ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Gemini Browser

Query Google Gemini via browser automation using OpenClaw's Browser Relay. Use when you need to ask Gemini questions and get AI responses. Requires OpenClaw...

MIT-0 · Free to use, modify, and redistribute. No attribution required.
0 · 25 · 0 current installs · 0 all-time installs
byYushan Ren@eccstartup
MIT-0
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Benign
medium confidence
Purpose & Capability
The skill's name/description match the actions in SKILL.md: it uses OpenClaw Browser Relay to control a real Chrome tab and interact with gemini.google.com. Required pieces (Browser Relay, OpenClaw, a logged-in Chrome profile) are appropriate. Minor inconsistency: the instructions use macOS-specific commands (open -a, pbpaste) and assume a local pbpaste tool, but the skill metadata does not declare an OS restriction or required binaries.
Instruction Scope
The SKILL.md stays within the stated purpose (open Gemini, inject text into the Quill editor, submit, and extract response). However, it requires executing arbitrary JavaScript in the page context via the evaluate action — a necessary capability for this automation but high-privilege: anything visible in the attached tab can be read or manipulated. The doc repeatedly warns about this and requires a manual extension click to attach, which is a mitigating control.
Install Mechanism
Instruction-only skill with no install spec or external downloads. This is low risk from an installation standpoint.
Credentials
The skill does not request environment variables, credentials, or config paths. That is proportionate for a browser-automation skill that operates through the user's existing browser session. Note: it does rely on local clipboard access (pbpaste) and OpenClaw being installed, which are not declared as required binaries.
Persistence & Privilege
always is false and the skill is user-invocable; it does not request persistent or privileged presence. Autonomous invocation (disable-model-invocation=false) is the platform default and not a standalone concern here. The skill does not attempt to modify other skills or system-wide settings.
Assessment
This skill appears to do what it says: it automates Gemini by attaching to a real Chrome tab via OpenClaw Browser Relay. Important cautions before you install/use it: - Only attach the extension to a tab you explicitly want the agent to control — the agent can read and interact with anything visible in that tab (including your account context and page data). - Use a dedicated Chrome profile (or a secondary Google account) for automation to limit exposure, as the author recommends. - The evaluate action runs arbitrary JavaScript in-page. That capability is required for Quill-based input, but it also means a malicious or misused agent could extract other page content. Rely on the manual-click attachment safeguard. - The SKILL.md contains macOS-specific commands (open -a, pbpaste). If you’re on Windows/Linux, these commands will fail; the skill metadata does not declare an OS restriction or required binaries. Ensure you adapt the clipboard/read commands or only use on macOS. - Verify you trust the OpenClaw Browser Relay extension and the environment (the extension’s auth token and loopback binding are the gatekeepers for local access). If you accept these risks and follow the mitigations (manual attach, separate profile/account), the skill is internally coherent. If you need higher assurance, ask the author for explicit OS compatibility notes and for the minimal set of commands/tools required (e.g., pbpaste alternative for other OSes).

Like a lobster shell, security has layers — review code before you run it.

Current versionv1.0.0
Download zip
aivk97ck4qwm11a25ceehtm1ew3wh830c2xautomationvk97ck4qwm11a25ceehtm1ew3wh830c2xbrowservk97ck4qwm11a25ceehtm1ew3wh830c2xgeminivk97ck4qwm11a25ceehtm1ew3wh830c2xlatestvk97ck4qwm11a25ceehtm1ew3wh830c2x

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

SKILL.md

Gemini Browser Skill

Query Google Gemini (gemini.google.com) via OpenClaw Browser Relay and extract responses.

⚠️ Security Notice: This skill operates on your real Chrome browser with your logged-in Google session via CDP (Chrome DevTools Protocol). The agent will have access to anything visible in the attached tab. Only attach tabs you explicitly intend for the agent to control. See Security Considerations.

