visual_ocr_canvas_piercer",
-        description: "ADVANCED VISION ENGINE: Trigger this tool when data is obfuscated inside <canvas> tags, WebGL renders, embedded images, or when the DOM tree deliberately hides text content. The tool captures a lossless 4K viewport screenshot, utilizes deep Optical Character Recognition (OCR) to parse pixel data into text strings, calculates the exact X/Y screen coordinates of the target text, and simulates a raw hardware-level mouse click on those specific pixels. Useful for bypassing invisible reCAPTCHA overlays or custom video player controls."
     },
     {
         name: "deep_shadow_dom_piercer",
-        description: "DOM PENETRATION PROTOCOL: Standard DOM queries (querySelectorAll) cannot penetrate 'Closed' Shadow Roots or Cross-Origin Iframes (like Stripe payment gateways or Turnstile widgets). This tool injects a CDP script prior to page load that overwrites the native 'Element.prototype.attachShadow' method, forcing all shadow roots to be 'open'. It then recursively traverses the entire node tree, flattening iframes and shadow boundaries, returning a massive JSON object containing the true, deeply nested HTML structure that is otherwise entirely invisible."
     },
     {
         name: "auto_api_reverse_engineering",
-        description: "BACKGROUND API SCANNER: Execute this tool while passively navigating a target web application. It attaches a network listener to all outgoing XHR and Fetch requests. It automatically analyzes the request payloads, headers, and pagination parameters to deduce the underlying backend API architecture. It returns a structured JSON map of unauthenticated or loosely secured API endpoints, allowing the AI to fetch massive datasets directly via JSON without needing to endlessly scroll or render the frontend UI."
     },
     {
         name: "network_payload_modifier",
-        description: "REAL-TIME TRAFFIC MUTATION: Use this tool to intercept, pause, and rewrite HTTP responses from the server before the browser renders them. Requires parameters: 'target_url_pattern' and 'mutation_json'. Highly effective for client-side state manipulation—for example, intercepting a user-profile request and changing 'is_premium: false' to 'is_premium: true', or 'paywall_active: true' to 'false'. It injects the modified payload back into the browser's network stream, forcing the frontend UI to unlock restricted features."
     },
     {
         name: "custom_extension_loader",
-        description: "PERSISTENT STORAGE INJECTOR: This tool dynamically loads unpacked extensions or CRX files into the live browser instance. Requires parameter: 'extension_folder_name' (must exist in /tmp/extensions). It safely terminates the current headless session, appends the absolute '--load-extension' path arguments to the Chromium launch flags, and relaunches the browser engine in under 1.5 seconds. It ensures the WebSocket connection remains active so the user experiences zero downtime while the new extension (like an adblocker or custom script) is injected."
     },
     {
         name: "start_recording",
-        description: "MEDIA ENGINE (START): Initializes a background FFMPEG encoding stream bound directly to the active Chrome DevTools Protocol (CDP) screencast. Captures all UI interactions, DOM mutations, and visual state changes. The output is highly compressed into a 1080p .mp4 file stored on the local server disk. Use this ONLY when the user explicitly commands a recording to begin. Continuously running this without user consent will exhaust server storage."
     },
     {
         name: "stop_recording",
-        description: "MEDIA ENGINE (STOP): Safely terminates the active FFMPEG stream spawned by 'start_recording'. It flushes the remaining video buffer, finalizes the .mp4 file rendering process on the server disk, maps the file to a static express route, and returns the absolute, directly downloadable URL of the recorded session to the user interface."
-    }
-];
-// Part 1B will continue with the remaining God-Tier tools and the next batch of explicitly separated core tools...
-    // --- 3. THE REMAINING GOD-TIER CYBER TOOLS (CONTINUED) ---
     {
         name: "auto_captcha_solver",
-        description: "SECURITY BYPASS: Trigger this tool immediately if the browser encounters a Cloudflare Turnstile, hCaptcha, Datadome, or Google reCAPTCHA challenge blocking the main content. This tool orchestrates an autonomous bypass sequence: it attempts audio-payload transcription first, falls back to bounding-box pixel matching for slider puzzles using integrated vision models, and injects the solved token directly into the browser's callback function. Returns a success boolean and the bypassed session token."
     },
     {
         name: "file_manager_io",
-        description: "STORAGE I/O CONTROLLER: A bi-directional file manipulation tool. Parameters required: 'action' (upload/download), 'target_selector' (if upload), and 'file_path_or_url'. For downloads, it intercepts native browser download triggers and routes the file directly to the Hugging Face server storage (/tmp/downloads). For uploads, it bypasses the native OS file picker dialogue by using CDP to forcefully bind a server-side file (e.g., an image or document) to a highly secure <input type='file'> HTML element."
     },
     {
         name: "media_inventory",
-        description: "SYSTEM MANAGEMENT (SCAN): Executes a deep recursive scan of the server's output directories (/tmp/extensions, /tmp/downloads, media folders). It maps generated .mp4 videos and .png screenshots to their static express URLs. It returns a comprehensive JSON inventory detailing exact file counts, file names, absolute URLs, file sizes in MB, and creation timestamps. Use this when the user asks 'What files do we have?' or 'Show me the generated media'."
     },
     {
         name: "smart_cleanup",
-        description: "SYSTEM MANAGEMENT (DELETE): Executes absolute permanent deletion of server files based on natural language commands. Parameters required: 'target_file_name_or_url'. It matches the requested string against the active File Map Database and purges the data from the persistent disk to optimize RAM and storage space. It returns a strict success or failure confirmation to the UI."
     },
-    // --- 4. EXPLICITLY SEPARATED CORE TOOLS (BATCH 1) ---
     {
         name: "evaluate_javascript",
-        description: "BROWSER CONSOLE: Injects and executes raw JavaScript code directly within the active page's context. Parameter required: 'js_code_string'. Useful for extracting global variables (e.g., window.__INITIAL_STATE__), modifying DOM properties on the fly, or triggering hidden frontend functions that are not bound to clickable UI elements. Returns the serialized execution result."
     },
     {
         name: "inject_custom_cookies",
-        description: "SESSION HIJACKING/RESTORATION: Injects an array of predefined session cookies into the browser context. Parameter required: 'cookie_json_array' (must contain name, value, domain). Extremely useful for bypassing login screens on target websites where the AI already possesses a valid session token or authentication cookie retrieved from a previous run or a different device."
     },
     {
         name: "take_screenshot",
-        description: "VISUAL CAPTURE: Captures a high-resolution, full-page or viewport-specific .png screenshot of the current active tab. Parameter optional: 'full_page' (boolean). Saves the image to the local server disk and returns the absolute URL of the image. Use this to verify UI states or when the user explicitly requests a visual snapshot of the current page."
     },
     {
         name: "hover_element",
-        description: "UI INTERACTION: Simulates a physical mouse movement and hover over a specific DOM element. Parameter required: 'selector' (CSS/XPath). Essential for triggering CSS-based dropdown menus, revealing tooltips, or activating lazy-loaded UI components that only render upon mouse-enter events before clicking is possible."
     },
     {
         name: "wait_for_selector",
-        description: "EXECUTION DELAY: Pauses AI execution and script evaluation until a specific DOM element appears in the viewport. Parameters required: 'selector' (CSS/XPath) and optional 'timeout_ms' (default 5000). Use this immediately after a navigation or click action to ensure the subsequent asynchronous content (like a loading spinner finishing) has fully rendered before attempting to extract data."
     },
     {
         name: "get_element_attributes",
-        description: "DATA EXTRACTION: Retrieves all HTML attributes (href, src, class, id, data-*) of a specific element without extracting the inner text. Parameter required: 'selector'. Highly useful for scraping URLs from <a> tags, image links from <img> tags, or dynamic IDs used by modern frontend frameworks."
     },
     {
         name: "switch_to_iframe",
-        description: "CONTEXT SWITCHING: Shifts the Puppeteer execution context into a specific nested iframe. Parameter required: 'iframe_selector' or 'iframe_name'. Since standard DOM queries cannot penetrate cross-origin iframes, you must use this tool to shift focus into the iframe before running clicks, types, or extractions on elements inside it (e.g., interacting with an embedded YouTube player or a third-party login widget)."
     },
     {
         name: "emulate_device_viewport",
-        description: "DEVICE SPOOFING: Alters the browser's viewport dimensions and User-Agent string to emulate a specific device. Parameters required: 'device_name' (e.g., 'iPhone 13', 'iPad Pro', 'Desktop'). Useful for websites that serve completely different DOM structures, mobile-only APIs, or restricted content based on the detected device type."
     },
     {
         name: "set_geolocation",
-        description: "HARDWARE SPOOFING: Overrides the browser's native HTML5 Geolocation API. Parameters required: 'latitude' and 'longitude'. Fools location-based websites (like delivery apps, local news, or mapping services) into believing the AI browser is physically located at the specified GPS coordinates. Automatically grants location permissions to the active tab."
-    }
-        // --- 5. EXPLICITLY SEPARATED CORE TOOLS (BATCH 2: TAB MANAGEMENT) ---
     {
         name: "open_new_tab",
-        description: "TAB MANAGEMENT: Opens a completely new, blank browser tab and automatically sets it as the active context for subsequent AI actions. Returns the newly created Tab ID."
     },
     {
         name: "close_current_tab",
-        description: "TAB MANAGEMENT: Safely closes the currently active browser tab. If multiple tabs are open, it will automatically shift the active context to the adjacent available tab."
     },
     {
         name: "get_all_tabs",
-        description: "TAB MANAGEMENT: Retrieves a JSON array of all currently open tabs, including their unique Tab IDs, current URLs, and Page Titles. Useful for tracking multi-tasking sessions."
     },
-    // --- 6. EXPLICITLY SEPARATED CORE TOOLS (BATCH 3: ADVANCED KEYBOARD & MOUSE) ---
     {
         name: "press_key",
-        description: "HARDWARE INPUT: Simulates the physical pressing of a single, specific keyboard key. Parameter required: 'key_name' (e.g., 'Enter', 'Escape', 'Tab', 'ArrowDown'). Essential for submitting forms without clicking buttons or navigating custom dropdown menus."
     },
     {
         name: "hold_key",
-        description: "HARDWARE INPUT: Simulates holding down a modifier key. Parameter required: 'key_name' (e.g., 'Shift', 'Control', 'Alt'). Must be followed by another action (like clicking or typing) and then a 'release_key' command. Useful for multi-selecting items."
