Skip to content

cortex-works/cortex-scout

BranchesTags

Repository files navigation

CortexScout (cortex-scout) — Search and Web Extraction Engine for AI Agents

CortexScout is the Deep Research & Web Extraction module within the Cortex-Works ecosystem.

Designed for agent workloads that require token-efficient web retrieval, reliable anti-bot handling, and optional Human-in-the-Loop (HITL) fallback.

MIT License Built with Rust MCP

Overview

CortexScout provides a single, self-hostable Rust binary that exposes search, extraction, and stateful browser automation capabilities over MCP (stdio) and an optional HTTP server. Output formats are structured and optimized for downstream LLM use.

It is built to handle the practical failure modes of web retrieval (rate limits, bot challenges, JavaScript-heavy pages) through progressive fallbacks: native retrieval → Chromium CDP rendering → Stateful E2E Testing → HITL workflows.

Tools (Capability Roster)

Area MCP Tools / Capabilities
Search web_search (URL discovery) or web_search(include_content=true) (search+content in one call)
Fetch and Crawl `web_fetch(mode="single"
Extraction extract_fields (primary structured extraction)
Automation scout_browser_automate / browser_automate (stateful omni-tool), scout_agent_profile_auth, scout_browser_close
Anti-bot handling CDP rendering, proxy rotation, block-aware retries
HITL visual_scout, `hitl_web_fetch(auth_mode="challenge"
Memory memory_search (LanceDB-backed research history)
Deep research deep_research (multi-hop search + scrape + synthesis)

Legacy names remain callable as compatibility aliases (web_search_json, web_fetch_batch, web_crawl, fetch_then_extract, human_auth_session). Agents should prefer the unified primary tools above.

Ecosystem Integration

While CortexScout runs as a standalone tool today, it is designed to integrate with CortexDB and CortexStudio for multi-agent scaling, shared retrieval artifacts, and centralized governance.

🎭 The "Playwright Killer" (Stateful Browser Automation)

CortexScout includes a built-in, stateful CDP automation engine designed specifically for AI Agents, completely replacing heavy frameworks like Playwright or Cypress for E2E testing workflows.

  • The Silent Omni-Tool (scout_browser_automate): Instead of calling dozens of browser tools, agents pass one array of steps. The runtime now covers Playwright-style action families in one call: navigation, hover/click/type/wait, locator-driven actions, assertions, tabs, screenshots/PDF, file upload, form fill, dialog policy, coordinate mouse actions, route mocking, console/network capture, and cookie/storage CRUD.
  • Persistent Agent Profile: Automation runs silently in the background (--headless=new) using a dedicated isolated profile (~/.cortex-scout/agent_profile). It maintains cookies, localStorage, and session state across tool calls without causing SingletonLock collisions with your active desktop browser.
  • QA Mock, Trace, And Verification Engine: Agents can install route mocks (mock_api, route_list, unroute) with response header overrides/stripping, trace flows (trace_start, trace_stop, trace_export), capture console/network logs, checkpoint browser state, and run both CSS and locator-based assertions plus Playwright-style verification helpers.
  • The Agent Auth Portal (scout_agent_profile_auth): If the silent agent encounters a CAPTCHA or complex OAuth login (like Google/Microsoft) on a new domain, this tool launches the agent's profile in a visible window. You solve the CAPTCHA once, the cookies are saved, and the agent returns to silent automation forever.

Playwright-Style Coverage Map

Capability Area Cortex Scout Actions
Navigation and input navigate, navigate_back, click, hover, type, press_key, scroll, wait_for, wait_for_selector, wait_for_locator
Locator and verification click_locator, type_locator, assert, assert_locator, generate_locator, verify_element_visible, verify_text_visible, verify_list_visible, verify_value
Tabs and media tabs, resize, screenshot, snapshot, pdf_save, file_upload, fill_form, handle_dialog
Network and mocks network_tap, network_dump, network_state_set, mock_api, route_list, unroute
Browser state storage_clear, storage_state_export, storage_state_import, storage_checkpoint, storage_rollback, cookie_*, localstorage_*, sessionstorage_*
Low-level pointer control mouse_click_xy, mouse_down, mouse_move_xy, mouse_drag_xy, mouse_up, mouse_wheel

The main tradeoff versus raw Playwright MCP is packaging, not capability shape: Cortex Scout keeps the browser surface inside one stateful omni-tool so agents spend fewer turns and fewer tokens coordinating multi-step flows.

