opencli
WarnAudited by ClawScan on May 18, 2026.
Overview
This skill is useful but needs review because it can use your logged-in Chrome sessions to read private account data, post or modify social content, and fall back to broad browser automation.
Review carefully before installing. Use a separate Chrome profile, log out of accounts you do not want exposed, require explicit confirmation for posts, likes, deletes, and private-data reads, inspect any generated ~/.opencli CLIs, and verify or pin the opencli, Playwright MCP, and Chrome extension sources.
Findings (5)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If invoked, the agent may read personal account data or act as you on services where Chrome is logged in.
The skill's core authority is the user's existing logged-in browser session, and the documented commands include both account-specific reads and public account actions.
reusing Chrome's login state. Zero credentials needed ... opencli twitter post --text "Hello from CLI!" ... opencli twitter bookmarks -f json
Use a separate Chrome profile or dedicated accounts, stay logged out of services you do not want exposed, and require explicit approval for every private read or account-changing action.
The agent could navigate, snapshot, click, type, or scroll inside logged-in sites beyond the safer documented command set.
The fallback workflow encourages automatic use of general browser-control tools when scoped opencli commands are unavailable.
永远不说"不支持",先尝试 opencli,失败或无命令时自动切换 Playwright ... browser_click / browser_type / browser_scroll
Require explicit user approval before switching to Playwright, especially for logged-in pages, private messages, forms, posting, liking, deleting, or account settings.
Generated site commands may persist and run later against logged-in pages, and a poorly scoped script could collect or act on more page data than intended.
The skill instructs the agent to generate persistent opencli definitions containing executable browser JavaScript for unsupported sites.
opencli generate <url> ... 手动创建 YAML ... 写入 ~/.opencli/clis/<site>/top.yaml ... evaluate: | (async () => { ... return results; })()Ask before creating custom CLIs, inspect generated YAML before use, keep it limited to non-sensitive pages, and delete ~/.opencli/clis entries that are no longer needed.
Those external tools will have significant browser/session access, so their provenance and updates matter.
The reviewed package is instruction-only, but setup relies on external packages and a latest-version MCP server that are not included in the scanned artifacts.
npm install -g @jackwener/opencli ... claude mcp add playwright --scope user -- npx @playwright/mcp@latest
Install only from trusted sources, consider pinning package versions, and review the opencli, Playwright MCP, and Chrome extension permissions before use.
Content from logged-in web pages may flow through the local MCP/browser bridge into the agent's context.
The skill relies on a browser extension and MCP bridge to expose logged-in browser pages to the agent.
- Chrome browser open with target site logged in - Playwright MCP Bridge extension installed in Chrome
Use trusted MCP and extension components, disable the bridge when not needed, and avoid opening sensitive accounts in the controlled Chrome profile.