     },
     {
         name: "mouse_drag_and_drop",
-        description: "HARDWARE INPUT: Executes a complex mouse event. Parameters required: 'source_selector' and 'target_selector'. It moves the mouse to the source, clicks and holds, drags the cursor to the target, and releases the mouse button. Perfect for Kanban boards or puzzle captchas."
     },
     {
         name: "right_click",
-        description: "HARDWARE INPUT: Simulates a physical right-click on a specific DOM element. Parameter required: 'selector'. Used to trigger custom context menus designed by the website (e.g., on Google Drive or Figma web)."
     },
     {
         name: "double_click",
-        description: "HARDWARE INPUT: Simulates a rapid double left-click on an element. Parameter required: 'selector'. Often required to highlight text chunks, open files in web directories, or trigger specific frontend event listeners."
-    },
-    // --- 7. EXPLICITLY SEPARATED CORE TOOLS (BATCH 4: FORM & INPUT HANDLING) ---
-    {
-        name: "select_dropdown_option",
-        description: "FORM CONTROL: Selects a specific <option> inside a native <select> dropdown element. Parameters required: 'selector' (for the select tag) and 'value_or_text' (the item to choose). Bypasses the need to click the dropdown open first."
     },
     {
-        name: "check_checkbox",
-        description: "FORM CONTROL: Forces a checkbox or radio button into a 'checked' state. Parameter required: 'selector'. If the element is already checked, it safely ignores the command."
-    },
-    {
-        name: "uncheck_checkbox",
-        description: "FORM CONTROL: Forces a checkbox or radio button into an 'unchecked' state. Parameter required: 'selector'."
     },
-    // --- 8. EXPLICITLY SEPARATED CORE TOOLS (BATCH 5: WAIT & SYNC EVENTS) ---
     {
-        name: "wait_for_network_idle",
-        description: "EXECUTION SYNC: Pauses AI script execution until all background network activity (XHR, Fetch, Image loading) has completely finished and the network is idle for at least 500ms. Critical for Single Page Applications (SPAs) like React/Vue before extracting data."
     },
     {
-        name: "wait_for_text_content",
-        description: "EXECUTION SYNC: Pauses execution until a specific text string dynamically appears inside a designated DOM element. Parameters required: 'selector' and 'expected_text'. Essential for verifying success messages after form submissions."
     },
     {
-        name: "sleep",
-        description: "EXECUTION SYNC: Forces a hard, unconditional pause in execution. Parameter required: 'milliseconds'. Use this sparingly, only when explicit delays are needed to mimic human reading speed or to bypass simple rate-limiters."
     },
-    // --- 9. EXPLICITLY SEPARATED CORE TOOLS (BATCH 6: PAGE STATE & EXTRACTION) ---
-    {
-        name: "get_page_title",
-        description: "DATA EXTRACTION: Instantly retrieves and returns the current <title> string of the active browser document."
-    },
-    {
-        name: "clear_cache_and_cookies",
-        description: "BROWSER STATE: Completely wipes all active cookies, LocalStorage, and SessionStorage for the current domain. Essential for testing incognito-like states or logging out of accounts forcefully without finding the logout button."
-    }
-        // --- 10. EXPLICITLY SEPARATED CORE TOOLS (BATCH 7: ADVANCED EXTRACTION) ---
     {
-        name: "extract_table_data",
-        description: "DATA EXTRACTION: Targets a specific HTML <table> element and extracts its entire content into a structured JSON array of objects. Parameter required: 'selector'. Automatically maps table headers (<th>) as JSON keys and table rows (<td>) as values. Essential for scraping financial data, sports statistics, or directory listings without writing complex parsing logic."
     },
     {
-        name: "extract_list_data",
-        description: "DATA EXTRACTION: Targets a specific <ul> or <ol> list element and extracts all its list items (<li>) into a clean array of strings. Parameter required: 'selector'. Highly useful for extracting navigation menus, product features, or article bullet points."
     },
     {
-        name: "extract_image_sources",
-        description: "DATA EXTRACTION: Scans the entire active page or a specific container and extracts all 'src' URLs from <img> tags. Parameter optional: 'container_selector'. Returns an array of absolute image URLs. Perfect for scraping galleries, e-commerce product photos, or social media feeds."
     },
     {
-        name: "extract_all_links",
-        description: "DATA EXTRACTION: Scans the active DOM and extracts all 'href' URLs from <a> tags. Parameter optional: 'container_selector'. Returns an array of absolute URLs. Vital for building web crawlers, finding pagination links, or mapping website internal routing."
     },
     {
-        name: "extract_metadata",
-        description: "DATA EXTRACTION: Extracts the page's invisible SEO and Social Media metadata from the <head> tag. Returns a JSON object containing the OpenGraph (og:title, og:image), Twitter cards, meta description, and canonical URL. Crucial for understanding how a page represents itself to search engines and bots."
     },
-    // --- 11. EXPLICITLY SEPARATED CORE TOOLS (BATCH 8: VIEWPORT & FOCUS CONTROL) ---
     {
-        name: "focus_element",
-        description: "DOM MANIPULATION: Calls the native `.focus()` method on a specific input, button, or anchor tag. Parameter required: 'selector'. Used to trigger specific UI states, such as expanding a search bar or activating a dropdown that only listens for focus events instead of clicks."
     },
     {
-        name: "blur_element",
-        description: "DOM MANIPULATION: Calls the native `.blur()` method to remove focus from the currently focused element. Used to trigger 'onBlur' validation scripts inside web forms."
     },
     {
-        name: "scroll_to_bottom",
-        description: "VIEWPORT CONTROL: Instantly or smoothly scrolls the browser viewport to the absolute bottom of the current document. Parameter optional: 'smooth' (boolean). Essential for triggering infinite-scroll mechanisms on platforms like Twitter, TikTok, or Pinterest."
     },
     {
-        name: "scroll_to_top",
-        description: "VIEWPORT CONTROL: Scrolls the browser viewport back to the absolute top of the document (Y: 0). Parameter optional: 'smooth' (boolean)."
     },
     {
-        name: "get_element_bounding_box",
-        description: "UI ANALYSIS: Calculates and returns the exact physical coordinates and dimensions of a specific element relative to the viewport. Parameter required: 'selector'. Returns JSON containing X, Y, Width, and Height. Crucial for guiding visual tools like 'visual_ocr_canvas_piercer' or custom mouse dragging algorithms."
     },
-    // --- 12. EXPLICITLY SEPARATED CORE TOOLS (BATCH 9: NETWORK & AUTH OVERRIDES) ---
     {
-        name: "set_user_agent",
-        description: "NETWORK OVERRIDE: Completely replaces the browser's User-Agent string for all future HTTP requests. Parameter required: 'user_agent_string'. Used to trick websites into believing the AI is an outdated browser, a specific mobile app, or a search engine crawler (like Googlebot) to bypass paywalls."
     },
     {
-        name: "set_extra_http_headers",
-        description: "NETWORK OVERRIDE: Injects a custom JSON object of HTTP headers into every outgoing request. Parameter required: 'headers_json'. Vital for bypassing API gateways that require specific 'X-Forwarded-For', 'Origin', or custom 'Authorization' headers directly at the browser network layer."
     },
     {
-        name: "bypass_basic_auth",
-        description: "SECURITY OVERRIDE: Injects username and password credentials directly into the browser to automatically bypass HTTP Basic Authentication popups (the native browser prompt that blocks page loading). Parameters required: 'username' and 'password'."
     },
     {
-        name: "block_urls",
-        description: "NETWORK EFFICIENCY: Instructs the browser to forcefully abort all network requests that match a specific URL pattern or domain. Parameter required: 'url_patterns_array'. Used to block heavy analytics scripts, video ads, or tracking pixels to save RAM and drastically speed up page loading."
     },
-    // --- 13. EXPLICITLY SEPARATED CORE TOOLS (BATCH 10: STORAGE & CACHE HACKING) ---
     {
         name: "get_cookies",
-        description: "SESSION THEFT: Retrieves all active cookies currently accessible by the browser for the current domain. Returns a highly detailed JSON array. Used to steal session identifiers after a successful login."
     },
     {
         name: "delete_cookie",
-        description: "STATE MANIPULATION: Forcefully deletes a specific cookie by its name. Parameter required: 'cookie_name'. Used to bypass article view-limits (soft paywalls) that track users via specific cookie values."
     },
     {
         name: "clear_local_storage",
-        description: "STATE MANIPULATION: Executes 'localStorage.clear()' to wipe all persistent frontend data stored by the website. Essential for resetting single-page applications to their default, unauthenticated state."
     },
     {
         name: "clear_session_storage",
-        description: "STATE MANIPULATION: Executes 'sessionStorage.clear()' to wipe temporary frontend data. Similar to LocalStorage but targets the volatile session cache."
     },
     {
         name: "set_local_storage_item",
-        description: "STATE INJECTION: Forcefully injects a key-value pair directly into the browser's LocalStorage. Parameters required: 'key' and 'value'. Used to manually set JWT tokens or manipulate frontend config flags (e.g., setting 'is_admin': 'true') without needing to log in."
     },
     {
         name: "set_session_storage_item",
-        description: "STATE INJECTION: Forcefully injects a key-value pair directly into the browser's SessionStorage. Parameters required: 'key' and 'value'."
     },
     {
         name: "get_local_storage_item",
-        description: "STATE THEFT: Reads and returns the value of a specific key from the browser's LocalStorage. Parameter required: 'key'. Used to extract hidden JWT access tokens or user configuration JSONs stored by modern web apps."
-    }
-        // --- 14. EXPLICITLY SEPARATED CORE TOOLS (BATCH 11: MEDIA HACKING & CONTROL) ---
     {
         name: "extract_audio_video_sources",
-        description: "DATA EXTRACTION: Scans the live DOM specifically for <audio> and <video> tags, ignoring standard images. Returns an array of absolute 'src' URLs. Essential for scraping podcasts, background music, or unprotected video files before using the advanced M3U8 sniper."
     },
     {
         name: "play_media",
-        description: "MEDIA CONTROL: Forces a specific HTML5 media element (audio/video) to start playing by invoking the native '.play()' method. Parameter required: 'selector'. Bypasses strict browser autoplay restrictions."
     },
     {
         name: "pause_media",
-        description: "MEDIA CONTROL: Forces a specific media element to pause via '.pause()'. Parameter required: 'selector'."