Anti-Bot Efficacy & Validation

This repository includes captured evidence artifacts that validate extraction and HITL flows against representative protected targets.

Target Protection Evidence Notes
LinkedIn Cloudflare + Auth JSON · Snippet Auth-gated listings extraction
Ticketmaster Cloudflare Turnstile JSON · Snippet Challenge-handled extraction
Airbnb DataDome JSON · Snippet Large result sets under bot controls
Upwork reCAPTCHA JSON · Snippet Protected listings retrieval
Amazon AWS Shield JSON · Snippet Search result extraction
nowsecure.nl Cloudflare JSON Manual return path validated

See proof/README.md for methodology and raw outputs.

Quick Start

Option A — Prebuilt binaries

Download the latest release assets from GitHub Releases and run one of:

  • cortex-scout-mcp — MCP stdio server (recommended for VS Code / Cursor / Claude Desktop)
  • cortex-scout — optional HTTP server (default port 5000; override via --port, PORT, or CORTEX_SCOUT_PORT)

Health check (HTTP server):

./cortex-scout --port 5000
curl http://localhost:5000/health

Option B — Build from source

Install protoc first. lance-encoding uses Protocol Buffers during the release build, so protoc must be on your PATH.

  • macOS: brew install protobuf
  • Ubuntu/Debian: sudo apt-get install -y protobuf-compiler
  • Fedora: sudo dnf install -y protobuf-compiler

Basic build (search, scrape, deep research, memory):

git clone https://github.com/cortex-works/cortex-scout.git
cd cortex-scout
cargo build --release --manifest-path mcp-server/Cargo.toml --bin cortex-scout-mcp

This works from the repository root because the manifest path is explicit.

Full build (includes hitl_web_fetch / visible-browser HITL):

cargo build --release --manifest-path mcp-server/Cargo.toml --all-features --bin cortex-scout-mcp

If you also want the optional HTTP server binary, build it explicitly with cargo build --release --bin cortex-scout.

Local MCP smoke test:

python3 publish/ci/smoke_mcp.py

This runs a newline-delimited JSON-RPC stdio session against the local cortex-scout-mcp binary and exercises the main public tools with safe example inputs.

MCP Integration (VS Code / Cursor / Claude Desktop)

Add a server entry to your MCP config.

VS Code (mcp.json — global, or settings.json under mcp.servers):

// mcp.json (global): top-level key is "servers"
// settings.json (workspace): use "mcp.servers" instead
{
  "servers": {
    "cortex-scout": {
      "type": "stdio",
      "command": "env",
      "args": [
        "RUST_LOG=warn",
        "SEARCH_ENGINES=google,bing,duckduckgo,brave",
        "LANCEDB_URI=/YOUR_PATH/cortex-scout/lancedb",
        "HTTP_TIMEOUT_SECS=30",
        "MAX_CONTENT_CHARS=10000",
        "/YOUR_PATH/cortex-scout/mcp-server/target/release/cortex-scout-mcp"
      ]
    }
  }
}

Default behavior is direct/no-proxy. Add IP_LIST_PATH and PROXY_SOURCE_PATH only if you want proxy tools available. If you want proxy_control available without routing normal traffic through proxies, point IP_LIST_PATH at an empty ip.txt file and let agents populate it on demand.

Important: Always use RUST_LOG=warn, not info. At info level, the server emits hundreds of log lines per request to stderr, which can confuse MCP clients that monitor stderr.

Windows: Windows has no env command. Use the command+env object format instead — see docs/IDE_SETUP.md.