Prerequisites

  • OpenClaw installed and running (this skill uses OpenClaw's browser command)
  • OpenClaw Browser Relay Chrome extension installed and configured
    • Extension binds to loopback 127.0.0.1:18792 by default
    • Gateway auth token must be configured in extension options
  • Google account logged in within Chrome (Gemini requires authentication)
  • Use profile=chrome to relay through your existing Chrome (not the isolated profile=openclaw-managed)

Quick Start

# 1. Open Gemini in Chrome
open -a "Google Chrome" "https://gemini.google.com"

# 2. Manually click the Browser Relay extension icon on the Gemini tab to attach
#    (the badge will show "ON" when attached)

# 3. Verify relay is connected
browser action=status profile=chrome
# Should show cdpReady: true

# 4. List tabs
browser action=tabs profile=chrome
# Note the targetId for the Gemini tab

Input Method

Gemini uses a Quill rich-text editor (contenteditable div), not a standard <textarea>. You must inject text via JavaScript:

browser action=act profile=chrome targetId=<id> request={
  "kind": "evaluate",
  "fn": "(() => { const editor = document.querySelector('div.ql-editor[contenteditable=\"true\"]'); if (!editor) return 'editor not found'; editor.focus(); editor.innerHTML = '<p>YOUR_QUERY_HERE</p>'; editor.dispatchEvent(new Event('input', { bubbles: true })); return 'ok'; })()"
}

Then submit:

browser action=act profile=chrome targetId=<id> request={"kind":"press","key":"Enter"}

Complete Workflow

1. Prepare

Open Gemini in Chrome and manually attach the Browser Relay extension to the tab.

open -a "Google Chrome" "https://gemini.google.com"
# Then click the Browser Relay extension icon on the Gemini tab

2. Get Tab ID

browser action=tabs profile=chrome

Find the Gemini tab entry and note its targetId.

3. Input Query

browser action=act profile=chrome targetId=<id> request={
  "kind": "evaluate",
  "fn": "(() => { const editor = document.querySelector('div.ql-editor[contenteditable=\"true\"]'); if (!editor) return 'editor not found'; editor.focus(); editor.innerHTML = '<p>What is quantum computing?</p>'; editor.dispatchEvent(new Event('input', { bubbles: true })); return 'ok'; })()"
}

4. Submit

browser action=act profile=chrome targetId=<id> request={"kind":"press","key":"Enter"}

5. Wait for Response

Gemini may take 10–60 seconds. Poll for completion by checking if the stop button has disappeared:

browser action=act profile=chrome targetId=<id> request={
  "kind": "evaluate",
  "fn": "(() => { const stop = document.querySelector('button[aria-label*=\"Stop\"]'); return stop ? 'generating' : 'done'; })()"
}

6. Extract Response

Option A — Clipboard (recommended, preserves Markdown formatting):

# Take a snapshot and find the Copy button
browser action=snapshot profile=chrome targetId=<id>

# Click the Copy button by its ref from the snapshot
browser action=act profile=chrome targetId=<id> request={"kind":"click","ref":"<copy_button_ref>"}

# Read from clipboard
pbpaste

Option B — DOM extraction (fallback):

browser action=act profile=chrome targetId=<id> request={
  "kind": "evaluate",
  "fn": "(() => { const msgs = document.querySelectorAll('.model-response-text'); if (msgs.length === 0) return 'no response found'; return msgs[msgs.length - 1].innerText; })()"
}

New Chat

For unrelated queries, start a fresh chat to avoid context pollution:

browser action=navigate profile=chrome targetId=<id> targetUrl="https://gemini.google.com"

Response Completion Signals

The response is complete when:

  • The stop button disappears
  • A copy button appears below the response
  • Suggested follow-up chips appear

Security Considerations

⚠️ Important: Understand these risks before using this skill.

  1. Session access: profile=chrome uses your real Chrome with all logged-in sessions. The agent can see and interact with anything in the attached tab, including your Google account context.
  2. JavaScript evaluation: The evaluate action runs arbitrary JavaScript in the page context. This skill limits it to DOM manipulation for the input field, but the mechanism itself is powerful.
  3. Manual attachment required: The Browser Relay extension must be manually clicked by you to attach — the agent cannot auto-attach to arbitrary tabs. Only attach the specific Gemini tab.
  4. Loopback only: The relay binds to 127.0.0.1 and requires an auth token, preventing remote access.
  5. Recommendation: Use a separate Chrome profile dedicated to AI automation, logged into a non-primary Google account, to limit exposure.

Troubleshooting

ProblemSolution
cdpReady: falseClick the Browser Relay extension icon on the Gemini tab to re-attach
Tab not foundRun browser action=tabs profile=chrome to refresh tab list
Editor not foundPage may not be fully loaded; wait and retry. Gemini may have changed DOM — check for div.ql-editor
Copy button not foundResponse may still be generating; poll stop button status first
Login wallEnsure Chrome is logged into a Google account
Context overflowNavigate to gemini.google.com for a fresh chat

Files

2 total
Select a file
Select a file to preview.

Comments

Loading comments…