iGOT Karmayogi Automation
v1.0.3Automates iGOT Karmayogi portal (portal.igotkarmayogi.gov.in) using OpenClaw's built-in Playwright managed browser. Use this skill whenever the user mentions...
⭐ 1· 89·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
medium confidencePurpose & Capability
Name/description match the instructions: the skill automates portal.igotkarmayogi.gov.in via a Playwright-managed browser, navigates course pages, enrolls, plays videos and downloads certificates. Required artifacts (selectors, course IDs, userDataDir, state file) are consistent with this purpose.
Instruction Scope
Instructions require taking screenshots before/after every action, reading screens, calling localStorage.getItem('userDetails'), and repeatedly reading/writing ~/.openclaw/workspace/igot-state.json and a browser userDataDir. Those actions are expected for robust automation but are privacy-sensitive because screenshots and browser profile data can contain tokens or personal info. The runtime rule 'DO NOT stop' enforces autonomous, continuous execution which increases blast radius if misused.
Install Mechanism
This is instruction-only with no install spec or code files to fetch. That is low-risk from an install perspective. A fallback path references 'npx playwright open' which could pull packages at runtime if executed — this is a conditional runtime action, not part of a declared install spec.
Credentials
The skill declares no required environment variables or external credentials, which aligns with its browser-driven automation. A possible concern: instructions access local files and browser profile (userDataDir) and read localStorage (JWT token), which are powerful but justifiable for session management. The npx/playwright fallback may cause network activity or package downloads that aren't declared.
Persistence & Privilege
The skill persists state to ~/.openclaw/workspace/igot-state.json and reuses a browser profile at ~/.openclaw/browser/openclaw/user-data/igot-profile to resume sessions; this is reasonable for long-running automation. always: false (no forced always-on). Autonomous invocation is allowed by platform default; combined with the 'do not stop' rule this enables long uninterrupted runs — expected for the task but worth noting.
Assessment
This skill looks like a legitimate automation for the iGOT portal, but it performs privacy-sensitive actions: it will take screenshots frequently, read browser localStorage (which may include JWT/session tokens), and persist a browser profile and state JSON under your home directory. Before installing: 1) Confirm you trust the skill source (no homepage/source was provided). 2) Consider running it in an isolated account or container so screenshots and browser profile don't expose other accounts. 3) Inspect or back up and be prepared to delete ~/.openclaw/workspace/igot-state.json and ~/.openclaw/browser/openclaw/user-data/igot-profile after use. 4) Be aware that a fallback command (npx playwright open) could download packages at runtime; if you want to avoid that, ensure the managed browser tool is available or deny that fallback. 5) If you have sensitive data in your normal browser profile, do not point userDataDir to it. Ask the publisher for source code or a homepage if you need higher assurance.Like a lobster shell, security has layers — review code before you run it.
latestvk97ethn390ttakne02pddfxyr983c8y2
License
MIT-0
Free to use, modify, and redistribute. No attribution required.
Runtime requirements
🎓 Clawdis