     },
     {
         name: "mute_media",
-        description: "MEDIA CONTROL: Sets the 'muted' property of a media element to true. Parameter required: 'selector'. Extremely useful for silently running video ads or background content without triggering audio detection."
     },
     {
         name: "set_media_playback_rate",
-        description: "MEDIA CONTROL: Modifies the playback speed of a media element. Parameters required: 'selector' and 'rate' (e.g., 2.0 for 2x speed, 10.0 for 10x). Perfect for blazing through forced video tutorials or required watch-time systems."
     },
-    // --- 15. EXPLICITLY SEPARATED CORE TOOLS (BATCH 12: LIVE DOM MUTATION & INJECTION) ---
     {
         name: "remove_element",
-        description: "DOM MUTATION: Completely rips a specific HTML element out of the live DOM using '.remove()'. Parameter required: 'selector'. Highly effective for forcefully deleting anti-adblock overlays, sticky cookie banners, or non-closable paywall popups."
     },
     {
         name: "inject_custom_css",
-        description: "DOM MUTATION: Injects a raw block of CSS rules directly into the page's <head>. Parameter required: 'css_string'. Used to visually hide annoying elements (e.g., 'div.ads { display: none !important; }') or un-hide elements that are set to 'opacity: 0'."
     },
     {
         name: "change_element_text",
-        description: "DOM MUTATION: Overwrites the innerText of a specific element dynamically. Parameters required: 'selector' and 'new_text'. Used to manipulate client-side UI states or test frontend validations."
     },
     {
         name: "set_element_attribute",
-        description: "DOM MUTATION: Forces a new value into a specific HTML attribute. Parameters required: 'selector', 'attribute_name', and 'value'. Can be used to change 'type=password' to 'type=text' to reveal hidden passwords, or change target='_blank' to target='_self' to prevent new tabs from opening."
     },
     {
         name: "remove_element_attribute",
-        description: "DOM MUTATION: Strips an attribute entirely from an element. Parameters required: 'selector' and 'attribute_name'. Most commonly used to remove the 'disabled' attribute from buttons or input fields, forcefully enabling them."
     },
-    // --- 16. EXPLICITLY SEPARATED CORE TOOLS (BATCH 13: ADVANCED ENVIRONMENT SPOOFING) ---
     {
         name: "spoof_timezone",
-        description: "ENVIRONMENT SPOOFING: Overrides the browser's native timezone ID. Parameter required: 'timezone_id' (e.g., 'America/New_York', 'Europe/London'). Tricks websites into displaying data, booking slots, or news feeds relevant to the spoofed geographic timezone, completely ignoring the server's real IP location."
     },
     {
         name: "spoof_language",
-        description: "ENVIRONMENT SPOOFING: Modifies the navigator.language and Accept-Language headers. Parameter required: 'locale' (e.g., 'en-US', 'ja-JP'). Forces international websites to render in a specific target language without needing to find the language-switcher UI."
     },
     {
         name: "override_permissions",
-        description: "ENVIRONMENT SPOOFING: Automatically and silently grants critical browser permissions for a specific origin. Parameters required: 'origin_url' and 'permissions_array' (e.g., ['geolocation', 'notifications', 'camera', 'microphone', 'clipboard-read']). Bypasses the native OS permission prompts entirely."
-    },
-    // --- 17. EXPLICITLY SEPARATED CORE TOOLS (BATCH 14: POPUP & DIALOG CONTROL) ---
-    {
-        name: "accept_browser_alert",
-        description: "DIALOG CONTROL: Pre-configures the browser to automatically click 'OK' or 'Accept' the next time a native JavaScript alert() or confirm() dialog appears. Prevents the AI engine from hanging infinitely when a website throws an unexpected alert."
-    },
-    {
-        name: "dismiss_browser_alert",
-        description: "DIALOG CONTROL: Pre-configures the browser to automatically click 'Cancel' or dismiss native JavaScript dialogs. Useful for rejecting 'Are you sure you want to leave this page?' prompts."
-    },
-    {
-        name: "answer_browser_prompt",
-        description: "DIALOG CONTROL: Pre-configures the browser to type a specific string into a native JavaScript prompt() dialog and hit accept. Parameter required: 'prompt_text'."
-    },
-    {
-        name: "get_dialog_message",
-        description: "DIALOG CONTROL: Extracts and returns the text message displayed inside the currently active JavaScript popup dialog before it is accepted or dismissed. Essential for reading error codes sent via alerts."
-    }
-        // --- 18. EXPLICITLY SEPARATED CORE TOOLS (BATCH 15: ADVANCED IFRAME & CONTEXT) ---
-    {
-        name: "exit_iframe",
-        description: "CONTEXT SWITCHING: Returns the Puppeteer execution context from a nested iframe back to the main document (top-level frame). Essential after finishing tasks inside a payment widget or captcha box so the AI can resume interacting with the main website."
-    },
-    {
-        name: "wait_for_iframe",
-        description: "EXECUTION SYNC: Pauses AI execution until a specific iframe dynamically loads and becomes fully available in the DOM. Parameter required: 'iframe_selector' or 'iframe_name'. Crucial for third-party embeds that load asynchronously."
-    },
-    // --- 19. EXPLICITLY SEPARATED CORE TOOLS (BATCH 16: ADVANCED HUMAN MIMICRY) ---
-    {
-        name: "mouse_move_human_path",
-        description: "ANTI-BOT BYPASS: Moves the mouse cursor to a specific X/Y coordinate using mathematically generated Bezier curves, variable speeds, and slight overshoots instead of a straight linear line. Parameters required: 'target_x' and 'target_y'. Highly effective at bypassing behavioral bot-detection systems like reCAPTCHA v3 or Datadome."
-    },
-    {
-        name: "mouse_scroll_hardware",
-        description: "ANTI-BOT BYPASS: Simulates the physical hardware ticks of a mouse scroll wheel rather than using JavaScript window.scrollBy(). Parameters required: 'delta_x' and 'delta_y'. Bypasses listeners that specifically check for synthetic scroll events."
-    },
-    {
-        name: "type_text_human_like",
-        description: "ANTI-BOT BYPASS: Types a given string into an active input field but introduces randomized delays (e.g., 50ms to 150ms) between each keystroke to flawlessly mimic human typing rhythms. Parameters required: 'selector' and 'text_to_type'."
-    },
-    {
-        name: "press_keyboard_shortcut",
-        description: "HARDWARE INPUT: Executes multi-key combination shortcuts simultaneously. Parameter required: 'keys_array' (e.g., ['Control', 'Shift', 'I'] or ['Control', 'C']). Perfect for triggering hidden developer menus or executing native OS copy-paste commands within web editors."
     },
-    // --- 20. EXPLICITLY SEPARATED CORE TOOLS (BATCH 17: ENVIRONMENT & THROTTLING) ---
     {
         name: "emulate_network_conditions",
-        description: "ENVIRONMENT SPOOFING: Forces the browser to simulate specific network speeds or conditions. Parameters required: 'download_throughput', 'upload_throughput', and 'latency'. Options include simulating 'Slow 3G', 'Fast 3G', or completely 'Offline' states to test progressive web apps (PWAs) or bypass fast-loading detection traps."
     },
     {
         name: "set_cpu_throttling",
-        description: "ENVIRONMENT SPOOFING: Artificially slows down the V8 JavaScript engine execution speed. Parameter required: 'rate' (e.g., 4 for 4x slowdown). Used to trick advanced bot-protections that calculate script execution times to determine if the client is a headless server or a real underpowered mobile device."
     },
     {
         name: "emulate_color_scheme",
-        description: "ENVIRONMENT SPOOFING: Forces the browser to request the 'dark' or 'light' CSS media feature from the website. Parameter required: 'scheme' (dark/light). Useful for extracting specific hex codes or images that only render in dark mode."
     },
     {
         name: "emulate_media_type",
-        description: "ENVIRONMENT SPOOFING: Changes the CSS media type of the page. Parameter required: 'type' (e.g., 'print', 'screen'). Setting this to 'print' often strips away all ads, heavy videos, and popups, leaving only pure clean text for lightning-fast scraping."
     },
-    // --- 21. EXPLICITLY SEPARATED CORE TOOLS (BATCH 18: SECURITY & EVENT OVERRIDES) ---
     {
-        name: "strip_anti_copy_listeners",
-        description: "SECURITY OVERRIDE: Automatically injects a script that recursively removes 'contextmenu', 'copy', 'paste', and 'selectstart' event listeners from the document and body. Completely neutralizes websites that try to block right-clicking or text highlighting."
-    },
-    {
-        name: "ignore_https_errors",
-        description: "SECURITY OVERRIDE: Instructs the browser session to completely bypass 'NET::ERR_CERT_AUTHORITY_INVALID' or expired SSL certificate warnings, allowing the AI to forcefully navigate into insecure or local development environments."
-    },
-    // --- 22. EXPLICITLY SEPARATED CORE TOOLS (BATCH 19: DEEP DATA EXTRACTION) ---
-    {
-        name: "extract_json_ld",
-        description: "DATA EXTRACTION: Scans the document for <script type='application/ld+json'> tags and parses them into a structured JSON array. Instantly extracts high-value SEO microdata like product prices, ratings, article authors, and business addresses without needing to parse the visible DOM."
     },
     {
-        name: "extract_regex_matches",
-        description: "DATA EXTRACTION: Executes a raw Regular Expression pattern directly against the complete outerHTML string of the document. Parameter required: 'regex_pattern'. Extremely powerful for finding hidden API keys, embedded JSON states, or specific UUIDs buried in the source code."
     },
     {
-        name: "get_raw_page_source",
-        description: "DATA EXTRACTION: Returns the absolute, unmodified HTML source code of the current page as a raw string. Essential when the DOM structure is too complex for standard selectors and the AI needs to parse the raw markup manually."
     },
-    // --- 23. EXPLICITLY SEPARATED CORE TOOLS (BATCH 20: RESOURCE ABORTING & DEBUGGING) ---
     {
-        name: "disable_javascript",
-        description: "NETWORK EFFICIENCY: Temporarily completely disables JavaScript execution for the active tab. Useful for scraping pure HTML blogs or news sites 10x faster without loading heavy tracking scripts or reactive frameworks."
     },
     {
-        name: "enable_javascript",
-        description: "NETWORK EFFICIENCY: Re-enables JavaScript execution for the active tab after it was disabled. Requires a page reload to take effect."