With deep research (LLM synthesis via OpenRouter / any OpenAI-compatible API):

{
  "servers": {
    "cortex-scout": {
      "type": "stdio",
      "command": "env",
      "args": [
        "RUST_LOG=warn",
        "SEARCH_ENGINES=google,bing,duckduckgo,brave",
        "LANCEDB_URI=/YOUR_PATH/cortex-scout/lancedb",
        "HTTP_TIMEOUT_SECS=30",
        "MAX_CONTENT_CHARS=10000",
        "OPENAI_BASE_URL=https://openrouter.ai/api/v1",
        "OPENAI_API_KEY=sk-or-v1-...",
        "DEEP_RESEARCH_LLM_MODEL=moonshotai/kimi-k2.5",
        "DEEP_RESEARCH_ENABLED=1",
        "DEEP_RESEARCH_SYNTHESIS=1",
        "DEEP_RESEARCH_SYNTHESIS_MAX_TOKENS=4096",
        "/YOUR_PATH/cortex-scout/mcp-server/target/release/cortex-scout-mcp"
      ]
    }
  }
}

Multi-IDE guide: docs/IDE_SETUP.md

Configuration (cortex-scout.json)

Create cortex-scout.json in the same directory as the binary (or repository root). All fields are optional; environment variables act as fallback.

{
  "deep_research": {
    "enabled": true,
    "llm_base_url": "http://localhost:1234/v1",
    "llm_api_key": "",
    "llm_model": "lfm2-2.6b",
    "synthesis_enabled": true,
    "synthesis_max_sources": 3,
    "synthesis_max_chars_per_source": 800,
    "synthesis_max_tokens": 1024
  }
}

Key Environment Variables

Core

Variable Default Description
RUST_LOG warn Log level. Keep warn for MCP stdioinfo floods stderr and confuses MCP clients
HTTP_TIMEOUT_SECS 30 Per-request read timeout (seconds)
HTTP_CONNECT_TIMEOUT_SECS 10 TCP connect timeout (seconds)
OUTBOUND_LIMIT 32 Max concurrent outbound HTTP connections
MAX_CONTENT_CHARS 10000 Max characters returned per scraped page

Browser / Anti-bot

Variable Default Description
CHROME_EXECUTABLE auto-detected Override path to Chromium/Chrome/Brave binary
SEARCH_CDP_FALLBACK true Retry search engine fetches via native Chromium CDP when blocked
SEARCH_TIER2_NON_ROBOT unset Set 1 to allow hitl_web_fetch as last-resort search escalation
MAX_LINKS 100 Max links followed per page crawl

Search

Variable Default Description
SEARCH_ENGINES google,bing,duckduckgo,brave Active engines (comma-separated)
SEARCH_MAX_RESULTS_PER_ENGINE 10 Results per engine before merge/dedup

Proxy

Variable Default Description
IP_LIST_PATH Optional path to ip.txt (one proxy per line: http://, socks5://). Leave unset to disable proxy support entirely, or point at an empty file to keep proxy tools available but inactive by default
PROXY_SOURCE_PATH Optional path to proxy_source.json (used by proxy_control grab)

Semantic Memory (LanceDB)

Variable Default Description
LANCEDB_URI Directory path for persistent research memory. Omit to disable
CORTEX_SCOUT_MEMORY_DISABLED 0 Set 1 to disable memory even when LANCEDB_URI is set
MODEL2VEC_MODEL built-in HuggingFace model ID or local path for embedding (e.g. minishlab/potion-base-8M)

Deep Research

Variable Default Description
DEEP_RESEARCH_ENABLED 1 Set 0 to disable the deep_research tool at runtime
OPENAI_API_KEY API key for LLM synthesis. Omit for key-less local endpoints (Ollama)
OPENAI_BASE_URL https://api.openai.com/v1 OpenAI-compatible endpoint (OpenRouter, Ollama, LM Studio, etc.)
DEEP_RESEARCH_LLM_MODEL gpt-4o-mini Model identifier (must be supported by the endpoint)
DEEP_RESEARCH_SYNTHESIS 1 Set 0 to skip LLM synthesis (search+scrape only)
DEEP_RESEARCH_SYNTHESIS_MAX_TOKENS 1024 Max tokens for synthesis response. Use 4096+ for large-context models
DEEP_RESEARCH_SYNTHESIS_MAX_SOURCES 8 Max source documents fed to LLM synthesis
DEEP_RESEARCH_SYNTHESIS_MAX_CHARS_PER_SOURCE 2500 Max characters extracted per source for synthesis

