Browser Use
Automates browser interactions for web testing, form filling, screenshots, and data extraction. Use when the user needs to navigate websites, interact with w...
MIT-0 · Free to use, modify, and redistribute. No attribution required.
⭐ 71 · 30k · 336 current installs · 348 all-time installs
byshawn pana@shawnpana
MIT-0
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The name/description align with the SKILL.md: it is a browser-automation CLI. However the instructions reference features that touch sensitive subsystems (using an existing Chrome profile, connecting via CDP, cloud provisioning, tunnels) but the skill metadata declares no required env vars, credentials, or config paths — a mismatch between declared requirements and the actions the tool enables.
Instruction Scope
The SKILL.md instructs the agent to run a CLI that can (a) attach to real Chrome profiles (accessing logins/cookies), (b) export/import cookies and read/write files, (c) connect to remote CDP endpoints, (d) provision cloud browsers and print live URLs, (e) start tunnels, and (f) run persistent Python code (arbitrary code execution within the browser session). Those capabilities go beyond simple “click/fill/screenshot” and could be used to read or exfiltrate sensitive data if misused.
Install Mechanism
This is instruction-only with no install spec or bundled code — lowest install risk. That said, it assumes a 'browser-use' binary is present; the provenance of that binary is not provided and should be verified separately.
Credentials
The SKILL.md explicitly mentions BROWSER_USE_API_KEY (and accepts saving an API key via 'cloud login'), and references using local browser profiles and file paths, but the skill metadata lists no required env vars or config paths. Sensitive names like an API key and access to Chrome profile data are not declared in the registry metadata — an incoherence that matters for auditing.
Persistence & Privilege
always is false (good). The tool describes a background daemon and persistent Python sessions which can retain state across commands; autonomous invocation of the skill by the agent is allowed (platform default). The combination of autonomous invocation plus persistent sessions and cloud/tunnel features increases blast radius but is not itself a configuration error.
What to consider before installing
This skill appears to describe a powerful browser-automation CLI, but there are red flags you should consider before installing or enabling it:
- Provenance: The skill has no homepage and an unknown source. Only install if you can verify the 'browser-use' binary comes from a trusted release (official GitHub release, package registry, etc.).
- Undeclared credentials: SKILL.md references BROWSER_USE_API_KEY and a cloud login flow, but the registry metadata does not declare any required env vars. Treat any request for API keys with caution — prefer ephemeral/test keys or none.
- Sensitive local access: The CLI supports using an existing Chrome profile and exporting cookies. Do NOT run it with your real 'Default' profile or any profile containing accounts you care about unless you trust the binary and run it in an isolated environment.
- Arbitrary code & persistence: The persistent Python REPL and eval capabilities mean the tool can execute arbitrary code and keep state. If you allow autonomous invocation, the agent could run multi-step code that accesses files or network resources.
- Network exposure: Cloud provisioning and tunnel commands can expose local services or create remote browser instances whose output/URLs may be sensitive.
Recommendations: only use this skill if you (1) verify the 'browser-use' CLI binary provenance, (2) run it in a sandbox or throwaway profile, (3) avoid passing your main Chrome profile or real API keys, (4) restrict file access and network egress where possible, and (5) prefer an alternative with explicit metadata declaring required env vars and config paths. If you cannot verify the binary or need to protect sensitive accounts/data, mark this skill as high-risk and do not enable it for autonomous agent use.Like a lobster shell, security has layers — review code before you run it.
Current versionv2.0.0
Download ziplatest
License
MIT-0
Free to use, modify, and redistribute. No attribution required.
SKILL.md
Browser Automation with browser-use CLI
The browser-use command provides fast, persistent browser automation. A background daemon keeps the browser open across commands, giving ~50ms latency per call.
Prerequisites
browser-use doctor # Verify installation
For setup details, see https://github.com/browser-use/browser-use/blob/main/browser_use/skill_cli/README.md
Core Workflow
- Navigate:
browser-use open <url>— starts browser if needed - Inspect:
browser-use state— returns clickable elements with indices - Interact: use indices from state (
browser-use click 5,browser-use input 3 "text") - Verify:
browser-use stateorbrowser-use screenshotto confirm - Repeat: browser stays open between commands
- Cleanup:
browser-use closewhen done
Browser Modes
browser-use open <url> # Default: headless Chromium
browser-use --headed open <url> # Visible window
browser-use --profile "Default" open <url> # Real Chrome with Default profile (existing logins/cookies)
browser-use --profile "Profile 1" open <url> # Real Chrome with named profile
browser-use --connect open <url> # Auto-discover running Chrome via CDP
browser-use --cdp-url ws://localhost:9222/... open <url> # Connect via CDP URL
--connect, --cdp-url, and --profile are mutually exclusive.