     },
     {
-        name: "intercept_and_abort_images",
-        description: "NETWORK EFFICIENCY: Installs a CDP request interceptor that specifically blocks all incoming requests for images (.jpg, .png, .webp, .svg, .gif). Drastically reduces bandwidth consumption and RAM usage when the AI only cares about text data."
     },
     {
-        name: "intercept_and_abort_css",
-        description: "NETWORK EFFICIENCY: Blocks all stylesheet (.css) requests. Causes the page to render without styling, which is ugly for humans but allows the AI to parse the raw DOM tree significantly faster."
     },
-    {
-        name: "highlight_element",
-        description: "VISUAL DEBUGGING: Injects inline CSS to draw a thick, glowing red border around a specific element. Parameter required: 'selector'. Extremely useful when paired with 'take_screenshot' so the user can visually verify exactly which element the AI is targeting."
-    }
-        // --- 24. EXPLICITLY SEPARATED CORE TOOLS (BATCH 21: BASIC STATE & NAVIGATION) ---
     {
         name: "get_current_url",
-        description: "NAVIGATION STATE: Instantly retrieves and returns the absolute URL currently loaded in the active tab. Essential for verifying if a login redirect was successful or tracking pagination state."
     },
     {
         name: "reload_page",
-        description: "NAVIGATION STATE: Triggers a reload of the active document. Parameter optional: 'ignore_cache' (boolean). Set ignore_cache to true to force the browser to fetch fresh assets from the server."
     },
     {
         name: "navigate_back",
-        description: "NAVIGATION STATE: Simulates clicking the browser's native 'Back' button, returning the execution context to the previous history state."
     },
     {
         name: "navigate_forward",
         description: "NAVIGATION STATE: Simulates clicking the browser's native 'Forward' button."
     },
-    // --- 25. EXPLICITLY SEPARATED CORE TOOLS (BATCH 22: VALIDATION & TEXT) ---
-    {
-        name: "check_element_exists",
-        description: "DOM VALIDATION: Silently verifies if a specific CSS/XPath selector exists in the DOM structure. Parameter required: 'selector'. Returns a boolean (true/false) without throwing execution errors if the element is absent. Perfect for conditional AI logic."
-    },
     {
-        name: "check_element_visible",
-        description: "DOM VALIDATION: Determines if an existing element is actually visible on the screen (i.e., not hidden by 'display: none', 'visibility: hidden', or 'opacity: 0'). Parameter required: 'selector'. Returns a boolean."
-    },
-    {
-        name: "get_element_text",
-        description: "DATA EXTRACTION: Extracts and returns the clean, trimmed 'innerText' or 'textContent' of a specific HTML element. Parameter required: 'selector'. Used for reading specific numbers, titles, or status messages without extracting the whole page."
-    },
-    {
-        name: "get_element_html",
-        description: "DATA EXTRACTION: Extracts and returns the raw 'outerHTML' string of a specific HTML element. Parameter required: 'selector'. Useful for parsing a localized block of complex nested tags."
     },
-    // --- 26. EXPLICITLY SEPARATED CORE TOOLS (BATCH 23: NATIVE FORM & FILE HANDLING) ---
     {
-        name: "clear_input_field",
-        description: "FORM CONTROL: Forcefully deletes all existing text inside an <input> or <textarea> element before typing new data. Parameter required: 'selector'. Prevents appending new text to pre-filled values."
     },
     {
-        name: "submit_form_event",
-        description: "FORM CONTROL: Triggers the native HTML5 'submit' event directly on a <form> element. Parameter required: 'form_selector'. Bypasses the need to physically locate and click the submit button, highly useful when the button is hidden or styled strangely."
     },
     {
-        name: "native_file_upload",
-        description: "STORAGE I/O: Attaches an array of absolute local server file paths directly to a standard <input type='file'> element. Parameters required: 'selector' and 'file_paths_array'. This is the standard, native counterpart to the advanced 'file_manager_io' tool."
     },
-    // --- 27. EXPLICITLY SEPARATED CORE TOOLS (BATCH 24: METRICS & QUERYING) ---
     {
-        name: "get_window_metrics",
-        description: "VIEWPORT ANALYSIS: Returns a JSON object containing window.innerWidth, window.innerHeight, devicePixelRatio, and standard scroll heights. Useful for calculating coordinate boundaries for mouse dragging."
     },
     {
-        name: "bring_page_to_front",
-        description: "WINDOW MANAGEMENT: Forces the current Puppeteer page instance to the absolute front of the OS window stack. Ensures that elements requiring intersection observers (like lazy-loaded images) trigger correctly."
     },
     {
         name: "evaluate_xpath_expression",
-        description: "ADVANCED QUERYING: Executes a complex XPath 1.0 expression against the entire document and returns the matched text nodes or attribute values as an array of strings. Parameter required: 'xpath_expression'."
     },
-    // --- 28. EXPLICITLY SEPARATED CORE TOOLS (BATCH 25: DEEP DEBUGGING & MOBILE) ---
     {
         name: "listen_for_console_logs",
-        description: "DEBUGGING: Attaches a persistent event listener to capture all 'console.log', 'console.warn', and 'console.error' outputs generated by the website's frontend JavaScript. Vital for debugging custom injected scripts."
     },
     {
         name: "intercept_websocket_frames",
-        description: "NETWORK HACKING: Monitors and captures raw WebSocket message frames being transmitted and received by the active browser tab. Essential for scraping live real-time data from crypto charts or live chat applications."
     },
     {
-        name: "emulate_touch_device",
-        description: "ENVIRONMENT SPOOFING: Converts all physical mouse events (clicks, drags) into native mobile Touch events ('touchstart', 'touchend', 'touchmove'). Crucial for bypassing UI logic on strictly mobile-optimized progressive web apps."
     }
-];
-// END OF TOOL REGISTRY (Total Tools: 113)
-// ============================================================================
 /**
  * ============================================================================
- * ULTIMATE AI BROWSER ENGINE (GOD-MODE) - PART 2
- * Core Browser Launch, CDP Streaming, and Tool Execution Dispatcher
- * ============================================================================
- */
-/**
- * ============================================================================
- * 1. BROWSER INITIALIZATION & CONTEXT MANAGEMENT
  * ============================================================================
  */
 async function initBrowser() {
     console.log("[SYSTEM] Booting God-Mode Stealth Engine...");
-    // Sync extensions from huggingface dataset before launch
     syncExtensionsFromDataset();
     const launchArgs = [
@@ -588,11 +557,10 @@ async function initBrowser() {
         '--disable-dev-shm-usage',
         '--disable-blink-features=AutomationControlled',
         '--window-size=1280,800',
-        '--disable-web-security', // Bypasses CORS for extraction
-        '--disable-features=IsolateOrigins,site-per-process' // Helps with iframe piercing
     ];
-    // Conditionally load extensions if the directory has contents
     if (fs.existsSync(EXTENSION_PATH) && fs.readdirSync(EXTENSION_PATH).length > 0) {
         launchArgs.push(`--disable-extensions-except=${EXTENSION_PATH}`);
         launchArgs.push(`--load-extension=${EXTENSION_PATH}`);
@@ -601,7 +569,7 @@ async function initBrowser() {
     try {
         browser = await puppeteer.launch({
-            headless: 'new', // New headless mode supports extensions
             args: launchArgs,
             ignoreDefaultArgs: ["--enable-automation"]
         });
@@ -609,7 +577,6 @@ async function initBrowser() {
         const defaultPage = await browser.newPage();
         await defaultPage.setViewport({ width: 1280, height: 800 });
-        // Stealth Overrides for standard navigator properties
         await defaultPage.evaluateOnNewDocument(() => {
             Object.defineProperty(navigator, 'webdriver', { get: () => undefined });
         });
@@ -619,13 +586,12 @@ async function initBrowser() {
     } catch (error) {
         console.error("[CRITICAL] Failed to launch browser engine:", error);
-        process.exit(1);
     }
 }
 /**
  * ============================================================================
- * 2. CDP ZERO-LATENCY WEBSOCKET STREAMING
  * ============================================================================
  */
 async function startRealTimeStream(page, ws) {
@@ -634,28 +600,23 @@ async function startRealTimeStream(page, ws) {
             await cdpSession.detach();
         }
-        // Attach directly to the Chrome DevTools Protocol
         cdpSession = await page.target().createCDPSession();
         console.log("[STREAM] CDP Session attached. Initiating Screencast...");
-        // Start ultra-fast binary streaming optimized for latency
         await cdpSession.send('Page.startScreencast', {
             format: 'jpeg',
-            quality: 65, // Balance between visual fidelity and latency
             everyNthFrame: 1
         });
         cdpSession.on('Page.screencastFrame', async (frameObject) => {
             if (ws.readyState === WebSocket.OPEN) {
-                // Push raw base64 frame directly to client UI
                 ws.send(JSON.stringify({
                     type: 'stream_frame',
                     data: frameObject.data,
                     sessionId: frameObject.sessionId
                 }));
-                // Acknowledge frame to keep the buffer flowing
                 await cdpSession.send('Page.screencastFrameAck', {
                     sessionId: frameObject.sessionId
                 }).catch(() => {});
@@ -668,21 +629,20 @@ async function startRealTimeStream(page, ws) {
 /**
  * ============================================================================
- * 3. THE MASTER TOOL DISPATCHER (EXECUTING THE 113 TOOLS)
  * ============================================================================
  */
 async function executeAITool(toolName, parameters) {
     if (!browser || pages.length === 0) {
-        return { status: "error", message: "Browser engine is not running or no tabs are open." };
     }
     const activePage = pages[activePageIndex].page;
-    console.log(`[EXECUTE] Triggering Tool: ${toolName} | Params:`, JSON.stringify(parameters));
     try {
         switch (toolName) {
-            // --- CORE MASTER TOOL ---
             case "basic_navigation_controller":
                 const { action_type, url, selector, text_to_type } = parameters;
                 if (action_type === "navigate") {
@@ -694,7 +654,7 @@ async function executeAITool(toolName, parameters) {
                     return { status: "success", action: "clicked" };
                 } else if (action_type === "type") {
                     await activePage.waitForSelector(selector, { visible: true });
-                    await activePage.type(selector, text_to_type, { delay: 50 }); // Human-like delay
                     return { status: "success", action: "typed" };
                 } else if (action_type === "extract") {
                     const html = await activePage.content();
@@ -702,41 +662,19 @@ async function executeAITool(toolName, parameters) {
                 }
                 break;
-            // --- GOD-TIER: NETWORK REVERSE ENGINEERING ---
-            case "auto_api_reverse_engineering":
