Browser Use 1.0.0
Use Browser Use cloud API to spin up cloud browsers for Clawdbot and run autonomous browser tasks. Primary use is creating browser sessions with profiles (pe...
MIT-0 · Free to use, modify, and redistribute. No attribution required.
⭐ 0 · 413 · 3 current installs · 3 all-time installs
MIT-0
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The SKILL.md describes a cloud-browser API and how to create sessions, profiles, and tasks — these map to the stated purpose. However, the skill metadata declares no required credential or env vars while the runtime instructions clearly rely on an API key. Also _meta.json ownerId differs from the registry owner ID in the provided metadata, and the SKILL.md references a local file (references/api.md) that is not included.
Instruction Scope
Instructions tell the agent to write an API key into the global Clawdbot config (skills.entries.browser-use.apiKey) and to run gateway config.patch to inject a cdpUrl into gateway configuration — both actions modify agent/global configuration. The 'Tasks (Subagent)' feature will run autonomous browser tasks and instructs to 'always use browser-use-llm', implying potentially sending page content (including content from authenticated sessions tied to profiles/cookies) to an external LLM/service. There is no warning about sensitive data exfiltration.
Install Mechanism
Instruction-only skill with no install spec or code files — nothing is written to disk by an installer. This is the lowest-risk install mechanism.
Credentials
The skill requires an API key at runtime but the registry metadata declares no required env vars or primary credential. Examples in the doc use $API_KEY, while the setup text says the API key lives in clawdbot config — inconsistent. The feature set (profiles that persist cookies and an LLM for tasks) justifies an API key, but the skill should declare that credential and clarify storage/access. Persisting cookies/profiles and running autonomous tasks increases the sensitivity of the credential and the data the service will see.
Persistence & Privilege
always is false (normal). However, the instructions explicitly modify global Clawdbot/gateway configuration (clawdbot config set and gateway config.patch). Writing to global agent config is functionally expected for integration but is a privilege: it can change runtime behavior and expose stored credentials to the service if misconfigured. This cross-config modification should be confirmed acceptable.
What to consider before installing
Before installing, verify the following: (1) Confirm you trust the domains docs.browser-use.com and api.browser-use.com and that they belong to the service you expect — check official ownership and privacy policy. (2) Understand that the skill expects you to store an API key in your Clawdbot config (skills.entries.browser-use.apiKey) even though the registry metadata lists no required credentials — ask the publisher to declare the credential formally. (3) Be aware that 'profiles' persist cookies/logins and the 'tasks' feature will drive browsers and can send page content (including authenticated content) to Browser Use's servers and their 'browser-use-llm' — do not use with sensitive accounts unless you accept that risk. (4) Confirm you are comfortable with the skill running gateway config.patch and modifying global config; if not, refuse or run in a sandbox/isolated agent. (5) Ask the publisher to resolve the ownerId mismatch, include the missing referenced files (references/api.md), and clarify whether examples using $API_KEY are meant to be env vars or the stored clawdbot config value. If you proceed, create a dedicated, limited-privilege API key/account for this integration and avoid syncing sensitive account cookies.Like a lobster shell, security has layers — review code before you run it.
Current versionv1.0.0
Download ziplatest
License
MIT-0
Free to use, modify, and redistribute. No attribution required.
SKILL.md
Browser Use
Browser Use provides cloud browsers and autonomous browser automation via API.
Docs:
- Open source library: https://docs.browser-use.com
- Cloud API: https://docs.cloud.browser-use.com
Setup
API Key is read from clawdbot config at skills.entries.browser-use.apiKey.
If not configured, tell the user:
To use Browser Use, you need an API key. Get one at https://cloud.browser-use.com (new signups get $10 free credit). Then configure it:
clawdbot config set skills.entries.browser-use.apiKey "bu_your_key_here"
Base URL: https://api.browser-use.com/api/v2
All requests need header: X-Browser-Use-API-Key: <apiKey>
1. Browser Sessions (Primary)
Spin up cloud browsers for Clawdbot to control directly. Use profiles to persist logins and cookies.