Commands
# Navigation
browser-use open <url> # Navigate to URL
browser-use back # Go back in history
browser-use scroll down # Scroll down (--amount N for pixels)
browser-use scroll up # Scroll up
browser-use switch <tab> # Switch to tab by index
browser-use close-tab [tab] # Close tab (current if no index)
# Page State — always run state first to get element indices
browser-use state # URL, title, clickable elements with indices
browser-use screenshot [path.png] # Screenshot (base64 if no path, --full for full page)
# Interactions — use indices from state
browser-use click <index> # Click element by index
browser-use click <x> <y> # Click at pixel coordinates
browser-use type "text" # Type into focused element
browser-use input <index> "text" # Click element, then type
browser-use keys "Enter" # Send keyboard keys (also "Control+a", etc.)
browser-use select <index> "option" # Select dropdown option
browser-use upload <index> <path> # Upload file to file input
browser-use hover <index> # Hover over element
browser-use dblclick <index> # Double-click element
browser-use rightclick <index> # Right-click element
# Data Extraction
browser-use eval "js code" # Execute JavaScript, return result
browser-use get title # Page title
browser-use get html [--selector "h1"] # Page HTML (or scoped to selector)
browser-use get text <index> # Element text content
browser-use get value <index> # Input/textarea value
browser-use get attributes <index> # Element attributes
browser-use get bbox <index> # Bounding box (x, y, width, height)
# Wait
browser-use wait selector "css" # Wait for element (--state visible|hidden|attached|detached, --timeout ms)
browser-use wait text "text" # Wait for text to appear
# Cookies
browser-use cookies get [--url <url>] # Get cookies (optionally filtered)
browser-use cookies set <name> <value> # Set cookie (--domain, --secure, --http-only, --same-site, --expires)
browser-use cookies clear [--url <url>] # Clear cookies
browser-use cookies export <file> # Export to JSON
browser-use cookies import <file> # Import from JSON
# Python — persistent session with browser access
browser-use python "code" # Execute Python (variables persist across calls)
browser-use python --file script.py # Run file
browser-use python --vars # Show defined variables
browser-use python --reset # Clear namespace
# Session
browser-use close # Close browser and stop daemon
browser-use sessions # List active sessions
browser-use close --all # Close all sessions
The Python browser object provides: browser.url, browser.title, browser.html, browser.goto(url), browser.back(), browser.click(index), browser.type(text), browser.input(index, text), browser.keys(keys), browser.upload(index, path), browser.screenshot(path), browser.scroll(direction, amount), browser.wait(seconds).
Cloud API
browser-use cloud connect # Provision cloud browser and connect
browser-use cloud connect --timeout 120 --proxy-country US # With options
browser-use cloud login <api-key> # Save API key (or set BROWSER_USE_API_KEY)
browser-use cloud logout # Remove API key
browser-use cloud v2 GET /browsers # REST passthrough (v2 or v3)
browser-use cloud v2 POST /tasks '{"task":"...","url":"..."}'
browser-use cloud v2 poll <task-id> # Poll task until done
browser-use cloud v2 --help # Show API endpoints
cloud connect provisions a cloud browser, connects via CDP, and prints a live URL. browser-use close disconnects AND stops the cloud browser.
Tunnels
browser-use tunnel <port> # Start Cloudflare tunnel (idempotent)
browser-use tunnel list # Show active tunnels
browser-use tunnel stop <port> # Stop tunnel
browser-use tunnel stop --all # Stop all tunnels
Profile Management
browser-use profile list # List detected browsers and profiles
browser-use profile sync --all # Sync profiles to cloud
browser-use profile update # Download/update profile-use binary
Command Chaining
Commands can be chained with &&. The browser persists via the daemon, so chaining is safe and efficient.
browser-use open https://example.com && browser-use state
browser-use input 5 "user@example.com" && browser-use input 6 "password" && browser-use click 7
Chain when you don't need intermediate output. Run separately when you need to parse state to discover indices first.
Common Workflows
Authenticated Browsing
When a task requires an authenticated site (Gmail, GitHub, internal tools), use Chrome profiles:
browser-use profile list # Check available profiles
# Ask the user which profile to use, then:
browser-use --profile "Default" open https://github.com # Already logged in
Connecting to Existing Chrome
browser-use --connect open https://example.com # Auto-discovers Chrome's CDP endpoint
Requires Chrome with remote debugging enabled. Falls back to probing ports 9222/9229.
Exposing Local Dev Servers
browser-use tunnel 3000 # → https://abc.trycloudflare.com
browser-use open https://abc.trycloudflare.com # Browse the tunnel
Global Options
| Option | Description |
|---|---|
--headed | Show browser window |
--profile [NAME] | Use real Chrome (bare --profile uses "Default") |
--connect | Auto-discover running Chrome via CDP |
--cdp-url <url> | Connect via CDP URL (http:// or ws://) |
--session NAME | Target a named session (default: "default") |
--json | Output as JSON |
--mcp | Run as MCP server via stdin/stdout |
Tips
- Always run
statefirst to see available elements and their indices - Use
--headedfor debugging to see what the browser is doing - Sessions persist — browser stays open between commands
- CLI aliases:
bu,browser, andbrowseruseall work
Troubleshooting
- Browser won't start?
browser-use closethenbrowser-use --headed open <url> - Element not found?
browser-use scroll downthenbrowser-use state - Run diagnostics:
browser-use doctor
Cleanup
browser-use close # Close browser session
browser-use tunnel stop --all # Stop tunnels (if any)
Files
1 totalSelect a file
Select a file to preview.
Comments
Loading comments…