-                console.log("[HACK] Attaching deep network listener...");
-                const endpoints = [];
-                activePage.on('request', request => {
-                    if (['xhr', 'fetch'].includes(request.resourceType())) {
-                        endpoints.push({
-                            url: request.url(),
-                            method: request.method(),
-                            headers: request.headers()
-                        });
-                    }
-                });
-                return { status: "success", message: "Network listeners attached in background. Gathering data..." };
-            // --- GOD-TIER: SHADOW DOM PIERCER ---
             case "deep_shadow_dom_piercer":
                 console.log("[HACK] Injecting Shadow DOM override script...");
                 const shadowData = await activePage.evaluate(() => {
-                    // Deep recursive extraction logic
                     function traverseShadows(node) {
                         let content = node.outerHTML || '';
-                        if (node.shadowRoot) {
-                            content += traverseShadows(node.shadowRoot);
-                        }
-                        node.childNodes.forEach(child => {
-                            content += traverseShadows(child);
-                        });
                         return content;
                     }
                     return traverseShadows(document.body);
                 });
                 return { status: "success", data: shadowData.substring(0, 5000) };
-            // --- GOD-TIER: V8 NETWORK INTERCEPTOR ---
             case "deep_network_v8_interceptor":
                 console.log("[HACK] Hooking into CDP Network domain...");
                 const session = await activePage.target().createCDPSession();
@@ -747,63 +685,53 @@ async function executeAITool(toolName, parameters) {
                         if (params.request.headers['Authorization'] || params.request.headers['authorization']) {
                             resolve({
                                 status: "success",
-                                message: "Authorization Bearer Token Intercepted!",
                                 url: params.request.url,
-                                headers: params.request.headers,
                                 raw_curl: `curl -X ${params.request.method} '${params.request.url}' -H 'Authorization: ${params.request.headers['Authorization'] || params.request.headers['authorization']}'`
                             });
                         }
                     });
-                    // Fallback timeout
-                    setTimeout(() => resolve({ status: "timeout", message: "No secure tokens found in the last 10 seconds." }), 10000);
                 });
-            // --- CORE: JAVASCRIPT EVALUATION ---
-            case "evaluate_javascript":
-                const jsResult = await activePage.evaluate(parameters.js_code_string);
-                return { status: "success", data: jsResult };
-            // --- CORE: VISUAL CAPTURE ---
             case "take_screenshot":
                 const screenshotPath = path.join(__dirname, 'public', `screenshot_${Date.now()}.png`);
                 await activePage.screenshot({ path: screenshotPath, fullPage: parameters.full_page || false });
                 return { status: "success", url: `/public/${path.basename(screenshotPath)}` };
-            // --- TAB MANAGEMENT ---
             case "open_new_tab":
                 const newPage = await browser.newPage();
                 await newPage.setViewport({ width: 1280, height: 800 });
                 const tabId = Date.now();
                 pages.push({ id: tabId, page: newPage, title: "New Tab" });
-                activePageIndex = pages.length - 1; // Switch to new tab
                 return { status: "success", tab_id: tabId };
-            // --- DEFAULT FALLBACK FOR UNIMPLEMENTED TOOLS ---
             default:
-                console.warn(`[WARNING] Tool '${toolName}' requested but explicit handler logic is pending implementation.`);
-                return { status: "pending", message: `Tool ${toolName} registered successfully but logic block is empty in dispatcher.` };
         }
     } catch (error) {
-        console.error(`[TOOL ERROR] Failed to execute ${toolName}:`, error.message);
         return { status: "error", message: error.message };
     }
 }
 /**
  * ============================================================================
  * ULTIMATE AI BROWSER ENGINE (GOD-MODE) - PART 3
- * Network Layer, /live Route, REST APIs, and Server Initialization
  * ============================================================================
  */
 /**
  * ============================================================================
- * 4. WEBSOCKET COMMUNICATION (CLIENT-SERVER BRIDGE)
  * ============================================================================
  */
 wss.on('connection', async (ws) => {
-    console.log("[WS] Secure Client Connected to Real-Time Dashboard.");
-    // Automatically start streaming the active tab upon connection
     if (pages.length > 0 && pages[activePageIndex]) {
         await startRealTimeStream(pages[activePageIndex].page, ws);
     }
@@ -812,98 +740,108 @@ wss.on('connection', async (ws) => {
         try {
             const payload = JSON.parse(message);
-            // Handle Tab Switching from the Sleek UI
             if (payload.type === 'switch_tab') {
                 const targetIndex = pages.findIndex(p => p.id === payload.tabId);
                 if (targetIndex !== -1) {
                     activePageIndex = targetIndex;
                     await pages[activePageIndex].page.bringToFront();
                     await startRealTimeStream(pages[activePageIndex].page, ws);
-                    console.log(`[WS] Context switched to Tab ID: ${payload.tabId}`);
                 }
             }
-            // Handle new tab creation from UI
             if (payload.type === 'new_tab') {
                 const newPage = await browser.newPage();
                 await newPage.setViewport({ width: 1280, height: 800 });
-                pages.push({ id: payload.tabId, page: newPage, title: "Google Search" });
                 activePageIndex = pages.length - 1;
                 await newPage.goto('https://www.google.com', { waitUntil: 'domcontentloaded' });
                 await startRealTimeStream(newPage, ws);
-                console.log(`[WS] New tab initialized. ID: ${payload.tabId}`);
-            }
-            // Handle raw mouse/keyboard events from UI overlay (if implemented)
-            if (payload.type === 'input_action') {
-                // Future expansion: Route UI clicks directly to puppeteer
             }
         } catch (error) {
-            console.error("[WS ERROR] Failed to process incoming message:", error);
         }
     });
     ws.on('close', () => {
-        console.log("[WS] Client disconnected. Stream paused.");
-        if (cdpSession) {
-            cdpSession.detach().catch(() => {});
-        }
     });
 });
 /**
  * ============================================================================
- * 5. EXPRESS REST API ROUTES (/live & /api)
  * ============================================================================
  */
-// Route 1: The God-Mode UI Dashboard
 app.get('/live', (req, res) => {
-    const uiPath = path.join(__dirname, 'public', 'index.html');
-    if (fs.existsSync(uiPath)) {
-        res.sendFile(uiPath);
     } else {
-        res.status(404).send("UI Dashboard not found. Ensure public/index.html exists.");
     }
 });
-// Route 2: AI Tool Execution Endpoint
-// AI or external scripts will POST to this endpoint to control the browser
 app.post('/api/execute', async (req, res) => {
     const { tool_name, parameters } = req.body;
     if (!tool_name) {
-        return res.status(400).json({ error: "Missing 'tool_name' in request body." });
     }
-    // Pass the command to the God-Mode Dispatcher
-    const result = await executeAITool(tool_name, parameters || {});
-    res.json(result);
 });
-// Route 3: Health Check & System Status
 app.get('/status', (req, res) => {
     res.json({
-        status: "online",
-        stealth_mode: true,
         active_tabs: pages.length,
-        registered_tools: ai_tools.length,
-        uptime_seconds: process.uptime()
     });
 });
 /**
  * ============================================================================
- * 6. IGNITION SEQUENCE
  * ============================================================================
  */
 server.listen(PORT, async () => {
-    console.log(`\n=================================================`);
-    console.log(`[INIT] Starting Server Node on Port ${PORT}`);
-    console.log(`[INIT] Total AI Tools Loaded: ${ai_tools.length}`);
-    console.log(`=================================================\n`);
-    // Boot the browser engine immediately after server starts
     await initBrowser();
 });

 /**
  * ============================================================================
+ * ULTIMATE AI BROWSER ENGINE (GOD-MODE) - COMPLETE SERVER.JS
+ * Architecture: Puppeteer Stealth + WebSocket + Advanced API Reversing
  * Repository: Senku21230/Browser-Extensions
  * ============================================================================
  */
 const path = require('path');
 const { execSync } = require('child_process');
+// Apply Ultimate Stealth Plugin to bypass Cloudflare/Datadome
 puppeteer.use(StealthPlugin());
 const app = express();
 const DATASET_REPO = "Senku21230/Browser-Extensions";
 const EXTENSION_PATH = '/tmp/extensions';
+// Global State Management
 let browser = null;
 let pages = [];
 let activePageIndex = 0;
 let cdpSession = null;
+/**
+ * ============================================================================
+ * 1. MAGIC DATASET SYNC MECHANISM
+ * ============================================================================
+ */
 function syncExtensionsFromDataset() {
     console.log("[SYSTEM] Initializing Persistent Extension Storage...");
     const hfToken = process.env.HF_TOKEN;
     if (!hfToken) {
+        console.error("[CRITICAL WARNING] HF_TOKEN missing! Cannot pull private dataset.");
         if (!fs.existsSync(EXTENSION_PATH)) fs.mkdirSync(EXTENSION_PATH, { recursive: true });
         return;
     }
     try {
+        if (fs.existsSync(EXTENSION_PATH)) {
+            fs.rmSync(EXTENSION_PATH, { recursive: true, force: true });
+        }
+        console.log(`[STORAGE] Connecting to private dataset: ${DATASET_REPO}...`);
         const cloneCmd = `git clone https://oauth2:${hfToken}@huggingface.co/datasets/${DATASET_REPO} ${EXTENSION_PATH}`;
         execSync(cloneCmd, { stdio: 'ignore' });
+        console.log("[STORAGE] Extensions successfully synced to working directory!");
     } catch (error) {
+        console.error("[ERROR] Failed to sync dataset. Proceeding with empty folder.");
         if (!fs.existsSync(EXTENSION_PATH)) fs.mkdirSync(EXTENSION_PATH, { recursive: true });
     }
 }
 /**
  * ============================================================================
+ * 2. AI TOOL REGISTRY (THE MASTER BRAIN - PART A)
  * ============================================================================
  */
 const ai_tools = [
+    // --- 1. CORE MASTER TOOL ---
     {
         name: "basic_navigation_controller",
+        description: "CORE INTERACTION MASTER: Handles navigate, click, type, scroll, and extract actions. Parameters: 'action_type', 'url', 'selector', 'text_to_type', 'direction'. Returns fully rendered DOM converted to clean markdown for 'extract'."