Create browser session
# With profile (recommended - keeps you logged in)
curl -X POST "https://api.browser-use.com/api/v2/browsers" \
-H "X-Browser-Use-API-Key: $API_KEY" \
-H "Content-Type: application/json" \
-d '{"profileId": "<profile-uuid>", "timeout": 60}'
# Without profile (fresh browser)
curl -X POST "https://api.browser-use.com/api/v2/browsers" \
-H "X-Browser-Use-API-Key: $API_KEY" \
-H "Content-Type: application/json" \
-d '{"timeout": 60}'
Response:
{
"id": "session-uuid",
"cdpUrl": "https://<id>.cdp2.browser-use.com",
"liveUrl": "https://...",
"status": "active"
}
Connect Clawdbot to the browser
gateway config.patch '{"browser":{"profiles":{"browseruse":{"cdpUrl":"<cdpUrl-from-response>"}}}}'
Now use the browser tool with profile=browseruse to control it.
List/stop browser sessions
# List active sessions
curl "https://api.browser-use.com/api/v2/browsers" -H "X-Browser-Use-API-Key: $API_KEY"
# Get session status
curl "https://api.browser-use.com/api/v2/browsers/<session-id>" -H "X-Browser-Use-API-Key: $API_KEY"
# Stop session (unused time is refunded)
curl -X PATCH "https://api.browser-use.com/api/v2/browsers/<session-id>" \
-H "X-Browser-Use-API-Key: $API_KEY" \
-H "Content-Type: application/json" \
-d '{"status": "stopped"}'
Pricing: $0.06/hour (Pay As You Go) or $0.03/hour (Business). Max 4 hours per session. Billed per minute, refunded for unused time.
2. Profiles
Profiles persist cookies and login state across browser sessions. Create one, log into your accounts in the browser, and reuse it.
# List profiles
curl "https://api.browser-use.com/api/v2/profiles" -H "X-Browser-Use-API-Key: $API_KEY"
# Create profile
curl -X POST "https://api.browser-use.com/api/v2/profiles" \
-H "X-Browser-Use-API-Key: $API_KEY" \
-H "Content-Type: application/json" \
-d '{"name": "My Profile"}'
# Delete profile
curl -X DELETE "https://api.browser-use.com/api/v2/profiles/<profile-id>" \
-H "X-Browser-Use-API-Key: $API_KEY"
Tip: You can also sync cookies from your local Chrome using the Browser Use Chrome extension.
3. Tasks (Subagent)
Run autonomous browser tasks - like a subagent that handles browser interactions for you. Give it a prompt and it completes the task.
Always use browser-use-llm - optimized for browser tasks, 3-5x faster than other models.
curl -X POST "https://api.browser-use.com/api/v2/tasks" \
-H "X-Browser-Use-API-Key: $API_KEY" \
-H "Content-Type: application/json" \
-d '{
"task": "Go to amazon.com and find the price of the MacBook Air M3",
"llm": "browser-use-llm"
}'
Poll for completion
curl "https://api.browser-use.com/api/v2/tasks/<task-id>" -H "X-Browser-Use-API-Key: $API_KEY"
Response:
{
"status": "finished",
"output": "The MacBook Air M3 is priced at $1,099",
"isSuccess": true,
"cost": "0.02"
}
Status values: pending, running, finished, failed, stopped
Task options
| Option | Description |
|---|---|
task | Your prompt (required) |
llm | Always use browser-use-llm |
startUrl | Starting page |
maxSteps | Max actions (default 100) |
sessionId | Reuse existing session |
profileId | Use a profile for auth |
flashMode | Even faster execution |
vision | Visual understanding |
Full API Reference
See references/api.md for all endpoints including Sessions, Files, Skills, and Skills Marketplace.
Files
2 totalSelect a file
Select a file to preview.
Comments
Loading comments…