AI Orchestrator — DeepSeek via Puppeteer
v3.5.0Launch DeepSeek AI via Puppeteer browser automation with CDP interceptor for full API responses, persistent daemon for fast startup, health checks, graceful...
⭐ 1· 21·0 current·0 all-time
MIT-0
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
Name/description (Puppeteer + CDP + persistent daemon for DeepSeek) match the code and SKILL.md: ask-puppeteer.js, deepseek-daemon.js, healthcheck and diagnostics implement exactly that functionality. Requests (no env vars) align with a web-automation skill; requiring PM2 and npm is expected for a Node daemon.
Instruction Scope
Runtime instructions and code perform a wide set of local actions beyond simply opening pages: they create persistent Chrome user-data (.profile) that will contain cookies/session, write diagnostics (.diagnostics/, logs), read/write endpoint and session files, forcibly kill Chrome processes for a profile, remove lock files and prune /dev/shm and /tmp Chrome entries, and run shell commands (pm2 restart etc.). While coherent for managing a persistent browser daemon, these actions touch system processes, temp directories and local data and will store user prompts/trace data on disk — this is broader scope than a stateless API client and may expose sensitive prompts or credentials if the browser is logged in.
Install Mechanism
No formal install spec in registry but SKILL.md instructs running 'npm install' and using PM2. Code is provided (package.json and package-lock.json) so npm will install dependencies locally. This is a moderate-risk install pattern (npm packages are common); the package files are bundled here so there is no external arbitrary URL download, but running npm install and PM2 will install/enable persistent processes on the host.
Credentials
The skill declares no required environment variables or credentials, which matches the code. However it persists a Chromium user-data dir under the skill (.profile) and expects you to authenticate manually — that directory will contain cookies/session tokens for DeepSeek once you log in. Diagnostic traces and metrics (written to .diagnostics/) may include prompt metadata. No external credential exfiltration was observed, but local persistence of session cookies means the skill can make authenticated requests on behalf of whoever logs in.
Persistence & Privilege
The skill creates a persistent daemon (PM2-managed deepseek-daemon) and writes a browser websocket endpoint file (.daemon-ws-endpoint) and profile data (.profile). Healthcheck code can auto-restart the daemon via PM2 and will call 'pm2 restart' or other shell commands. It does not set always:true, but it requests persistent presence via PM2 and modifies local system state (files, processes). The ability to kill Chrome processes and execute restarts is powerful — justified for daemon management but increases blast radius if misused.
What to consider before installing
This skill implements a persistent Puppeteer-based daemon for interacting with DeepSeek and is largely coherent with its description — but it performs several intrusive local operations you should review and accept before installing:
- Persistent browser profile: the daemon uses a local Chrome user-data dir (.profile) that will store login cookies and session state; if you log into DeepSeek in that profile, the skill can act using that account. Consider using an isolated account or container if that is a concern.
- Diagnostic traces and logs: the skill writes trace/metrics files to .diagnostics/ and may include prompt metadata; do not send sensitive secrets in prompts unless you are comfortable with local logs retaining them.
- Process and filesystem operations: code may kill Chrome processes tied to the profile, remove Chrome-related files in /dev/shm and /tmp, and delete/rotate local files. These are intrusive but explained as remediation for locked profiles; run as an unprivileged user and avoid running as root.
- PM2 control: healthcheck and daemon scripts call pm2 (restart/start/stop). If you do not want a persistent background process, avoid running the PM2 steps and run the script in ephemeral mode (without --daemon / PM2).
- Review code: because the skill runs shell commands (child_process.execSync) and manipulates local files, inspect ask-puppeteer.js, daemon-healthcheck.js and deepseek-daemon.js yourself. If you plan to run this on a sensitive system, run it inside a sandbox/container or a separate user account.
In summary: the behavior is plausible for a persistent Puppeteer orchestrator, not obviously exfiltrative, but it carries non-trivial local privileges and persistence. If you want to proceed, run it in an isolated environment, avoid using your main DeepSeek account or any account containing sensitive data, and audit/limit PM2 usage and log retention.ask-puppeteer.js:102
Shell command execution detected (child_process).
daemon-healthcheck.js:239
Shell command execution detected (child_process).
ask-puppeteer.js:882
Dynamic code execution detected.
Patterns worth reviewing
These patterns may indicate risky behavior. Check the VirusTotal and OpenClaw results above for context-aware analysis before installing.Like a lobster shell, security has layers — review code before you run it.
latest
License
MIT-0
Free to use, modify, and redistribute. No attribution required.
SKILL.md
AI Orchestrator
Production-ready DeepSeek AI access via Puppeteer + CDP interceptor.
Quick Start
# Simple
ask-deepseek.sh "What is HTTP?"
# Session (keeps context)
ask-deepseek.sh "Explain OAuth2" --session work
ask-deepseek.sh "What about OpenID Connect?" --session work
ask-deepseek.sh --session work --end-session
# With daemon (faster, ~35ms startup vs ~15s cold)
ask-deepseek.sh "Question" --daemon
# Pipe / heredoc support
cat code.py | ask-deepseek.sh "Find bugs"
ask-deepseek.sh <<'EOF'
Long multi-line prompt
EOF
All Flags
| Flag | Purpose |
|---|---|
--session NAME | Persistent context across requests |
--daemon | Use running Chrome daemon (fast startup ~35ms) |
--search | Enable DeepSeek web search |
--think | Enable DeepThink mode |
--new-chat | Start new chat within session |
--end-session | Close session |
--visible | Open visible browser (for auth/CAPTCHA) |
--wait | Wait for manual auth (with --visible) |
--close | Force close browser after request |
--dry-run | Test auth + composer without sending prompt |
--debug | Verbose debug output |
-h, --help | Show help |
Daemon Setup
# First time
cd ~/.openclaw/workspace/skills/ai-orchestrator
npm install
# Start daemon
pm2 start deepseek-daemon.js --name deepseek-daemon --no-autorestart
pm2 save
# Auto-start on boot
pm2 startup
# Status check
pm2 status deepseek-daemon
pm2 logs deepseek-daemon --lines 20 --nostream
DeepSeek Free Tier Limits
- Per response: ~13,000 characters (verified 2026-04-03)
- Button "Continue" may appear — auto-clicked up to 30 times
- For longer answers: use
--sessionwith chained questions - Rate limit: 5 seconds between requests
Workaround for Long Answers (>13k chars)
# Start session
ask-deepseek.sh "Write a comprehensive Python backend guide covering data structures and OOP" --session guide
# Continue in same conversation
ask-deepseek.sh "Now cover async programming, databases, and REST APIs" --session guide
# End when done
ask-deepseek.sh --session guide --end-session
Configuration (.deepseek.json)
Override any default by creating/editing .deepseek.json:
{
"idleTimeout": 20000,
"maxContinueRounds": 15,
"logToFile": true,
"logPath": ".logs/deepseek.log"
}
Diagnostics
Each request generates trace + metrics files in .diagnostics/:
trace-<id>.jsonl— phase-by-phase JSONL logmetrics-<id>.json— memory, timing, counts summary
Troubleshooting → REFERENCE.md
See REFERENCE.md for:
- Architecture overview
- Complete troubleshooting with solutions
- Diagnostic system details
- Performance benchmarks
- Common issues (CAPTCHA, rate limits, selector changes)
Files
10 totalSelect a file
Select a file to preview.
Comments
Loading comments…