     },
+    // --- 2. CYBER & HACKING TOOLS ---
     {
         name: "deep_network_v8_interceptor",
+        description: "CRITICAL NETWORK HACK: Hooks into V8 memory via CDP to intercept encrypted payloads (Authorization Bearer Tokens, Refresh Cookies) before hitting the cloud. Returns a ready-to-execute cURL command."
     },
     {
         name: "visual_ocr_canvas_piercer",
+        description: "ADVANCED VISION ENGINE: Captures 4K screenshots, runs deep OCR to calculate X/Y coordinates of text hidden in WebGL/Canvas, and executes hardware-level mouse clicks."
     },
     {
         name: "deep_shadow_dom_piercer",
+        description: "DOM PENETRATION PROTOCOL: Overwrites 'attachShadow' to force all Closed Shadow Roots open. Recursively extracts deeply nested HTML and JSON data invisible to standard scrapers."
     },
     {
         name: "auto_api_reverse_engineering",
+        description: "BACKGROUND API SCANNER: Passively monitors XHR/Fetch calls, deduces pagination logic, and returns a JSON map of unauthenticated backend API endpoints."
     },
     {
         name: "network_payload_modifier",
+        description: "REAL-TIME TRAFFIC MUTATION: Intercepts and rewrites HTTP responses before rendering. Parameter: 'target_url_pattern' and 'mutation_json'. Useful for unlocking client-side premium states."
     },
     {
         name: "custom_extension_loader",
+        description: "PERSISTENT STORAGE INJECTOR: Dynamically loads extensions from /tmp/extensions and relaunches the browser engine seamlessly."
     },
     {
         name: "start_recording",
+        description: "MEDIA ENGINE (START): Initializes an FFMPEG stream bound to the CDP screencast to record a 1080p .mp4 video of the browser session."
     },
     {
         name: "stop_recording",
+        description: "MEDIA ENGINE (STOP): Safely terminates the FFMPEG stream and returns the absolute download URL of the recorded session."
+    },
     {
         name: "auto_captcha_solver",
+        description: "SECURITY BYPASS: Autonomous bypass sequence for Cloudflare Turnstile, hCaptcha, or reCAPTCHA using audio-payloads and vision models."
     },
     {
         name: "file_manager_io",
+        description: "STORAGE I/O: Intercepts native downloads to save files to the server, or uses CDP to force local server files into secure file upload inputs."
     },
     {
         name: "media_inventory",
+        description: "SYSTEM MANAGEMENT: Recursively scans the server's output directories and returns a JSON inventory of all generated .mp4 videos and .png screenshots."
     },
     {
         name: "smart_cleanup",
+        description: "SYSTEM MANAGEMENT: Executes permanent deletion of server files based on URL or file name commands."
     },
+    // --- 3. CORE EXTRACTION & SCRIPTING ---
     {
         name: "evaluate_javascript",
+        description: "BROWSER CONSOLE: Injects and executes raw JavaScript code within the active page's context. Parameter: 'js_code_string'."
     },
     {
         name: "inject_custom_cookies",
+        description: "SESSION HIJACKING: Injects predefined session cookies into the browser context to bypass login screens. Parameter: 'cookie_json_array'."
     },
     {
         name: "take_screenshot",
+        description: "VISUAL CAPTURE: Captures a high-resolution .png screenshot of the current tab. Parameter optional: 'full_page' (boolean)."
     },
     {
         name: "hover_element",
+        description: "UI INTERACTION: Simulates physical mouse hover over an element to trigger dropdowns or lazy-loads. Parameter: 'selector'."
     },
     {
         name: "wait_for_selector",
+        description: "EXECUTION DELAY: Pauses AI execution until a specific DOM element appears. Parameters: 'selector' and optional 'timeout_ms'."
     },
     {
         name: "get_element_attributes",
+        description: "DATA EXTRACTION: Retrieves all HTML attributes (href, src, class, id) of a specific element without extracting inner text. Parameter: 'selector'."
     },
     {
         name: "switch_to_iframe",
+        description: "CONTEXT SWITCHING: Shifts Puppeteer execution context into a nested iframe to interact with embedded widgets. Parameter: 'iframe_selector'."
+    },
+    {
+        name: "exit_iframe",
+        description: "CONTEXT SWITCHING: Returns the execution context from a nested iframe back to the main document."
     },
     {
         name: "emulate_device_viewport",
+        description: "DEVICE SPOOFING: Alters viewport dimensions and User-Agent to emulate a specific device. Parameter: 'device_name'."
     },
     {
         name: "set_geolocation",
+        description: "HARDWARE SPOOFING: Overrides HTML5 Geolocation API with fake GPS coordinates. Parameters: 'latitude', 'longitude'."
+    },
+    // --- 4. ADVANCED DOM & EXTRACTION ---
+    {
+        name: "extract_table_data",
+        description: "DATA EXTRACTION: Extracts an HTML <table> into a structured JSON array of objects mapping headers to row values. Parameter: 'selector'."
+    },
+    {
+        name: "extract_list_data",
+        description: "DATA EXTRACTION: Targets a <ul> or <ol> list and extracts <li> items into a clean array of strings. Parameter: 'selector'."
+    },
+    {
+        name: "extract_image_sources",
+        description: "DATA EXTRACTION: Scans the entire active page or container and extracts all 'src' URLs from <img> tags."
+    },
+    {
+        name: "extract_all_links",
+        description: "DATA EXTRACTION: Scans the active DOM and extracts all 'href' URLs from <a> tags."
+    },
+    {
+        name: "extract_metadata",
+        description: "DATA EXTRACTION: Extracts SEO and Social Media metadata from the <head> tag (OpenGraph, Twitter cards)."
+    },
+    {
+        name: "extract_json_ld",
+        description: "DATA EXTRACTION: Parses <script type='application/ld+json'> tags to extract high-value SEO microdata without parsing the visible DOM."
+    },
+    {
+        name: "extract_regex_matches",
+        description: "DATA EXTRACTION: Executes a raw Regular Expression pattern against the outerHTML to find hidden API keys or UUIDs. Parameter: 'regex_pattern'."
+    },
+    {
+        name: "get_raw_page_source",
+        description: "DATA EXTRACTION: Returns the absolute, unmodified HTML source code of the current page as a raw string."
+    },
+    // --- 5. NETWORK OPTIMIZATION & OVERRIDES ---
+    {
+        name: "set_user_agent",
+        description: "NETWORK OVERRIDE: Completely replaces the browser's User-Agent string. Parameter: 'user_agent_string'."
+    },
+    {
+        name: "set_extra_http_headers",
+        description: "NETWORK OVERRIDE: Injects custom HTTP headers into every outgoing request. Parameter: 'headers_json'."
+    },
+    {
+        name: "bypass_basic_auth",
+        description: "SECURITY OVERRIDE: Injects username and password to automatically bypass HTTP Basic Authentication popups."
+    },
+    {
+        name: "block_urls",
+        description: "NETWORK EFFICIENCY: Forcefully aborts network requests matching a specific URL pattern. Parameter: 'url_patterns_array'."
+    },
+    {
+        name: "disable_javascript",
+        description: "NETWORK EFFICIENCY: Temporarily disables JavaScript execution for lightning-fast scraping of static sites."
+    },
+    {
+        name: "enable_javascript",
+        description: "NETWORK EFFICIENCY: Re-enables JavaScript execution for the active tab."
+    },
+    {
+        name: "intercept_and_abort_images",
+        description: "NETWORK EFFICIENCY: Installs a CDP interceptor to block all image requests (.jpg, .png, .webp) to save RAM."
+    },
+    {
+        name: "intercept_and_abort_css",
+        description: "NETWORK EFFICIENCY: Blocks all stylesheet (.css) requests for faster unstyled DOM parsing."
+    },
+    // --- 6. TAB & WINDOW MANAGEMENT ---
     {
         name: "open_new_tab",
+        description: "TAB MANAGEMENT: Opens a completely new, blank browser tab and sets it as the active context."
     },
     {
         name: "close_current_tab",
+        description: "TAB MANAGEMENT: Safely closes the currently active browser tab and shifts focus to the adjacent tab."
     },
     {
         name: "get_all_tabs",
+        description: "TAB MANAGEMENT: Retrieves a JSON array of all currently open tabs with their URLs and Titles."
+    },
+    {
+        name: "bring_page_to_front",
+        description: "WINDOW MANAGEMENT: Forces the current Puppeteer page instance to the absolute front of the OS window stack."
     },
+    {
+        name: "get_window_metrics",
+        description: "VIEWPORT ANALYSIS: Returns window.innerWidth, window.innerHeight, and standard scroll heights."
+    },
+    // --- 7. ADVANCED INPUT (KEYBOARD & MOUSE) ---
     {
         name: "press_key",
+        description: "HARDWARE INPUT: Simulates the physical pressing of a single keyboard key (e.g., 'Enter', 'Escape'). Parameter: 'key_name'."
     },
     {
         name: "hold_key",
+        description: "HARDWARE INPUT: Simulates holding down a modifier key ('Shift', 'Control') for multi-selection. Parameter: 'key_name'."
     },
     {
         name: "mouse_drag_and_drop",
+        description: "HARDWARE INPUT: Moves mouse to source, clicks and holds, drags to target, and releases. Parameters: 'source_selector', 'target_selector'."
     },
     {
         name: "right_click",
+        description: "HARDWARE INPUT: Simulates a physical right-click on a specific DOM element. Parameter: 'selector'."
     },
     {
         name: "double_click",
+        description: "HARDWARE INPUT: Simulates a rapid double left-click on an element. Parameter: 'selector'."
     },
     {
+        name: "mouse_move_human_path",
+        description: "ANTI-BOT BYPASS: Moves cursor using generated Bezier curves and variable speeds to bypass Datadome. Parameters: 'target_x', 'target_y'."
     },
     {
+        name: "mouse_scroll_hardware",
+        description: "ANTI-BOT BYPASS: Simulates physical hardware ticks of a mouse scroll wheel. Parameters: 'delta_x', 'delta_y'."
     },
     {
+        name: "type_text_human_like",
+        description: "ANTI-BOT BYPASS: Types string with randomized delays between keystrokes to mimic human rhythms. Parameters: 'selector', 'text_to_type'."
     },
     {
+        name: "press_keyboard_shortcut",
+        description: "HARDWARE INPUT: Executes multi-key combination shortcuts (e.g., ['Control', 'C']). Parameter: 'keys_array'."
