ClawHub

Agent Browser Core

OpenClaw skill for the agent-browser CLI (Rust-based with Node.js fallback) enabling AI-friendly web automation with snapshots, refs, and structured commands.

MIT-0 · Free to use, modify, and redistribute. No attribution required.
17 · 7k · 48 current installs · 51 all-time installs
by@codedao12
MIT-0
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
The name and description match the SKILL.md and reference docs: they describe CLI-driven web automation, snapshot/refs workflows, and a Node.js fallback. Required binaries, env vars, and config paths are none — consistent with an instruction-only playbook that expects the user to install the agent-browser CLI separately.
Instruction Scope
Runtime instructions focus on using the CLI (open, snapshot, refs, state save/load, safety checklists). They explicitly call out high-risk commands (eval, file access, network routing) and require explicit approval before use. The instructions do not direct reading unrelated system files, nor do they instruct exfiltration or posting data to unexpected endpoints.
Install Mechanism
This is an instruction-only skill with no install spec or code files. The docs recommend installing agent-browser via npm and running agent-browser install (which may download Chromium/Playwright runtimes) — a normal, expected workflow for a CLI. Because install actions are external to the skill, users should follow supply-chain hygiene (pin versions, install in a dedicated environment).
Credentials
The skill requests no environment variables, credentials, or config paths. It acknowledges that state files and tokens are sensitive and recommends treating them as secrets; nothing in the skill asks for unrelated or excessive credentials.
Persistence & Privilege
The skill is not always-enabled and does not request elevated platform privileges or permanent presence. It does not attempt to modify other skills or system-wide agent settings; its guidance recommends ephemeral sessions and avoiding persistent profiles.
Assessment
This skill appears to be a coherent, safety-conscious playbook for using the agent-browser CLI. Before using it: (1) pin the CLI version and install in an isolated container or dedicated environment, (2) do not grant or approve high-risk actions (eval, --allow-file-access, custom --executable-path, network routing, state writes) without human review, (3) treat state files and tokens as secrets and rotate them, and (4) block localhost/private-network targets unless explicitly required. If you need greater assurance, request the upstream source/homepage or a signed release for the agent-browser binary before installing.

Like a lobster shell, security has layers — review code before you run it.

Current versionv1.0.1
Download zip
latestvk972pwcc4xdvv8nmyyy7vsp16d80m2ce

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

SKILL.md

Agent Browser Skill (Core)

Purpose

Provide an advanced, production-ready playbook for using agent-browser to automate web tasks via CLI and structured commands.

Best fit

  • You need deterministic automation for AI agents.
  • You want compact snapshots with refs and JSON output.
  • You prefer a fast CLI with Node.js fallback.

Not a fit

  • You require a full SDK or custom JS integration.
  • You must stream large uploads or complex media workflows.

Quick orientation

  • Read references/agent-browser-overview.md for install, architecture, and core concepts.
  • Read references/agent-browser-command-map.md for command categories and flags.
  • Read references/agent-browser-safety.md for high-risk controls and safe mode rules.
  • Read references/agent-browser-workflows.md for recommended AI workflows.
  • Read references/agent-browser-troubleshooting.md for common issues and fixes.

Required inputs

  • Installed agent-browser CLI and browser runtime.
  • Target URLs and workflow steps.
  • Session or profile strategy if authentication is required.

Expected output

  • A clear command sequence and operational guardrails for automation.

Operational notes

  • Snapshot early, act via refs, then snapshot again after DOM changes.
  • Use --json for machine parsing and scripting.
  • Use waits and load-state checks before actions.
  • Close tabs or sessions when done to release resources.

Safe mode defaults

  • Do not use eval, --allow-file-access, custom --executable-path, or arbitrary --args without explicit approval.
  • Avoid network route, set credentials, and cookie/storage mutations unless the task requires it.
  • Allowlist domains and block localhost or private network targets.

Security notes

  • Treat tokens and credentials as secrets.
  • Avoid --allow-file-access unless explicitly required.

Files

6 total
Select a file
Select a file to preview.

Comments

Loading comments…