HTTP Server only

Variable Default Description
CORTEX_SCOUT_PORT / PORT 5000 Listening port for the HTTP server binary (cortex-scout)

Agent Best Practices

Recommended operational flow:

  1. Call memory_search before any new research run — skip live fetching if similarity ≥ 0.60 and skip_live_fetch is true.
  2. For topic discovery use web_search for URL-only discovery, or web_search(include_content=true) to search and scrape top results in one round-trip.
  3. For known URLs use web_fetch(mode="single") with output_format="clean_json", and set query + strict_relevance=true to keep only relevant sections.
  4. On 403/429: call proxy_control with action:"grab" to refresh the proxy list, then retry with use_proxy:true.
  5. For auth-gated pages: run visual_scout when auth_risk_score >= 0.4, then use hitl_web_fetch(auth_mode="challenge") for CAPTCHA walls or hitl_web_fetch(auth_mode="auth") for login walls.
  6. For deep research: deep_research handles multi-hop search + scrape + LLM synthesis automatically. Tune depth (1–3) and max_sources per run cost budget.
  7. For UI automation and E2E testing: use scout_browser_automate with step arrays for tabs, locator assertions, screenshots/PDF, route mocks, file uploads, and browser-state setup. If blocked by first-time login/CAPTCHA, call scout_agent_profile_auth, then resume automation.

FAQ

Why does deep_research with Ollama or qwen3.5 sometimes fail or fall back to heuristic mode?

Some reasoning-capable local models return OpenAI-compatible /v1/chat/completions responses with message.reasoning populated but message.content empty. Cortex Scout now retries local Ollama endpoints through native /api/chat with think:false when that pattern is detected.

Recommended config for local 4B-class Ollama models:

  • llm_api_key: "" in cortex-scout.json is valid and means "no auth required"
  • Keep synthesis_max_sources at 1-2
  • Keep synthesis_max_chars_per_source around 600-1000
  • Keep synthesis_max_tokens around 512-768

If you still see slow or unstable synthesis, reduce synthesis_max_sources before increasing token limits.

Why do I see Chromium profile lock errors?

Each headless request uses a unique temporary profile, so normal scraping and deep_research are safe from profile lock races. Only HITL flows (like hitl_web_fetch) using a real browser profile can hit a lock if you run them concurrently or have Brave/Chrome open on the same profile. To avoid: run HITL calls one at a time, and close all browser windows before reusing a profile.

Checklist:

  1. Use a recent build (2026-03-05 or newer)
  2. Avoid persistent profile paths unless you need a logged-in session
  3. Run HITL/profile flows sequentially
  4. Close all browser windows before reusing a profile
  5. Let Cortex Scout use its own temp profiles for concurrent research

My MCP client connects but tools fail or time out immediately. What should I check first?

Check these before anything else:

  1. Use RUST_LOG=warn, not info.
  2. On macOS/Linux env-style configs, pass the binary path directly after the env assignments. Do not insert "--" in mcp.json args.
  3. On Windows, do not use env; use command plus an env object.
  4. Make sure the binary path points to a current build.

Versioning and Changelog

See CHANGELOG.md.

License

MIT. See LICENSE.

About

A unified web extraction and stateful automation engine for AI. Replaces heavy testing frameworks with token-optimized browser control, deep research, and HITL.

Topics

rust proxy mcp vscode self-hosted knowledge-graph web-scraping stealth semantic-search automated-testing ai-agents dev-tools searchengine playwright searxng llm-tools anti-bot-bypass model2vec model-context-protocol

Resources

Readme

License

MIT license
Activity
Custom properties

Stars

60 stars

Watchers

0 watching

Forks

5 forks
Report repository

Releases 21

Cortex Scout v3.3.2 Latest
Mar 30, 2026
+ 20 releases

Sponsor this project

  •  
Learn more about GitHub Sponsors

Packages

 
 
 

Contributors

Languages