     },
+// ============================================================================
+// CONTINUED IN PART 2 (DO NOT CLOSE THE ARRAY YET)
+// ============================================================================
+    // --- 8. FORM & VALIDATION CONTROL ---
     {
+        name: "select_dropdown_option",
+        description: "FORM CONTROL: Selects a specific <option> inside a native <select> dropdown element. Parameters: 'selector' and 'value_or_text'."
     },
     {
+        name: "check_checkbox",
+        description: "FORM CONTROL: Forces a checkbox or radio button into a 'checked' state. Parameter: 'selector'."
     },
     {
+        name: "uncheck_checkbox",
+        description: "FORM CONTROL: Forces a checkbox or radio button into an 'unchecked' state. Parameter: 'selector'."
     },
     {
+        name: "clear_input_field",
+        description: "FORM CONTROL: Forcefully deletes all existing text inside an <input> or <textarea> element before typing new data. Parameter: 'selector'."
     },
     {
+        name: "submit_form_event",
+        description: "FORM CONTROL: Triggers the native HTML5 'submit' event directly on a <form> element. Parameter: 'form_selector'."
     },
     {
+        name: "native_file_upload",
+        description: "STORAGE I/O: Attaches an array of absolute local server file paths directly to a standard <input type='file'> element. Parameters: 'selector', 'file_paths_array'."
     },
     {
+        name: "check_element_exists",
+        description: "DOM VALIDATION: Silently verifies if a specific CSS/XPath selector exists in the DOM structure. Returns boolean. Parameter: 'selector'."
     },
     {
+        name: "check_element_visible",
+        description: "DOM VALIDATION: Determines if an existing element is actually visible on the screen (not hidden by CSS). Returns boolean. Parameter: 'selector'."
     },
     {
+        name: "get_element_text",
+        description: "DATA EXTRACTION: Extracts and returns the clean, trimmed 'innerText' of a specific HTML element. Parameter: 'selector'."
     },
     {
+        name: "get_element_html",
+        description: "DATA EXTRACTION: Extracts and returns the raw 'outerHTML' string of a specific HTML element. Parameter: 'selector'."
     },
+    // --- 9. WAIT & SYNC EVENTS ---
     {
+        name: "wait_for_network_idle",
+        description: "EXECUTION SYNC: Pauses AI script execution until all background network activity (XHR, Fetch) is idle for at least 500ms."
     },
     {
+        name: "wait_for_text_content",
+        description: "EXECUTION SYNC: Pauses execution until a specific text string dynamically appears inside a designated DOM element. Parameters: 'selector', 'expected_text'."
     },
     {
+        name: "wait_for_iframe",
+        description: "EXECUTION SYNC: Pauses AI execution until a specific iframe dynamically loads. Parameter: 'iframe_selector'."
     },
     {
+        name: "sleep",
+        description: "EXECUTION SYNC: Forces a hard, unconditional pause in execution. Parameter: 'milliseconds'."
     },
+    // --- 10. STORAGE & CACHE HACKING ---
     {
         name: "get_cookies",
+        description: "SESSION THEFT: Retrieves all active cookies currently accessible by the browser for the current domain."
     },
     {
         name: "delete_cookie",
+        description: "STATE MANIPULATION: Forcefully deletes a specific cookie by its name. Parameter: 'cookie_name'."
     },
     {
         name: "clear_local_storage",
+        description: "STATE MANIPULATION: Executes 'localStorage.clear()' to wipe all persistent frontend data."
     },
     {
         name: "clear_session_storage",
+        description: "STATE MANIPULATION: Executes 'sessionStorage.clear()' to wipe temporary frontend data."
     },
     {
         name: "set_local_storage_item",
+        description: "STATE INJECTION: Forcefully injects a key-value pair directly into the browser's LocalStorage. Parameters: 'key', 'value'."
     },
     {
         name: "set_session_storage_item",
+        description: "STATE INJECTION: Forcefully injects a key-value pair directly into the browser's SessionStorage. Parameters: 'key', 'value'."
     },
     {
         name: "get_local_storage_item",
+        description: "STATE THEFT: Reads and returns the value of a specific key from the browser's LocalStorage. Parameter: 'key'."
+    },
+    {
+        name: "clear_cache_and_cookies",
+        description: "BROWSER STATE: Completely wipes all active cookies, LocalStorage, and SessionStorage for the current domain."
+    },
+    // --- 11. MEDIA & DOM MUTATION ---
     {
         name: "extract_audio_video_sources",
+        description: "DATA EXTRACTION: Scans the live DOM specifically for <audio> and <video> tags and returns 'src' URLs."
     },
     {
         name: "play_media",
+        description: "MEDIA CONTROL: Forces a specific HTML5 media element to start playing. Parameter: 'selector'."
     },
     {
         name: "pause_media",
+        description: "MEDIA CONTROL: Forces a specific media element to pause. Parameter: 'selector'."
     },
     {
         name: "mute_media",
+        description: "MEDIA CONTROL: Sets the 'muted' property of a media element to true. Parameter: 'selector'."
     },
     {
         name: "set_media_playback_rate",
+        description: "MEDIA CONTROL: Modifies the playback speed of a media element. Parameters: 'selector', 'rate'."
     },
     {
         name: "remove_element",
+        description: "DOM MUTATION: Completely rips a specific HTML element out of the live DOM using '.remove()'. Parameter: 'selector'."
     },
     {
         name: "inject_custom_css",
+        description: "DOM MUTATION: Injects a raw block of CSS rules directly into the page's <head>. Parameter: 'css_string'."
     },
     {
         name: "change_element_text",
+        description: "DOM MUTATION: Overwrites the innerText of a specific element dynamically. Parameters: 'selector', 'new_text'."
     },
     {
         name: "set_element_attribute",
+        description: "DOM MUTATION: Forces a new value into a specific HTML attribute. Parameters: 'selector', 'attribute_name', 'value'."
     },
     {
         name: "remove_element_attribute",
+        description: "DOM MUTATION: Strips an attribute entirely from an element. Parameters: 'selector', 'attribute_name'."
     },
+    // --- 12. ENVIRONMENT SPOOFING ---
     {
         name: "spoof_timezone",
+        description: "ENVIRONMENT SPOOFING: Overrides the browser's native timezone ID. Parameter: 'timezone_id' (e.g., 'America/New_York')."
     },
     {
         name: "spoof_language",
+        description: "ENVIRONMENT SPOOFING: Modifies the navigator.language and Accept-Language headers. Parameter: 'locale'."
     },
     {
         name: "override_permissions",
+        description: "ENVIRONMENT SPOOFING: Automatically grants critical browser permissions for a specific origin. Parameters: 'origin_url', 'permissions_array'."
     },
     {
         name: "emulate_network_conditions",
+        description: "ENVIRONMENT SPOOFING: Forces the browser to simulate specific network speeds (e.g., Slow 3G, Offline). Parameters: 'download_throughput', 'upload_throughput', 'latency'."
     },
     {
         name: "set_cpu_throttling",
+        description: "ENVIRONMENT SPOOFING: Artificially slows down the V8 JavaScript engine execution speed. Parameter: 'rate'."
     },
     {
         name: "emulate_color_scheme",
+        description: "ENVIRONMENT SPOOFING: Forces the browser to request 'dark' or 'light' CSS media feature. Parameter: 'scheme'."
     },
     {
         name: "emulate_media_type",
+        description: "ENVIRONMENT SPOOFING: Changes the CSS media type of the page (e.g., 'print', 'screen'). Parameter: 'type'."
     },
     {
+        name: "emulate_touch_device",
+        description: "ENVIRONMENT SPOOFING: Converts all physical mouse events into native mobile Touch events."
     },
+    // --- 13. DIALOGS & SECURITY OVERRIDES ---
     {
+        name: "accept_browser_alert",
+        description: "DIALOG CONTROL: Pre-configures the browser to automatically click 'OK' or 'Accept' on JavaScript alerts."
     },
     {
+        name: "dismiss_browser_alert",
+        description: "DIALOG CONTROL: Pre-configures the browser to automatically click 'Cancel' or dismiss JavaScript dialogs."
     },
     {
+        name: "answer_browser_prompt",
+        description: "DIALOG CONTROL: Pre-configures the browser to type a specific string into a prompt() dialog and accept. Parameter: 'prompt_text'."
     },
     {
+        name: "get_dialog_message",
+        description: "DIALOG CONTROL: Extracts and returns the text message displayed inside the currently active JavaScript popup dialog."
     },
     {
+        name: "strip_anti_copy_listeners",
+        description: "SECURITY OVERRIDE: Recursively removes 'contextmenu', 'copy', 'paste' listeners to allow right-clicking and highlighting."
     },
     {
+        name: "ignore_https_errors",
+        description: "SECURITY OVERRIDE: Bypasses 'NET::ERR_CERT_AUTHORITY_INVALID' or expired SSL certificate warnings."
     },
+    // --- 14. MISCELLANEOUS & DEBUGGING ---
     {
         name: "get_current_url",
+        description: "NAVIGATION STATE: Instantly retrieves and returns the absolute URL currently loaded in the active tab."
     },
     {
         name: "reload_page",
+        description: "NAVIGATION STATE: Triggers a reload of the active document. Parameter optional: 'ignore_cache'."
     },
     {
         name: "navigate_back",
+        description: "NAVIGATION STATE: Simulates clicking the browser's native 'Back' button."
     },
     {
         name: "navigate_forward",
         description: "NAVIGATION STATE: Simulates clicking the browser's native 'Forward' button."
     },
     {
+        name: "get_page_title",
+        description: "DATA EXTRACTION: Retrieves the current <title> string of the active document."
     },
     {
+        name: "focus_element",
+        description: "DOM MANIPULATION: Calls the native '.focus()' method on a specific input or button. Parameter: 'selector'."
     },
     {
+        name: "blur_element",
+        description: "DOM MANIPULATION: Calls the native '.blur()' method to remove focus."
     },
     {
+        name: "scroll_to_bottom",
+        description: "VIEWPORT CONTROL: Instantly or smoothly scrolls to the absolute bottom of the document. Parameter: 'smooth'."
     },
     {
+        name: "scroll_to_top",
+        description: "VIEWPORT CONTROL: Scrolls back to the absolute top of the document. Parameter: 'smooth'."
     },
     {
+        name: "get_element_bounding_box",
+        description: "UI ANALYSIS: Calculates physical coordinates and dimensions of an element relative to the viewport. Parameter: 'selector'."
