Guide
How to Detect and Block Cluely in Online Exams
Cluely is an invisible AI overlay that feeds real-time answers on screen while hiding from screen capture and webcams. That's why lockdown browsers and proctors miss it — and why detection has to move to the layer where it actually lives.
The short answer
You can't detect Cluely by looking at the screen or the webcam — it's invisible to both by design. You detect it at the OS and network layer. Cluely sets an operating-system screen-capture-exclusion flag so it never appears in a recording, a screen-share, or the window a lockdown browser controls. The reliable signals are the exclusion flag itself, the GPU and process footprint, and the network calls Cluely must make to an AI backend. Block those calls under a default-deny policy and the overlay can't produce answers even if it's running.
Why lockdown browsers and webcam proctoring miss Cluely
Every browser- and camera-based tool observes one surface: the exam window or the candidate in front of the lens. Cluely is an invisible AI overlay that runs as a separate OS-layer application and excludes itself from the screen-capture APIs those tools rely on. A candidate reading Cluely's answer off a transparent layer looks identical to a candidate reading the question. The technique is invisible by construction — so observing the screen harder doesn't help.
How to detect and block Cluely
Five steps, ordered from least to most reliable. The last two are what actually hold up against a tool built to be invisible.
Stop trusting the screen
Cluely hides from screen capture and recording. Any method that depends on seeing the overlay — screen-share review, screenshots, a proctor watching — is defeated before it starts.
Check the screen-capture-exclusion flag
To hide from capture, an overlay must set an OS-level exclusion flag (on Windows, WDA_EXCLUDEFROMCAPTURE). That flag is the invariant: every overlay that hides this way has to set it, so its presence is a reliable signal regardless of the app's name.
Watch GPU, process, and overlay signals
Enumerate top-most/overlay windows and processes, and watch for GPU VRAM deltas from a loaded model. These OS-level signals are visible even when the window is excluded from capture.
Block the AI backend at the network
Cluely must reach a large language model over the internet to generate answers. Route the device through a default-deny gateway that only allows assessment-approved destinations — the API calls never complete, so the overlay produces nothing even if it evaded detection.
Detect the technique, not the name
Renamed builds and open-source forks (OpenCluely, Pluely) defeat process-name matching. Targeting the exclusion flag, GPU/process footprint, and blocked endpoints catches the never-before-seen overlay the same way it catches Cluely.
This is what network-layer exam security does: it combines OS-level technique signals with a default-deny network policy, so Cluely is both flagged and starved of the AI backend it needs. The same approach covers on-device LLMs running locally on Ollama or LM Studio.
The name-list trap
Some proctoring tools now “block Cluely” by matching its process name. That closes one named binary and goes blind the moment the name changes. It's a permanent arms race the defender loses by one release — every renamed build and fork is a new gap. Detecting the underlying technique avoids the race entirely.
Compare the approaches: Honorlock · Proctorio · all comparisons
Frequently Asked Questions
Can lockdown browsers detect Cluely?
No. A lockdown browser controls one browser window. Cluely runs as a separate OS-layer application that sets a screen-capture-exclusion flag, so it never appears inside the browser the lockdown tool controls. The overlay is outside the sandbox the lockdown browser can see.
Can Proctorio or Honorlock block Cluely?
They have started matching Cluely's process name, which closes that one named binary. But name-matching goes blind the moment the name changes — a renamed build, an open-source fork (OpenCluely, Pluely), or the next overlay walks straight through. Detection that targets the technique rather than the name catches renamed and never-before-seen overlays the same way.
Is Cluely really undetectable?
Cluely is invisible to screen capture and webcams by design — it sets an OS screen-capture-exclusion flag so it doesn't appear in screen-share or recordings. But "invisible on screen" is not the same as "undetectable." The exclusion flag itself, the GPU and process footprint, and the network calls to its AI backend are all observable at the OS and network layer.
Can Cluely still work if the network blocks AI endpoints?
No. Cluely needs to reach a large language model over the internet to generate answers. Under a default-deny network policy that only allows assessment-approved destinations, Cluely's API calls never complete — so even an overlay that evaded process detection produces no answers during the exam.
How does Aiseptor detect Cluely?
Aiseptor detects the technique, not the name: the OS screen-capture-exclusion flag every hiding overlay must set, GPU VRAM deltas, overlay/process enumeration, and DNS/SNI requests to AI endpoints — and it blocks those endpoints at the network layer so the overlay can't fetch answers regardless of process name.
Catch the overlay that hides from the screen.
Aiseptor flags the technique and blocks the AI backend at the network layer — so Cluely and its renamed forks are caught the same way, with no webcam and no screen recording.