Playwright Scraper Skill
v1.0.0Playwright-based web scraping OpenClaw Skill with anti-bot protection. Successfully tested on complex sites like Discuss.com.hk.
⭐ 0· 130·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
high confidencePurpose & Capability
The name/description match the included files and scripts (playwright-simple.js, playwright-stealth.js, smzdm-scraper.js). package.json lists Playwright as a dependency and SKILL.md documents running npm install and npx playwright install — all consistent with a Playwright scraper.
Instruction Scope
Runtime instructions tell the agent to run local Node scripts and set local environment variables. The scripts read the URL argument, interact with pages, save screenshots/HTML locally, and print JSON to stdout. There are no instructions to read unrelated system files or to POST data to remote endpoints. The stealth code intentionally alters browser properties to evade detection (navigator.webdriver, userAgent, etc.), which is consistent with the stated anti-bot goal.
Install Mechanism
There is no platform 'install' spec, but SKILL.md and package.json instruct npm install and npx playwright install chromium. Using npm/playwright from the official registry is expected for this functionality; verify you run npm install from a trusted source or review package-lock.json before installing.
Credentials
The skill does not declare required secrets or credentials. Scripts accept optional env vars (HEADLESS, WAIT_TIME, SCREENSHOT_PATH, SAVE_HTML, USER_AGENT) which are reasonable for customization and do not require providing sensitive tokens. Future-noted features (CAPTCHA services, proxy rotation) would require credentials, but those are not present in the current code.
Persistence & Privilege
The skill does not request always: true and does not modify other skills or system-wide configs. It writes only to local files (screenshots/HTML) in the working directory or paths you provide; there is no evidence it alters agent settings or other installed skills.
Assessment
This skill appears internally coherent and does what it claims: it runs Playwright-based scrapers and includes explicit stealth techniques to evade anti-bot measures. Before installing or running it: (1) audit and run npm install in an isolated/ephemeral environment (container or VM) and inspect package-lock.json for unexpected dependencies; (2) avoid running it on hosts containing sensitive credentials or cookies (it writes screenshots/HTML to disk); (3) be aware that using anti-bot evasion may violate target sites' terms of service or local laws — use responsibly; (4) if you later enable CAPTCHA solving or proxy rotation, expect to provide API keys (which would increase risk and require secret-handling review); and (5) if you want extra safety, run the scripts with limited filesystem permissions and network access or manually review the scripts before use.Like a lobster shell, security has layers — review code before you run it.
latestvk979a4n6w0kjmksdabrmm6cf3d841gqe
License
MIT-0
Free to use, modify, and redistribute. No attribution required.