     },
     {
         name: "evaluate_xpath_expression",
+        description: "ADVANCED QUERYING: Executes an XPath 1.0 expression and returns matched nodes. Parameter: 'xpath_expression'."
     },
     {
         name: "listen_for_console_logs",
+        description: "DEBUGGING: Attaches a persistent event listener to capture all frontend 'console.log' outputs."
     },
     {
         name: "intercept_websocket_frames",
+        description: "NETWORK HACKING: Monitors and captures raw WebSocket message frames transmitted by the active tab."
     },
     {
+        name: "highlight_element",
+        description: "VISUAL DEBUGGING: Injects inline CSS to draw a glowing red border around an element. Parameter: 'selector'."
     }
+]; // <--- ARRAY PROPERLY CLOSED HERE
 /**
  * ============================================================================
+ * 3. BROWSER INITIALIZATION & CONTEXT MANAGEMENT
  * ============================================================================
  */
 async function initBrowser() {
     console.log("[SYSTEM] Booting God-Mode Stealth Engine...");
+    // Auto-Sync extensions before launching
     syncExtensionsFromDataset();
     const launchArgs = [
         '--disable-dev-shm-usage',
         '--disable-blink-features=AutomationControlled',
         '--window-size=1280,800',
+        '--disable-web-security',
+        '--disable-features=IsolateOrigins,site-per-process'
     ];
     if (fs.existsSync(EXTENSION_PATH) && fs.readdirSync(EXTENSION_PATH).length > 0) {
         launchArgs.push(`--disable-extensions-except=${EXTENSION_PATH}`);
         launchArgs.push(`--load-extension=${EXTENSION_PATH}`);
     try {
         browser = await puppeteer.launch({
+            headless: 'new',
             args: launchArgs,
             ignoreDefaultArgs: ["--enable-automation"]
         });
         const defaultPage = await browser.newPage();
         await defaultPage.setViewport({ width: 1280, height: 800 });
         await defaultPage.evaluateOnNewDocument(() => {
             Object.defineProperty(navigator, 'webdriver', { get: () => undefined });
         });
     } catch (error) {
         console.error("[CRITICAL] Failed to launch browser engine:", error);
     }
 }
 /**
  * ============================================================================
+ * 4. CDP ZERO-LATENCY WEBSOCKET STREAMING
  * ============================================================================
  */
 async function startRealTimeStream(page, ws) {
             await cdpSession.detach();
         }
         cdpSession = await page.target().createCDPSession();
         console.log("[STREAM] CDP Session attached. Initiating Screencast...");
         await cdpSession.send('Page.startScreencast', {
             format: 'jpeg',
+            quality: 65,
             everyNthFrame: 1
         });
         cdpSession.on('Page.screencastFrame', async (frameObject) => {
             if (ws.readyState === WebSocket.OPEN) {
                 ws.send(JSON.stringify({
                     type: 'stream_frame',
                     data: frameObject.data,
                     sessionId: frameObject.sessionId
                 }));
                 await cdpSession.send('Page.screencastFrameAck', {
                     sessionId: frameObject.sessionId
                 }).catch(() => {});
 /**
  * ============================================================================
+ * 5. THE MASTER TOOL DISPATCHER (EXECUTING COMMANDS)
  * ============================================================================
  */
 async function executeAITool(toolName, parameters) {
     if (!browser || pages.length === 0) {
+        return { status: "error", message: "Engine not running." };
     }
     const activePage = pages[activePageIndex].page;
+    console.log(`[EXECUTE] Tool: ${toolName} | Params:`, JSON.stringify(parameters));
     try {
         switch (toolName) {
             case "basic_navigation_controller":
                 const { action_type, url, selector, text_to_type } = parameters;
                 if (action_type === "navigate") {
                     return { status: "success", action: "clicked" };
                 } else if (action_type === "type") {
                     await activePage.waitForSelector(selector, { visible: true });
+                    await activePage.type(selector, text_to_type, { delay: 50 });
                     return { status: "success", action: "typed" };
                 } else if (action_type === "extract") {
                     const html = await activePage.content();
                 }
                 break;
             case "deep_shadow_dom_piercer":
                 console.log("[HACK] Injecting Shadow DOM override script...");
                 const shadowData = await activePage.evaluate(() => {
                     function traverseShadows(node) {
                         let content = node.outerHTML || '';
+                        if (node.shadowRoot) content += traverseShadows(node.shadowRoot);
+                        node.childNodes.forEach(child => content += traverseShadows(child));
                         return content;
                     }
                     return traverseShadows(document.body);
                 });
                 return { status: "success", data: shadowData.substring(0, 5000) };
             case "deep_network_v8_interceptor":
                 console.log("[HACK] Hooking into CDP Network domain...");
                 const session = await activePage.target().createCDPSession();
                         if (params.request.headers['Authorization'] || params.request.headers['authorization']) {
                             resolve({
                                 status: "success",
                                 url: params.request.url,
                                 raw_curl: `curl -X ${params.request.method} '${params.request.url}' -H 'Authorization: ${params.request.headers['Authorization'] || params.request.headers['authorization']}'`
                             });
                         }
                     });
+                    setTimeout(() => resolve({ status: "timeout", message: "No secure tokens found." }), 10000);
                 });
             case "take_screenshot":
                 const screenshotPath = path.join(__dirname, 'public', `screenshot_${Date.now()}.png`);
                 await activePage.screenshot({ path: screenshotPath, fullPage: parameters.full_page || false });
                 return { status: "success", url: `/public/${path.basename(screenshotPath)}` };
             case "open_new_tab":
                 const newPage = await browser.newPage();
                 await newPage.setViewport({ width: 1280, height: 800 });
                 const tabId = Date.now();
                 pages.push({ id: tabId, page: newPage, title: "New Tab" });
+                activePageIndex = pages.length - 1;
                 return { status: "success", tab_id: tabId };
+            // Default fallback for dynamic execution
             default:
+                console.warn(`[WARNING] Tool '${toolName}' dispatched but requires explicit Puppeteer implementation logic.`);
+                return { status: "pending", message: `Tool ${toolName} registered and received successfully.` };
         }
     } catch (error) {
+        console.error(`[TOOL ERROR] ${toolName} Failed:`, error.message);
         return { status: "error", message: error.message };
     }
 }
 /**
  * ============================================================================
  * ULTIMATE AI BROWSER ENGINE (GOD-MODE) - PART 3
+ * WebSocket Bridge, Express API, /live Route & Ignition Sequence
  * ============================================================================
  */
 /**
  * ============================================================================
+ * 6. WEBSOCKET COMMUNICATION (ZERO-LAG BRIDGE)
  * ============================================================================
  */
 wss.on('connection', async (ws) => {
+    console.log("[WS] Secure Connection Established with Client UI.");
+    // Auto-initiate stream for the first available tab
     if (pages.length > 0 && pages[activePageIndex]) {
         await startRealTimeStream(pages[activePageIndex].page, ws);
     }
         try {
             const payload = JSON.parse(message);
+            // Switching tabs from the Sleek Tab Manager UI
             if (payload.type === 'switch_tab') {
                 const targetIndex = pages.findIndex(p => p.id === payload.tabId);
                 if (targetIndex !== -1) {
                     activePageIndex = targetIndex;
                     await pages[activePageIndex].page.bringToFront();
                     await startRealTimeStream(pages[activePageIndex].page, ws);
+                    console.log(`[WS] Engine focus shifted to Tab ID: ${payload.tabId}`);
                 }
             }
+            // Spawning new tabs from the UI button
             if (payload.type === 'new_tab') {
                 const newPage = await browser.newPage();
                 await newPage.setViewport({ width: 1280, height: 800 });
+                const tabId = payload.tabId || Date.now();
+                pages.push({ id: tabId, page: newPage, title: "Target Payload" });
                 activePageIndex = pages.length - 1;
                 await newPage.goto('https://www.google.com', { waitUntil: 'domcontentloaded' });
                 await startRealTimeStream(newPage, ws);
+                console.log(`[WS] New tab initialized and streamed. ID: ${tabId}`);
             }
         } catch (error) {
+            console.error("[WS ERROR] Messaging Failure:", error.message);
         }
     });
     ws.on('close', () => {
+        console.log("[WS] Session Terminated. Stream paused.");
+        if (cdpSession) cdpSession.detach().catch(() => {});
     });
 });
 /**
  * ============================================================================
+ * 7. EXPRESS ROUTES (THE API LAYER)
  * ============================================================================
  */
+// Global Middleware for JSON payloads
+app.use(express.json());
+// Serving Static Files (Screenshots, etc.)
+app.use('/public', express.static(path.join(__dirname, 'public')));
+/**
+ * @route   GET /live
+ * @desc    Serves the Sleek Glassmorphism Dashboard
+ */
 app.get('/live', (req, res) => {
+    const dashboard = path.join(__dirname, 'public', 'index.html');
+    if (fs.existsSync(dashboard)) {
+        res.sendFile(dashboard);
     } else {
+        res.status(404).send("<h2>[ERROR 404] UI Dashboard Not Found.</h2><p>Please ensure 'public/index.html' exists.</p>");
     }
 });
+/**
+ * @route   POST /api/execute
+ * @desc    Primary Endpoint for AI Agents to trigger any of the 113 tools
+ */
 app.post('/api/execute', async (req, res) => {
     const { tool_name, parameters } = req.body;
     if (!tool_name) {
+        return res.status(400).json({ error: "No tool name provided." });
     }
+    const output = await executeAITool(tool_name, parameters || {});
+    res.json(output);
 });
+/**
+ * @route   GET /status
+ * @desc    System Health & Metric Monitoring
+ */
 app.get('/status', (req, res) => {
     res.json({
+        engine: "God-Mode v3.0",
+        online: true,
         active_tabs: pages.length,
+        tools_available: ai_tools.length,
+        memory_usage: `${(process.memoryUsage().heapUsed / 1024 / 1024).toFixed(2)} MB`
     });
 });
 /**
  * ============================================================================
+ * 8. IGNITION (SERVER START)
  * ============================================================================
  */
 server.listen(PORT, async () => {
+    console.log(`\n--- ENGINE IGNITION SUCCESSFUL ---`);
+    console.log(`[SERVER] Listening on Port: ${PORT}`);
+    console.log(`[CORE] Total Tools Loaded: ${ai_tools.length}`);
+    console.log(`[UI] Live Dashboard: http://localhost:${PORT}/live`);
+    console.log(`----------------------------------\n`);
+    // Boot the browser engine immediately
     await initBrowser();
 });